This blog offers a preview of our series, “The Road to Regulation.” Download the full Part 1 chapter here.
TL;DR
- Crypto regulation remains uneven worldwide: Only eight of the 25 major crypto jurisdictions (representing less than 20% of the market) have implemented comprehensive rules covering financial integrity, consumer protection, and market integrity. Most others are still developing their regulatory frameworks.
- Financial integrity regulation has a head start, but is far from the finish line: Eighteen jurisdictions covering 58% of the global crypto market have anti-money laundering/countering the financing of terrorism (AML/CFT) rules in place; however, the crypto ecosystem remains vulnerable until there is comprehensive global implementation.
- Consumer protection: Where established, the applications of consumer-specific safeguards diverge significantly on a country-by-country basis, given the contrasting and individual risk appetites of regulators. Sixteen of the jurisdictions (64%) have some form of consumer protection rules in place for cryptoassets, ten of which (40%) are, as it currently stands, in the form of advertising/marketing restrictions.
- Market integrity regulation lags significantly: Only nine jurisdictions (21% of market share) have clear market abuse rules for crypto, making this the most challenging policy domain due to complex financial market structures and legal uncertainties.
- Cross-border challenges ahead: As national frameworks mature, tensions will emerge between local crypto regulations and global crypto business models, requiring new international supervisory arrangements similar to those in traditional finance.
Crypto has grown from a niche experiment to a $3 trillion industry commanding global regulatory attention. As it becomes increasingly intertwined with traditional finance, governments worldwide are racing to establish frameworks that balance financial innovation with investor protection, financial stability, and national security.
The path hasn’t been straightforward, however. Crypto products and services don’t fit neatly into conventional regulatory boxes, forcing policymakers to grapple with fundamental questions: What is crypto—a payment instrument, investment product, commodity, or security? How does crypto market structure differ from traditional finance? Should guardrails come through new legislation or existing frameworks?
This first chapter of Chainalysis’ Road to Regulation series provides a bird’s-eye view of where we stand today, examining 25 jurisdictions that account for 73% of on-chain activity, to identify convergences and remaining gaps.
Tracing the terrain
The rapid adoption of crypto has pulled financial regulation along in its wake. Five years ago, policy efforts focused narrowly on financial integrity. Since then, increased adoption and proliferation of chains, projects, and use cases has led countries to consider broader guardrails covering consumer protection, market integrity, and prudential soundness. High profile failures such as Terra/Luna and FTX injected urgency to the effort.
International organizations have shepherded this process through standard-setting, education, and technical assistance, building international consensus, and driving regulatory momentum. Despite this consensus, national regulators move at different paces.
Financial integrity: No one wins until everyone passes the finish line
Financial integrity is primarily focused on preventing the use of crypto to facilitate and further illicit activities like money laundering, terrorist financing, and sanctions evasion. Governments have made significant progress establishing AML/CFT safeguards, but material gaps remain. A June 2025 FATF report found that 70% of jurisdictions were rated non-compliant or only partially compliant with R. 15.
There are several challenges underpinning these gaps, including:
- The novelty of blockchain technology and the rapid pace of industry developments, which have created steep learning curves for regulators.
- Capacity constraints, particularly among smaller regulators juggling competing financial crime priorities.
- The need to develop new structures and practices from scratch, such as secure protocols for Travel Rule implementation.
Technical implementation is just the first step. Success requires:
- Supervisors establishing effective risk-based AML frameworks, assessing licensees’ controls, and policing regulatory perimeters
- Crypto businesses understanding risks and establishing effective customer due diligence, transaction monitoring, suspicious activity reporting, and Travel Rule implementation
Consumer protection: Same direction, different paths
Consumer protection rules safeguard investors — particularly retail — from harm and unfair practices. While regulators have gravitated toward similar types of safeguards, there is considerable variation in application, because regulators have different risk appetites and views on how to balance consumer harm and market forces.
Common types of safeguards
- Clear disclosures: Crypto regulation typically mandates clear disclosures and risk warnings, similar to securities rules. For instance, MiCA requires issuers of publicly offered or traded crypto-assets to publish a whitepaper with key information and risk disclosures, holding issuers legally responsible for the content.
- Marketing restrictions: Beyond disclosure rules, some regulators have layered on additional marketing restrictions. On the restrictive end of the spectrum is Singapore, which prohibits crypto firms from directly advertising to the general public.
- Knowledge and suitability assessments: Jurisdictions like the UK, UAE, Hong Kong, and Singapore require firms to assess customer understanding of crypto risks. Hong Kong and Singapore also require firms to evaluate customer risk tolerance, with Hong Kong further mandating exposure limits for each individual customer.
- Product and service restrictions: Some regulators have limited the range of offerings to retail investors. Singapore disallows credit purchases of crypto assets, and the UK is contemplating similar restrictions. A few regulators restrict firms to specific whitelisted assets, while most others have placed the obligation on crypto firms to have clear token due diligence frameworks.
- Custody requirements: Emerging frameworks commonly require that customer assets be segregated from corporate assets and held in a bankruptcy-remote manner, employing appropriate storage technology. Some regulators, particularly in APAC, have set explicit cold wallet thresholds and insurance requirements.
Market integrity: A long road ahead
Market integrity centers on fairness and transparency so that prices reflect genuine supply and demand. Crypto markets developed largely without these rules, likely contributing to a greater prevalence of unfair trading practices. Chainalysis research finds suspected wash trading may account for up to $2.6 billion in volume, while 8.5% of DEX-listed tokens displayed pump-and-dump patterns.
Implementation challenges
In November 2023, IOSCO recommended extending market integrity regulation to crypto markets, but national implementation has been slow, given several challenges unique to crypto:
- In some cases, the legal status of crypto assets can create challenges. In the United States, whether a crypto asset is a security or commodity has a bearing on what rules apply, although enforcement agencies have successfully prosecuted offenders on wire fraud charges.
- In other cases, market structure and practices in crypto markets can create legal complexities — for instance, defining insider trading rules for projects with decentralized governance, where major project developments with potential price impact are voted on publicly.
- A more practical issue is market surveillance and enforcement actions. Crypto markets differ from traditional equities in ways that complicate the detection of misconduct. Trading is spread across centralized and decentralized venues, requiring both on- and off-chain data for monitoring and investigation. The cross-listing of assets across different platforms creates new channels for misconduct. Additionally, real-time monitoring of high transaction volumes can create engineering demands, and the volatile nature of crypto trading can make it harder to reliably distinguish between speculation and manipulation.
Looking Ahead
To date, crypto regulation has focused largely on centralized entities, such as cryptocurrency exchanges, brokers, and custodians. As the primary gateways to and from the ecosystem, they operate similarly to traditional financial institutions, and can be regulated in similar ways.
As risks migrate, regulatory attention may shift to other business models: decentralized finance (DeFi) operators, gaming companies, and Web3 ecosystem parts where financial and non-financial service lines blur.
As more and more frameworks are implemented in response to this migration of risk, frictions will increasingly emerge between national rules and international business models that have global user bases, orderbooks, and liquidity pools.
The next installment of this series will focus on the stablecoin market, their use cases, the evolving state of regulation, and where on-chain data should play a role for issuers and regulators as we seek to build trust in blockchains.
How Chainalysis can help
Crypto continues to gain global traction as an investment asset and medium of exchange. Unlocking its full potential requires strong consumer protections and compliance standards comparable to those for fiat currency.
As crypto regulation evolves, stakeholders – from regulators to financial institutions to crypto-native platforms – need timely, actionable insights to navigate the changing landscape. Chainalysis sits at the intersection of blockchain data and regulatory expertise, supporting the growth of resilient markets. Through our crypto compliance solutions, services, training and research, we help public and private sector leaders make informed decisions and meet emerging regulatory demands.
This website contains links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.
This material is for informational purposes only, and is not intended to provide legal, tax, financial, or investment advice. Recipients should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with Recipient’s use of this material.
Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in this report and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material.