On May 12, 2025, a Toronto man pleaded guilty in what is now the largest terrorism financing case in Canadian history. Khalilullah Yousuf, 36, admitted before the Superior Court of Justice in Toronto to two criminal counts under Canada’s anti-terrorism laws: financing terrorism and participating in a terrorist organization’s activities.

Between 2019 and 2022, Yousuf funneled over C$50,000 ($36,100) to Daesh, a group designated as a terrorist entity under Canadian law.

He raised part of the funds through crowdfunding site GoFundMe and transferred the rest through cryptocurrency: a digital tool increasingly favored for its perceived anonymity. This marks the first successful prosecution in Canada where both platforms played central roles.

Yousuf also confessed to maintaining a massive database of over 3,800 online links promoting extremist content, intended to radicalize and recruit individuals to join Daesh. His digital activities included cross-border communication with an American associate who was later convicted of supporting terrorism.

The case underscores how online platforms, from fundraising tools to encrypted messaging, are becoming both the medium and the message in modern extremism. It also signals a turning point for Canadian law enforcement. The conviction, achieved through extensive collaboration among federal, provincial, and international agencies, sets new legal ground on how terrorism financing is traced and prosecuted in the digital age.

Investigative efforts were led by the RCMP’s Integrated National Security Enforcement Team and supported by financial watchdog FINTRAC, forensic auditors, border officials, and international agencies including the FBI and police forces from Spain and the Maldives.

Broader picture 

The conviction of Yousuf, the first in Canada to involve both cryptocurrency and crowdfunding in support of terrorism, highlights a central theme in the State of Financial Crime 2024 report: illicit finance is outpacing the tools built to stop it. As Yousuf quietly moved over C$50,000 through decentralized platforms to fund Daesh and distribute extremist propaganda, his case became a clear-cut example of how digital innovation, intended to democratize finance, can also serve transnational crime.

The report notes that terrorist financing remains a core concern globally, alongside related threats like fraud, cybercrime, and money laundering, all of which are increasingly enabled by new technologies.

The report paints a sobering picture of a compliance sector under pressure. In 2024, firms faced mounting geopolitical instability, fragmented regulatory responses, and a surge in AI-powered crime: from deepfakes to generative scams.

Despite this, 91% of surveyed firms said they would sacrifice AI explainability for efficiency, even as clarity on regulatory oversight remains limited.

The Yousuf case, while exceptional in its scope, is emblematic of broader enforcement gaps: where rapid adoption of crypto, crowdfunding, and digital communication tools continues to outstrip both institutional readiness and international coordination.

At the same time, the Yousuf case lands amid a global reckoning over how to regulate the crypto landscape, particularly as its misuse becomes more visible across financial crime investigations.

Rapid adoption of crypto, crowdfunding, and digital communication tools continues to outstrip both institutional readiness and international coordination.

While firms scramble to keep pace with real-time payments and AI-driven fraud, governments are beginning to define the rules of the road for digital assets. Yet their approaches diverge sharply.

In the United States, crypto regulation remains fragmented and reactive, with enforcement often filling the gaps left by legislative inertia. SEC Commissioner Hester Peirce, a leading advocate for regulatory reform, has criticized the status quo, arguing that the current system stifles innovation by failing to distinguish between different types of digital assets.

Her proposals include safe harbor periods for new projects, exemptions for non-functional tokens, and mechanisms to decouple investment contracts once a network becomes decentralized.

These ideas aim to bring predictability to an industry where legal ambiguity has made compliance, and even basic classification, a persistent challenge. However, broader institutional support for this approach remains limited, and ongoing SEC enforcement actions suggest the US will continue relying on case-by-case litigation as its primary regulatory tool in the near term.

The United Kingdom, by contrast, is moving swiftly toward a codified and comprehensive regulatory framework.

In April 2025, HM Treasury released a draft statutory instrument defining a new set of regulated activities for cryptoassets under the Financial Services and Markets Act. The proposed rules cover stablecoin issuance, crypto trading platforms, custody services, and staking activities, and include specific territorial provisions that extend to overseas firms dealing with UK consumers.

Importantly, the FCA will supervise this regime, with a consultation period currently underway. Unlike the US, the UK’s approach emphasizes institutional integration: crypto firms will be treated like other financial institutions, subject to Know Your Customer (KYC), anti-money-laundering (AML), and consumer protection rules.

The UK model reflects a growing consensus in Europe that meaningful oversight is essential for market stability, even at the cost of a slower pace of innovation.

Canada, now faced with its first crypto-based terrorism conviction, may soon have to decide which regulatory philosophy it wants to align with.