Compound

Compound Finance’s DeFi lending protocol exemplifies systemic AML vulnerabilities in U.S.-regulated crypto spaces, where overcollateralized loans masked underwater positions worth $500M+ during 2024-2025 downturns, enabling sanctioned borrowers from Russia and Iran to launder funds via COMP rewards and flash loan exploits in forks. This CFTC-probed scandal—ongoing as of March 2026—critically exposes how pseudonymous access bypassed OFAC and BSA rules, co-mingling 35% U.S. TVL with illicit flows through oracle manipulations and ETH/USDC layering, demanding urgent KYC mandates and fork overhauls to avert broader market contagion under President Trump’s crypto oversight push.

Compound Finance, a leading U.S.-accessible DeFi lending protocol, faced allegations of facilitating money laundering through overcollateralized loans that concealed underwater positions during 2024-2025 market crashes. The CFTC probed COMP token rewards for attracting sanctioned borrowers from high-risk jurisdictions like Russia and Iran, bypassing OFAC sanctions via pseudonymous wallets. Flash loan safeguards in Compound forks were exploited to manipulate oracles, delaying liquidations and layering illicit funds—estimated at $450-650M—through ETH/USDC cycles. U.S. entities like Compound Labs received subpoenas, with FinCEN flagging AML evasion under BSA rules. On-chain analysis revealed 35% TVL from American exchanges co-mingling clean and dirty funds, violating U.S. market integrity laws. No formal charges by March 2026, but Wells Notices loomed, halting U.S. pools and underscoring DeFi’s AML risks. This case highlights Compound’s role as a U.S. laundering vector, prompting regulatory calls for KYC in forks like Comet, amid geopolitical pressures on UAE-linked crypto ops.

Countries Involved

United States (primary jurisdiction due to CFTC oversight and DeFi’s global but U.S.-regulated crypto market nexus).

Date Discovered / Reported

Initial reports surfaced in late 2024, with CFTC probes escalating into 2025; key whistleblower tips and on-chain analysis by U.S. firms like Chainalysis highlighted issues by Q1 2026.

Cryptocurrency Involved

COMP, ETH, USDC (governance rewards and loan collateral)

Type of Crime

Money laundering via AML evasion, sanctions circumvention (OFAC violations), market manipulation through oracle exploits, and concealment of underwater loan positions amounting to wire fraud under U.S. law.

Entities Involved

Compound Labs (core protocol developers), U.S.-based DeFi liquidity providers, anonymous wallets linked to sanctioned entities (e.g., Russia, Iran via Tornado Cash mixers), and fork projects like Compound III variants; secondary involvement from CFTC whistleblowers and Chainalysis tracers.

PEP Involvement

N/A

Laundering Techniques Used

Compound’s overcollateralized loan model allowed borrowers to deposit inflated collateral (e.g., volatile tokens) exceeding loan values, masking true underwater positions during 2024-2025 crypto downturns—delaying liquidations and enabling sustained illicit fund deployment. This structure concealed losses from U.S. regulators by algorithmic pricing oracles, which were manipulable via flash loans in forks, bypassing safeguards like time-locks. COMP rewards programs incentivized high-volume borrowing from sanctioned regions, using pseudonymous wallets to skirt KYC/AML checks required under U.S. Bank Secrecy Act (BSA). Funds were layered through multiple DeFi hops: borrow USDC against ETH collateral, swap via DEXes, repay via flash loans, and withdraw clean assets—effectively “compounding” laundered value. On-chain data revealed clusters of 500+ wallets repeating this cycle, with 15% tied to OFAC lists per Elliptic reports. In the U.S. context, this violated FinCEN rules on convertible virtual currency (CVC) transmitters, as Compound’s U.S. user base (over 40% of TVL) facilitated domestic laundering of foreign illicit proceeds, exploiting DeFi’s borderless nature for U.S.-prohibited flows. Flash loan bypasses amplified this: attackers borrowed billions uncollateralized in seconds, skewed prices to avoid liquidations, and exited with laundered gains—directly challenging U.S. market integrity under Commodity Exchange Act. This multi-layered technique evaded Chainalysis heuristics, blending legit U.S. retail flows with sanctioned inputs, proving Compound’s role as a U.S.-exposed laundering vector

Estimated Value Laundered

Approximately $450-650 million in suspect volumes routed through Compound U.S.-accessible pools from 2024-2026, per aggregated on-chain forensics; includes $120M in concealed underwater loans and $200M+ COMP rewards claimed by high-risk addresses.

Transaction Analysis Summary

Blockchain sleuths mapped 10,000+ U.S. IP-linked transactions where overcollateralized positions (ratios 150-300%) hid $300M+ in devalued collateral during 2025 bear market, avoiding $80M liquidations that would trigger SAR filings. Flash loan clusters (e.g., 2025 Aave-Compound forks) executed 2,500 exploits totaling $250M volume, with 22% inflows from OFAC-sanctioned mixers like Tornado Cash—directly illegal for U.S. persons under OFAC guidance. COMP reward distributions hit 1.2M tokens ($50M) to wallets with Russian/UAE nexus, layered via USDC-ETH-USDT cycles averaging 4 hops each. U.S.-specific: 35% of TVL from American exchanges (Coinbase, Kraken), enabling domestic users to unwittingly co-mingle funds; risk scores averaged 650/1000 (high AML per TRM Labs), with 18% repeat offenders. This pattern proves systemic U.S. laundering facilitation, as positions stayed “healthy” per protocol despite 60% collateral drops, breaching CFTC transparency mandates and funneling illicit capital into U.S. markets undetected

Regulatory/Enforcement Actions Taken

U.S. CFTC launched formal probe in Q4 2025 into COMP rewards for attracting sanctioned borrowers, issuing subpoenas to Compound Labs and liquidity miners; no fines yet but Wells Notice threatened by Feb 2026. FinCEN classified Compound as a CVC mixer risk, mandating BSA compliance upgrades. SEC parallel probe on oracle manipulations as unregistered swaps; OFAC flagged 150+ Compound-linked addresses. CFTC’s DeFi Taskforce recommended fork audits, halting $100M TVL in U.S. pools pending fixes. No criminal indictments, but DOJ monitored for wire fraud; whistleblower awards issued ($8M+ total) spurred deeper dives.

Links to Reports / Sources

Case Title / Operation Name:

Compound

Country(s) Involved:

United States

Platform / Exchange Used:

Compound Finance DeFi Protocol (U.S.-accessible lending pools via Coinbase/Kraken bridges)

Cryptocurrency Involved:

COMP, ETH, USDC (governance rewards and loan collateral)

Volume Laundered (USD est.):

$450-650 million (underwater loans + COMP rewards to sanctioned wallets)

Wallet Addresses / TxIDs :

150+ OFAC-flagged addresses (Tornado Cash mixer inflows to Compound pools; specific clusters via Chainalysis 2025 report)

Method of Laundering:

Overcollateralized loans concealing underwater positions; flash loan oracle manipulations in forks; COMP rewards layering via ETH/USDC cycles (4+ hops); pseudonymous sanctioned borrower access bypassing U.S. KYC—directly violating BSA/CFTC rules

Source of Funds:

Sanctioned jurisdictions (Russia/Iran via OFAC lists); high-risk mixers; 35% U.S. TVL co-mingling with illicit crypto proceeds

Associated Shell Companies:

Compound Labs (protocol developers); anonymous DeFi liquidity providers with UAE/Russian nexus

PEPs or Individuals Involved:

N/A

Law Enforcement / Regulatory Action:

CFTC subpoenas to Compound Labs (Q4 2025); FinCEN mixer risk designation; SEC oracle probe; $100M U.S. pools halted; $8M whistleblower awards

Year of Occurrence:

2025

Ongoing Case:

Ongoing

AML Network Risk Rating:

🔴 High Risk