Compliance Brief - July 1, 2026 - Global RADAR

Compliance Brief – July 1, 2026

  • Home
  • Compliance Brief – July 1, 2026

Wednesday, July 1, 2026 · Edition 6

In This Edition

Treasury’s Three-Agency Strike, FATF’s Grey-List Reshuffle, and a Brutal July Rulemaking Calendar

From the Founder
The story this week is not any single designation. It is tempo. In seven days Treasury coordinated a sanctions action, a special measure, and a criminal seizure against one network; FATF moved four countries on and off the grey list; and three separate US rulemakings advanced toward hard July deadlines. Compliance officers who still run a quarterly change-management cycle are now a quarter behind. The teams that win this year are the ones that can absorb a regulatory change in days, not months.

Top Story: Treasury’s Three-Agency Strike on the Prince Group

On June 23, Treasury did not issue one action against Cambodia’s Prince Group. It issued three, on the same day. OFAC designated 9 individuals and 26 entities under Executive Order 13581, naming second-in-command Hu Xiaowei and reaching front companies in Hong Kong, Singapore, the British Virgin Islands, the United Kingdom, and Thailand. In parallel, FinCEN proposed a special measure to sever H-Pay Service PLC, a renamed successor to the Huione Group, from the US financial system, closing the escape hatch that Huione used after its October 2025 designation. The Department of Justice then seized the cloud computing infrastructure behind Huione Guarantee, the Telegram-based marketplace that served as an escrow hub for laundering scam proceeds and trading stolen financial data.

This is the pattern to internalize. A single OFAC listing can be evaded by renaming an entity and moving the accounts. Pairing the listing with a FinCEN special measure cuts correspondent access even where a blocking action does not reach, and the criminal seizure removes the operational infrastructure. Screening against the SDN List alone would have missed two thirds of this action.

Why This Matters

The money in scam-compound cases does not sit on a blockchain. It moves through ordinary shell companies in major financial centers, then into correspondent banking. A designation is only as useful as the entity resolution behind it. If your screening cannot connect a newly listed individual to the front companies he controls across five jurisdictions, the name on the list does not protect you.

Operational Implications

Three steps this week:

  1. Push all 35 new Prince Group names and addresses into your sanctions screening system today, then run a look-back against open and recently closed correspondent and trade-finance files.
  2. Screen against the FinCEN special measure list as a distinct source, not only the SDN List. A special measure restricts correspondent relationships even when no blocking order applies, and most vendor feeds treat the two lists separately.
  3. Flag any exposure to the front-company jurisdictions, especially the British Virgin Islands, Hong Kong, and Singapore, for enhanced review. Expect more shell-company false positives, not fewer, and brief your investigations queue before the volume arrives.

Sanctions and FATF: The Grey List Moves

At its plenary on June 17 to 19, FATF added Bosnia and Herzegovina and Iraq to the list of jurisdictions under increased monitoring, citing Iraq’s cash-intensive economy and weak money laundering prosecutions. It removed Algeria and Namibia, crediting improved risk-based supervision. That leaves 22 jurisdictions on the grey list. The black list is unchanged: North Korea, Iran, and Myanmar.

FATF also amended Recommendation 6 to ensure targeted financial sanctions do not block funds, goods, and services needed for humanitarian assistance, and it opened a consultation on payment transparency. The United Kingdom assumes the FATF presidency from July. Separately, OFAC added Sudan-related designations on June 26 and removed several Russia-related names from the SDN List on June 11. Delistings deserve the same operational attention as additions; a stale block on a cleared party is a commercial and legal risk, not a safe default.

Why This Matters

Grey-list changes flow directly into your country risk model. Adding Bosnia and Herzegovina and Iraq raises residual risk on any relationship, correspondent line, or trade corridor touching those markets, and examiners will expect your enhanced due diligence to reflect the change within the current cycle, not at your next annual review.

Operational Implications

Two moves this week:

  1. Update country risk scoring for Bosnia and Herzegovina and Iraq now, and confirm customers tied to Algeria and Namibia are recalibrated down so you are not applying enhanced measures that no longer fit the risk.
  2. Confirm your sanctions vendor refreshed within 24 hours of the June OFAC actions, including the delistings, and that your override log captures every cleared false positive.

US Rulemaking: Three Deadlines Converge on July

AML program reform. FinCEN’s proposal to, in its own framing, fundamentally reform AML and CFT programs closed its comment period on June 9. The rule would require institutions to establish and document a formal, board-informed risk assessment as the foundation of the program, with a proposed 12-month implementation window once finalized. A mandatory risk assessment process changes examination expectations for every institution, not only the largest.

GENIUS Act stablecoins. The clock here is real. Six federal agencies, the OCC, FDIC, NCUA, Treasury, FinCEN, and OFAC, must publish final stablecoin rules by July 18, one year after the GENIUS Act became law. On June 22, FinCEN proposed customer identification program requirements for permitted payment stablecoin issuers, treating them as financial institutions under the Bank Secrecy Act, alongside a joint FinCEN and OFAC proposal on AML and sanctions duties.

Beneficial ownership. FinCEN’s interim final rule exempts US-formed companies and US persons from beneficial ownership reporting, limiting the requirement to foreign entities registered to do business in the United States. The Eleventh Circuit upheld the statute’s constitutionality in December 2025, and a final rule is expected this year. Separately, FinCEN eased beneficial ownership verification requirements for financial institutions in February. The reporting regime and your customer due diligence obligations are now on different tracks, and conflating them is a common error.

Why This Matters

These three rules touch different parts of the program but share one theme: regulators are pushing accountability and documentation onto the institution. The AML reform makes your risk assessment examinable, the GENIUS package extends BSA duties to a new class of issuer, and the beneficial ownership shift puts the verification burden on you rather than on a federal registry.

Operational Implications

A practical July playbook:

  1. Assign an owner to the GENIUS July 18 deadline this week and inventory every stablecoin touchpoint, issuance, custody, correspondent, or payment rail, before the final rules drop.
  2. Draft your formal AML risk assessment now against the proposed reform structure. Institutions that wait for the final rule will spend the 12-month window rebuilding rather than refining.
  3. Separate your beneficial ownership reporting analysis from your customer due diligence program in writing, so an examiner sees that US entities are out of scope for reporting while your CDD verification duties continue in full.

Global Supervision: UK, EU, and Australia

United Kingdom. The FCA fined Nationwide Building Society 44 million pounds for weaknesses in its AML controls. On the sanctions side, OFSI completed its most significant enforcement overhaul since 2017: it doubled the maximum penalty to the greater of 2 million pounds or the value of the breach, introduced a settlement option carrying a 20 percent discount, offers up to a 30 percent discount for prompt and full cooperation, and set fixed penalties of 5,000 or 10,000 pounds for reporting and licensing offences.

European Union. AMLA has begun selecting the roughly 40 high-risk institutions it will directly supervise from 2028. National supervisors must submit eligibility data by August 15, with a provisional list expected by the end of September; selection turns on factors including cross-border activity in at least six member states. AMLA’s first tranche of Level 2 and Level 3 measures, including a common SAR template, is due around July 10.

Australia. AUSTRAC’s Tranche 2 obligations commence today, July 1, bringing lawyers, accountants, real estate professionals, and dealers in precious metals and stones into the AML and CFT regime for the first time. Firms that treated this as a 2027 problem will spend July explaining gaps.

Operational Implications

Two concrete steps this week:

  1. If you have UK sanctions exposure, document your voluntary disclosure decision tree now that OFSI has put a number on cooperation; the 30 percent discount only helps if you disclose promptly and completely.
  2. If you run cross-border operations in six or more EU member states, assume you are in scope for AMLA direct supervision and begin preparing your data submission ahead of the August 15 deadline.

Fraud and Typologies: Scam-Center Takedowns Scale

The enforcement response to Southeast Asian scam compounds moved from advisory to arrest. A coordinated operation involving the DOJ, FBI, Dubai Police, and China’s Ministry of Public Security produced at least 276 arrests across nine scam compounds earlier this year, and the FBI’s Operation Level Up has notified roughly 8,935 cryptocurrency-fraud victims and saved an estimated 562 million dollars, with 77 percent of those victims unaware they were being scammed when contacted.

For compliance teams, the signal is that pig-butchering and investment-fraud proceeds move through mainstream rails, not just crypto exchanges. The same front-company and mule-account structures seen in the Prince Group case appear across these schemes. Refresh analyst training on the behavioral indicators, sudden high-value transfers to newly onboarded beneficiaries, layered payments through payment processors, and victims who resist intervention, and confirm your elder-exploitation escalation path is current given the scale of losses in that segment.

Coming Up in the Next 30 Days

Date Event or deadline
July 1, 2026 AUSTRAC Tranche 2 obligations commence for legal, accounting, real estate, and precious metals sectors.
July 1, 2026 MiCA transitional grandfathering period ends for EU crypto asset service providers.
July 10, 2026 AMLA publishes its first tranche of Level 2 and 3 measures, including a common SAR template; EU Commission delegated acts on sanctions screening expected.
July 18, 2026 Statutory deadline for six US agencies to finalize GENIUS Act stablecoin rules.
Aug 15, 2026 National supervisors submit AMLA direct-supervision eligibility data (just beyond the window, worth diarizing now).

Next Wednesday

Next Wednesday: July 18 is the GENIUS Act final-rule deadline. We will break down what the six agencies actually published and which stablecoin obligations take effect immediately versus phase in.

Want a 30-minute review of your program against the FinCEN AML reform proposal or the GENIUS stablecoin rules? Book a call with a Global RADAR compliance specialist.
Book the 30-minute call
Forwarded this from a colleague? Subscribe at globalradar.com/subscribe.