The cryptocurrency industry is facing yet another massive regulatory stress test. According to recently surfaced internal investigation documents, more than $1.7 billion in digital assets quietly slipped through accounts linked to Binance, eventually landing in wallets associated with heavily sanctioned Iranian entities and militant organizations. As governments worldwide crack down on digital finance to foster safer institutional digital asset adoption, this highlights the ongoing battle to secure global payment rails against sophisticated evasion tactics.
Uncovering the Billion-Dollar Web
At the heart of this controversy is a staggering flow of funds that went unnoticed by automated security tripwires. Internal records, first brought to light by Fortune, map out how money moved from mainstream crypto accounts into the digital coffers of Iran’s largest exchange, Nobitex. From there, portions of the capital were traced to wallets tied to U.S.-designated terrorist organizations, including the Islamic Revolutionary Guard Corps and the Houthi movement. This raises serious questions about the effectiveness of current anti-money laundering controls.
Inside the Chinese Nexus
Investigators digging into the transaction histories coined the term “Chinese Nexus” to describe the highly coordinated network. There were two main VIP accounts which were the tools used for this activity belonging to different individuals; a 79-year-old Male from China, and a 38-year-old Female from China. Although these two profiles appear to be very different (in age, as well as their name), there is currently one major issue in the security logs regarding these accounts (two high-level accounts utilizing the same device). Both of these accounts were linked to an entity called Entity A, from which hundreds of millions of dollars were funneled into a central holding wallet.
The Role of Hong Kong Middlemen
The strategy’s use of corporate middlemen to hide the source of funds was extensive, with the principal intermediary being a company in Hong Kong called Blessed Trust, which provides conversion services between cryptocurrencies and fiat currencies. The VIP accounts shared a device with Blessed Services, a corporate affiliate, creating a closed-loop operation. Furthermore, another Hong Kong trading firm, Hexa Whale Trading Limited, pushed around $500 million into Entity A. Interestingly, by the time compliance officers caught wind of Hexa Whale’s unusual activity, the account had already been quietly offboarded by other team members.
Stablecoins and Sanctions Evasion
The mechanics of the transfer relied heavily on the stability of the U.S. dollar. About $1.1 billion out of the total amount moved through accounts for which Iran was sanctioned was moved via an asset-backed stablecoin known as USDC (USD Coin). According to this, it’s clear that a growing trend in the regulation of bad actors is to ensure the stability of their funds in an asset-backed stablecoin (like USDC, or a US-based stablecoin), rather than relying on a volatile asset (such as Bitcoin). After these illicit transfers of money were uncovered, Circle Internet — the issuer of USDC — declared that it had officially terminated Blessed Trust from being a corporate customer so that it would not be able to use USDC again.
Regulatory Fallout and Exchange Defense
For Binance, these revelations reopen old wounds. The exchange previously paid a historic $4.3 billion settlement in 2023 for past anti-money laundering violations, which also resulted in federal prison time for founder Changpeng Zhao. In response to the latest report, the company maintained that none of the intermediary wallets were officially flagged by global law enforcement at the time the transfers occurred. Because the addresses were not blacklisted, the automated alerts were never triggered. Moving forward, the financial sector must radically upgrade its surveillance tools to ensure the crypto market is safe for mainstream integration.
