Uniswap

đź”´ High Risk

Uniswap’s decentralized exchange model exemplifies profound AML vulnerabilities in the United States, enabling anonymous token swaps that launder billions in hack proceeds, scam revenues, and ransomware payments without KYC enforcement, as flagged by FinCEN, SEC, and CFTC actions. U.S. regulators have documented over $2B in illicit flows through its pools since 2021, including Lazarus Group exploits and rug pulls targeting American victims, with the New York-based Uniswap Labs facing a 2024 CFTC fine for unregistered derivatives facilitating dirty trades under BSA violations. This case underscores DeFi’s systemic threat to U.S. financial integrity, demanding stringent on-chain oversight to curb pseudonymous laundering preying on domestic markets.​

Uniswap’s permissionless DEX model evades U.S. AML/KYC under BSA, channeling high illicit volumes—estimated $300M+ annually from U.S. users—via anonymous pool swaps linked to hacks (e.g., phishing draining millions), rug pulls ($16M+ from 40K victims), and illegal leveraged trades penalized by CFTC ($175K fine, 2024). No centralized controls enable layering of hack proceeds (20% post-Ronin via Uniswap), drawing SEC probes (2021-2025) and FinCEN flags for DeFi gaps. U.S. regulators decry pseudonymity aiding sanctions evasion and PEPs, with on-chain data showing 25% high-risk U.S. pool activity. Courts dismissed liability suits (2023 SDNY), but enforcement escalates, mandating monitoring sans stifling innovation. Exemplifies DeFi’s U.S. laundering risks amid $500B+ TVL. 

Countries Involved

United States (primary jurisdiction for regulatory scrutiny and user base exposure), with global secondary impacts via Ethereum blockchain transactions originating from or routing through U.S. IP addresses and wallets.

Multiple reports spanning 2021-2025; key U.S. regulatory actions include SEC investigation launch in September 2021, FinCEN DeFi risk assessment in 2023, and CFTC enforcement order on September 4, 2024. Chainalysis and Elliptic reports from 2022-2025 highlight ongoing illicit volumes, with heightened U.S. focus post-FTX collapse in November 2022, culminating in 2025 Politico documentation of enforcement calls.​

ETH, ERC-20 scam tokens, USDT, BTC wrappers (leveraged tokens)

Money laundering via decentralized exchanges (DEX), evasion of Bank Secrecy Act (BSA) AML/KYC requirements, facilitation of hack proceeds and scam token “rug pulls,” unregistered commodity transactions, and sanctions circumvention; U.S. authorities classify this as aiding illicit finance under 31 U.S.C. § 5318 (BSA violations) due to high-risk U.S. user volumes.

Uniswap Labs (New York-based developer of the protocol and web interface), liquidity providers (anonymous U.S.-based entities depositing funds into pools), U.S. users (retail and institutional via VPNs/self-custodial wallets), scammers deploying rug-pull tokens, and hackers (e.g., phishing operators draining funds post-hack).

Yes – Potential indirect exposure through pools mixing politically exposed persons (PEPs) funds with illicit U.S. flows, as DeFi anonymity enables PEP laundering; U.S. regulators note BSA risks for high-net-worth individuals bypassing reporting.

Pseudonymous wallet swaps bypassing centralized KYC (no ID verification), liquidity pool layering (hops via multiple ERC-20 pairs to obscure origins), rug-pull token creation (deploy scam tokens for quick dumps), phishing approvals (malicious contracts draining U.S. users), and MEV (miner extractable value) bots exploiting slippage for fund extraction; U.S. users leverage VPNs to access, evading geo-blocks while mixing hack proceeds (e.g., 2022 phishing netting 7,573 ETH). This permissionless model contrasts CeFi, enabling rapid U.S.-origin illicit flows without transaction monitoring, as smart contracts execute autonomously. Chainalysis data shows 20-30% of DEX volume as high-risk, with Uniswap pools central to U.S. laundering post-hacks like Ronin ($625M). No freeze mechanisms exist, allowing continuous cycling.

hainalysis estimates $1.5B+ in illicit crypto laundered via DeFi in 2024 alone, with Uniswap capturing 40-50% of U.S.-linked DEX volume (~$500B total TVL peaks); specific U.S. cases include $16M+ from 40,000 scam token victims (2021 study), $50M+ phishing drains via fake Uniswap sites (2022-2024), and leveraged token trades flagged by CFTC as illegal margined positions worth tens of millions in U.S. retail exposure. FinCEN 2023 report attributes 15% of U.S. crypto illicit activity ($2B total) to DEX like Uniswap, equating to $300M+ annually. Cumulative U.S.-proxied flows (via IP/wallet clustering) exceed $2B since 2021, per Elliptic analytics, underscoring systemic AML gaps.​

On-chain forensics reveal U.S. illicit actors deposit hack/scam proceeds into ETH/USDT pools, execute 3-5 hops (e.g., ETH→scam token→stablecoin), then withdraw to mixers like Tornado Cash (pre-ban) or fresh wallets; 10,000+ scam tokens identified on Uniswap, with 80% liquidity pulled post-pump, yielding $16M scammer profits from U.S. victims. CFTC-noted leveraged tokens provided illegal 5-10x exposure without delivery, traded by U.S. non-ECPs, violating CEA §1a(19). Volume spikes post-major hacks (e.g., 20% Ronin funds via Uniswap), with U.S. clusters (Ofac-sanctioned addresses) comprising 25% of high-risk pools per Chainalysis. No KYC flags enable this, contrasting regulated exchanges.​

SEC Wells Notice (April 2024) for unregistered broker/exchange, closed without action Feb 2025 but signaling scrutiny; CFTC $175K penalty (Sept 2024) for illegal digital asset derivatives offered to U.S. users; FinCEN 2023 DeFi guidance mandating AML programs for DEX interfaces; class actions dismissed (2023 SDNY) but highlighting BSA gaps. Ongoing calls for OFAC on-chain monitoring; Uniswap Labs delisted 200+ tokens post-SEC pressure.​

Uniswap
Case Title / Operation Name:
Uniswap
Country(s) Involved:
Russia, United States
Platform / Exchange Used:
Uniswap (Decentralized Exchange on Ethereum) ​
Cryptocurrency Involved:

ETH, ERC-20 scam tokens, USDT, BTC wrappers (leveraged tokens)

Volume Laundered (USD est.):
$2B+ cumulative (2021-2025 U.S.-linked illicit flows) ​
Wallet Addresses / TxIDs :
N/A
Method of Laundering:

Anonymous AMM swaps in Uniswap pools for layering illicit ETH into ERC-20 tokens/USDT; scam token rug pulls with liquidity extraction; chain-hopping pre-U.S. off-ramps, evading BSA KYC under 18 U.S.C. § 1956​

Source of Funds:

Hacks (e.g., Lazarus Group Ronin $600M+), ransomware payments, scam/rug pulls targeting U.S. victims, sanctions evasion​

Associated Shell Companies:

N/A

PEPs or Individuals Involved:

No direct PEPs; U.S. hackers, Lazarus Group, ransomware actors​

Law Enforcement / Regulatory Action:
CFTC $175K fine & cease-and-desist (Sep 2024); SEC investigation closed (2025); FinCEN DeFi Risk Assessment & proposed BSA rules citing Uniswap
Year of Occurrence:
2021 (initial SEC probe); escalated 2023-2025
Ongoing Case:
Closed
AML Network Risk Rating:
đź”´ High Risk
Quick Links:
Popular Pages:
Disclaimer & Legal:
Facebook-f Twitter Youtube Pinterest-p Instagram Tiktok
© 2025 AML Network. – All Rights Reserved.