RUSI: North Korea and Iran Are Deploying AI Agents for Sanctions Evasion

The Royal United Services Institute warned this week that adversarial states have moved from "AI-assisted" to "AI-enabled" sanctions evasion — using autonomous AI agents to forge documents, launder cryptocurrency, and operate shell company networks at a scale that traditional compliance systems can't catch. The report names North Korea and Iran as the most active users and calls for a fundamental overhaul of how banks, cloud providers, and governments detect financial crime.

The findings landed in a RUSI commentary titled "Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing," and they've been amplified across security press over the past 48 hours. The report's framing — that the threat has shifted from a future risk to a current operational reality — has prompted rapid reactions from compliance leaders and policy officials.

What the report documents

RUSI's analysts describe four categories of AI-enabled evasion already in active use.

Document forgery at scale: generative AI systems are producing fake passports, bank statements, vessel registrations, invoices, and corporate records with enough contextual accuracy to pass traditional compliance checks. The report calls this "mass-production of high-quality fraudulent documents" — what used to take a forger weeks now takes minutes.

Cryptocurrency laundering with adaptive routing: AI-powered systems analyze blockchain patterns in real time and dynamically adjust mixing strategies to stay ahead of detection tools. The same automated reasoning that helps a legitimate trader optimize routes through liquidity pools is being repurposed to defeat anti-money-laundering analytics from firms like Chainalysis and TRM Labs.

Shell company management at industrial scale: AI agents handle the administrative work of managing extensive shell company networks — filing paperwork, responding to regulators, maintaining cover stories, and rotating signatories. What used to require human operators in many jurisdictions can now be coordinated by a small team using AI to scale.

Synthetic identities for IT worker operations: RUSI highlights North Korea's growing use of AI-enhanced deception in its overseas IT worker schemes, where DPRK operatives pose as remote software engineers to channel salaries back to Pyongyang. Deepfake video and voice now let a single operator manage multiple cover identities simultaneously.

Why this matters

The shift from AI-assisted to AI-enabled is the headline. Assisted means a human evader using AI as a tool. Enabled means autonomous AI agents executing entire workflows — generating documents, routing payments, responding to compliance inquiries — with limited human input. That changes the economics. A sanctions regime designed to make evasion expensive starts to fail when the cost of running an evasion operation collapses.

For sanctioning governments, the implication is that existing frameworks are now structurally outpaced. KYC (know-your-customer) protocols built around document review assume forgeries are hard. AML (anti-money-laundering) tools built around statistical pattern detection assume launderers can't react in real time. Both assumptions are weakening.

For banks, the immediate risk is compliance failure on transactions they processed in good faith based on documents that look real but aren't. The report notes that several major banks have already flagged increased false negatives in their KYC checks — meaning fraud that passes through detection systems undetected.

Proposed solutions

RUSI calls for a coordinated overhaul. The recommendations include clearer rules allowing banks to use AI-powered counter-proliferation tools without running afoul of privacy and anti-discrimination laws. Most banks currently can't deploy the most aggressive AI defenses because of regulatory uncertainty around adverse impact and explainability.

The report also calls for updated KYC systems capable of spotting deepfakes and synthetic identities — including liveness checks beyond what biometric vendors currently offer.

The most novel proposal is "compute-KYC": new obligations forcing cloud providers and AI infrastructure operators to monitor who's renting GPU capacity for what purposes. The idea borrows from existing financial KYC: if a customer requests massive compute resources to run inference on what looks like an identity-generation pipeline, the cloud provider should have to ask questions. Implementing compute-KYC would create the AI infrastructure equivalent of the Bank Secrecy Act.

Industry impact

Expect three near-term effects. First, compliance software vendors will accelerate AI-defensive products. Companies like Quantexa, ComplyAdvantage, and Sardine already sell adaptive AML tools; expect funding rounds and acquisitions in this category over the next quarter.

Second, cloud providers will face questions about whether they're hosting sanctioned activity. AWS, Microsoft Azure, and Google Cloud all have export controls on their AI services, but enforcement is uneven. The compute-KYC framing gives regulators a clearer ask.

Third, frontier AI labs — OpenAI, Anthropic, Google DeepMind — will face renewed pressure on how their APIs are accessed and what guardrails apply to document-generation use cases. Both OpenAI and Anthropic have published acceptable use policies that prohibit fraud, but enforcement against sanctioned-state actors using stolen credit cards or shell front companies is hard.

Expert reactions

The Register described the report as "the clearest documentation yet that AI is already industrializing financial crime." CSO Online positioned it as a new headache for IT governance leaders, who must defend against threats their compliance teams don't yet have tools for. The compute-KYC proposal drew the most attention as the most consequential — and controversial — piece, since it would expand AI infrastructure regulation significantly.

What's next

Watch for three follow-ons. First, whether U.S. Treasury OFAC or the UK's OFSI issue updated guidance on AI-generated documentation. Second, whether major cloud providers preemptively announce compute-KYC-style policies. Third, whether the FATF — the global AML standard-setter — incorporates AI-specific recommendations into its next plenary update.

Bottom line

The cost of running a sophisticated sanctions-evasion operation has collapsed because AI agents now do the labor. RUSI is telling governments, banks, and cloud providers that the existing defenses were built for a slower threat. The report's policy recommendations — especially compute-KYC — point toward a meaningful expansion of how AI infrastructure gets regulated. If you work in compliance, financial crime, or cloud governance, expect this report to be cited in every internal threat briefing for the next six months.