Yellow Minimalist Doodle Did You Know Instagram Post (2)

The Digital Shift in Illicit Finance: A Critique of AML/CTF’s Obsolete Focus on Traditional Banking

by AdvocacyAML/CTFCivic SpaceFATF

By Jordan Tumwesigye

The global financial landscape has undergone radical changes over the last decade. On one hand, this landscape has been digitized, which has promoted greater financial inclusion and efficiency. On the other hand, the financial system has birthed a sophisticated “shadow” ecosystem. Despite this transformation, the pillars of Anti- Money Laundering (AML) and Counter-Terrorist Financing (CTF) remain largely rooted in a dated banking model. This reliance on a legacy framework has created a dangerous disconnect whereby regulators are still perfecting the art of monitoring bank transactions and wire transfers while illicit actors have migrated to decentralized, borderless, and automated digital rails.


The Migration of Shadow Capital
For decades, the “gold standard” of AML was the Know Your Customer (KYC) protocol at commercial banks. It was assumed that if you could control the gates of the traditional banking system, you could theoretically starve criminal enterprises of their oxygen. However, 2025 data from The Financial Times suggests a radical pivot with an estimated $158 billion in illicit cryptocurrency flows. This represents a significant increase from previous years, driven not just by individual hackers, but by state-aligned
actors and sophisticated underground banking networks.


Traditional banking relies on centralized intermediaries who act as “gatekeepers.” In the digital shift, these gatekeepers are being bypassed through peer-to-peer protocols that allow for lending, trading, and asset management without a central authority to conduct KYC. Moreover, digital assets like the ruble-pegged A7A5 or USD-pegged tokens that offer the liquidity of cash in an instant can be difficult to track. Lastly, techniques that confuse the trail of funds through jumping across different blockchains or using “tumblers” to blend illicit funds with legitimate ones can be difficult for these gatekeepers
to track.


Why Traditional AML/CFT is Failing
Traditional AML systems often rely on batch screening of transactions, which happens days after the transaction has been conducted. In a digital world of instant payments and “flash loans,” a criminal can move funds through ten different jurisdictions and three different asset classes in the time it takes a bank’s compliance software to flag a single suspicious wire. By the time a Suspicious Activity Report (SAR) is filed, the “money” has already been laundered and converted back into untraceable assets.
Secondly, AML regulations are inherently confined to defined geographical limits. Digital finance, however, is inherently agnostic to borders. A “Chinese-linked” syndicate can use Australian digital infrastructure to move Russian-sanctioned funds into a Caribbean

DeFi protocol. Traditional banking AML struggles with “cross-border complexity,” but for a digital-native launderer, there are no border restrictions. Legacy systems focus on physical identity: passports, utility bills, and face-to-face verification. In the digital shift, identity is increasingly algorithmic. A wallet address is not a person; it is a cryptographic key. While the blockchain is transparent, the link between the “key” and the “human” is where the system breaks down. Current AML frameworks are ill-equipped to handle unhosted crypto wallets, which allow individuals to act as their own banks.


Sanctions Evasion in 2025: A Brief Case Study on the Growing Influence of Digital Currency
The obsolescence of traditional banking focus was best illustrated in 2025 by the rise of state-sponsored sanctions evasion. Nations under heavy international sanctions no longer rely on back-channel bank transfers. Instead, they have integrated crypto-rails into their national economic strategies.
According to a January 2026 Report by TRM Labs, the A7 wallet cluster associated with Russian sanctions evasion handled nearly $39 billion in 2025 alone. These flows didn’t pass through the SWIFT system or Western correspondent banks. They moved through stablecoins and “underground” digital exchanges that operate entirely outside the reach of traditional banking supervisors.


Recommendations

Failure to adapt will not just lead to more financial crime, which will, in turn, render the global financial oversight system a relic of a pre-digital age.

  1. For one, it is important to acknowledge that humans cannot effectively monitor the volume of digital transactions. Compliance must therefore shift towards real-time analytics that use Artificial Intelligence to identify patterns of “chain-hopping” or “mule” behavior as they happen.
  2. The Financial Action Taskforce (FATF)’s “Travel Rule,” which emanates from Recommendation 16 should be enforced. The rule requires virtual asset service providers (VASPs) to share sender and receiver information, which must be globally enforced. As of late 2025, fewer than half of jurisdictions were actively enforcing it, creating “regulatory havens” for illicit capital.

Conclusion
This digital shift is not a future threat; it is the current reality. By remaining hyper-focused on the pipes of traditional banking, regulators are effectively guarding the front door while the back wall has been replaced with a high-speed digital tunnel.
To remain relevant, AML/CTF frameworks must evolve from a “checklist” mentality centered on bank accounts to a data-driven strategy centered on on-chain intelligence. The goal is no longer just to “Know Your Customer,” but to “Know Your Network.”

WhatsApp Image 2026-01-22 at 11.36.37 (1)

Strengthening Digital Safety, Legal Awareness, and Mental Well-Being for Women Politicians and Journalists ahead of the Uganda 2026 elections

by AdvocacyDigital SecurityDigital SecurityFATFMental healthSecurity

Women journalists and women politicians increasingly operate in hostile digital and political environments where online harassment, surveillance, legal intimidation, and psychological pressure are becoming routine. To respond to these risks, Defenders Protection Initiative (DPI), in partnership with Pollicy, with support from Urgent Action Fund, conducted two tailored two-day capacity-building trainings focused on digital safety, legal implications and compliance, and mental health.

The trainings were delivered separately for women journalists and women politicians, recognising the distinct risk landscapes they navigate while grounding both engagements in shared principles of safety, rights protection, and resilience.

Addressing Real and Escalating Digital Threats

Participants shared experiences of online harassment, coordinated smear campaigns, account takeovers, surveillance, doxxing, and threats that often translate into offline harm. These attacks undermine professional work, personal safety, and emotional well-being. The trainings were designed to be practical and grounded, equipping participants with tools and strategies they could immediately apply in their work and daily lives.

Key Focus Areas of the Trainings

Over the two days, the sessions combined technical learning, legal literacy, and psychosocial support through interactive and participant-centred approaches:

1. Digital Safety Tools and Practices
Participants were introduced to safe and trusted digital tools for secure communication, strong account protection, password management, and safe data handling. Hands-on exercises supported participants in assessing personal and organisational risk and adopting safer digital practices without fear or overwhelm.

2. Legal Implications and Compliance
The training unpacked relevant legal and regulatory frameworks affecting digital engagement, journalism, and political participation. Participants explored compliance obligations, responsible online conduct, and ways to protect themselves legally while continuing to exercise freedom of expression and civic participation.

3. Mental Health and Psychosocial Well-Being
Recognising the emotional toll of digital attacks, dedicated sessions focused on mental health, burnout, and collective care. Participants discussed coping mechanisms, peer support, and referral pathways for psychosocial and mental health support, reinforcing the importance of well-being as a core component of protection.

Creating Safe and Supportive Learning Spaces

DPI intentionally created safe, feminist, and survivor-centered spaces where women could share their experiences openly, learn collectively, and rebuild their confidence. The approach affirmed that digital safety is not only technical or legal, but it is also deeply linked to dignity, agency, and mental well-being.

Outcomes and the Way Forward

By the end of the training, participants reported increased confidence in:

  • Using secure digital tools and safer online practices
  • Understanding legal risks and compliance responsibilities
  • Responding to online harassment and intimidation
  • Prioritising mental health and seeking support when needed

Through collaboration with Pollicy and the support of the Urgent Action Fund, DPI delivered a holistic intervention that recognises digital safety, legal protection, and mental health as interconnected pillars for women’s participation in journalism and politics.

Defenders Protection Initiative remains committed to strengthening the safety, resilience, and leadership of women human rights defenders, journalists, and political actors, ensuring they can continue to engage in public life safely, confidently, and with dignity.

unnamed (3)

The Strength of Strategic Coalitions: Showcasing the Impact of the Digital Security Alliance and NPO Coalition on FATF.

by AdvocacyAML/CTFCivic SpaceDigital SecurityDigital SecurityFATF

The pivotal role played by strategic coalitions in advancing our mission cannot be overstated. This month we highlight key wins of the Digital Security Alliance (DSA) and the NPO Coalition on FATF, shedding light on their contributions to empowering Human Rights Defenders (HRDs) and cultivating supportive ecosystems.

Digital Security Alliance (DSA)

Digital Security Clinics:

Through our Digital Security Clinics, we have significantly extended our impact in fortifying the cybersecurity resilience of HRDs. This month’s focus was on empowering grassroots HRDs and CBOs, which are most burdened with emerging digital challenges such as limited access due to slow or no internet connectivity, data loss, and the absence of enabling ICT hardware and infrastructure, such as cell towers and computers.

The Digital Security Clinics successfully fortified the digital security capacity of civil society organizations (CSOs) in the Eastern subregion, including the Pallisa Civil Society Organization Network (PACONET), Public Affairs Center of Uganda (PACUganda), Soroti, the Kapchorwa Civil Society Organizations Alliance, and the Joshua’s Cheptegei Development Foundation.

DSA served as the official digital security partner for the 5th edition of the Human Rights Convention hosted by Chapter Four Uganda and the 5th Annual Women’s Week hosted by Uganda Women’s Network (UWONET). These workshops addressed multifaceted issues, including limited access, insufficient digital literacy, and socio-cultural barriers discouraging women’s engagement with ICT.

NPO Coalition on FATF

Global NPO Consultation on Recommendation 8

The Global NPO Coalition on FATF played a pivotal role in the success of the “Risk and Consequence: The Future of FATF Recommendation 8 for Financial Integrity and Civil Society” conference. This convening brought together policymakers, standard setters, financial institutions, nonprofit organizations (NPOs), multilateral organisations, academics, and think tanks, all of whom contributed their input to the revision of the FATF Recommendation 8.

Furthermore, the Coalition submitted recommendations to the FATF Public Consultation on revisions to Recommendation 8 and its Interpretive Note. The approved revised standard clarifies the application of the risk-based approach, acknowledges sectoral self-regulation measures, and explicitly states that NPOs should not be considered obliged entities.

As we reflect on the achievements of the Digital Security Alliance and NPO Coalition on FATF, we are inspired to continue fostering alliances, enhancing outreach, and creating lasting impacts on the front lines of advocacy. The journey toward safeguarding human rights defenders remains a collective endeavor, and we look forward to the shared progress that lies ahead.

2nd

Harnessing the Potential of Collaboration and Partnerships for Social Impact

by AdvocacyAdvocacyAML/CTFCivic SpaceDigital SecurityDigital SecurityFATFLEDs ProtectionProjects/Our Work SectionRisk AssessmentSecurity

The significance of partnerships and collaborative efforts in advancing the goals and activities of civil society has become more evident than ever before. This month, we take a moment to reflect on the profound impact of collaboration and partnership in advancing our mandate.


Fostering Knowledge Exchange
In collaboration with the Civic Advisory Hub and the NPO Coalition on FATF – East and Southern Africa Chapter, we took a significant step forward in advocacy efforts for the adoption of a risk-based approach to the monitoring and legislation of NPOs in the context of countering terrorism financing.


During a successful webinar titled “Understanding NPO Risk Assessment on Terrorism Financing,” NPO leaders from the region shared their experiences, lessons learned, and criteria for NPO risk assessment working groups. Together, we explored the critical role that NGOs play in these assessments and discussed the essential qualities required for effective participation.


Empowering Communities through Digital Security: Our #RoadToFIFAfrica Journey
We embarked on an exhilarating regional campaign known as #RoadToFIFAfrica, spanning from Kampala to Nairobi, Mombasa, and culminating in Dar es Salaam. Throughout this journey, we actively connected with local communities, students, CBOs, and NGOs to address the vital topic of digital security. Our mission was clear: to equip individuals and organizations with essential digital security skills, provide them with valuable tools and knowledge, and empower them to navigate the digital world safely and confidently.


Championing Internet Freedom at FIFAfrica23
With support from CIPESA Uganda and in collaboration with Encrypt Uganda, and HRD Andrew Gole, our commitment to digital security extended to Africa’s largest gathering on Internet freedom, the Forum for Internet Freedom in Africa (#FIFAfrica23). Through the Digital Security Alliance, we extended digital security support to some of the brightest minds in Africa and worldwide, fueling their tireless efforts to safeguard internet freedom both on the continent and globally.


Multi-Sector Support and Collaboration
In addition to these dynamic initiatives, we maintain active engagement with key government ministries and agencies including the Financial Intelligence Authority (FIA) and the National Information Technology Authority (NITA-U) among others.


Our objective is to provide valuable sector insights and foster collaboration to create an enabling and supportive environment for Human Rights Defenders(HRDs) and activists. Through our regional “Talk To Your Regulator” sessions, we aim to strike a delicate balance between fostering compliance and preventing excessive regulation. We achieve this by creating awareness among NGOs about their legal compliance requirements and responsibilities while also engaging regulators on the unintended consequences that overly restrictive regulations can have on the sector. Our ultimate goal is to ensure that members of civil society can effectively fulfill their missions. This month’s engagement took place in Hoima, marking another milestone in this ongoing effort.


Suffice it to say that our journey this month underscores the power of collaboration and partnerships in driving transformative change and fostering social impact. Here’s to more partnerships and collaborations ahead.