The Wall Street Journal reported on July 5, 2026 that Iran, Russia, North Korea, and other sanctioned entities have sharply increased their use of cryptocurrency. The report, citing crypto analytics firms including Chainalysis, said addresses linked to sanctioned entities received more than $100 billion in crypto during 2025.
Most local businesses are not running crypto exchanges. That does not make the story irrelevant. Crypto exposure can arrive through customer payments, vendor invoices, nonprofit donations, reimbursements, executive side projects, treasury experiments, or a payment processor that makes digital assets look as ordinary as a credit card option.
The risk is an approval problem before it is a blockchain problem
For business owners, the practical issue is not whether cryptocurrency is good or bad. The issue is whether the business has decided who may approve it, who checks the counterparty, who keeps the records, and who can explain the decision later.
Chainalysis has separately reported that sanctioned-entity crypto volume surged in 2025 as nation-state actors used digital assets as part of broader financial infrastructure. That matters because sanctions, anti-money-laundering, accounting, banking, and vendor-risk questions do not disappear when a payment moves through a wallet instead of a wire.
A small business that accepts crypto without a written policy may be taking on more than price volatility. It may be depending on a processor, exchange, wallet provider, accountant, or outsourced finance team to handle screening and records without knowing exactly what evidence will be available if a bank, insurer, auditor, donor, regulator, or customer asks.
What owners should ask before money moves
- Are crypto payments allowed at all? If they are, define who can approve them and which use cases are permitted.
- Who performs sanctions screening? Do not accept a vague answer that the platform handles it. Ask what is screened, when it is screened, and what documentation is retained.
- Which vendors touch the transaction? Identify the exchange, wallet, payment processor, accounting tool, and any outsourced finance provider involved.
- What records will the business keep? The business should be able to match invoices, wallet addresses, processor reports, conversion records, fees, refunds, and approvals.
- What happens when a transaction looks unusual? Define who can pause a payment, escalate to counsel or compliance support, and notify banking partners if needed.
A practical next step
If your business has never accepted or sent cryptocurrency, this is a good time to document that position. A simple written rule that crypto payments are not approved without owner review is better than discovering the decision after a customer, donor, employee, or vendor already created the exposure.
If your business does use digital assets, ask your IT provider, accountant, payment processor, and leadership team for a short evidence packet: approved use cases, responsible owner, vendor list, sanctions-screening process, record-retention process, and escalation contact. The point is not to turn every owner into a crypto investigator. The point is to make sure the business can prove that payment decisions are controlled, reviewed, and documented.
Sources and further reading