This was the week the United States moved against the political and financial enablers of Southeast Asian scam compounds – sanctioning a Cambodian senator, charging compound managers, and restraining $700 million in cryptocurrency. The UK’s Online Crime Centre opened its doors. The FCA went after illegal “finfluencers” through a global IOSCO-coordinated operation. And the European Public Prosecutor’s Office made one of its most consequential arrests to date, detaining senior Czech civil servants alleged to have facilitated a €13.5 million subsidy fraud. The pattern across all three jurisdictions is the same: enforcement is moving up the value chain, from the individuals who execute fraud to the actors who make fraud possible.

Treasury Sanctions Cambodian Senator: Targeting the Patronage Layer

OFAC’s sanctions package against Cambodian Senator Kok An, designating him along with 28 individuals and entities (including casinos, front companies, and Heng Feng Cambodia Bank plc), represents a doctrinal turn. Kok An is alleged to own and operate scam compounds through Crown Resorts and Anco Brothers Co Ltd, collecting rental income and providing security infrastructure to criminal syndicates that target US victims. He is the first sitting national legislator sanctioned for this role.

This matters criminologically because it acknowledges what the field has long understood: scam compounds do not exist as autonomous criminal enterprises. They depend on territorial sovereignty, political protection, casino licensing, and banking access. Sanctioning the operational layer, the compound managers, the trafficked workers, the digital infrastructure, addresses symptoms – but sanctioning the patronage layer addresses the conditions of possibility. The question now is whether Cambodia’s domestic political response permits the designation to bite or simply rearranges the protection arrangements.

DOJ Scam Center Strike Force: Charges, Seizures, $700M Restrained

In parallel with the OFAC action, the DOJ’s Scam Center Strike Force unsealed criminal complaints against two Chinese nationals, Huang Xingshan and Jiang Wen Jie, who managed the Shunda compound in Min Let Pan, Burma. The pair were arrested in Thailand earlier this year while transiting between scam compounds in Cambodia and Burma. The Strike Force also executed a first-of-its-kind seizure of a Telegram channel with more than 6,000 followers, used to recruit English-speaking trafficking victims under the false promise of high-paying jobs in Cambodia. The FBI and Secret Service seized 503 fraudulent web domains. Cumulatively, the Strike Force has restrained more than $701.9 million in cryptocurrency tied to scam money laundering.

The Telegram seizure is the most significant element from a situational crime prevention perspective. Recruitment infrastructure is the upstream input that sustains compound labour. Disrupting recruitment channels does what compound raids do not: it raises the cost of replacing the trafficked workforce. This is the operational logic Marcus Felson described as “guardianship at the crime script’s vulnerable points”, and Telegram is precisely such a point.

The State Department is offering up to $10 million for information leading to seizure of proceeds related to the Tai Chang scam compound in Burma’s Karen State, plus $4 million for the arrest of Daren Li, a money-laundering convict who fled the United States after removing his ankle monitor.

The UK Online Crime Centre Opens

The Online Crime Centre is now operational. Backed by £31 million within the broader £250 million Fraud Strategy 2026–2029, it brings together the NCA, GCHQ, the National Cyber Security Centre, the City of London Police, and private sector specialists from banking, telecoms, and tech firms. Its operational doctrine is data-sharing at the speed of fraud: identifying the accounts, websites, and phone numbers organised crime groups rely on, and shutting them down at scale.

The Communications Crime Strategy Group, BT/EE, Sky, TalkTalk, Tesco Mobile, Virgin Media O2, and VodafoneThree, have formally backed the centre, as have NatWest and Lloyds. Lloyds reports its own technology prevented £1 billion of attempted fraud last year alone.

I have written extensively on why this multi-sector model is the only one capable of disrupting industrial-scale fraud. The Centre is a rare example of structural reform that matches the structure of the threat. The risk is governance: the public–private model only works if data flows in both directions, with clear legal authority and clear accountability for what the partners do with the intelligence they receive. The Centre’s first six months will establish whether that bargain holds.

FCA’s Global Finfluencer Operation

The Financial Conduct Authority spearheaded a coordinated international operation against illegal “finfluencers” – financial influencers promoting unauthorised investment products on social media. The activity, which began on 20 April 2026, included 120 account takedown requests, a guilty plea from Geordie Shore’s Aaron Chalmers for illegal promotions, and criminal proceedings against two further individuals.

This operation is interesting because it operationalises the integration of consumer-facing financial regulation with platform governance. The traditional regulatory toolkit, enforcement against the firm, is structurally insufficient when the harm is generated by content creators with no formal authorisation, no fixed jurisdiction, and audiences in the millions. The takedown-request mechanism transfers part of the enforcement burden to platforms, which is consistent with the direction signalled by both the SCAM Act in the US and the UK’s Online Safety Act. Whether 120 takedowns make any dent in the supply curve of illegal investment content on TikTok and Instagram is empirical: the FCA should publish recidivism and reappearance data within six months.

EPPO Czechia: Senior Civil Servants Detained in €13.5M Subsidy Fraud

The European Public Prosecutor’s Office dismantled an organised crime group in the Czech Republic involving senior public officials at the Ministry of Industry and Trade and the Czech Building Authority. Seven suspects were detained, 13 premises searched (including ministerial offices), and over €2 million in bank accounts seized. The subsidies in question came from the EU’s Operational Programme Enterprise and Innovation for Competitiveness, allegedly diverted to develop a “research premises” innovation centre.

This is exactly the form of public-procurement fraud that Levi and Lord (2023) describe as “serious crimes for economic gain” – not a discrete event but an entrenched relationship between political power and economic opportunity. The case is also a reminder that the EPPO, less than five years operational, has matured into a credible prosecutor of EU-funds fraud in member states whose domestic systems are structurally unwilling or unable to act. The institutional design itself, supranational prosecutors with national investigative reach, is the mechanism – the arrests are the output.

FinCEN’s AML Reform: Sweeping Changes Take Shape

Treasury and federal banking agencies have proposed sweeping changes to the AML/CFT compliance framework. The proposals, building on the 7 April NPRM I covered in Lab Report #1, would require institutions to formally incorporate the AML/CFT Priorities into program design, redefine “effective” programs around risk-based outcomes, and align supervisory expectations across FinCEN, OCC, FDIC, and the Federal Reserve. FDIC Chairman Travis Hill called the proposal “perhaps the most important of the reforms Congress envisioned in the AML Act.”

The doctrinal shift here is from procedural compliance to outcomes-based effectiveness. Whether this works depends on whether supervisors are willing to credit institutions for fewer, better SARs over more, lower-quality SARs. The criminological evidence, twenty years of it, is unambiguous: SAR volume is not correlated with detection or prosecution outcomes. The reform creates the legal space for a quality-over-quantity model. The supervisory practice has yet to follow.

The Anti-Money Laundering Quarterly: Q1 2026 in Review

Morrison Foerster’s Anti-Money Laundering Quarterly for Q1 2026 is worth reading in full. The headline themes: targeted AML enforcement coupled with reduced regulatory burden; an expanded southwest border Geographic Targeting Order against money services businesses (lowering the cash transaction reporting threshold to $1,000); FinCEN’s new whistleblower portal; and a $50 million fine imposed on Saxo Bank by the Danish Financial Supervisory Authority for failing to monitor “White Label Clients” between 2021 and 2023.

The Saxo Bank case is instructive. White-label arrangements, where one institution provides infrastructure for another to brand and distribute, create the same outsourced-guardianship problem as platform advertising. The institution closest to the customer is not the institution holding the regulatory obligation. AML regulation has not yet caught up with this structural reality. Until it does, expect repeat enforcement against firms operating sophisticated B2B trading platforms.

Operation Level Up: Domain Seizures at Scale

The FBI and US Secret Service’s Operation Level Up, running in parallel with the Scam Center Strike Force actions, has now seized 503 fraudulent cryptocurrency investment websites designed to mimic legitimate exchanges. These are the visible front-end of pig-butchering operations: the apps and websites where victims see fabricated balances, doctored gains, and engineered pressure to deposit more.

The site seizures matter, but they are also a textbook displacement scenario. The marginal cost of registering a new fraudulent domain is essentially zero. The marginal cost to a scam compound of redirecting victims to a replacement site is similarly low. What Operation Level Up achieves is not deterrence; it is friction. Each seizure imposes operational drag on the criminal enterprise, slows the conversion funnel from contact to deposit, and most usefully, generates the seed evidence on which money-laundering prosecutions are built. Friction is not prevention, but it is not nothing.

New Research Worth Reading

A new Russian-language paper, The Concept, Types, and Main Criminological Indicators of Cybertheft (Starostenko, 2026), proposes a taxonomy of cybertheft distinguishing between (i) theft involving unauthorised access to computer information, (ii) combined theft synthesising technical access with social engineering, and (iii) pure social engineering. The paper reports a 73% year-on-year increase in incidents in 2023 and over 765,000 registered cases in Russia in 2024. The empirical scale matters; the taxonomy is a useful contribution to a literature in which terminological inconsistency continues to obscure cross-jurisdictional comparison.

Compensation for Damages in Fraud Cases Committed Using ICT (Bogatskaya, 2026) examines a problem too often missing from the academic literature: what does meaningful redress look like when the perpetrator is unidentified, the funds are mixed, and the proceeds are converted to cryptocurrency? The paper makes a compelling argument for a comprehensive systemic approach involving investigators, prosecutors, courts, and ICT infrastructure (banks and communications operators) operating as a coordinated guardianship system, and proposes that civil law obligations to return unjust enrichment should attach to “bio-drops” and drop accounts as a matter of course.

Proposing a Model of Forensic Accounting Tools to Reduce Financial Crimes (Tehrani et al., 2026) synthesises 19 forensic accounting factors using Interpretive Structural Modelling. Worth reading for those building institutional fraud detection capability, particularly its argument that integrating Benford’s analysis with cloud-based monitoring and legal forensic tools meaningfully improves detection accuracy.

What I Am Watching

• Cambodia’s domestic political response to the Kok An sanctions. Whether the designation produces actual divestment or merely cosmetic compliance will signal whether OFAC’s patronage-targeting strategy can scale. (Treasury press release)
• The Online Crime Centre’s first six-month delivery report. Look for the operational metrics: how many accounts blocked, how many phone numbers disabled, how many websites taken down – and how many returned within 30 days. (UK Government announcement)
• The FCA’s recidivism data for finfluencer takedowns. 120 takedowns is a useful start; the question is replacement velocity and audience migration. (FCA press release)
• The House Homeland Security Subcommittee on cyber-enabled financial crime. The 24 April hearing flagged a “500% increase” in AI-enabled fraud and signalled forthcoming legislation. The shape of that legislation matters. (House Homeland Security release)
• The Global Fraud Summit in Vienna. The UK Home Secretary is leading. Watch for new bilateral intelligence-sharing agreements beyond Nigeria and Vietnam – particularly with the Philippines and Cambodia. (Fraud Strategy)