This month's key compliance news includes Iran's suspected sanctions evasion, Rakuten's AML fine, an automotive cartel, Paddy Power Betfair's fine, and more.
Amazon has confirmed it will cut 16,000 jobs globally, after an email about the layoffs was mistakenly sent to staff. The redundancies affect employees in the US, Canada, and Costa Rica, though the company has not detailed exactly which roles or locations will be impacted.
The move is part of Amazon's broader effort to streamline operations, reduce bureaucracy, and increase efficiency. Beth Galetti, senior vice president of people experience and technology, emphasised that these are targeted adjustments, not ongoing periodic layoffs, following the company’s previous cut of 14,000 corporate roles in October.
The layoffs, internally referred to as "Project Dawn," were expected by employees. A former staff member suggested the company may ultimately eliminate around 30,000 roles by May. While affected employees are being offered opportunities to reapply for other positions, openings are limited, and severance pay will be provided where necessary.
Since Andy Jassy became CEO, Amazon has pursued a stricter work culture, mandating full-time office attendance and closely monitoring costs, including mobile phone reimbursements. Jassy described this period as "a time to rethink everything we’ve ever done," reflecting the company’s focus on efficiency and adaptation amid rapid changes.
In addition to job cuts, Amazon will close its remaining Amazon Fresh and Amazon Go stores while expanding the Whole Foods Market brand.
Cryptocurrency crime reached a record $158 billion in 2025, a 145% increase from 2024, according to TRM Labs' 2026 Crypto Crime Report, though illicit activity remained only about 1.2% of total crypto volume.
The surge was largely driven by Russia-linked sanctions evasion, which grew over 400%, centred on the A7 wallet cluster and the ruble-pegged stablecoin A7A5, processing over $110 billion combined. These networks facilitated transactions for sanctioned platforms like Garantex and Grinex.
Stablecoins became the main channel for illicit flows, often routed through non-custodial services, OTC brokers, and bespoke settlement layers to evade seizure, with the stablecoin market surpassing $300 billion. Chinese underground banking and escrow networks expanded to $103 billion, supporting scams and cybercriminals across Asia-Pacific. Other criminal activity, including darknet markets and hacked/stolen funds, grew more modestly.
TRM Labs warns that as state-linked and professionalised crypto networks grow, regulators and law enforcement face increasing challenges in 2026.
Strengthen sanctions monitoring: Prioritise screening for Russia-linked wallets and ruble-pegged stablecoins like A7A5 to detect potential sanctions evasion.
Increase stablecoin oversight: Monitor stablecoin flows, especially through non-custodial wallets and OTC brokers, as these are now primary channels for illicit activity.
Enhance transaction monitoring for APAC operations: Pay close attention to Chinese-language escrow and underground banking networks that may facilitate scams, money laundering, or cybercrime.
Adapt AML/KYC processes: Ensure controls cover sophisticated state-linked and professionalised networks, not just retail-level fraud.
Leverage blockchain analytics tools: Use on-chain intelligence to trace complex, multi-layered transactions and identify emerging criminal infrastructure.
Stay updated on regulatory changes: Monitor developments in regions with favourable stablecoin regulations, like the U.S., to anticipate new compliance risks.
Prepare for higher enforcement scrutiny: Regulators are likely to focus on organised and geopolitical crypto crime in 2026, requiring proactive compliance measures.
Edward Gene Smith, a former senior bank executive, has pleaded guilty in federal court in New York to multiple serious crimes, including drugging and sexually assaulting women, possessing and distributing child pornography, and attempting to obstruct justice.
Prosecutors say Smith used his wealth and influence to target vulnerable women over many years, often luring them to his residences, drugging them without consent, and then sexually abusing them. In some cases, he recorded his assaults and shared explicit material.
The charges also include possession and receipt of large quantities of child sexual abuse images. After law enforcement executed a search at his home in 2024, Smith allegedly tried to interfere with the investigation by paying a victim to provide false information.
Among the victims was a woman Smith met when she was under 18; he solicited explicit photos from her and later sexually assaulted her after she reached adulthood.
Smith faces decades in federal prison when he will formally be sentenced in May 2026. The case has drawn attention for illustrating how individuals in positions of power can exploit their status to commit and conceal abuse, and authorities are urging anyone with additional information or who may have been victimised to come forward.
Michael Thomson, the former chief executive of the collapsed investment firm London Capital & Finance Plc (LCF), and his wife, Debbie Thomson, have admitted breaching a court-ordered restraint order and have been held in contempt of court following action by the Serious Fraud Office (SFO).
The restraint order was put in place as part of the SFO's investigation into suspected fraud and money laundering at LCF, a probe connected to the collapse of the firm that left around 11,000 investors out of pocket.
According to the SFO, Michael Thomson admitted breaching the order twice and his wife admitted four breaches. Investigators found that, while the order was in force, the couple received a £2,000 holiday refund and sold several items, including a hot tub and horse saddles worth nearly £5,800, in violation of restrictions on dealing with restrained assets.
"This is the second time the Serious Fraud Office has successfully held Michael Thomson in contempt for brazenly breaching his restraint order. We remain committed to taking decisive action whenever we uncover restraint orders are not being adhered to."
-Paul Napper, Head of Proceeds of Crime and International Assistance Division
The couple are due to be sentenced on 12 March.
The Bank of Scotland has been fined £160,000 by the UK's sanctions regulator, the Office of Financial Sanctions Implementation (OFSI), for breaching British financial sanctions on Russia. In February 2023, the bank processed 24 payments totalling around £77,383 to and from a personal bank account that should have been blocked under UK sanctions rules.
The account belonged to Dmitrii Ovsiannikov, a Russian national and former senior government official, who has been sanctioned by the UK for his role in supporting Moscow's actions in Ukraine.
The breach occurred because Ovsiannikov was able to open the account at Halifax, a part of the Bank of Scotland, using a UK passport with a slightly different spelling of his name than the version listed on the UK sanctions register. This discrepancy meant the bank's automated screening system did not initially flag the account.
The fine was reduced by 50% because the bank voluntarily reported the issue to the regulator after discovering the problem. OFSI's enforcement action underscores the ongoing scrutiny of UK banks' compliance with sanctions related to Russia's invasion of Ukraine. Ovsiannikov, a former Russian government minister and ex-governor of Sevastopol in Russian-occupied Crimea, had previously been convicted in the UK for evading sanctions and sentenced to prison.
Financial services professionals are calling on the Financial Conduct Authority (FCA) to take a more proactive approach in tackling harmful uses of artificial intelligence in the industry. At a recent Lang Cat conference, advisers highlighted concerns that existing and emerging AI technologies could be exploited by bad actors. Examples of this include misleading clients, bypassing regulatory safeguards, or automating unsuitable product recommendations.
They argued that regulators need to make rules, not principles,so there is clearer guidance on how AI should be used responsibly as well as more agile oversight to prevent abuse before it causes harm. The discussion reflects wider industry debates about how to balance innovation with investor protection as AI tools become more prevalent in advice and distribution.
"It is such a fast moving area the FCA has to be more proactive on this stuff. They need a team that is looking at it today."
- Matt Pitcher, founder of Altor Wealth
European regulators dramatically increased anti‑money‑laundering (AML) penalties in 2025, with total fines and settlements rising more than sixfold compared with previous years as several long‑running investigations concluded. Major global banks were among those hit with some of the largest enforcement actions as authorities stepped up scrutiny of weaknesses in financial crime controls and compliance frameworks.
The surge in enforcement reflects growing regulatory expectations that banks must strengthen AML systems and internal controls to better detect and prevent illicit flows. Financial institutions now face heightened pressure to improve governance, technology and oversight to reduce regulatory risk and avoid costly sanctions.
Meanwhile, in the UK, lenders were hit with a series of smaller fines and settlements by the Financial Conduct Authority (FCA).
"The UK continues to show a steady and robust approach to AML enforcement, and the fines we saw in 2025 reflect just how long regulatory investigations can take,"
- Rory Doyle, head of financial crime policy,Fenergo
Meta's messaging service WhatsApp has won a significant legal victory in Europe's highest court, allowing it to challenge a €225 million (about US$268 million) privacy fine imposed by Ireland's data protection regulator under the EU's General Data Protection Regulation (GDPR).
The fine dates back to 2021, when Ireland’s Data Protection Commission (DPC) increased the penalty after intervention by the European Data Protection Board (EDPB) over complaints about how WhatsApp handled personal data.
WhatsApp had previously lost an appeal at a lower tribunal on procedural grounds, with judges ruling the company lacked legal standing to sue because the EDPB’s decision was formally directed at the Irish regulator rather than WhatsApp itself. But the Court of Justice of the European Union (CJEU) disagreed, ruling that WhatsApp does have the right to challenge the EDPB’s decision and sending the case back to the lower court to be heard on its merits.
The judgment is seen as potentially important for other large tech companies facing GDPR enforcement, as it confirms that decisions influenced by the EDPB can be contested in EU courts and not just through national regulators' processes. WhatsApp welcomed the ruling, saying it supports the principle that businesses and individuals should be able to hold the EDPB accountable through legal challenge.
We have created a series of comprehensive roadmaps to help you navigate the compliance landscape, supported by e-learning in our Essentials Library.