The intersection of the AI and national security is evolving faster than decades old banking laws can handle.
On the sanctions front, the US Treasury just ramped up its pressure campaign on Iran by designated for domestic crypto exchanges that account for nearly $8 billion in trading volume.
At the same time, illicit actors are weaponizing new tech.
AI enabled scams surged by 500% last year, draining tens of billions of dollars from American consumers and also highlighting the urgent need to. the 70s era bank secrecy act and TRM labs is pushing for a native investigative tools and just launched real-time sanctions screening for automation autonomous AI payments will joining us this morning to discuss the future of financial crime as well as compliance is Ari Redbord, Global Head of Policy at TRM Labs.
Good morning.
Great to have you on the show.
Thank you so much for joining us.
Well, hey, thanks so much for having me monitor the situation.
Thank you so much for joining us.
Well, we're monitoring the situation in the Middle East, but the Treasury Department just sanctioned for Iranian exchanges, so.
How do some of these specific targets cripple the regime's ability to evade sanctions compared to previous crackdowns on, say, sovereign wallets?
Well, it's interesting, you know, I think what most people don't realize about these sanctions is that Novak and those other Iranian exchanges have been actually sanctioned for some time.
Basically there have been comprehensive sanctions on the entire Iranian financial system.
So any any any financial institution within.
Iran has been sanctioned, but actually adding their names to the specially designated nationals list, OFAC's sanctions list, essentially, um, names and shames them, but also ensures that that no one can transact with them without their own, without their own consequences.
In other words, what they call secondary sanctions.
So it's really important, but really what we see here is the US government going after the infrastructure.
That Iran is using to launder funds, and this is the 3rd such action just over the last few months.
Z6 and ZXion were exchanges that were sanctioned by Iran, UK-based exchanges or UK registered exchanges that were sanctioned by Iran.
For supporting the IRGC.
So there's been a real focus from the US government, particularly Treasury, not just going after individuals or wallet addresses, but actually going after the infrastructure that Iran is using to launder funds and evade sanctions.
Yes, and Ari, I do want to expand on this.
So how quickly, and I think I know the answer, do global institutions out there need to upgrade their own screening procedures to just make sure they're not indirectly exposed to some of these platforms?
In in real time, I would say that in large part, um, at least from a, you know, TRM perspective, those, um, those entities had had a sanctions label on them.
In other words, that, um, you know, global exchanges are being told, hey, you shouldn't transact with these entities because they already are sanctioned based on the fact that they are Iranian financial institutions.
Um, but yes, updating in real time.
You know, the thing that people mostly don't understand about sanctions, I guess in some respects is you talk about AML, right, anti-money laundering and sanctions.
Uh, they're two really.
Distinct things.
Sanctions is strict liability.
So if you are, uh, violating sanctions in any way, shape or form, uh, you are liable for that, that activity and enforcement action is likely coming.
Um, AML is like you have to do your very best.
You have to take a risk-based approach.
You have to have a program.
So sanctions is something that, um, you know, from the smallest DI protocols out there up to large financial institutions are very, very careful about and, um, have best practices in place, and one of those is real-time alerting on these types of designations.
And while I have you here, you recently testified to Congress that the Bank Secrecy Act is structurally incapable of fighting modern crime.
So tell me why you believe the traditional 30 day reporting window is obsolete when hackers can move stolen funds across multiple blockchains in under 48 hours.
You know, Remy, we live in a world that is changing so fast, right?
Bad actors are moving faster than ever.
They're leveraging AI at scale.
You mentioned a 500% increase in AI enabled scams and fraud.
We see hackers moving funds in minutes and hours, not days or weeks or certainly months.
And what we really need is to ensure that our regulators and financial institutions are leveraging the same technology that bad.
Actors are using.
So, every financial institution should be leveraging AI native tools that can build out investigations that can move as fast as bad actors who are trying to off-ramp funds.
So, really, what we need to do is ensure that the Bank Secrecy Act is updated in order to allow for businesses or to ensure that businesses are using cutting edge technology because bad actors are moving faster than ever before.
Yes, so I'm going to repeat that statistics because it is so staggering that 500% surge in AI enabled scams.
But there's also pig butchering fraud which cost Americans over $35 billion in 2025 alone.
So what specific AI native investigative tools do agencies here in the US need funded right now to match the velocity of some of these threats out there?
It, it's a great question.
Look, there's a cadre of investigators at various federal, state, local law enforcement agencies that have these capabilities.
We just need to scale it.
Every agent, every investigator should have access to AI enabled investigative tools, uh, to investigate cases that occur on the blockchain, when, when cryptocurrencies or digital assets are involved, stablecoins, but also off-chain and really marrying those two to build.
Robust investigation.
So really what we need is for every agent investigator, but also compliance professionals at financial institutions and exchanges, um, as the growth of the, the, the cryptocurrency blockchain ecosystem grows, um, you know, in totally lawful ways, bad actors are also going to spend more time on chain, and we're really going to need to use every tool to go after these bad actors.
And finally, I understand that TRM labs partnered with gen to integrate compliance and Ampersand, which is a platform for autonomous AI agents, but how do you that real-time sanctions screening into an agent's decision making process before a transaction ever clears and for viewers out there who are better trying to protect themselves, what would your simple advice be right now?
Look, I mean, I think to answer your second question first, you know, I think really we have to be as vigilant as as possible, right?
In the age, you know, when we talk about AI enabled scams and fraud, what we're really talking about is much more targeted phishing attacks, right?
You're not gonna have broken English and and Nigerian princes anymore.
These are gonna be tailored to you and to your family and to your work, um, and you just need to be remain really, really vigilant.
Just because something looks, uh, legitimate doesn't necessarily mean it does.
And you have to dig a layer deeper.
We're talking about the use of deep fake technology truly at scale.
Um, and when you talk about automation, um, you know, we need to automate more and more and the capabilities are there, right?
You know, there was a world in which compliance professionals were in real-time screening transactions to ensure that illicit actors weren't hitting their platform or sanctions evasion.
Here we're able to actually embed in the protocol, in the software, uh, sanction screening.
Capabilities.
So, this all comes down to, look, bad actors are moving faster than ever before.
We need to automate.
We need to have AI investigative tools, and we need to be leveraging this transformative technology as well for good.
You know, when I, when I testified in Congress or when I talk about these issues, we, we shouldn't be thinking about how do we ban or stifle the technology.
We need to talk about how we use it and use it wisely for good to go after bad actors to keep our ecosystem safe. and very quickly we have less than 60 seconds here, so you mentioned phishing scams as well as deepfakes.
So what do American consumers need to keep in mind, especially when it comes to some of the rising trends when it comes to these scams.
I think it's being really, really vigilant, you know, any, any an individual, you know, these, you, you mentioned pig butchering scams, Remy earlier, and it's, it's really a scourge, a true global scourge.
You know, you mentioned 35 billion.
We, we only see about 15% of victims actually report.
That means that number's probably closer to 200 billion.
And that's when you get really scary.
I mean, this is an existential global security threat.
And individuals, it starts with that individual, right?
If we can prevent this scam from happening in the first place, we don't need to worry about AI investigative tools.
So the real key is how do we stop that scam from occurring in the first place, and we need to be alerting victims in real time to stop this kind of activity, um, and give them as much possible support as we can.
Well, Ari, we will have to leave it there for today, but as always, great talking to you.
Thank you so much for joining us and thank you so much for sharing all of your insights.
Thank you so much for having me.
