Binance said it had robust compliance programs. The Department of Justice said it had been processing transactions for Hamas, ISIS, al-Qaeda, and Palestinian Islamic Jihad. Treasury Secretary Janet Yellen said Binance's "wilful failures allowed money to flow to terrorists, cybercriminals, and child abusers." Binance pled guilty to everything. The fine was $4.3 billion -- the largest financial enforcement action in American history. "Robust compliance" that let terrorist organizations move money for years. That is not a compliance failure. That is a business model. Binance's CEO pleaded guilty to enabling money laundering. He walked into federal prison as the richest inmate in American history -- worth $43 billion. Prosecutors wanted three years. He got four months. Then President Trump pardoned him entirely. The Wall Street Journal had reported just two months earlier that the Trump family's crypto venture was "quietly administered by Binance." The man who admitted to enabling money laundering for terrorists got a presidential pardon from a president whose family had a business relationship with his company. That is how accountability works when you're worth $43 billion.
What they claim: Binance claims it works to prevent its platform from being used to finance terrorism and cooperates with law enforcement.
What we found: In November 2025, more than 300 victims and family members of the October 7, 2023, Hamas attack on Israel sued Binance under the Anti-Terrorism Act. The lawsuit alleges Binance "knowingly facilitated" more than $1 billion in transactions by Hamas, Hezbollah, and other designated foreign terrorist organizations. Hamas-linked crypto wallets received approximately $41 million between 2020 and 2023. Palestinian Islamic Jihad received as much as $93 million over a similar period. DOJ confirmed Qassam Brigades had been using Binance since at least 2019 -- four years before the October 7 attack.
What they claim: Binance privacy policy states it protects user data and only shares information as required by law in the jurisdictions where it operates.
What we found: Reuters investigation (April 2022): Binance turned over client data to the Russian government to track Bitcoin donations linked to opposition leader Alexei Navalny. Russia's financial intelligence unit Rosfinmonitoring requested data from Binance's regional head Gleb Kostarev in April 2021. Kostarev told an associate that Binance "didn't have much of a choice" and couldn't "make a fuss" if it wanted to keep operating in Russia. Russian peer-to-peer trades on Binance averaged $428 million per month, per the Wall Street Journal citing Russian Central Bank data.
What they claim: Binance positions itself as the world's leading cryptocurrency exchange, a trusted global financial platform.
What we found: Binance has historically argued it operates outside any single jurisdiction and is not subject to traditional financial regulation. The company registered in the Cayman Islands, headquartered variously in Malta, Singapore, and Dubai -- moving whenever regulators closed in. CZ told staff in internal communications that Binance should operate in a "gray area" regarding regulation. When the DOJ caught up, Binance suddenly became cooperative -- but only after years of deliberately structuring itself to evade every regulator on earth. The three-year compliance monitorship imposed by the DOJ suggests the government doesn't trust Binance to regulate itself.
What they claim: Binance claims to maintain robust compliance programs and to work closely with law enforcement to prevent illicit use of its platform.
What we found: DOJ settlement (November 2023): Binance pled guilty to conspiracy to violate the Bank Secrecy Act, operating an unlicensed money services business, and willful violation of IEEPA. Binance failed to report transactions associated with Hamas's Al-Qassam Brigades, Palestinian Islamic Jihad, Al Qaeda, and ISIS. Treasury Secretary Janet Yellen: "Binance turned a blind eye to its legal obligations in the pursuit of profit. Its wilful failures allowed money to flow to terrorists, cybercriminals, and child abusers." Total penalty: $4.316 billion -- the largest enforcement action in Treasury Department history.
What they claim: Binance states its KYC protocols "rival those in the traditional banking system" and that user identity data is securely stored.
What we found: In August 2019, an attacker leaked hundreds of photos of Binance users holding their identity documents -- passports and national IDs from France, Turkey, the US, Japan, Russia, and other countries. A Telegram group attracted over 10,000 people viewing the leaked documents. CoinDesk verified the images: multiple users confirmed the photos were their actual KYC submissions. Up to 60,000 users were affected. The attacker demanded 300 BTC (~$3.5 million); Binance refused. Binance blamed a "third-party vendor." Binance's compensation: a "lifetime VIP membership" for users whose passport photos were now public on Telegram.
What they claim: Binance claims to employ "industry-leading security practices" and advanced protection for user accounts.
What we found: In early 2025, a massive data breach exposed login credentials for 149 million user accounts across major platforms, including 420,000 Binance accounts. Cybersecurity researcher Jeremiah Fowler discovered the database was publicly accessible on the internet with no password protection or encryption. Separately, in May 2019, hackers stole $40 million in Bitcoin directly from Binance. In February 2026, Fortune reported that Binance fired five compliance investigators after they identified $1 billion in Iran-linked transactions between March 2024 and August 2025 -- firing the people who found the problem rather than fixing it.
What they claim: Binance markets itself as a trustworthy, transparent platform led by principled leadership committed to the crypto community.
What we found: CEO Changpeng Zhao (CZ) pleaded guilty to anti-money laundering violations, was sentenced to 4 months in prison (prosecutors sought 3 years), paid a $50 million personal fine, and entered federal prison in April 2024 as the richest inmate in American history (~$43 billion net worth). He was released in September 2024. In October 2025, President Trump pardoned CZ. The Wall Street Journal had reported two months earlier that the Trump family's own crypto venture was "quietly administered by Binance." Senators wrote to DOJ and Treasury opposing the pardon.
What they claim: Binance marketed itself as a legitimate, regulated financial platform compliant with applicable laws.
What we found: In addition to the $4.3 billion DOJ settlement, the CFTC imposed a separate $2.7 billion fine for operating an unregistered derivatives exchange. Total regulatory penalties across all agencies exceeded $7 billion. Binance operated without proper licenses in multiple jurisdictions simultaneously. Binance.US, the supposed compliant American arm, was sued by the SEC in June 2023, lost most banking partners, suspended USD deposits and withdrawals, and saw trading volumes collapse by over 95%. The "regulated" platform was so unregulated that every major U.S. financial regulator took enforcement action against it.