
In May, the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued a stark alert: Iran was using digital currencies to evade sanctions and support terrorist groups. Iran attempted to coerce ships trying to exit the Strait of Hormuz into paying tolls in cryptocurrency — something the U.S. Treasury Department has explicitly sought to sanction over the last three months. What if Congress passed legislation to help facilitate these types of corrupt payments?
This is a key question the Senate should ask itself while considering the CLARITY Act – a piece of legislation that, as drafted, would solidify glaring, dangerous and shocking loopholes for the crypto industry. This bill would omit many of the standard responsibilities for financial institutions that were put in place to protect national security after the horrific attacks of 9/11. If enacted, it would limit the types of crypto-related firms that have to abide by anti-money laundering (AML) and counter-terrorism financing rules.
After 9/11, the Bush Administration worked to ensure that banks and other financial service providers could deny access to bad actors endangering U.S. national security — including those helping terrorists build weapons, transnational criminal organizations, corrupt officials, human rights violators and others. Programs were enacted to identify threats and warn financial service providers, reminding them of their responsibility to the American people.
So why is cryptocurrency now getting a pass to work with American enemies?
The CLARITY Act would preserve significant loopholes for decentralized finance (DeFi), leaving many identifiable actors involved in these services outside clear Bank Secrecy Act obligations and weakening reforms enacted after 9/11 to combat terrorist financing. Although Section 201 expands AML requirements for some crypto intermediaries, it does not clearly require all businesses that operate, administer, profit from, or facilitate DeFi services to maintain AML programs, monitor for suspicious activity, or report it to law enforcement. As a result, the bill would leave parts of the crypto ecosystem vulnerable to exploitation by terrorists, sanctions evaders, fraudsters, and other illicit actors under the guise of technological neutrality.
In fact, the Fraternal Order of Police — the world’s largest organization of sworn law enforcement officers — has expressed concern with the provisions of the Clarity Act. In particular, they noted that carve-outs granted to crypto firms “would strip prosecutors and law enforcement of the statutes used to track and take down criminals using these digital assets to commit crimes.”
Lawmakers’ 180 on crypto regulations is a stunning change from when the U.S. held the presidency of the international Financial Action Task Force (FATF) in 2018 and listed the risks of “virtual currency” as one of its top three priorities. This task force has been key to the bipartisan efforts to improve banking compliance with counter-terrorism and AML rules over the decades.
In its May alert, FinCEN warned that “uneven and often inadequate regulation and supervision of digital assets—including a lack of implementation of FATF standards—across jurisdictions also enables Iranian facilitators to access digital assets through international [digital asset service providers].” If enacted without stronger AML/CFT safeguards, the CLARITY Act would preserve the same kind of systemic vulnerability that the U.S. government’s own financial intelligence arm has warned about.
Iran is not the only adversary positioned to exploit this weakness. North Korea, Russia, and China could use cryptocurrency to move money, bypass controls, and expand malign influence. Corrupt officials, professional enablers, and other criminal actors should also be expected to abuse these gaps for their own advantage.
The message should be clear to Congress: We cannot pass legislation on financial technology that makes it harder for investigators to follow money related to terrorism, narcotics trafficking, weapons proliferation, corruption or organized crime.
Supporters argue that the bill “ensures key digital asset intermediaries are subject to anti-money laundering and countering terrorist financing requirements.” But the CLARITY Act still leaves major gaps for decentralized finance and offshore activity. If AML rules apply when a traditional intermediary moves funds, but become unclear when software performs the same function or when identifiable actors profit from that software, Congress has not created a safeguard — it has created a loophole.
The bill also fails to clearly require offshore platforms serving U.S. customers to comply with U.S. AML rules, and it does not require the kind of ecosystem-wide monitoring needed to detect suspicious activity involving stablecoins. Crypto cannot be excused from the responsibilities that banks and other financial service providers must meet.
The solutions to these problems are straightforward: Congress must treat crypto as a financial service and ensure its providers adhere to the same common-sense requirements that banks and other financial institutions must abide by. Congress cannot create new carve-outs for decentralized financial institutions. Instead, lawmakers should ensure that existing U.S. sanctions regulations cover cryptocurrency in the same way as traditional finance. This must include requiring stablecoin issuers and other digital asset intermediaries to detect and report suspicious activity.
The CLARITY Act would allow the crypto industry to operate with fewer onerous restrictions, exposing the United States to massive national security vulnerabilities and reopening the doors we started to close in 2001. Congress cannot create a new financial system with fewer tools for investigators than they have today, or the same problems we began to solve at the turn of the century will return.
The opinions expressed in Fortune.com commentary pieces are solely the views of their authors and do not necessarily reflect the opinions and beliefs of Fortune.