What Is ‘Dirty Crypto’ and What Is the US Doing about It?
Scrutiny over the origin of digital assets is rising as the authorities crack down on ‘dirty crypto’: assets connected to crimes like fraud, money laundering, and terrorism. A crypto holder or investor might have no idea their assets are implicated, but even unwittingly holding dirty crypto is a risk, and the US government is developing more sophisticated tracing methods.
How might crypto become tainted? One example is if it’s been subject to others’ violations of the Bank Secrecy Act. Another is if it’s associated with OFAC’s Specially Designated Nationals and Blocked Persons (SDN) list.
The risks heighten when transacting outside of compliant exchanges. And the consequences include losing assets to the government, having assets devalued, or having digital wallets frozen.
An exchange could be held liable for damages based on negligence theory. Users of mixers and other privacy services could make claims based on violation of a covenant of good faith and fair dealing. Asset holders could claim against the service provider for failing to safeguard them.
Implications for brokers and their clients:
- Review existing policies to confirm whether coverage extends to losses arising from enforcement actions.
- Consider specialized digital asset insurance that supports in managing compliance and operational risks.
- Conduct thorough vetting of third parties to prevent exposure and ensure coverage extends to those relationships.
Source: Reuters. (September 11, 2025). Keep your assets clean: Risks of owning “dirty” crypto.
How Smart Contract Flaws Can Cost Companies Millions
Recent statistics highlight the top risks affecting smart contracts. While they’re designed to be immutable — and most exemplify gold-standard for crypto security — smart contracts errors or gaps can open the door for attackers, leading to stolen funds, disrupted protocols, and costly losses.
Here are the most common flaws and what they’ve already cost companies (text verbatim from per Coin Law):
- Reentrancy attacks: These come first place. This type of attack was seen in the DAO exploit of 2016, causing losses of circa $50-$60 million.
- Integer overflow / underflow bugs: These were responsible for the Bancor vulnerability in 2017. $10 million in tokens were left exposed.
- Unprotected functions: These enable attackers to drain funds or manipulate data. In 2023, losses from unprotected functions amounted to $15 million.
- Front-running: Here, attackers exploit transaction ordering. In 2022, 20% of DeFi protocols were affected.
- Unchecked external calls: These accounted for 18% of total vulnerabilities reported in blockchain audits in 2024.
- Logic errors: In 2020, an error in the Yam Finance protocol led to losses of $750,000 in under 24 hours of deployment.
- Phishing and social engineering: In 2023, attacks on smart contract teams led to losses of $50 million globally.
Implications for brokers and their clients:
- Dedicated smart contract insurance covers losses beyond the scope of traditional crime and cyber policies.
- Given the frequency, variety and severity of smart contract vulnerabilities, companies should ensure policies explicitly address coverage for code-based losses, including criminal exploits and software design flaws.
- Clarify whether coverage extends to indirect losses like reputational damage triggered by publicized smart contract exploits.
Source: CoinLaw. (June 16, 2025). Smart contract security risks and audits: Statistics.
UK Space Bill: One Four Letter Word Could Transform Britain’s Space Industry
On September 5, the UK’s ‘Space Industry (Indemnities) Bill’ underwent its second reading in the House of Lords and will now move on to the committee stage. The Bill would amend sections 12 and 36 of the Space Industry Act 2018, mandating that all spaceflight operator licenses include a limit on the amount of an operator’s liability.
The current wording says that an operator license “may” specify a limit. This uncertainty deters investors, but replacing “may” with “must” will likely change that.
Implications for brokers and their clients:
- Review coverage in anticipation of caps being introduced, ensuring policies align with both UK regulatory requirements and contractual obligations.
- Consider whether liability limits extend to subcontractors or supply chain partners, or if additional coverage is required to close potential gaps.
- Even with liability limits, businesses must assess whether residual risks — like third-party damage from satellite collisions — are adequately covered by existing policies.
Source: TheyWorkForYou. (September 5, 2025). House of Lords: Space Industry (Indemnities) Bill, second reading.
Windows 10 Support Ending: October 14 Ripe for Hacker Activity
Starting October 14, 2025, companies that continue running Windows 10 will be exposed to heightened cyber risks. Microsoft has confirmed that technical support, feature updates, and critical security patches will no longer be available.
Unprotected Windows 10 devices create an open door for hackers, making them unsafe to use. For hardware that’s not compatible with Windows 11, the options are limited — enroll in Microsoft’s Consumer Extended Security Updates (ESU) program — or replace outdated devices entirely.
Implications for brokers and their clients:
- Cyber insurance policies are likely to exclude unsupported software, leaving firms that are still using Windows 10 unprotected after an attack.
- Organizations in finance, healthcare, and other highly regulated industries risk falling out of compliance, inviting fines and legal scrutiny.
- Older devices running Windows 10 may become incompatible with newer applications, leading to downtime and productivity losses. Disruptions caused in these circumstances may be excluded from business interruption coverage.
Source: Insurance Business Magazine. (June 11, 2025). NZ firms face cover risks as Windows 10 ends.
Cannabis Firms Tech Investments Don’t Backfire
The cannabis industry is transforming as state-licensed operators deploy advanced technologies to drive efficiency, optimize yields, and improve compliance.
Automation, robotics and AI are used for numerous purposes in cultivation, production, and retail. For example, AI-enabled canopy monitoring detects threats like pests or environmental fluctuations, alerting cultivators before issues worsen. And AI makes age-verification more efficient and accurate. These systems also capture robust data logs which support compliance.
Cannabis businesses must carefully align these technologies with state laws and regulatory requirements.
Implications for brokers and their clients:
- Regularly review policies to address emerging risks linked to technology-driven operations, like crop loss caused by automation errors.
- More connected systems means a larger attack surface for hackers. Review cyber policies to ensure coverage applies to all technologies in-use.
- Product liability exposures may increase if automation or AI-driven quality checks fail and defective or contaminated products reach consumers.
Source: Reuters. (September 16, 2025). Balancing innovation and compliance: How technology is transforming the cannabis industry.
Cannabis Rescheduling and Resulting Compliance Costs
The uncertainty about rescheduling cannabis persists. If the change goes ahead, the cost of compliance will be substantial. Implementing GMP-compliant facilities, hiring dedicated compliance staff, deploying validated software, and conducting frequent audits can be expensive and operationally challenging.
Larger operators may absorb these costs, but smaller cultivators, dispensaries, and family-owned businesses could face severe financial strain. The costs may be outright prohibitive for some, and the industry may see a lot of M&A activity as a result.
Implications for brokers and their clients:
- Regularly review and update policies in line with changes in regulatory frameworks.
- Uncertainty will persist as regulation transforms. Companies should evaluate their cannabis insurance policies to ensure regulatory investigation costs are covered.
- Product liability and recall may escalate due to federal oversight and higher quality control expectations. Specialized cannabis insurance covers against these exposures.
Source: Forbes. (September 15, 2025). Trump, US cannabis rescheduling, and the compliance reality for existing operators (Part 1 of 3).
