United States

The arrest of a U.S. government contractor's son for stealing $46M+ in seized cryptocurrency demonstrates increased enforcement of AML and third-party risk regulations in crypto compliance. This joint FBI-French operation signals heightened scrutiny of government contractors managing seized assets and international cooperation in fraud investigations. Companies must review their third-party risk management and crypto compliance programs to avoid similar enforcement actions.

A U.S. federal judge has issued a temporary restraining order freezing 70.6 bitcoin and blocking crypto lender BlockFills from moving assets abroad, following allegations of misappropriation and commingling of customer funds. This enforcement action highlights increased regulatory scrutiny of crypto lending practices, particularly regarding asset segregation, transparency, and investor protection. Companies in the crypto sector should review their compliance with existing financial regulations and ensure proper handling of customer assets.

The SEC has reached a settlement with Tron founder Justin Sun and related entities, resulting in a $10 million fine for Rainberry Inc. and dismissal of claims with prejudice. This enforcement action signals the SEC's continued scrutiny of cryptocurrency offerings as unregistered securities and market manipulation practices, setting a precedent for compliance in the crypto industry.

U.S. banking regulators issued guidance clarifying that capital requirements for tokenized securities must be identical to those for traditional securities, adopting a technology-neutral approach. This provides compliance certainty for banks engaging with tokenized assets while maintaining existing financial stability safeguards.

The FBI arrested a suspect for stealing $46 million in cryptocurrency from the U.S. Marshals Service through a government contractor's access. This enforcement action highlights increased regulatory scrutiny on third-party vendor management, cybersecurity, and financial compliance in government contracting and crypto asset handling.

A key leader of the Phobos ransomware gang pleaded guilty to wire fraud charges, facing up to 20 years in prison. This enforcement action highlights increased international law enforcement scrutiny on ransomware operations and signals that companies must strengthen cybersecurity defenses against such threats.

A Russian national pleaded guilty to wire fraud conspiracy for his role in the Phobos ransomware operation, facing up to 20 years in prison with sentencing scheduled for July 15, 2025. This case is part of broader international enforcement actions against ransomware groups, signaling increased regulatory scrutiny and cross-border collaboration in combating cybercrime.

A US real estate firm has been sued over physical climate risks, demonstrating litigation as an emerging enforcement mechanism for ESG compliance. This signals increased legal pressure on companies to address climate risks and enhance disclosures under frameworks like SEC climate rules and CSRD/ESRS.

The FTC's Bureau of Consumer Protection Director outlined a shift in enforcement priorities under the current administration, emphasizing targeted actions on children's data protection (COPPA), AI-facilitated fraud, and teen financial privacy in fintech apps. This represents a change from the previous administration's broader approach, signaling where companies should expect regulatory scrutiny without new substantive AI regulation.

CISA issued Emergency Directive 26-03 requiring federal agencies to inventory Cisco SD-WAN systems, apply security updates, and investigate potential breaches due to actively exploited vulnerabilities. This directive creates immediate compliance obligations for federal entities and signals heightened cybersecurity scrutiny for organizations using affected Cisco products.

Ohio's SB 9 legislation aligns state tax code with federal R&E immediate cost recovery rules, allowing businesses to immediately deduct research and experimentation expenses rather than amortizing them. This reduces tax burden for companies engaged in research activities and aims to boost innovation and competitiveness in Ohio.

Alaskan lawmakers are debating legislation to legalize online sports betting, which would establish new regulatory frameworks for digital gambling. This represents a potential shift in state policy with implications for tax compliance, financial oversight, and anti-money laundering requirements. Companies in the gambling and fintech sectors should monitor developments as this could create new compliance obligations.

E-Verify requirements will impact construction employers in 2026, mandating electronic verification of workers' employment eligibility. This helps ensure compliance with immigration laws but introduces risks related to government access to workforce data and privacy concerns.

New York State Comptroller and shareholder advocacy group As You Sow have filed lawsuits against BJ's Wholesale Club Holdings and Chubb, respectively, alleging inadequate ESG disclosures related to deforestation risks and climate-related financial losses. These enforcement actions highlight increasing regulatory and investor pressure on companies to enhance transparency and accountability regarding environmental factors, with implications for compliance with emerging ESG disclosure frameworks and fiduciary duties.

The Ninth Circuit Court of Appeals ruled that foreign tech companies can be subject to personal jurisdiction in California based on digital activities, online presence, and intentional targeting of California consumers. This expands compliance risks for companies with California users, particularly regarding data privacy regulations and jurisdictional exposure.

The Washington Commanders NFL team has agreed to pay $1 million to settle a workplace harassment lawsuit filed by the District of Columbia Attorney General's office. This enforcement action highlights the legal and financial consequences organizations face when failing to maintain proper HR infrastructure and address harassment complaints effectively.

The Federal Reserve has approved Kraken's application for a limited 'skinny' master account, granting direct access to Fedwire services. This represents a regulatory milestone for crypto firms seeking central bank access and could pave the way for similar approvals for other fintech companies.

The U.S. Department of Labor is proposing to unwind a Biden-era rule that defined criteria for classifying workers as independent contractors. This regulatory reversal creates uncertainty for employers who must navigate varying federal, state, and local employment laws, impacting HR compliance and contingent workforce management.

Ohio has expanded its E-Verify rules specifically for the construction industry, mandating builders to use the federal E-Verify system to confirm employment eligibility of workers. This regulatory change requires construction owners to adopt systematic verification processes to ensure compliance with immigration laws and avoid penalties.

Pennsylvania employers face new compliance requirements for employment background screening, requiring updates to policies and practices. This represents a significant shift in HR compliance obligations that impacts hiring processes and legal exposure for organizations operating in the state.