A new report from the Royal United Services Institute sets out in concrete terms how AI tools are being used by North Korea, Iran and criminal networks to bypass sanctions and finance weapons proliferation — and why the regulatory architecture built to stop them is structurally unprepared for what's coming.
North Korea's Lazarus Group pulled off the largest cryptocurrency heist on record in March 2025, taking $1.5 billion. A business consultancy cited in the report estimates that generative AI could enable fraud losses in the United States alone to reach $40 billion by 2027. These figures open "Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing," a RUSI report published today by Dr Aaron Arnold, and they are not the most alarming numbers in it.
The report documents how generative AI can now produce entire networks of shell companies on demand — with AI-generated directors, nominee shareholders, and layered cross-border ownership structures that the report says "could easily overwhelm traditional investigative methods." The same technology can manufacture convincing fake identity passports, shipping records, and financial statements, and is already being used to fool bank customer identification processes.
AI has the potential to radically increase the scale of proliferation financing activities, like sanctions evasion, to levels that overwhelm current proliferation financing and sanctions evasion detection and enforcement capabilities.
Financial institutions' existing defences are not keeping up. The report states bluntly that "static biometric checks such as a selfie or voice print are no longer sufficient proof of identity against AI-enabled adversaries." AI-powered systems are being used in parallel to adjust cryptocurrency strategies in real time, evading blockchain analysis tools by adapting faster than the tools can update.
The cloud computing layer gets specific attention. Because the AI systems enabling this criminal evolution run on rented infrastructure from major providers, the report recommends extending sanctions into the cloud and requiring those providers to implement compute-level Know-Your-Customer checks — a recommendation that will land awkwardly in procurement conversations across the major hyperscalers.
Three further structural problems underpin the analysis. The governance landscape is fragmented: proliferation financing networks operate globally, while the regulatory frameworks designed to contain them are strictly national. Meanwhile, the Financial Action Task Force's current recommendations predate autonomous AI agents, and identity verification methods haven't been updated to reflect that AI can now defeat them systematically.
Dr Arnold, a Senior Associate Fellow with RUSI's Centre for Finance and Security and a former UN sanctions expert on North Korea, describes the threat as "not merely an incremental evolution, but a fundamental change which threatens to overwhelm current sanctions implementation practices." The recommended response includes removing red tape on AI-driven counter-proliferation tools, updating FATF guidance, and mandating cross-border data collaboration — all of which require political will that moves on a different schedule to the threat.
