The financial world is experiencing a profound transformation. At the heart of this shift is the rise of stablecoins, digital assets engineered to maintain a fixed value and usually by being pegged to the US dollar. By mid-2025, the total market capitalisation of stablecoins had swelled to $255 billion in market capitalisation, with nearly 99% of its value anchored to the dollar. Stablecoins are offering a real alternative to how money moves globally, offering programmability, potentially less counterparty risk, instant settlement and the kind of reach that traditional payment networks struggle to match. A good example of this is how Mastercard is looking to use stablecoins as part of its infrastructure in Eastern Europe. However, the very qualities that make them indispensable to global commerce are also what make them attractive to those intent on evading sanctions, laundering illicit funds or moving capital covertly across borders. Interestingly, Mastercard’s new study on Puerto Rican SMEs seems to have found digital payments are no longer optional but existential for business survival. Of the surveyed owners and directors, 90% of SMEs already accepting digital payments credit them with significant growth, whilst nearly 80% said their businesses could not function without them.

Source: Mastercard/X

InterRegulators view stablecoins as the leading conduit for crypto-enabled crime. According to Financial Action Task Force (FATF), the use of stablecoins by illicit actors has continued to increase since 2024, with most on-chain criminal activity now involving these tokens. A 2025 report from Chainalysis provides a stark illustration of this trend, revealing that illicit addresses received $40.9 billion in cryptocurrency in 2024 alone, a figure projected to rise above $51 billion as additional criminal wallets are identified. Critically, stablecoins comprised 63% of all illicit transactions, an unprecedented leap that signals a fundamental change in the criminal underbelly of the digital economy. In one high-profile case, North Korean hackers looted approximately $1.46 billion from the Bybit exchange, with only 3.8% recovered, underscoring how difficult it is to trace and claw back stolen funds in real time. What these statistics reveal is not simply a spike in criminal activity, but a structural vulnerability. Criminals are gravitating towards the same qualities that attract law-abiding users: price stability, low transaction costs and near-instant cross-border transfers. And unlike Bitcoin or Ethereum, where volatility makes them unreliable for storing or moving large sums without risk, some stablecoins offer the predictability of value criminals require. This alignment between legitimate and illicit behaviour creates a compliance nightmare. The challenge is no longer just identifying a bad actor but distinguishing between a legitimate remittance from London to Lagos and an illicit transfer routed through shell companies in the same corridor.

Meanwhile, legacy compliance systems are ill-suited to this environment. Traditional anti-money laundering (AML) frameworks were designed for a different financial world. They rely on static rulesets, list-matching against sanctions databases and manual investigations. Furthermore, this model produces an avalanche of false positives, Retail Banker International estimates up to 95% of alerts are inaccurate. Each false flag consumes valuable analyst time, creates “alert fatigue” and risks genuine threats being overlooked. Worse still, these systems operate on batch processing cycles, often updating only once every 24 hours. In a world where a stablecoin transaction can be completed in seconds and moved through dozens of wallets in minutes, a daily update cycle is not merely outdated, it is a systemic weakness. Criminals are certainly adept at exploiting these flaws. Techniques such as “smurfing”, where a large transaction is split into many smaller, seemingly innocuous ones, can easily evade static thresholds. In a world of real-time financial crime where illicit transfers can be completed in seconds, these delays create a critical window of vulnerability that criminals can and do exploit. Complex ownership structures and anonymised wallet networks further obscure accountability. Legacy compliance infrastructure, in short, has become the financial equivalent of a fortress built for siege warfare in an age of cyber-guided missiles.

Nonetheless, artificial intelligence (AI) offers a path out of this impasse. Unlike rule-based systems, AI is adaptive, contextual and capable of analysing networks rather than isolated transactions. The application of AI in financial compliance begins with contextual awareness. Through natural language processing (NLP) and fuzzy matching, AI systems can interpret names and entities across different languages, scripts and aliases. This ability drastically reduces false positives, freeing compliance officers to focus on genuine risks whilst surfacing threats that static systems would miss. Equally important is AI’s real-time adaptability; sanctions lists and geopolitical landscapes shift constantly. Where legacy systems require manual updates, AI systems can ingest new data instantly and recalibrate screening thresholds without intervention. This agility is critical when regulators such as the FATF stress that uneven global standards amplify risks. A payment processor in Singapore and a stablecoin issuer in New York may face divergent compliance obligations, yet the flows between them are instantaneous. Only adaptive, AI-driven systems can reconcile these inconsistencies at speed. The promise of AI extends beyond detection - predictive modelling enables systems to flag wallets or entities before they are used for illicit activity. By analysing historical data and behavioural patterns, AI can identify sanction-evasion techniques in advance, shifting compliance from reactive investigation to proactive prevention. Blockchain analytics firms such as Elliptic are already demonstrating this capacity. Its tool, Elliptic Investigator, allows compliance teams to conduct deep, cross-chain investigations, so tracing illicit flows even when laundered through decentralised exchanges or multiple intermediaries. Banking Circle’s decision in 2024 to deploy Elliptic’s AI-backed monitoring for its MiCA-compliant EURI stablecoin shows how regulators and issuers are converging on AI as a compliance necessity.

Yet this is not a one-sided technological revolution. Just as compliance officers are deploying AI so, too, are criminals. Generative AI can now produce highly convincing fake documents, synthetic identities and even deepfake videos capable of deceiving biometric verification systems. In one notorious case, deepfake audio was used to impersonate a CEO and trick a finance officer into transferring hundreds of thousands of Euros to a fraudulent account (Forbes). AI-driven mixers, capable of dynamically adjusting transaction flows to obscure provenance, make it even harder to trace illicit transfers. Chatbots, fine-tuned for romance or investment scams, sustain persuasive, long-term conversations at scale whereby creating fraud schemes that are both more effective and more difficult to shut down. Furthermore, this technological arms race underscores a sobering truth: the only viable response to AI-enabled crime is equally sophisticated AI-enabled compliance. Anything less risks obsolescence - regulators are increasingly alive to this fact. The US Guiding and Establishing National Innovation for US Stablecoins Act (GENIUS Act), passed in July 2025, provides the first comprehensive federal framework for stablecoin issuers. Crucially, it mandates that issuers have the technical capacity to seize, freeze or burn tokens when required by law - functions that pre-suppose AI-backed, real-time monitoring. Hong Kong’s new stablecoin law, enacted in August 2025, takes a similarly strict approach, requiring licensing, robust KYC and prohibiting services to anonymous wallets. What these laws signal is a decisive shift, arguably meaning AI is no longer an optional enhancement - it is becoming a regulatory standard. Failure to adopt AI-driven compliance tools could leave institutions, not only vulnerable to crime but also non-compliant with evolving legal regimes. Enforcement actions already reflect this. In 2025, the US Office of Foreign Assets Control (OFAC) levied penalties exceeding $200 million against firms such as GVA Capital and $11.8 against Interactive Brokers for sanctions failures. These fines, devastating in both financial and reputational terms, send a clear message: regulators will not accept outdated compliance practices as an excuse.

And the implications extend beyond financial institutions - as stablecoins become embedded in remittances, e-commerce, gaming and even government programmes, the entire fabric of digital finance depends on trust. That trust cannot be sustained if compliance remains reactive, fragmented or based on tools designed for another era. AI offers not simply efficiency, but a paradigm shift - from compliance as a box-ticking exercise to compliance as an intelligent, proactive shield. Still, challenges remain. AI systems must be transparent and auditable to avoid the pitfalls of ‘AI-washing’, where vendors misrepresent rule-based tools as machine learning. Privacy concerns arise when access policies or monitoring data are logged on public blockchains, necessitating permissioned systems. Integration with existing identity and access management frameworks must be seamless to avoid bottlenecks. Governance is another thorny issue: distributing authority reduces insider risks but, equally, creates coordination challenges over how policies are set, changed or disputed.

However, despite these hurdles, the trajectory is clear. Stablecoins are too deeply embedded in global finance to retreat and criminals are too sophisticated to be outpaced by legacy systems. The only sustainable path is an AI-first approach to compliance, one that transforms every institution’s security posture from reactive monitoring to predictive defence. The future of digital finance will not be secured by firewalls or perimeter defences, nor by manual lists and outdated algorithms. It will be secured by the convergence of blockchain transparency, regulatory oversight and AI-driven intelligence. Stablecoins may have ushered-in a new era of risk, but AI, properly deployed, offers the arsenal needed to defend the integrity of the system. In this sense, AI is not simply a tool, it is the new infrastructure of compliance. Institutions that embrace this reality will build resilience and trust in the future of money. Those who resist will not only face mounting regulatory penalties but risk being sidelined from the digital rails that are redefining global commerce. Thus, in the age of stablecoins, deploying AI surveillance is not a luxury - it is the minimum requirement for survival.

This article first appeared in Digital Bytes (16th of September, 2025), a weekly newsletter by Jonny Fry of Team Blockchain.