From Treasury to Tech: Building Castellum.AI
Peter Piatetsky began his career studying international relations before joining the U.S. Department of the Treasury, where he helped design and coordinate U.S. and international sanctions against Iran and Russia. His time there revealed a striking gap — even government agencies struggled to track foreign sanctions lists consistently.
That realization led to the founding of Castellum.AI, a company that simplifies global risk data tracking. “Our goal was to build a solution that makes it really easy and effective to track global sanctions,” Peter explained. Castellum.AI’s technology allows users to search, screen, and monitor risk data in real time — a “Google-like” experience that serves banks, cybersecurity firms, and fintech providers such as DigitalMint, Chainalysis, and Arctic Wolf.
Who Needs to Conduct Sanctions Checks?
When asked who bears responsibility for sanctions compliance, Peter’s answer was clear: every business.
“Any business that runs transactions — from a bank or fintech company to a cosmetics retailer — needs to comply with sanctions law,” he said.
Under the U.S. Treasury’s strict liability framework, ignorance is no defense: even unintentional violations can lead to enforcement. While most penalties target larger financial institutions, smaller companies are not immune. Recent examples include non-financial businesses fined for inadvertently transacting with sanctioned entities.
When and How to Screen for Sanctions Risk
Peter outlined a simple but critical rule of thumb: Screen early, screen often.
“The moment you have identifying information — a name, an alias, a crypto wallet address — you should screen it,” he emphasized.
Tools like Castellum.AI make this process fast and scalable — allowing firms to batch-screen thousands of clients or transactions at once. “It’s not as onerous as it might seem,” Peter noted. “You can check names and wallets in seconds.”
The Gray Area of Ransomware Payments
The discussion turned to one of the most complex issues in the ransomware landscape: what happens when sanctioned entities become involved — even indirectly?
Marc pointed out the industry’s challenge in tracing ransomware variants, such as LockBit, Royal, and Akira, which constantly evolve and operate through anonymous crypto wallets. Even diligent screening can’t guarantee a clear answer about whether a payment touches a sanctioned actor down the blockchain.
Peter acknowledged this uncertainty but offered practical guidance:
  • Maintain thorough documentation. “Run the compliance checks, record your results, and demonstrate due diligence.”
  • Leverage blockchain intelligence tools. Combining Castellum.AI’s sanctions data with transaction-tracing platforms like TRM Labs or Chainalysis provides stronger assurance.
  • Collaborate with law enforcement. “The U.S. government understands this is complicated,” Peter said. “They care more about proactive engagement than perfection.”
Collaboration Is Compliance
Both speakers agreed that information-sharing is the cornerstone of responsible ransomware response. Firms that isolate themselves from regulators or refuse to engage raise red flags — just as high-risk foreign banks that avoided contact with Treasury once did.
“The payment providers that get in trouble won’t be the ones talking to law enforcement,” Peter warned. “They’ll be the ones that never pick up the phone.”
Marc echoed that sentiment in closing:
“This isn’t an industry where you ask for forgiveness later. It’s about doing the right thing, communicating with the right people, and preventing risk before it happens.”

Learn More About Castellum.AI
In a landscape where sanctions regulations shift by the hour and cyber threats evolve just as quickly, Castellum.AI stands out as a trusted partner for real-time global risk intelligence.
Their platform empowers businesses to search, monitor, and manage sanctions data effortlessly — giving compliance teams the visibility they need to make confident, informed decisions. Whether you’re a financial institution, a cybersecurity provider, or a growing fintech, Castellum.AI makes it possible to stay ahead of risk without slowing down operations.
If your organization is ready to strengthen its sanctions compliance and safeguard every transaction from hidden exposure, now’s the time to take a closer look.

Discover how Castellum.AI helps businesses simplify global sanctions compliance