Our monthly round up of news items which are of particular relevance to those businesses regulated for the purposes of AML.
Criminals lose, AML compliance wins, the smarter way to safeguard your business.
Cyber Security
83 Million Credentials Exposed in Mega Data Leak
The cyber security community has been rocked yet again, by the revelation that 183 million account credentials including Gmail, Outlook, iCloud, Apple, and Facebook logins had been exposed in one of the year’s largest data leaks.
Rather than compromising company servers, this trove was harvested stealthily by infostealer malware that infected users’ devices, logging passwords (mostly in plaintext) as users typed them or stored them in browsers.
Synthient LLC, a threat intelligence firm, compiled this vast dataset from dark web forums and Telegram channels, sharing it with Have I Been Pwned to alert victims and bring visibility to the issue.
Analysis reveals that the breach touches major online platforms and even government domains, showing how indiscriminate and far-reaching infostealer malware can be. The exposed data included sensitive information like browser session cookies and, in some cases, payment or crypto wallet details, making traditional password-based authentication especially vulnerable.
Security experts stress that this isn’t a failure by tech giants, rather it highlights that the endpoint (the individual device) is now the frontline in digital security, and even robust organisational safeguards cannot protect users who fall victim to malware.
For AML and compliance professionals, this breach exposes how credential compromise, account takeover, and identity theft can ripple across financial systems, undermining customer due diligence and enabling money laundering schemes. It is a wake-up call to strengthen password practices, quickly adopt two-factor or passwordless authentication, and embrace zero-trust security frameworks.
Comment – This record-breaking breach is a powerful reminder that regular cyber risk assessments and security awareness training are essential to protect your organisation from evolving, malware-driven threats We can help.
Organised Crime
Gold, Guns, and Hidden Networks. Unmasking Nigeria’s North-West Trade Crisis
The sprawling gold-rich regions of Nigeria’s north-west have become battlegrounds where illicit mining converges with violent armed banditry. Investigations reveal how gold extracted from artisanal mining fields, often controlled by criminal gangs, is covertly smuggled across borders and either sold in black markets or directly bartered for guns. This vicious cycle of “gold-for-arms” trade is financing sophisticated weapons acquisition, including advanced firearms and rocket-propelled grenades, arming bandits responsible for thousands of deaths and widespread displacement.
Years of instability have driven bandits to consolidate control over lucrative mining areas, forcing local miners to work under duress while siphoning off vast revenues to fuel their operations. Despite government efforts to regulate the sector through formalisation initiatives and military interventions, porous borders and weak oversight enable these non-state actors to flourish. The illicit gold trade not only enriches these groups but also creates a complex international laundering network, with much of the precious metal ending up in global trading hubs like Dubai.
Comment -From an AML compliance perspective, this nexus poses significant risks as proceeds from illegal mining flow into terror financing and arms trafficking. Understanding how natural resources can underpin violent networks underscores the need for more robust cross-border cooperation, enhanced traceability of mineral supply chains, and targeted measures to disrupt these criminal economies.
Without addressing this gold-to-guns pipeline, instability will remain entrenched, perpetuating harm to communities and compounding security challenges throughout the Sahel region and beyond.
Regulatory
FATF keeps Iran on blacklist over AML failures
At the FATF’s latest plenary in Paris, delegates reaffirmed that Iran will stay on the global watchdog’s blacklist, highlighting deep and ongoing deficiencies in its compliance with international AML/CFT rules.
Despite Iran’s recent ratification of the UN Convention for the Suppression of the Financing of Terrorism (CFT), the move fell short of expectations due to constitutional reservations and limited enforcement, effectively allowing exemptions for so-called “resistance movements.” The FATF noted that since 2016, Iran has failed to implement the majority of its action plan, and continues to inadequately address both terror finance and transnational crime risks.
The watchdog’s statement underscored the urgent need for Iran to fully criminalise terrorist financing, tighten asset-freezing mechanisms, and regulate informal money transfer channels, seen as key areas of vulnerability under FATF scrutiny. International pressure remains high following renewed sanctions and mounting concerns over proliferation financing risks, as Iran’s support for designated terrorist groups like Hamas and Hezbollah creates an ongoing threat to the global financial system.
Comment – For AML, sanctions, and compliance professionals, FATF’s stance is a meaningful reminder of how geopolitical issues and regulatory non-compliance can lock entire jurisdictions out of the global banking mainstream. Risk teams must stay up-to-date with high-risk countries, enhance their sanction screening and due diligence processes, and be vigilant for indirect exposure through correspondent banking or third-party transactions involving blacklisted actors.
Do you want an effective tool to help manage you due diligence and risk assessment responsibilities? Look no further than Investigation Engine.
