June 18, 2026, was supposed to be an ordinary day, but it was heavily circled on the regulatory timeline: on the Mediterranean island of Malta, the Financial Services Authority released a discussion document, specifically naming so-called "decentralized" projects that still retain admin keys and protocol upgrade permissions, exploring how to pull this type of DeFi back into licensing and regulation under the EU MiCA framework; on the same day in Beijing, the National Financial Regulatory Administration issued the "Guiding Opinions on the Safe Development and Application of Artificial Intelligence in the Banking and Insurance Industries," requiring banks and insurance institutions to incorporate AI into their comprehensive risk management systems and explicitly drawing the red line against "the misuse of artificial intelligence technology to generate false information and manipulate market prices"; almost simultaneously, in Washington, the U.S. Department of Justice initiated an investigation into Iranian figure Mujtaba’s global investment portfolio, checking whether JPMorgan Chase and Citigroup were involved in substantial funds transfers between its regulated companies, while continuing to enforce Iran sanctions and striking at the compliance borders of cross-border funding networks. These three actions seemed to be each fighting their own battles: on one side, the exemption boundaries for DeFi are being redefined; on the other side, financial AI is being incorporated into a "regulatory framework"; and on another side, the funding chain related to Iran is being traced. However, they all point towards the same core proposition—pulling new technologies and complex financial activities back from the gray area into the controllable and accountable regulatory view. This article attempts to outline the contours of a new global fintech regulatory order along the three lines of DeFi, financial AI, and cross-border funds.
Malta: The Tug-of-War Between MiCA Exemptions and the Truth of DeFi
In the unified MiCA text of the EU, "completely decentralized" crypto services were reserved a space for exemption, which had originally been seen by the DeFi circle as a safety cushion: as long as it claims not to have a centralized entity, regulators have no authority to intervene. However, on June 18, 2026, the discussion document released by the Malta Financial Services Authority (MFSA) appeared to cut a hole in this safety cushion—regulators pointed out that most real-world DeFi projects do not meet the red line of "completely decentralized," with admin keys, protocol upgrade permissions, and monopolized governance voting rights constituting clear points of control. In other words, MiCA offers exemptions, but whether to acknowledge that one is "qualified" for such exemptions has begun to be determined by regulators.
This discussion document, still in the opinion-gathering stage, does not provide immediate hard clauses but sets a clear direction: those DeFi that still hold "human hands" will be attempted to be pulled back into the regulatory view of MiCA. For Malta, which has long portrayed itself as a "center of blockchain and crypto innovation," this marks a role transition—from previously emphasizing a friendly and tolerant harbor to shifting towards providing support only to projects that meet specific conditions, rewriting "innovation center" into "a threshold-laden testing ground." Within the EU, whoever first takes the initiative to define the authenticity of DeFi's decentralized nature is effectively vying for the dominant authority to interpret the exempted boundaries of MiCA, and Malta has clearly chosen to stand on this trend, using its national regulatory experiment to rewrite the boundary between DeFi and compliance.
China Draws an Uncrossable Red Line for Financial AI
While Malta pointed the finger at "pseudo-decentralization," Chinese regulators focused on another technological main line. On June 18, 2026, the National Financial Regulatory Administration released the "Guiding Opinions on the Safe Development and Application of Artificial Intelligence in the Banking and Insurance Industries," for the first time specifically addressing banks and the insurance industry, categorizing artificial intelligence as a risk source requiring systematic review. The document requires financial institutions to integrate AI risks into their comprehensive risk management systems, no longer treating AI merely as an efficiency tool, but rather incorporating it into conventional risk control and compliance processes, similar to credit risk and market risk.
The real tension is heightened by the warning written in the text—"the misuse of artificial intelligence technology to generate false information and manipulate market prices is strictly prohibited." This effectively places the imaginative space for utilizing large models to "fabricate favorable news" and automate trading in the forbidden zone, drawing an uncrossable red line for financial AI. However, this is not a document that "only says no": on one hand, the guidelines tighten behavioral boundaries, while on the other hand, they propose to "encourage large financial institutions to conditionally provide computing power services to small and medium financial institutions," trying to make leading institutions assume infrastructure roles and avoid completely blocking small and medium institutions from AI due to tightened security. As the first specialized AI governance document aimed at the financial industry following the 2024 draft "Artificial Intelligence Law," it announces a new starting point: financial AI must accelerate on a track with regulations to follow rather than continue experimenting in the gray area.
The U.S. Investigates Iranian Funding Networks, Drawing Wall Street In
While Chinese regulators are drawing red lines for financial AI, the enforcement storm across the Atlantic has already targeted another sensitive red line—funds related to Iran. The U.S. Department of Justice is focusing on an Iranian figure named Mujtaba and his global investment portfolio spread across multiple locations, with the perspective of the investigation not limited to a single account, but rather trying to map out a cross-border funding operation network: how funds flow between different jurisdictions, shuttle between the various enterprises he regulates, and whether these flows touch the bottom line of Iran sanctions.
According to a single source, one focus of the investigation is to confirm whether JPMorgan Chase and Citigroup were involved in large funds transfers between the companies supervised by Mujtaba. For the Department of Justice, the issue is not only "whether transactions occurred," but whether these transfers left compliance loopholes in terms of due diligence, customer identity verification, and sanctions screening. Iran has long been under U.S. sanctions, making any cross-border funding that circumvents into the global financial system inherently carry a high sensitivity tag, and in the past few years, numerous financial institutions have faced hefty fines for breaching Iran sanctions, making Wall Street keenly aware of the cost. This investigation is viewed as a continuation of this high-pressure approach and sends a signal to all large banks: in cross-border operations, especially when dealing with clients with complex equity structures and multi-layered holdings, sanctions compliance is no longer just a backend process but a crucial exam determining whether they can continue playing the role of the global clearing hub.
Three Local Regulators on the Same Frequency: DeFi, AI, and Fund Flows Must Be Accounted
On the same day, Maltese regulators focused on the "fake decentralization" agreements, China drew the red line for financial AI, and U.S. prosecutors traced the Wall Street giants behind Iranian-related funding networks—three seemingly unrelated puzzle pieces, when stacked together, present the same picture: all new technological activities related to funds must return to an "auditable and manageable" ledger. The Malta Financial Services Authority examines DeFi under the MiCA framework, openly questioning "completely decentralized" market rhetoric by naming several projects that retain admin keys, centralized governance, and protocol upgrade permissions; the National Financial Regulatory Administration of China incorporates AI from the banking and insurance industries into a comprehensive risk management system while clearly stating that "the misuse of artificial intelligence technology to generate false information and manipulate market prices" is prohibited, pulling models back from "black boxes" into regulatory view; the U.S. Department of Justice investigates Mujtaba's global portfolio while probing the roles of JPMorgan Chase and Citigroup in large cross-border transfers, continuing to search for accountable institutional nodes along the high-pressure line of Iran sanctions. DeFi protocols, AI systems, and cross-border clearing channels are placed on the same coordinate axis; they must either prove they truly have no center or deliver a center that is clear enough for regulators.
On the surface, DeFi touts the banner of "no administrator," AI uses the excuse of "algorithmic black boxes" as difficult to explain, and cross-border funds hide within complex equity structures and multi-layered holdings, but the three regulators are doing the same thing: dismantling technical and legal structures, looking for a "responsibility button" that, when pressed, will yield feedback. When the MFSA treats admin keys as a regulatory entry point, when China integrates AI into regular risk control and locks model usage with the wording "strictly prohibit price manipulation," and when U.S. prosecutors follow the money trails across various accounts to specific banks, this logic of "finding the center" is already running smoothly. In the short term, this will raise compliance costs and uncertainty—project teams will need to reassess governance structures, banks will need to reshape sanctions screening paths, and financial institutions' AI teams will need to embed compliance into the model lifecycle—but in the medium to long term, this round of tightening is also providing the industry with a clearer "red line map," letting truly willing institutions operating within the rules know which paths they can take and which boundaries they cannot cross.
The Next Step for Crypto and Wall Street: Seeking Compliance in the Cracks
For DeFi projects, the next step has been written into the text: either dismantle all “admin keys” and upgrade switches structurally to meet the MiCA's so-called "completely decentralized" exemption standard, or accept their identity as financial service providers and follow the path of licensing, disclosure, and risk control, which is slower but more predictable. The MFSA in the discussion document has already put the harsh words upfront: when most agreements still retain centralized governance and operational permissions, do not expect to use “decentralization” as a shield. For banks and brokers, China's AI safety guidelines have transformed models from being “toys of the tech department” into objects that compliance lines must take over—risk management needs to be rewritten, algorithmic boundaries in marketing and trading need to be redrawn, and in the context of the long-standing high-pressure Iranian sanctions environment in the U.S., every cross-border fund path must be laid out for regulators. For investors and practitioners, this round of synchronized tightening by the three places around June 18, 2026, will short-term compress the space for "storytelling" and gaming the regulatory gray area, but it also builds a joint trust infrastructure for compliant crypto assets, rule-bound financial AI, and traceable funds, with true opportunities gradually shifting from seizing regulatory vacuums to comparing who can endure time and compliance costs better within clear rules.
Join our community, let’s discuss together, and become stronger together!
AiCoin exclusive Hyperliquid benefits: https://app.hyperliquid.xyz/join/AICOIN88
AiCoin exclusive Aster benefits: https://www.asterdex.com/zh-CN/referral/9C50e2
On-chain Telegram community: https://t.me/AiCoinWhaleData
On-chain community: https://www.aicoin.com/link/chat?cid=N6OVMor5g
AiCoin on-chain Twitter: https://x.com/aicoinwhaledata
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
