
Italian authorities uncover Hamas-linked Charity
See our guide to onboarding Charities safely
Italian police on Saturday arrested 9 individuals accused of raising more than EUR7M under the pretence of humanitarian aid for Gaza. According to the report, those funds were being funnelled to entities controlled or directly licked to Hamas.
These developments once again highlighted a long-standing and uncomfortable reality: charitable organisations can be exploited to funnel funds to terrorist groups, including Hamas, even when those organisations appear legitimate, registered, and regulated.
Charities operate in a space where trust is assumed, scrutiny is uncomfortable, and verification is sometimes treated as optional. That combination creates opportunity - not for legitimate aid delivery, but for misuse.
This is not an isolated incident
The Italian case sits alongside multiple historical enforcement actions in the space. In the United States, OFAC identified earlier this year overseas charity networks being used to fund Hamas and the PFLP. In those cases, OFAC found that charitable status was used to mask the movement of funds, often under the guise of humanitarian or social assistance.
Across jurisdictions, the mechanics are strikingly similar:
Donations raised in good faith
Funds routed through charities or affiliated entities
Limited visibility into end use
Control exercised by a small group of individuals, despite formal governance structures
Placing too much emphasis on form and not substance can ignore clear financial crime indicators.
Why charities remain vulnerable
Unlike commercial entities, charities often:
Have no shareholders, but still concentrate control
Operate across borders with limited local oversight
Rely on intermediaries and partner organisations
Move funds quickly into high-risk or conflict regions
Crucially, the absence of ownership does not mean the absence of control. Trustees, founders, executives, or external actors can still exercise decisive influence over how money flows.
The Italian case is not an outlier
What makes the Italian case noteworthy is not novelty, but familiarity. The same indicators recur:
Opaque governance structures
Limited visibility into end-use of funds
Weak ongoing monitoring once onboarding is complete
Time and again, investigations show that registration with a charity regulator, while necessary, is not sufficient to manage AML and terrorist financing risk.
What regulators expect now
Regulators are not asking firms to de-risk charities wholesale. They are asking for proportionate, intelligence-led controls that reflect how money actually moves.
That means:
Understanding control, not just legal form
Screening across full networks, not single entities
Treating charity onboarding as dynamic, not static
Maintaining audit-ready rationale for risk acceptance
Good intentions are not a defence in an AML review.
The takeaway for compliance teams
Charities do vital work, and financial institutions play a role in enabling that work. But recent events are a reminder that trust cannot replace verification.
The sector’s social value does not eliminate financial crime risk. In some cases, it amplifies it.
To help with analysing the risks of Charities checkout Steward’s Charity onboarding checklist below:
Charities & AML Guide: What Compliance Teams Should Check
🚩 Control & Governance
Identify trustees, directors, founders, and senior executives
Determine who has effective control over funds and strategy
Watch for figurehead boards or concentrated decision-making
Read the foundation/entities’ constitutional documentation
🌍 Geographic Exposure
Are the operations, beneficiaries, or partners in conflict or high-risk regions?
Are there rapid changes happening within those operating geographies?
Are you placing reliance on local partners with limited oversight?
💸 Source of Funds
Breakdown the donor types (public, private, foreign, state-linked)
Look for concentration risk (i.e. funding from a small number of donors)
Are donations routed via intermediaries or third parties?
🔁 Use of Funds
Check for alignment between stated charitable purpose and actual spending
Does the Charter focus on vague categories (“aid”, “support”, “humanitarian assistance”)?
Look for large cash disbursements or pass-through behaviour
📰 Screening Across the Network
Carry out screening (PEP/Sanctions/Adverse Media) across:
Trustees, senior staff, major donors
Partner organisations and affiliates
Re-screening on a periodic basis
⏱️ Change Triggers
Look out for:
Changes in leadership or governance
Sudden spikes in donations or outflows
Increased activity following geopolitical events
🔄 Ongoing Monitoring
AML isn’t static, so it is important that you carry out:
Periodic reviews, not one-off onboarding
Trigger-based reassessments
Updated risk scoring over time
🧾 Auditability
To ensure your systems & records are up-to-speed, don’t forget to have:
Clear rationale for onboarding decisions
Documented risk assessment and controls
Evidence that risk is actively managed
Happy onboarding!
From the blog
The latest industry news, interviews, technologies,
and resources.

Deepfakes Have Arrived at Investor Onboarding. Your Checks Haven't Noticed
Deepfake KYC fraud is surging - face swaps and camera injection now beat standard biometric onboarding. What funds, banks and wealth managers must change about identity verification.
Jul 17, 2026
arik oslerne
1 min read

AI KYC Remediation: How AI Agents Clear a Backlog, Task by Task
See how AI KYC remediation works task by task: alert adjudication, entity resolution, and perpetual KYC that stops backlogs reforming
Jul 16, 2026
Geoffrey Safar
1 min read

What Europe's New AML Regime (AMLA) Means for Funds
The EU's AMLR applies from 10 July 2027 and AMLA is already writing the rulebook. What the new EU AML regime means for funds, fund admins and private banks - and why waiting is a mistake
Jul 15, 2026
arik oslerne
1 min read

How to Reduce False Positives in AML Screening
Cut sanctions and PEP false positives in AML screening: why they happen, how to tune matching, and how to keep every dismissal auditable and defensible.
Jul 15, 2026
Geoffrey Safar
1 min read
Product