Episode 199

3rd November – 6th November 2025

Sanctions

OFSI amends FAQs

On 31st October 2025, FAQ 172 was added to the OFSI sanctions FAQs page to clarify whether a UK financial institution requires an OFSI licence to deal with, receive, or utilise funds allocated by an International Central Securities Depository (‘ICSD’) under circumstances where corresponding ICSD funds held by the National Settlement Depository (‘NSD’) have been seized and managed by the NSD. Additionally, FAQ 53 has been amended, and FAQs 7 and 49 have been withdrawn.

UK Sanctions List to Become Sole Source for Designations from January 2026

OFSI has issued a reminder that, starting 09:00 GMT on 28th January 2026, the UK government will consolidate its sanctions data into a single authoritative source, the UK Sanctions List (‘UKSL’), replacing the OFSI Consolidated List. This shift aims to streamline compliance processes for businesses and industry by eliminating duplication and simplifying checks. Systems currently relying on the OFSI Group ID must transition to the UKSL’s Unique ID format, with legacy identifiers remaining valid for historic designations. The UKSL will expand its file formats to include CSV, PDF, and plain text, and its search tool will be upgraded with fuzzy logic capabilities. Designation notices will also broaden to cover all sanction types.

UK Freight Sector Urged to Strengthen Sanctions Compliance Against Russian Evasion

The UK government has issued detailed guidance to freight and shipping companies to help prevent Russian sanctions evasion, emphasising the sector’s critical role in detecting illicit trade. The document outlines best practices for due diligence, highlights red flags such as suspicious cargo descriptions and unusual routing, and urges firms to monitor consignments and customer behaviour closely. It also stresses legal accountability for breaches and encourages proactive reporting, aiming to curb Russia’s access to sanctioned goods and support the UK’s strategic objective of limiting its war capabilities.

UK Government Launches Centralised Sanctions Enforcement Page to Aid Industry Compliance

The UK government has launched a new sanctions enforcement page on gov.uk, consolidating key information from across departments to support industry learning and compliance. Stemming from a cross-government review, the page includes penalty notices, annual reviews, case studies, and lessons learned. It also links to the UK Sanctions List from the FCDO, detailing designated individuals, entities, and ships under the Sanctions and Anti-Money Laundering Act 2018, and the OFSI Consolidated List from HMT, which outlines asset freeze and investment ban targets. The OFSI list will be retired at 09:00 GMT on 28th January 2026, with guidance available to assist with the transition.

UK Trade Guide Highlights Opportunities and Risks in Post-Conflict Syria

The UK government's trade and export guide for Syria outlines both the high-risk challenges and emerging opportunities for British businesses. Despite Syria’s fragile security, poor infrastructure, and weak financial systems, the new government is promoting stability and investment through legal reforms and incentives. Key sectors for UK engagement include infrastructure, healthcare, financial services, and security, with short-term prospects tied to government-led reconstruction efforts. UK sanctions have eased in some areas, but compliance and due diligence remain critical. The guide emphasises that success in Syria requires a strong regional presence, robust risk management, and adherence to relevant legal standards.

UK General Licence INT/2024/5394840 Extended and Amended

On 5th November 2025, General Licence INT/2024/5394840 was extended to 7th November 2027, with revisions to the definitions of Designated Credit or Financial Institution and updates to the reporting requirements. Now, Relevant Institutions must report all payments processed under this licence to HM Treasury within 14 days of the end of each month, including transaction details, sender and recipient information, payment routes, and supporting evidence. Users are advised to review the full licence for comprehensive guidance on permissions and conditions.

Chelsea’s £150m Buffer Shields Club from Financial Penalties Over Abramovich-Era Breaches

Chelsea FC’s current owners, Clearlake, have a £150 million financial cushion built into the club’s 2022 sale agreement to cover potential penalties stemming from 74 alleged breaches of FA rules during Roman Abramovich’s ownership. The holdback clause, revealed in Fordstam Limited’s filings, allows funds to be withheld for five years to offset costs from pre-sale misconduct, including questionable agent payments linked to high-profile transfers. Experts suggest this buffer could make a financial sanction inconsequential for the club, though it may signal increased likelihood of sporting penalties such as points deductions or competition bans.

Türkiye Shifts Oil Imports Away from Russia Amid Western Sanctions

In response to new Western sanctions targeting Russian oil, Türkiye’s major refineries are significantly increasing imports from non-Russian sources. SOCAR's STAR refinery, previously reliant on Russian crude, has recently purchased shipments from Iraq, Kazakhstan, and other producers, while Tupras is diversifying with grades similar to Russian Urals, including Iraqi and Brazilian crude. These moves mirror India's strategy and aim to maintain Türkiye’s fuel exports to Europe without breaching EU restrictions.

US Treasury Sanctions North Korean Cybercrime Network Funding Weapons Programmes

On 4th November 2025, the US Department of the Treasury’s Office of Foreign Assets Control (‘OFAC’) sanctioned eight individuals and two entities linked to North Korea’s illicit cyber operations and IT worker schemes which have generated billions in revenue for its weapons programmes. These actors laundered stolen cryptocurrency and used false identities to secure freelance IT contracts worldwide, funnelling funds through international banking proxies. The sanctions target key figures and institutions, including First Credit Bank, Korea Mangyongdae Computer Technology Company, and Ryujong Credit Bank, all operating in China, Russia, and North Korea, and all implicated in supporting Pyongyang’s weapons of mass destruction and sanctions evasion efforts.

Fraud

EU-Wide VAT Fraud Scheme Exposed: Five Indicted in €188m 'Goliath' Case

The European Public Prosecutor’s Office (‘EPPO’) in Hamburg has indicted five suspects for orchestrating a massive intra-EU VAT fraud scheme dubbed “Goliath,” which caused over €188 million in losses between 2019 and 2023. The group allegedly used layers of fake companies across France, Germany, Hungary, and Sweden to execute carousel fraud involving electronics like AirPods. Two key defendants, already convicted in March 2025, also laundered profits via Hawala networks and cryptocurrency, including a blockchain firm and fake consulting outfits. If convicted, they face up to 10 years in prison.

EU Cracks Down on €600 Million Cryptocurrency Scam Network

In a coordinated international operation, authorities from France, Belgium, Cyprus, Germany, and Spain, supported by Eurojust, have dismantled a sophisticated cryptocurrency money laundering network which defrauded victims of over €600 million. The suspects created dozens of fake investment platforms, luring victims through social media ads, cold calls, and fabricated celebrity endorsements. Once funds were transferred, victims were unable to recover their assets, which were then laundered via blockchain. Nine individuals were arrested across three countries, and authorities seized €800,000 from bank accounts, €415,000 in crypto, and €300,000 in cash.

Operation Chargeback Dismantles Global Credit Card Fraud Network Affecting 4.3 million Victims

On 4th November 2025, an international law enforcement operation led by German authorities and supported by Europol targeted three major fraud and money laundering networks accused of misusing credit card data from over 4.3 million cardholders across 193 countries. The scheme, active between 2016 and 2021, involved creating 19 million fake online subscriptions, mostly for adult content and streaming services, using stolen card data and obscure billing descriptions to evade detection. The suspects exploited German payment service providers and laundered funds through shell companies in the UK and Cyprus. Coordinated raids in nine countries resulted in 18 arrests and the seizure of assets worth over €35 million, with total damages exceeding €300 million.

Telecoms Industry and UK Government Unite to Combat Fraud in Updated Sector Charter

Published on 5th November 2025, the updated Fraud Sector Charter for telecommunications outlines a strengthened partnership between UK government and telecom providers to tackle fraud. Building on the 2021 framework, this second iteration incorporates new technologies, evolving threats, and lessons from recent initiatives. It sets out shared principles and actions to enhance fraud detection, resilience, and transparency across the sector, aligning with broader national campaigns and policy goals. The charter reflects a unified commitment to reducing fraudulent activity and protecting consumers.

Money Laundering

SRA Highlights Progress and Challenges in 2024–25 Anti-Money Laundering Report

The 2024/25 reporting period for anti-money laundering (‘AML’) supervision was defined by a major forthcoming regulatory shift and significantly ramped-up enforcement activity against pervasive non-compliance within the legal sector. The government announced plans for the Financial Conduct Authority (‘FCA’) to become the single professional services supervisor for AML and counter-terrorism financing, a reform subject to enabling legislation and transition planning. Despite expressing disappointment that they will not be able to build on their recent progress, the SRA increased their supervisory oversight dramatically, executing 935 proactive AML engagements, up from 545 in the previous year, leading to 426 money laundering-related reports received, nearly doubling the figure from the previous year. This intensified proactive supervision uncovered widespread weaknesses, culminating in a substantial increase in total money laundering-related enforcement outcomes to 151, compared to 78 in the previous reporting year.

The proactive oversight highlighted persistent compliance gaps across the profession, reconfirming the legal sector's high-risk profile for financial crime as noted in the UK's National Risk Assessment. Of the 833 firms which received an AML proactive inspection or desk-based review, 32.4% were found to be either partially compliant or non-compliant. The majority of non-compliance stemmed from fundamental regulatory requirements. The most frequent issues identified included the failure to perform adequate Client and Matter Risk Assessments, which accounted for 50% of the non-compliant firms referred for investigation. Other key failings leading to reports were the failure to carry out necessary source of funds checks and the lack of adequate or effective Policies, Controls, and Procedures.

Sectorally, conveyancing, particularly residential conveyancing, remained the area of greatest money laundering risk, linking to 73% of all Suspicious Activity Reports submitted by the regulator during the reporting period, due to its inherent attractiveness to criminals for moving large sums of money. The SRA also noted an ongoing rise in vendor fraud, where fraudsters attempt to sell property without the genuine owner's consent. In terms of penalties, the robust enforcement actions taken by the SRA resulted in fines from SRA adjudicators totalling £292,133 and 58 Regulatory Settlement Agreements totalling £661,200, demonstrating a forceful response to breaches discovered prior to the impending transfer of regulatory authority.

Jersey Proposes Expanded Access to Beneficial Ownership Register for Crime Prevention

The Government of Jersey is consulting on proposals to broaden access to its central register of beneficial ownership, allowing individuals with a legitimate interest, such as those investigating money laundering, terrorist financing, or proliferation financing, to view ownership data. The initiative aims to balance transparency with privacy rights, aligning with international standards set by the Financial Action Task Force (‘FATF’). Jersey seeks public input to shape a fair and effective policy which supports its longstanding commitment to combating financial crime.

Isle of Man Banking Sector Faces Medium-High Risk of Financial Crime, Government Warns

The Isle of Man's latest Money Laundering Risk Assessment reveals that its banking sector faces a "medium-high" risk of financial crime, reflecting the complexity of the evolving global threat landscape. Home Affairs Minister Jane Poole-Wilson emphasised that this level of risk is expected for an international financial centre and highlighted emerging threats such as crypto misuse, cybercrime, and automated payment systems. With over £40bn in deposits and £80bn in annual payments processed, the report calls for enhanced collaboration and improved data systems to mitigate fraud. The findings will inform upcoming workshops and policy updates ahead of a 2026 inspection by Moneyval.

AI System Targets Money Laundering and Russian Oligarchs in Financial Crackdown

A cutting-edge AI developed by London-based company Napier is being deployed to combat money laundering and prevent Russian oligarchs from exploiting financial systems. The technology analyses vast amounts of transaction data to detect suspicious patterns and flag potential illicit activity, helping financial institutions comply with sanctions and regulatory requirements. This AI-driven approach enhances transparency and accountability, offering a powerful tool in the global effort to curb financial crime.

Other Financial Crime

FATF Unveils Global Blueprint to Boost Criminal Asset Recovery

On 4th November 2025, the Financial Action Task Force (‘FATF’) released a comprehensive guidance document aimed at strengthening global efforts to recover criminal assets, responding to alarming data showing that most jurisdictions operate with low effectiveness and that only a small fraction of illicit gains are confiscated. The guidance includes over 85 real-world case studies and practical techniques, from blockchain tracing to victim compensation funds, and supports implementation of FATF’s revised Recommendations from 2023. It targets policymakers, law enforcement, prosecutors, and asset managers, urging jurisdictions to prioritise asset recovery to disrupt criminal enterprises and restore justice.

Europol and UEFA Expand Partnership to Safeguard European Football

On 5th November 2025, Europol and UEFA renewed and broadened their Memorandum of Understanding to intensify cooperation against criminal threats to European football. Signed by Europol Executive Director Catherine De Bolle and UEFA President Aleksander Čeferin, the agreement enhances joint investigations, information sharing, and expert support across UEFA’s 55 member associations. It expands the scope beyond match-fixing to include money laundering, sports corruption, illegal streaming, and extremist threats, while also targeting suspicious financial activities in player transfers, club investments, and sports betting. The partnership underscores a shared commitment to protecting the integrity and sustainability of the sport.

Cybercrime

Europol Cybercrime Conference 2025: Data Access Emerges as Critical Battleground

At Europol’s 4th Annual Cybercrime Conference, leaders warned that criminals are outpacing regulators by exploiting encryption, anonymisation, and emerging technologies, making lawful access to data the central challenge in cybercrime investigations. With over 500 global participants, the event spotlighted five urgent themes: balancing privacy with access, operational data sharing, legislative reform, cyber diplomacy, and prevention. Case studies included major operations against Russian-speaking cybercrime networks, and the week marked the launch of Europol’s Cyber Week to bolster cross-border digital resilience.

M&S Faces Investor Scrutiny After £300m Cyber Attack Disrupts Online Sales

Marks & Spencer is set to reveal how a six-week online sales shutdown, triggered by a cyber-attack around Easter, impacted shopper behaviour and financial performance. Despite strong growth in grocery and clothing divisions, the retailer expects flat revenues and a sharp drop in half-year profits to around £111 million, as it absorbs the estimated £300 million cost of the breach. The attack, caused by human error, compromised customer data and disrupted logistics, prompting concerns about lost market share to rivals like Next. Investors remain optimistic but await clarity on insurance recovery and customer loyalty.

British Library Staff Still Reeling Two Years After Cyber Attack, reports The Independent

According to The Independent, staff at the British Library continue to face severe disruptions two years after a devastating cyber-attack in October 2023 crippled digital systems and leaked sensitive personal data. Employees report having to manually process orders, endure verbal abuse from frustrated patrons, and even relocate due to security concerns. Despite their efforts to keep services running, many feel underappreciated and overwhelmed, prompting over 300 staff members to strike over low pay and working conditions on the attack’s anniversary.