Episode 174

25th July – 27th July 2025

Sanctions

US Treasury Targets Houthi Petroleum Smuggling Network Linking Yemen, UAE, and Iran

On 22nd July 2025, the US Treasury’s Office of Foreign Assets Control (‘OFAC’) sanctioned two individuals and five entities for laundering money and smuggling petroleum into Houthi-controlled regions of Yemen. These actors—including Yemeni businessman Muhammad Al-Sunaydar and UAE-based Arkan Mars companies—facilitated imports of Iranian petroleum and routed millions in funds which help sustain Houthi operations. The Houthis profit from marking up fuel prices and taxing shipments. Entities such as Amran Cement Factory and Al-Saida Stone were also linked to military infrastructure and suspicious transactions.

The sanctions, issued under Executive Order 13224, block US assets and impose strict financial prohibitions. They continue a broader effort to undermine terrorist financing and regional destabilisation.

Treasury Targets DPRK’s Hidden Revenue Stream via Overseas IT Workers

The US Treasury’s Office of Foreign Assets Control (‘OFAC’) has sanctioned Korea Sobaeksu Trading Company and three North Korean nationals—Kim Se Un, Jo Kyong Hun, and Myong Chol Min—for operating a clandestine network of overseas IT workers. These individuals facilitated sanctions evasion and generated illicit funds to support the Democratic People’s Republic of Korea’s (‘DPRK’) nuclear and ballistic missile programmes. Sobaeksu acted as a front company for the regime’s Munitions Industry Department, using forged documents and false personas to embed IT workers into global firms, including those in the US.

This coordinated action involves multiple US agencies, including the Departments of Justice, Homeland Security, State, and the FBI. It reflects a broader strategy to target DPRK’s revenue mechanisms—ranging from counterfeit cigarette trafficking to cryptocurrency operations—while offering up to $7 million in rewards for information leading to the arrest or conviction of the designated individuals. Notably, IT workers have not only funnelled earnings back to the DPRK but also infiltrated company networks, introducing malware to steal sensitive data.

With these designations under Executive Orders 13382 and 13810, all US-linked assets of the sanctioned individuals and entities are blocked. US persons are barred from engaging with them, and any related transactions could trigger civil or criminal penalties. The Treasury emphasises that the ultimate goal of sanctions is behavioural change, not punishment, and highlights pathways for removal from the sanctions list under legal guidelines.

UK Crypto Under Threat: Sanctions Evasion on the Rise, Warns OFSI

A recent threat assessment from the Office of Financial Sanctions Implementation (‘OFSI’), covering the period from January 2022 to May 2025, highlights significant challenges for UK cryptoasset firms in adhering to financial sanctions. The report underscores that financial sanctions apply to cryptoassets in the same way they do to traditional assets, making their use for circumvention a criminal offence.

OFSI has identified that it is almost certain that UK cryptoasset firms have under-reported suspected breaches of financial sanctions since August 2022. Much of the non-compliance observed is likely inadvertent, stemming from common issues such as direct and indirect exposure to Designated Persons (‘DPs’) and delays in attributing cryptoasset addresses to these sanctioned entities.

The assessment identifies several key threats:

• Cryptoasset firms: UK cryptoasset firms have likely breached regulations by direct or indirect exposure to Garantex, a designated Russian crypto exchange, since 2023. Even after Garantex's disruption in March 2025, a successor organisation, Grinex, is operating and accepting payments from Russian DPs.

• North Korean Cyber Activity: UK-based cryptoasset firms are highly likely to be targeted by DPRK-linked hackers and IT workers seeking to steal or illicitly obtain funds. These actors employ sophisticated money laundering techniques, including using various exchanges, mixers, and privacy protocols, to obscure the origin of stolen assets.

• Iranian Cryptoassets: UK cryptoasset firms likely facilitate transfers to Iranian firms suspected of links to DPs. The report notes activity involving exchanges like Nobitex, which has suspected ties to the Islamic Revolutionary Guard Corps, a designated entity.

The report also points to common compliance vulnerabilities, such as the retrospective discovery of breaches and the challenges in managing frozen funds in the fast-paced crypto environment. OFSI has observed various methods of sanctions evasion, including the use of cross-border payments, high-risk or non-KYC services, layering and mixing techniques, darknet marketplaces, and decentralised exchanges.

To bolster compliance, OFSI urges firms to implement robust due diligence practices and be vigilant for numerous red flags. These indicators, which could suggest sanctions evasion, include large or unusual transactions immediately following sanctions announcements, rapid movement of assets through multiple addresses, reliance on services without KYC or AML procedures, use of anonymity-enhancing technologies, and transactions originating from or directed to sanctioned jurisdictions. Firms are encouraged to report any suspected breaches to OFSI, the National Crime Agency, and the Financial Conduct Authority, promptly.

HM Treasury Consults on Streamlining Civil Enforcement for Financial Sanctions

HM Treasury has launched a public consultation to improve the efficiency and transparency of civil enforcement processes for financial sanctions. Overseen by the Office of Financial Sanctions Implementation (‘OFSI’), the proposed reforms aim to expedite case resolution and reduce administrative burdens while maintaining robust regulatory oversight.

Key proposals include:

• Clearer guidance on penalty discounts for voluntary disclosure and cooperation.

• A new settlement scheme for monetary penalties.

• An Early Account Scheme allowing subjects to provide full factual accounts early in investigations.

• A simplified pathway for minor offences with indicative penalties.

• Adjustments to statutory penalty maximums.

These changes are limited to OFSI’s civil enforcement powers in areas such as breaches of financial sanctions (including Russia-related cases) and the Maritime Services Ban and Oil Price Cap exception. Criminal enforcement processes and trade or transport sanctions remain unaffected.

OFSI invites feedback from businesses, financial institutions, legal professionals, and civil society before the consultation closes on 13th October 2025 at 23:59. Submissions are encouraged via the online form or by email, with a virtual stakeholder event planned during the consultation period.

Money Laundering

EU and Cash Controls

The EU has produced a report which assesses the application of Regulation (EU) 2018/1672 on controls on cash entering or leaving the Union. This regulation forms a part of the broader EU anti-money laundering and counter-terrorist financing (‘AML/CFT’) legislative framework, aiming to protect the EU from financial crime by controlling the physical movement of cash across its external borders. The definition of 'cash' under this regulation is broad, encompassing currency, bearer-negotiable instruments, and specific forms of gold (coins with 90% gold, bullion with 99.5% gold). While prepaid cards are listed, they are currently not subject to the control rules. A key obligation for individuals is to declare cash valued at €10,000 or more when entering or leaving the EU. For unaccompanied cash, competent authorities can request a disclosure declaration at the same €10,000 threshold. Authorities also have powers to record information on smaller amounts if criminal activity is suspected and temporarily to detain cash when obligations are not met or criminal activity is indicated. A cornerstone of the regulation's effectiveness is its robust framework for information exchange between Member States' competent authorities and national Financial Intelligence Units (‘FIUs’) primarily through the Customs Information System (‘CIS’) cash module. Member States are also required to implement effective, proportionate, and dissuasive penalties for non-compliance with declaration duties.

The report's assessment, covering the period from 3rd June 2021 to 2nd June 2024, concludes that the Cash Controls Regulation is an efficient and important legal instrument in combating financial crime at the EU's external borders. The declaration procedure for accompanied cash is widely considered effective, with over 310,000 declarations filed and 23,000 infractions notified. The disclosure procedure for unaccompanied cash also performs "sufficiently well," often leveraging risk analysis, and the CIS+ Cash module is viewed as an "easy to use system" for data exchange. However, the report highlights areas for improvement: some Member States face administrative complexities with unaccompanied cash procedures and technical difficulties with CIS usage, leading to manual data entry. A significant concern is that not all Member State FIUs have direct access to the CIS+ Cash module, representing a non-compliance issue with timely information transmission. Furthermore, penalties may not always be sufficiently dissuasive or, conversely, could be excessive according to European Court of Justice case law. Despite some suggestions to broaden the definition of 'cash' to include prepaid cards or other commodities, the report found no clear evidence of extensive illicit cross-border physical movement for these, and the €10,000 threshold is generally considered appropriate. Ultimately, this initial assessment indicates no immediate need to amend the current legislative framework, though the Commission continues to monitor new money laundering and terrorist financing trends.

Wolfsberg Group Reaffirms Commitment to Risk-Based Approach in Financial Crime Compliance

The Wolfsberg Group has released an updated statement reinforcing the importance of a risk-based approach (‘RBA’) in financial crime risk management. Originally introduced in 2006, the RBA framework encourages financial institutions to tailor their compliance efforts based on the specific risks they face, rather than applying uniform controls across all clients and transactions. The latest statement outlines three core principles: proportionality, prioritisation, and effectiveness. Institutions are urged to allocate resources to higher-risk areas, streamline or eliminate redundant controls, and focus on achieving meaningful outcomes rather than simply meeting procedural requirements.

The Group also highlights the need for collaboration between financial institutions, regulators, and law enforcement to ensure the RBA is implemented effectively. It pledges to update its earlier guidance and FAQs to reflect evolving standards and regulatory expectations, particularly in light of recent FATF reforms. The Wolfsberg Group views the RBA as a dynamic tool which enables more responsive and targeted financial crime prevention, and calls for supervisory regimes which support innovation and flexibility in compliance practices.

Bribery and Corruption

UK and India Launch Bold New Chapter to Combat Corruption in International Trade

In their trade deal announced this week, India and the UK agreed comprehensive measures to prevent and combat bribery and corruption in any matter affecting international trade or investment between the involved parties.

The core commitment is for each party to affirm its resolve against bribery and corruption, recognising the crucial need to build integrity in both the public and private sectors. To achieve this, the agreement mandates or encourages a range of measures:

• Criminalisation of offences: Both direct and indirect bribery of public officials (offering or soliciting an undue advantage) are to be established as criminal offences. This also includes embezzlement or misappropriation by public officials, and various acts related to money laundering (such as concealing or disguising the illegal origin of property). Intentional actions, as well as aiding, abetting, or conspiring in these offences, are also covered.

• Financial transparency: Measures are required to prohibit illicit financial practices carried out to commit corruption offences, such as establishing off-the-books accounts, making inadequately identified transactions, or using false documents.

• Asset recovery: The parties must adopt measures enabling the identification, tracing, freezing, seizure, and confiscation of proceeds derived from these criminal offences.

• Integrity and accountability: The agreement promotes integrity among public officials through measures like proper selection and training for vulnerable positions, managing actual or potential conflicts of interest, requiring declarations of assets, and facilitating reporting of corruption by officials. It also includes considering appropriate measures to protect against discriminatory or disciplinary treatment for whistleblowers who report suspected incidents.

• Private sector involvement: There is an emphasis on promoting active participation from individuals and groups outside the public sector to prevent and combat corruption, encouraging private enterprises to adopt sufficient internal auditing controls, ethics, and compliance programmes, and ensure proper auditing of accounts.

• International cooperation: The parties affirm their adherence to major international anti-corruption conventions, including the UNCAC (United Nations Convention against Corruption), with the United Kingdom also affirming adherence to the Anti-Bribery Convention. They commit to cooperation through dialogue, information exchange, and sharing best practices. To facilitate this, an Anti-Corruption Working Group composed of government representatives from each party has been established.

The overall aim is to ensure that effective, proportionate, and dissuasive penalties are in place for these offences, and that any applicable statute of limitations allows an adequate period for investigation and prosecution. The parties also recognise the harmful effects of facilitation payments and commit to prohibit their use and raise awareness.

Fraud

SFO Chief Signals New Era of Aggressive Corporate Fraud Enforcement

Nick Ephgrave, Director of the Serious Fraud Office (‘SFO’), has unveiled a revitalised strategy for tackling corporate fraud, characterised by sharper legal tools, enhanced intelligence capabilities, and faster casework. Speaking at the Fraud Advisory Panel’s annual meeting, he highlighted record progress made since his appointment, including 10 new investigations and significantly shortened charge timelines—down from an average of 4.3 years to around 24 months.

Central to this new approach is a four-pillar strategy: boosting staff numbers, adopting smarter technologies, expanding intelligence gathering, and increasing international collaboration. Innovations include a comprehensive case management system and AI tools which have already yielded 40 per cent time savings during disclosure exercises. The SFO also plans to play a more active role in fraud prevention, educating businesses and leveraging data integration to detect threats proactively.

New powers under the Economic Crime and Corporate Transparency Act have proven transformative. Notably, section 2 powers enable early-stage fraud assessment, and changes to corporate liability rules simplify prosecution by targeting senior managers rather than identifying a company’s “directing mind.” The forthcoming “Failure to Prevent Fraud” offence, set for enforcement in September, is also expected to be pivotal, with the SFO preparing extensive internal training for deployment.

Ephgrave is advocating for incentivised whistleblowing to accelerate case generation, describing Deferred Prosecution Agreements as pragmatic solutions which allow companies to address wrongdoing without risking collapse. The SFO’s shift from reactive to proactive enforcement reflects its broader mission: to deliver faster justice, elevate deterrence, and build greater corporate accountability.

Other Financial Crime News

UK Government on Tackling Economic Crime: Key Research Priorities Announced

The National Economic Crime Centre (‘NECC’) and Home Office have released the "Economic Crime Areas of Research Interest" report, urging academia and research organisations to help strengthen the fight against economic crime in the UK. The report outlines priority research areas to guide external input and support evidence-based policy and law enforcement.

Economic crime—covering fraud, money laundering, and corruption—poses a major threat to the UK's security and prosperity. It not only results in financial loss but also enables other serious crimes like child exploitation, drug trafficking, and modern slavery. The scale is vast: fraud alone accounted for 43% of all crimes recorded by the Crime Survey for England and Wales in 2024, and the NCA estimates that over £100 billion is laundered through the UK annually.

Despite having in-house experts, the NECC and Home Office seek deeper academic collaboration to understand why economic crimes occur, how offenders operate, and how best to intervene. The report identifies ten key research areas grouped into three sections:

• Understanding the Threat: Research is needed on the true scale and evolving nature of economic crime, including hidden and cross-border activities like money laundering and crypto crimes. Studies should address sector vulnerabilities, offender motivations, and the full impact—financial, emotional, and societal—of these crimes.

• Improving the Response: The report calls for research into effective prevention strategies (such as anti-money laundering measures and industry best practices) and improved enforcement tactics, including asset recovery and international cooperation. Evaluating the real-world impact of interventions is essential to adapt and refine approaches.

• Cross-Cutting Themes: There is a focus on how technology both drives and can help prevent economic crime, the importance of robust data analysis, and the need to anticipate future threats through horizon scanning as society and technology evolve.

These priorities were shaped with input from academics and external partners, especially following the first Economic Crime Academic Forum in 2024. The NECC and Home Office are actively seeking research proposals aligned to these themes, aiming for collaborative progress in understanding and combating economic crime. The report also lists key UK agencies involved, including Companies House, the Crown Prosecution Service, Financial Conduct Authority, HM Treasury, HMRC, the NCA, and UK Policing.

Cyber Crime

Cybercrime Forum Administrator Arrested in Ukraine

Authorities in France, Ukraine, and Europol arrested the suspected administrator of xss.is, a major Russian-speaking cybercrime forum with over 50,000 users. Operating for nearly 20 years, the suspect allegedly facilitated illicit transactions, provided secure messaging via thesecure.biz, and earned over €7 million. The arrest in Kyiv marks the culmination of an investigation begun in 2021 and supported by Europol’s coordination and data mapping. Europol’s latest IOCTA report highlights the forum’s role in the booming black market for stolen data and cybercrime tools.