FATF Blacklist: Why Iran, North Korea, and Myanmar Are Banned from Crypto Markets

The FATF blacklist isn’t just a list of names-it’s a global red alert for financial crime. As of June 2025, only three countries sit at the top of this dangerous roster: Iran, North Korea, and Myanmar. These aren’t random picks. They’re the only nations the Financial Action Task Force has flagged as high-risk for laundering money, funding terrorism, and financing weapons of mass destruction. And right now, cryptocurrency is the main tool they’re using to bypass the world’s financial controls.

Why These Three Countries? The Real Story

The FATF doesn’t put countries on its blacklist lightly. It takes years of evidence showing systemic failure to stop financial crime. Iran, North Korea, and Myanmar all have weak or nonexistent anti-money laundering systems. But what makes them stand out today is how they’ve turned crypto into a lifeline for sanctioned economies.

North Korea leads the pack in crypto theft. Its state-backed hacking groups don’t just break into banks-they target crypto exchanges like they’re video games. In February 2025, they stole $1.5 billion from ByBit, one of the largest crypto platforms in Asia. That single heist was bigger than most countries’ annual defense budgets. Chainalysis data shows that sanctioned nations pulled in $15.8 billion in cryptocurrency in 2024 alone. Nearly 40% of all illicit crypto transactions globally flowed into these three countries.

Iran’s situation is different but just as alarming. It’s not stealing crypto-it’s using it to survive. U.S. sanctions have cut off Iran’s access to the global banking system. So millions of Iranians turned to Bitcoin and other cryptocurrencies to send money abroad, buy essentials, or protect savings from hyperinflation. Centralized exchanges in Iran saw transaction volumes spike by over 300% in 2024. People aren’t trading for profit-they’re trading for survival. But that same system is being abused by the Iranian government and its military wing, the IRGC, to move funds out of the country without detection.

Myanmar’s case is more recent. After the 2021 military coup, the junta lost access to international finance. Crypto became a way to pay mercenaries, buy weapons, and launder proceeds from illegal logging and human trafficking. Unlike Iran and North Korea, Myanmar hasn’t been hit with full countermeasures yet-but it’s on the verge. FATF is watching closely.

How Crypto Is Being Used to Bypass Sanctions

Traditional sanctions work by freezing bank accounts and blocking wire transfers. But crypto doesn’t need banks. All you need is a private key. That’s why these regimes love it.

They use three main tricks:

• Mixers and tumblers: These services scramble the trail of crypto transactions, making it nearly impossible to trace where the money came from. The U.S. FinCEN recently flagged the Huione Group as a top money laundering concern because of its role in cleaning stolen crypto.
• Privacy coins: Monero, Zcash, and others hide sender, receiver, and amount. They’re not illegal-but they’re the go-to for criminals who want to vanish.
• Peer-to-peer (P2P) trading: Platforms like LocalBitcoins and Paxful let users trade directly. No KYC. No oversight. Just cash in, crypto out. Iran and North Korea use these heavily to convert stolen crypto into cash.

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) responded by designating over 13 crypto addresses in 2024-the second-highest number in seven years. They’re not just blocking wallets. They’re going after the infrastructure: exchanges, wallet providers, even developers who build tools for these regimes.

The Global Compliance Crisis

Here’s the uncomfortable truth: most countries aren’t ready.

As of April 2024, 75% of FATF member countries were either noncompliant or only partially compliant with global rules for regulating virtual assets. That means most exchanges, banks, and payment processors around the world aren’t properly checking if crypto transactions are linked to Iran, North Korea, or Myanmar.

It’s not because they don’t want to. It’s because the systems are outdated. Many still rely on manual checks. Some don’t even track wallet addresses. Others use outdated blacklists that don’t include new crypto addresses created daily.

The result? A massive loophole. Criminals move money through dozens of small exchanges in countries with weak oversight. Then they funnel it into major platforms that don’t ask questions. By the time the money hits a U.S.-based exchange, the trail is cold.

What’s Being Done to Stop It?

The response is getting tougher-and smarter.

The U.S. and allies launched Counter Illicit Finance Teams (CIFT), joint units made up of FinCEN, the State Department, and international partners. These teams train police and financial regulators in Southeast Asia, Eastern Europe, and the Middle East to track crypto crime. They don’t just teach how to trace transactions-they show how to shut down entire networks.

The Netherlands Central Bank now requires Dutch banks to increase capital buffers if they handle any transactions tied to FATF blacklist countries. That’s a financial penalty designed to make compliance worth the cost.

Even crypto companies are being forced to act. Major exchanges like Binance and Kraken now block transactions from known Iranian and North Korean wallets. Some have started using AI tools that flag suspicious patterns-like a wallet receiving small transfers from dozens of addresses, then sending it all to one mixer.

But the biggest shift? Sanctions are no longer just about banks. They’re about code.

In 2025, the U.S. Department of State added new restrictions targeting developers who build crypto tools for sanctioned regimes. It’s the first time software itself has been treated as a sanctioned item.

Why This Matters to Everyone

You might think, “I’m not in Iran or North Korea. Why should I care?”

Because this isn’t just about bad actors. It’s about the future of money.

Crypto was supposed to be a tool for freedom-giving people control over their money without governments or banks in the way. That’s still true. Millions in Argentina, Nigeria, and Lebanon use crypto to protect their savings from inflation. But when regimes like North Korea use that same freedom to fund nuclear weapons, it puts everyone at risk.

If we don’t fix the gaps in crypto regulation, the entire industry could face a global crackdown. Exchanges could be forced to shut down entire regions. Wallets could be frozen without warning. Even legitimate users could get caught in the net.

The goal isn’t to ban crypto. It’s to make sure it can’t be used to fund war, terror, or mass destruction.

What’s Next?

FATF updated its list in June 2025. The British Virgin Islands and Bolivia were added to the “increased monitoring” list. Croatia, Mali, and Tanzania were removed. That shows the system works-if countries actually follow the rules.

Iran, North Korea, and Myanmar? Still on the blacklist. No changes. No mercy.

The next step? More targeted sanctions. More international cooperation. More pressure on the tech companies that build the tools these regimes rely on.

And if you’re using crypto in a sanctioned country? You’re not just taking a risk-you’re part of a global system under siege. The world is watching. And it’s getting harder to hide.