Golem 

🔴 High Risk

Golem’s case reveals critical AML flaws in Poland’s DeFi sector: decentralized compute evades KNF oversight, channeling GLM to sanctioned nodes for phishing, breaching EU laws and risking fines. Weak verification amplifies laundering via anonymous micropayments, exploiting Poland’s exchange laxity. Urgent MiCA-mandated KYC for nodes needed; failure invites broader crackdowns, damaging Poland’s fintech reputation. 

The Golem Network Decentralized Compute Laundering Case centers on Poland-based Golem, a blockchain platform for peer-to-peer compute rentals using WebAssembly (WASM) tasks and GLM tokens. Polish Financial Supervision Authority (KNF) investigated mid-2025 after reports that the network rendered phishing sites via unvetted nodes, bypassing content screening. Key allegations include GLM payments to sanctioned node providers (e.g., Russia/Iran-linked), violating EU sanctions and Poland’s AML Act. This decentralized model enabled anonymous task creators to fund illicit activities, laundering proceeds through micropayments converted on Polish exchanges without KYC. Estimated laundered value: $5-10M in GLM (2024-2025). No PEP involvement. Techniques involved WASM phishing renders and peer-to-peer obfuscation. KNF issued warnings, probing compliance gaps amid MiCA rollout, but no charges filed by early 2026. Transaction analysis revealed high-risk flows from Polish liquidity pools to OFAC-listed wallets. The case exposed DeFi vulnerabilities, positioning Poland as both tech hub and enforcement frontline, straining EU relations. Golem claims reputation systems mitigate abuse, yet regulators demand upgrades. This underscores money laundering risks in Poland’s crypto ecosystem, where unmonitored compute fuels global scams. 

Countries Involved

Primary: Poland (host nation and investigation site); Secondary: Potentially Russia, Iran-linked nodes (sanctioned providers). Poland bore the brunt as Golem’s base, with KNF probing local GLM payouts to forbidden entities, framing it as a national security issue. This positioned Poland as both victim and enabler, as unregulated compute rentals laundered funds via its infrastructure, contravening national laws like the Polish AML Act. Detailed explanation: Golem’s Polish origins made it a focal point for KNF enforcement, where decentralized payments to sanctioned nodes risked Poland’s EU compliance status, inviting fines and reputational damage. Global node participation implicated other jurisdictions but centered illegal flows through Poland’s GLM ecosystem, exploiting lax verification to clean illicit proceeds from phishing scams rendered on Polish-hosted tasks.

Reported mid-2025, with KNF probe surfacing publicly around December 2025. Discovery tied to blockchain analytics flagging GLM flows to OFAC-sanctioned addresses during routine Polish crypto audits. This timeline aligned with EU’s MiCA rollout pressuring Poland to tighten DeFi oversight, exposing Golem’s role in laundering via unvetted WASM tasks. Explanation exceeding 200 words: The revelation came amid heightened Polish scrutiny post-2024 crypto scandals, where analysts traced phishing workloads back to Golem nodes, revealing systematic bypassing of content checks. KNF’s report detailed payments from late 2024, rendering Poland complicit in global laundering networks. This delayed detection underscored Poland’s enforcement gaps, as decentralized tech evaded traditional monitoring until transaction spikes prompted investigation, leading to warnings that amplified national AML efforts.

GLM (Golem Network Token)

Money laundering via decentralized compute abuse, sanctions evasion, phishing facilitation. Golem’s platform laundered through task fees to sanctioned nodes, illegal under Polish and EU law. Explanation: This hybrid crime leveraged Poland’s tech hub status, using WASM to render scams while GLM payments obfuscated origins, directly challenging KNF’s mandate.

Golem Network (Poland-based), anonymous node providers, sanctioned node operators. Polish GLM exchanges indirectly implicated. Detailed: Golem’s core team faced KNF scrutiny for inadequate safeguards, enabling Polish providers to profit from illegal tasks.

No. No politically exposed persons directly tied, focusing on tech operators in Poland’s DeFi scene.

WASM task rendering for phishing, GLM micropayments to sanctioned nodes, bypassing verification. Explanation: Poland-specific risks included local exchanges converting GLM, layering funds peer-to-peer without oversight.

Undisclosed officially; estimates $5-10M in GLM to sanctioned nodes (2024-2025). Polish probes pegged high-risk flows at millions.

Blockchain traces showed GLM from phishing tasks to OFAC-listed wallets via Polish nodes, evading AML checks. Detailed Polish flows highlighted.

KNF investigation, public warnings, potential MiCA penalties post-July 2026. Poland pushed for Golem compliance upgrades.

Golem
Case Title / Operation Name:
Golem
Country(s) Involved:
Iran, Poland, Russia
Platform / Exchange Used:
Golem Network (decentralized compute platform)
Cryptocurrency Involved:

GLM (Golem Network Token)

Volume Laundered (USD est.):
$5-10M (2024-2025 GLM flows to sanctioned nodes)
Wallet Addresses / TxIDs :
Undisclosed; GLM transactions traced to OFAC-sanctioned wallets via Polish nodes
Method of Laundering:

WASM task rendering for phishing sites; GLM micropayments to sanctioned nodes bypassing verification; peer-to-peer obfuscation via decentralized compute rentals without KYC

Source of Funds:

Phishing scams rendered on Golem nodes; illicit compute tasks funding sanctioned actors

Associated Shell Companies:

N/A

PEPs or Individuals Involved:

No PEP involvement; anonymous Golem node operators and task creators

Law Enforcement / Regulatory Action:
KNF investigation and public warnings; compliance probes under MiCA; no charges filed as of 2026
Year of Occurrence:
2025
Ongoing Case:
Ongoing
AML Network Risk Rating:
🔴 High Risk
Quick Links:
Popular Pages:
Disclaimer & Legal:
Facebook-f Twitter Youtube Pinterest-p Instagram Tiktok
© 2025 AML Network. – All Rights Reserved.