Earlier this month, Taiwanese prosecutors indicted 35 individuals in a sprawling, $1 billion money laundering operation tied to online gambling. But the most important part of the case wasn’t the gambling. It was the infrastructure behind it.
The laundering didn’t rely on crypto mixers or sophisticated channels. It wasn’t some dark web scheme patched together by cybercriminals. It was built on fast, lightly governed payment platforms; custom processors that handled deposits and withdrawals with enough scale and sophistication to move illicit capital across borders, undetected, for nearly four years.
That detail should give U.S. policymakers pause. Because if a billion-dollar laundering operation can operat…
Earlier this month, Taiwanese prosecutors indicted 35 individuals in a sprawling, $1 billion money laundering operation tied to online gambling. But the most important part of the case wasn’t the gambling. It was the infrastructure behind it.
The laundering didn’t rely on crypto mixers or sophisticated channels. It wasn’t some dark web scheme patched together by cybercriminals. It was built on fast, lightly governed payment platforms; custom processors that handled deposits and withdrawals with enough scale and sophistication to move illicit capital across borders, undetected, for nearly four years.
That detail should give U.S. policymakers pause. Because if a billion-dollar laundering operation can operate quietly through bespoke payment rails in Taiwan, what makes us think it isn’t already happening here?
The Taiwan case is a warning, but not just about enforcement gaps in East Asia. It is a preview of what happens when the pace of financial innovation decisively outruns the safeguards meant to constrain it. And in the U.S. fintech sector, particularly in paytech and iGaming, that gap is widening by the day.
Fintech platforms aren’t just tech companies anymore. They are financial infrastructure. They move capital. They enable transactions. They connect users across jurisdictions. But they still operate, in many cases, without regulatory obligations even remotely comparable to those imposed on banks. The guardrails are thinner, the oversight fragmented and the accountability often ambiguous. It is a dangerous combination.
In Taiwan, the group responsible for the laundering built two payment platforms, HeroPay and MatchPay, to serve as intermediaries for illegal gambling traffic. By routing funds through their own processors, they were able to mask source and destination, sidestep traditional detection systems and scale to nearly a billion dollars in illicit volume. When they eventually launched their own gambling portal, they didn’t need to find a bank to work with. They already had the rails.
It is tempting to view that as a Taiwan-specific problem. But the underlying risk is universal: When transaction velocity exceeds governance, it creates blind spots. And blind spots in financial infrastructure don’t remain empty — they are filled by whoever moves fastest.
Here in the U.S., we have embraced financial technology as a catalyst for inclusion, convenience and competition. And in many ways, it has delivered. Americans now move trillions annually through digital payment apps, embedded finance platforms and fintech-enabled lending services. But in that surge of innovation, we’ve also introduced an entirely new category of exposure: systemic financial infrastructure operated by firms that were never built to carry systemic risk.
That’s not a criticism of the industry. It’s a challenge to the assumption that scaling faster than regulators can respond is a feature, not a flaw.
No one in Washington would argue that a commercial bank moving $1 billion through an internal transfer system should avoid scrutiny. But if the same pattern occurs inside a payment app? Or a consumer-facing gaming platform? The standards become hazier. And that ambiguity creates arbitrage.
It’s already happening. In just the last year, U.S. enforcement agencies have charged fintech executives with laundering illicit funds, more often through structural negligence. In one case, a U.S.-based company allegedly helped Russian individuals bypass sanctions using payment intermediaries. These are registered companies moving money faster than regulators can keep up.
The problem isn’t intent. It’s inertia. Many fintechs operate with good-faith compliance programs, solid tooling and growing teams. But the underlying business model still depends on scale, frictionless onboarding and automated flows. And the largest financial crime risks — sanctions evasion, terrorist financing, jurisdictional exploitation — rarely trigger red flags until it’s too late.
This is not an argument for stopping innovation. It’s an argument for aligning it with the level of responsibility it now carries. Payments are no longer a backend service. They’re a geopolitical vulnerability.
What happened in Taiwan wasn’t an outlier. It was what happens when systems that move real money evolve faster than the systems meant to monitor them. There is no shortage of ways to address that — smarter regulation, tighter oversight of third-party processors, real-time coordination between enforcement agencies and digital-native platforms. But the first step is simpler: We have to acknowledge that the threat is already here.
This is not the next generation of financial crime risk. This is the present generation, hiding in plain sight. And the longer we treat fintech platforms as tools instead of infrastructure, the more likely we are to see Taiwan’s billion dollar laundering operation not as a cautionary tale, but as a blueprint.
*Brett Erickson is managing principal at Obsidian Risk Advisors, an advisory board member at DePaul University Driehaus College of Business, Seton Hall School of Diplomacy and International Relations and Loyola University Chicago School of Law’s Center for Compliance Studies. *
Copyright 2026 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.