The U.S. Treasury has moved from treating crypto mixers mainly as a sanctions problem to treating them as a policy design problem: privacy tools can have lawful uses, but only within a framework that preserves investigatory access and anti-money-laundering controls. That is the useful signal here, and it is narrower than a blanket pro-privacy reading.
What changed in Treasury’s position
Treasury’s recent report to Congress explicitly recognizes that mixers can protect legitimate personal, business, and charitable transactions on public blockchains. That matters because public ledgers expose counterparties, balances, and payment patterns in ways many users and institutions do not accept in ordinary finance. The report therefore marks a real shift from the earlier posture associated with actions such as the 2022 sanctions tied to Tornado Cash.
But the change is calibrated, not ideological. Treasury is not endorsing anonymous crypto systems that sit outside oversight. It is saying that financial privacy can be legitimate if the surrounding structure allows compliance, record access where required, and intervention when funds are tied to crime.
Why Treasury is drawing the line this way
The report arrives against a clear enforcement backdrop. Between January 2024 and September 2025, North Korean-linked hackers stole about $2.8 billion in crypto, with mixers and cross-chain bridges playing a major role in laundering flows. That figure explains why Treasury is not moving toward permissive treatment of privacy infrastructure in general, even while acknowledging lawful use cases.
The laundering pattern also matters for market structure. Treasury notes that illicit actors usually do not send stablecoins directly into mixers. They tend to route other tokens through mixers first, then convert into stablecoins later to weaken transaction tracing before any fiat off-ramp. That means compliance pressure will not stop at mixers themselves; it is likely to extend across bridges, token conversion points, and exchange surveillance systems.
The framework Treasury appears to support
Treasury distinguishes between custodial and non-custodial mixers rather than treating all privacy tools as the same risk category. Custodial mixers would need to register with FinCEN and provide transaction data to authorities. For non-custodial mixers, the report does not propose new restrictions at this stage. That is a meaningful policy boundary because it leaves room for privacy infrastructure that is software-based or decentralized, while still tightening obligations where an operator controls user assets or transaction flow.
The report also backs proposed “hold laws,” which would let authorities temporarily freeze suspicious digital assets during investigations. In practice, that would give enforcement a middle option between doing nothing and pursuing full seizure or sanctions action. Treasury is also pushing for clearer AML rules for DeFi participants, which suggests the next phase of regulation may focus less on banning categories of tools and more on defining who has compliance duties at each point in the transaction chain.
| Area | Treasury signal | Practical implication |
|---|---|---|
| Custodial mixers | Register with FinCEN and provide transaction data | Higher compliance cost, but clearer path to operating legally |
| Non-custodial mixers | No new restrictions proposed for now | More room for software-based privacy tools, though not immunity from enforcement |
| Suspicious assets | Support for temporary “hold laws” | Faster intervention during investigations without waiting for final case resolution |
| DeFi AML rules | Push for clearer obligations | Compliance expectations may spread beyond mixers to adjacent protocols and service providers |
Which crypto projects may benefit, and which may not
The immediate beneficiaries are not classic “privacy at any cost” projects. The stronger fit is privacy infrastructure that can support selective disclosure, auditable compliance, or identity-linked permissions when needed. That is why institutional interest has been building around projects such as Railgun and Aztec, which combine privacy layers with compliance-oriented design choices.
That distinction matters for liquidity and listings. If U.S. policy continues in this direction, capital is more likely to flow toward “compliant privacy” rails for tokenization, payments, and trade finance than toward tokens whose value proposition depends on resisting oversight altogether. Exchange policy will probably follow the same split: platforms may be more willing to support privacy-related infrastructure with clear compliance hooks than assets associated with opaque transfer systems and weak monitoring options.
The legal risk remains high for teams that ignore that boundary. Treasury and other authorities are still willing to pursue developers and services linked to illicit finance, and the enforcement history around Tornado Cash remains part of the operating environment. Europe’s move toward privacy-coin delistings from exchanges starting in 2027 adds another constraint, especially for projects that need cross-border liquidity rather than a narrow U.S. user base.
The next checkpoints for investors and operators
The market should watch three things more closely than headline rhetoric. First is whether Congress advances “hold laws,” because that would show Treasury’s preferred enforcement toolkit is gaining legislative support. Second is FinCEN guidance on privacy tools, which will determine whether selective disclosure and zero-knowledge compliance features are treated as workable safeguards or as insufficient substitutes for traditional reporting. Third is exchange policy on privacy token listings, since access to liquidity often matters more than protocol design in determining which projects can scale.
For investors, the key filter is not whether a project uses privacy technology, but whether it can survive under a regulated privacy model. For builders, the question is whether compliance is embedded in product architecture rather than added later as a legal defense. Treasury’s report makes that distinction clearer: the U.S. may be opening space for crypto privacy, but only for versions that can coexist with enforcement.
About the Author
