Episode 198

31st October – 2nd November 2025

Sanctions

UK Lifts Arms Embargo on Armenia and Azerbaijan Amid Strategic Licensing Shift

As of 13th October 2025, though Notice was only published this week, the UK government has officially lifted its arms embargo on Armenia and Azerbaijan, ending its adherence to the Organisation for Security and Co-operation in Europe (‘OSCE’) restrictions. This policy reversal, announced via a Written Ministerial Statement, nullifies the previous July 2025 interpretation which barred exports of weapons and munitions potentially usable along the two nations' shared border. Future export and trade licence applications will now be assessed individually under the Strategic Export Licensing Criteria, with amendments to the Export Control Order 2008 expected to follow. This follows Armenia and Azerbaijan's historic peace agreement over Nagorno-Karabakh in August 2025, which marks a major step toward ending decades of conflict.

OFSI amends licence and designations

And finally from the UK, OFSI has amended a licence (INT/2025/7628424) which has only recently been published. The amendments clarify which 'UK Employees' and 'UK Directors' can receive payments under the licence. OFSI has also amended the Iran Sanctions regime to include Aliakbar Ansari, who is now subject to an asset freeze. Ansari is suspected of supporting hostile activity by the Iranian government through the provision of economic resources to the IRGC, which has engaged in destabilising actions against the UK and other countries.

US Treasury Sanctions Mexico-Based Human Smuggling Network Led by Vikrant Bhardwaj

On 30th October 2025, the US Department of the Treasury’s Office of Foreign Assets Control (‘OFAC’) sanctioned the Bhardwaj Human Smuggling Organisation, a transnational criminal network based in Cancun, Mexico. Led by Vikrant Bhardwaj, the group has trafficked thousands of migrants from multiple continents into the US, using a complex system of air and sea transport, bribery, and collaboration with cartels. OFAC also designated Bhardwaj’s associates, including his wife and key operatives, along with 16 affiliated companies across Mexico, India, and the UAE. These sanctions block all US-linked assets and prohibit transactions with the listed entities, aiming to disrupt the organisation’s operations and financial networks.

Fraud

Virgin Media O2 Employee Convicted for Data Breach Linked to £1.5m Crypto Fraud

Luke Coleman, a 30-year-old former Virgin Media O2 employee, has pleaded guilty to unlawfully obtaining and disclosing personal data in breach of the Data Protection Act. Coleman sold confidential customer information to a family friend, which was later used in a boiler room crypto scam which defrauded at least 65 investors of over £1.5 million. While Coleman received a fine of £384 plus costs, two others involved in the fraud were sentenced to a combined 12 years in prison. The FCA, which led the prosecution, emphasised this as its first Data Protection Act case and signalled its intent to pursue enablers of financial crime with full enforcement powers.

Money Laundering

UK TBML Case Exposes Sophisticated Criminal Tactics and Systemic Challenges

A recent UK investigation into trade-based money laundering (‘TBML’) has revealed the extraordinary lengths organised crime groups (‘OCGs’) go to evade detection, including the use of burner phones, rapid bank account cycling, and exploiting financial institutions’ risk-based protocols. Investigators faced major hurdles such as surveillance-aware suspects, delayed international cooperation with the UAE, and trial postponements due to legal team changes. The case highlights the need for stronger cross-border collaboration, improved data retention policies, and adaptive enforcement strategies to counter increasingly agile financial crime networks.

EBA Lays Groundwork for New EU Anti-Money Laundering Authority

On 30th October 2025, the European Banking Authority (‘EBA’) issued its formal advice to the European Commission on six key regulatory mandates which will shape the operations of the forthcoming Anti-Money Laundering Authority (‘AMLA’). The proposals emphasise a risk-based, proportionate approach to supervision, customer due diligence, breach classification, and sanctioning. Developed through extensive consultation and collaboration with EU authorities, the recommendations aim to ensure AMLA’s swift and effective launch. The EBA will transfer its AML/CFT mandate to AMLA by 31st December 2025, while continuing to combat financial crime from a prudential standpoint.

Singapore Strengthens Anti-Money Laundering Efforts in Prince Holding Group Case

On 31st October 2025, the Monetary Authority of Singapore (‘MAS’) announced intensified collaboration with the Police through the Anti-Money Laundering Case Coordination and Collaboration Network to address illicit financial activities linked to the Prince Holding Group. Financial institutions had flagged suspicious transactions since 2022 and proactively closed questionable accounts, preventing larger financial risks. MAS will continue supervisory reviews and emphasises the importance of international cooperation and public-private partnerships in combating cross-border financial crimes.

OSCE Workshop in Tashkent Boosts Uzbekistan’s Capacity to Combat Money Laundering via Virtual Assets

On 29–30 October 2025, the OSCE held its first introductory workshop in Tashkent, Uzbekistan, focused on combating money laundering involving virtual assets and blockchain-based finance. The event gathered 35 representatives from key Uzbek institutions, including law enforcement and financial regulators, to enhance their understanding of blockchain technologies and associated financial crime risks. Participants engaged in practical exercises using forensic tools to trace cryptocurrency transactions and explored topics such as anonymity in blockchain, decentralised exchanges, and recent case studies. The initiative, part of an OSCE project supported by several European and North American countries, demonstrates a growing commitment to international standards and investigative capacity building in the digital finance space.

Other Financial Crime

UK’s Integrated Security Fund Delivers £965 Million in First-Year Efforts to Tackle Global Threats

The UK’s Integrated Security Fund (‘ISF’) invested £965 million in 2024–2025 to address top national security threats through cross-government collaboration. Merging domestic and international programmes, the ISF targeted serious organised crime, cyber threats, terrorism, and geopolitical instability. Key achievements included disrupting the LockBit ransomware group, banning convertible firearms linked to violent crime, and supporting Ukraine’s cyber defence and war crimes investigations. The Fund also advanced gender equality in fragile states and strengthened sanctions enforcement against Russia. With 68% of funding allocated to discretionary programmes, the ISF demonstrated agility, innovation, and a catalytic approach to safeguarding UK interests at home and abroad.

SFO Strategic Asset Plan Highlights Relocation Challenges and Commitment to Operational Efficiency

The Serious Fraud Office (‘SFO’), currently based at Cockspur Street in London, has published its Strategic Asset Management Plan for 2025–2026, outlining its continued efforts to relocate to a Civil Estate property. Despite plans to move to Canary Wharf being cancelled due to budget constraints, the SFO remains committed to aligning with the Government Property Strategy. The agency emphasises the need for specialist-adapted office space to support its operational requirements and hybrid working model. While the current tenancy is under a "tenancy at will" arrangement, the SFO is actively exploring future accommodation options which balance sustainability, cost-efficiency, and operational suitability.

Cybercrime

Cyberattack on M&S Sparks Profit Surge for Rival Next, Exposing New Risk Metric

The 2025 cyberattack on Marks & Spencer (‘M&S’), which disrupted online orders and cost an estimated £300m in lost revenue, has revealed a critical vulnerability in retail cybersecurity: competitor capitalisation. As M&S struggled to recover, rival retailer Next capitalised on the disruption, raising its profit forecast to over £1.1 billion. This incident highlights a shift in cyber risk assessment, from fines and data loss to strategic market share erosion. With three in five retailers hit by cybercrime and many small businesses unprepared, experts warn that overconfidence in breach response and underestimation of supply chain complexity could lead to lasting financial and reputational damage.