%20-%20C.png){kind=small}
FinCEN Targets Cambodia-Based Huione Group Over Cyber Heists & Money Laundering
- OpusDatum
- May 1
- 2 min read
US Treasury Proposes Action to Cut Off $4 Billion Money Laundering Operation Linked to DPRK and Southeast Asian Criminal Syndicates
In a landmark move to combat international cyber fraud and digital asset abuse, the US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has designated Cambodia-based Huione Group as a financial institution of primary money laundering concern. The decision, made under Section 311 of the USA PATRIOT Act, follows the group's role in laundering billions in illicit funds from DPRK-backed cyber heists and transnational cryptocurrency scams, including the notorious pig butchering investment cons.
FinCEN’s notice of proposed rulemaking (NPRM) aims to ban US financial institutions from opening or maintaining correspondent or payable-through accounts for or on behalf of Huione Group. The objective is clear: to isolate the conglomerate from the US financial system and cut off a critical laundering route for cybercriminal networks operating across Asia.
Key Findings: A Complex Criminal Financial Network
Between August 2021 and January 2025, Huione Group is reported to have laundered over $4 billion in illicit proceeds. This includes:
$37 million linked to cyber heists attributed to North Korea
$36 million derived from cryptocurrency investment scams
$300 million from other cyber scam operations
Huione Group operates a web of companies that play integral roles in its laundering operations, including:
Huione Pay PLC – a fiat and crypto payment service
Huione Crypto – a virtual asset service provider
Haowang Guarantee – a black-market platform offering scam-enabling services and goods
The firm’s stablecoin development, payment infrastructure, and marketplace capabilities have made it a “go-to hub” for cybercriminals. FinCEN highlights the lack of effective AML/KYC policies across the group as a significant enabler of its laundering activities.
US Treasury: Cracking Down on Global Cybercrime
Scott Bessent, Secretary of the Treasury, stated:
Huione Group has established itself as the marketplace of choice for malicious cyber actors like the DPRK and criminal syndicates, who have stolen billions of dollars from everyday Americans. Today’s proposed action will sever Huione Group’s access to correspondent banking, degrading these groups’ ability to launder their ill-gotten gains.
The move signals a robust step in the US Treasury’s ongoing strategy to disrupt cyber-enabled financial crime, particularly the monetisation of convertible virtual currencies (CVCs) by hostile state actors and transnational criminal organisations (TCOs).
Implications for the Financial Sector & AML Practitioners
FinCEN’s action is a stark reminder of the increasing abuse of virtual assets by rogue actors and the urgent need for rigorous AML compliance in digital finance. It also underlines the vulnerabilities of payment platforms and crypto services operating in jurisdictions with weak regulatory oversight.
Financial institutions globally are advised to conduct enhanced due diligence on any counterparties with exposure to Huione Group or similar entities. This proposed rule will likely influence future global AML/CFT regulations, particularly those involving cryptoasset service providers and digital payment firms operating without sufficient KYC protocols.
Read the press release here.
