Episode 203

17th November – 20th November 2025

Sanctions

The UK's Office of Financial Sanctions Implementation (‘OFSI’) announced sanctions action on 19th November 2025, targeting key enablers of the global cybercrime ecosystem under both the Cyber and Russia sanctions regimes. Under the Cyber (Sanctions) Regulations, four individuals, namely Alexander Alexandrovich Volosovik, Kirill Andreevich Zatolokin, Yulia Vladimirovna Pankova, and Andrei Valerevich Kozlov, along with two entities, Media Land LLC and ML.CLOUD LLC, were added to the Consolidated List and subjected to an asset freeze. Media Land LLC, identified as a key enabler, promoted itself as a Bulletproof Hosting provider and provided infrastructure used in ransomware incidents, including those affiliated with the LockBit ransomware group. Separately, Aeza Group LLC was added under the Russia sanctions regime, facing an asset freeze and trust service sanctions, for providing "bulletproof hosting services" which destabilise Ukraine. OFSI reminds financial institutions of their obligation to freeze the funds and economic resources of all newly designated persons and entities and warned that making or facilitating a ransomware payment to a designated person risks civil or criminal penalties. Chosun Expo remains subject to an asset freeze under the Cyber regime. The broader action was coordinated with Australia and the US. The UK government press release is here, and the OFAC press release is here. OFAC has also issued a FAQ (1224).

Fraud

Former Qualcomm Executive Sentenced to Four Years in $180 Million Fraud Scheme

Dr. Karim Arabi, a former Vice President at Qualcomm’s R&D department, was sentenced to 48 months in prison after being convicted of wire fraud and money laundering in a $180 million scheme. Arabi secretly developed microchip technology, concealed his role through a shell company called Abreezio, and sold it back to Qualcomm under false pretences. The fraud involved fake documents, impersonation of his sister, and laundering proceeds through luxury real estate in Canada and Norway. Chief Judge Cynthia Bashant ordered Arabi to forfeit over $45 million, properties abroad, and pay more than $100 million in restitution, calling his conduct “breathtaking in its dishonesty”.

Miami Influencer Sentenced to 27 Months for COVID Relief Loan Fraud and Fake Cheque Scheme

Scott Lee Huss, a 28-year-old Miami social media influencer and singer, has been sentenced to 27 months in federal prison after pleading guilty to wire fraud. Huss fraudulently obtained over $600,000 through six Paycheck Protection Programme loans intended for struggling businesses, spending the funds instead on cryptocurrency and luxury cars. He later attempted to use more than $300,000 in fake cheques to discharge loans and acquire vehicles including a Lamborghini and a Mercedes-Benz. The case was investigated by multiple federal agencies, with prosecutors emphasising that pandemic relief funds were meant to support families and businesses, not personal luxury lifestyles.

Twitter Hacker Ordered to Repay £4.1m in Bitcoin After Celebrity Account Scam

Joseph James O’Connor, a 26-year-old hacker jailed in the US for breaching celebrity Twitter accounts, including those of Barack Obama and Jeff Bezos, has been ordered to repay £4.1 million in cryptocurrency gained from his scams. The CPS Proceeds of Crime Division secured a Civil Recovery Order covering Bitcoin, Ethereum, USDC, and BUSD, preventing O’Connor from hiding assets abroad. This follows his 2023 conviction in the US for computer intrusions, wire fraud, money laundering, and extortion, with the recovered funds now set to be liquidated by a court-appointed trustee.

HM Land Registry Strengthens Fraud Protection During International Fraud Awareness Week

HM Land Registry is highlighting its year-round work to protect property owners in England and Wales from fraud, using International Fraud Awareness Week to share practical guidance. Its counter-fraud team trains staff to spot suspicious applications and promotes the free Property Alert service, which notifies owners of activity such as new mortgages registered against their property. Recent figures show 143 cases of conveyancing fraud between April 2024 and March 2025, with losses of £11.7 million, while HM Land Registry prevented fraudulent applications worth over £59 million in the same period. Although property fraud remains rare with just 86 fraudulent applications out of more than 4.4 million last year, the impact on victims can be devastating, making vigilance and awareness essential.

Southeast Asia Ramps Up “Follow the Money” Strategy to Combat Expanding Cyber-Fraud Networks

A UNODC report highlights how transnational crime groups in Asia are orchestrating sophisticated scams, such as the case of a US woman tricked into wiring $300,000, by exploiting identity theft and false police narratives. With fraud operations spreading across borders, Southeast Asian authorities are intensifying efforts to trace and seize illicit financial flows. Recent successes include Malaysia freezing hundreds of thousands of euros linked to a European business email compromise, achieved through informal cooperation with EUROPOL and Finnish authorities. Building on this momentum, ASEAN leaders have adopted a declaration against money laundering, signalling stronger regional commitment to disrupting organised crime by targeting its financial lifelines.

Money Laundering

JMLSG Launches Consultation on Proposed Revisions to Part I of Guidance

On 17th November 2025, the Joint Money Laundering Steering Group (‘JMLSG’) announced a consultation on proposed revisions to Part I of its guidance, covering jurisdictions across England, Northern Ireland, Scotland, and Wales. The draft changes focus on updating Chapter 3 and paragraphs 6.90–6.99 to enhance compliance with anti-money laundering and counter-terrorist financing obligations. Stakeholders are invited to review the revisions and submit feedback by 14th January 2026, ensuring the guidance remains robust, effective, and aligned with evolving regulatory expectations.

Bribery and Corruption

ITIA Sanctions Three Chinese Tennis Players for Match-Fixing and Integrity Breaches

The International Tennis Integrity Agency (‘ITIA’) has sanctioned two 21-year-old Chinese players, Li Wenfu and Zhang Jin, after they admitted to fixing matches in 2024. Li received a suspension of two years and three months plus a $20,000 fine (with $15,000 suspended), while Zhang was banned for two years and fined $15,000 (with $10,000 suspended). Both had been provisionally suspended since July 2025, with time served credited. Additionally, 23-year-old Lu Pengyu, ranked as high as 896 in June 2025, has been provisionally suspended for failing to comply with ITIA demands and facing charges of a major offence. During their bans, all three are prohibited from participating in or attending any sanctioned tennis events.

UK Corruption Watchdog Calls for Urgent Action on Lobbying and Executive Ethics Reform

The Group of States against Corruption, GRECO, has released an Addendum to its Second Compliance Report concerning the UK's Fifth Evaluation Round, which focuses on preventing corruption in central governments (top executive functions, or ‘PTEFs’) and law enforcement agencies (LEAs). Overall, the UK has implemented eight of the twelve recommendations satisfactorily, though three recommendations remain partly implemented, and one remains not implemented. Significant attention is now focused on the promises made by the new Labour Government, which took office in July 2024, including the commitment to establishing a new independent Ethics and Integrity Commission and reviewing post-employment rules. A key positive development for PTEFs is the update to the Ministerial Code, which now allows the Independent Adviser on Ministerial Standards autonomously to initiate investigations into alleged misconduct without requiring the Prime Minister’s permission.

Despite these promising political commitments, several critical issues concerning top executive functions remain unresolved, with three recommendations still only partly implemented. Specifically, the UK has enhanced transparency by publishing Quarterly Transparency Guidance, which sets stricter minimum standards for describing meetings and now requires the disclosure of phone calls and virtual meetings for ministers and senior officials. However, GRECO notes that transparency remains incomplete because meetings and contacts of special advisers (Spads) with lobbyists and third parties are still not subject to disclosure. Furthermore, the recommendation concerning strengthening the status, remit, and powers of the Advisory Committee on Business Appointments (ACoBA) and introducing adequate sanctions for breaching post-employment restrictions (Recommendation iv) remains not implemented. While the Government has pledged to introduce "meaningful sanctions" for breaches of post-employment rules, no tangible steps have been completed to satisfy this requirement.

In contrast to the challenges faced in central government oversight, commendable progress has been made within law enforcement agencies. Recommendation xi, aimed at improving the oversight of police misconduct, has now been implemented satisfactorily. The National Crime Agency (‘NCA’) updated its Discipline and Misconduct policy in 2023, providing clearer guidance on referral and appeals procedures. Additionally, the NCA successfully launched a Confidential Reporting Tool for staff in November 2023, which allows anonymous reporting of misconduct and corruption; this tool received 140 reports through January 2025, demonstrating its active use. While the Fifth Round compliance procedure for the UK is officially terminated, GRECO encourages the authorities to follow through on the necessary reforms and political pledges concerning executive integrity, lobbying, and post-employment rules.

Market Abuse

MAS Fines Ex-Director S$137,000 for Insider Trading in Alpha Energy

The Monetary Authority of Singapore, together with the Singapore Police Force, has imposed a civil penalty of S$137,000 on Mr Ang Yew Jin Eugene for insider trading in Alpha Energy Holdings Limited shares. As a non-executive director, Mr Ang sold over 2.4 million shares in his parents’ accounts while privy to non-public information about the company’s loan default, helping them avoid losses of about S$54,900. He admitted to contravening section 218(2)(a) of the Securities and Futures Act, paid the penalty without court action, and voluntarily undertook not to serve as a director or be involved in company management for two years.

Idaho Executive Pleads Guilty to Insider Trading in $145K Scheme

Michael Smith, 48, former President and COO of an Idaho-based NASDAQ-listed company, pleaded guilty to securities fraud after trading on material non-public information about the company’s impending acquisition. Despite being bound by the firm’s insider trading policy, Smith purchased shares through a brokerage account belonging to a close associate, then sold them for a profit of approximately $145,754 once the acquisition was announced publicly. He faces up to 20 years in prison, with sentencing to be determined by a federal judge under US Sentencing Guidelines.

Eight Foreign Nationals Charged in Global Insider Trading and Money Laundering Scheme

A superseding indictment in Massachusetts has charged eight foreign nationals with securities fraud and money laundering as part of a global insider trading network which operated from 2016 to 2024. Leaders Samy Fadi Khouadja, Eamma Safi, and Zhi Ge allegedly recruited corporate insiders to provide material non-public information about mergers and financial performance, then traded on it and built a network of traders across the U.S., Europe, the Middle East, and Asia. The scheme generated tens of millions in illicit profits, concealed through shell companies, sham loans, and encrypted communications. Safi is in U.S. custody, Ge remains in extradition proceedings in Singapore, and the others are fugitives. If convicted, defendants face up to 25 years in prison for securities fraud and 20 years for money laundering conspiracy.

Cyber Crime

Europol Traces €47M in Crypto to Disrupt Global Digital Piracy Networks

Between 10–14 November 2025, Europol coordinated an “Intellectual Property Crime Cyber-Patrol Week” with the EUIPO and Spanish National Police, targeting illicit IPTV and streaming services funded by cryptocurrency. Investigators identified 69 piracy sites with nearly 12 million annual visitors, traced over €47 million (US$55 million) in crypto transactions, and referred 25 illegal IPTV services to exchanges for disruption. By purchasing services with crypto to expose operators, authorities disrupted criminal revenue streams and strengthened cooperation across 15 countries and private partners, underscoring the EU’s integrated strategy to combat online intellectual property crime.

Anthropic Alleges Chinese State Hackers Used Its AI to Automate Cyber Espionage

AI firm Anthropic claims it uncovered the first reported AI-orchestrated cyber espionage campaign, alleging that Chinese state-sponsored hackers tricked its chatbot Claude into performing automated tasks which enabled breaches of around 30 global organisations. The attackers posed as cybersecurity researchers, used Claude to build programmes which compromised targets with minimal human input, and extracted sensitive data. While Anthropic banned the hackers and notified authorities, critics argue the company’s report lacks verifiable evidence and may overstate AI’s current hacking capabilities, highlighting ongoing debate about whether AI tools are truly effective for autonomous cyberattacks.

UNOCT Strengthens Mauritania’s Defences Against Terrorist Cyber-Attacks on Critical Infrastructure

The United Nations Office of Counter-Terrorism (‘UNOCT’) held a three-day training course in Nouakchott from 29–31 October 2025 to bolster Mauritania’s capacity to protect maritime, port, and energy infrastructure from terrorist cyber threats. Building on a national Roadmap launched in 2024, the workshop brought together Mauritanian officials, security agencies, and international experts from INTERPOL, IMO, IAPH, academia, and the private sector. Participants engaged in sessions on cyber crisis management, incident response, and inter-agency coordination, culminating in a national tabletop exercise simulating a cyber-attack on a port. The initiative, funded by Spain, emphasised regional cooperation, information sharing, and technical assistance to advance Mauritania’s counter-terrorism strategy.

Jaguar Land Rover Suffers £485m Loss After Devastating Cyber-Attack

Jaguar Land Rover reported a £485 million loss for the quarter ending September 2025 after a major cyber-attack forced the shutdown of its computer networks and halted production lines for over a month. Revenues fell 24% to £4.9 billion, with additional £196 million in cyber-related costs, while US tariffs and the phasing out of Jaguar models compounded the impact. The disruption rippled through JLR’s global supply chain, forcing many smaller businesses to suspend operations and prompting government-backed loan guarantees of up to £1.5 billion. Despite the crisis, JLR’s leadership says production has now returned to normal and operations are “recovering at pace.”

Bosnia and Herzegovina Signs Cybercrime Protocol, Strengthening Global Cooperation on Electronic Evidence

On 14th November 2025, Bosnia and Herzegovina became the 52nd state to sign the Second Additional Protocol to the Convention on Cybercrime in Strasbourg. Ambassador Haris Bašić formalised the commitment in the presence of Deputy Secretary General Bjørn Berge, during the 33rd Plenary of the Cybercrime Convention Committee. The Protocol, opened for signature in May 2022, introduces innovative tools for enhanced international cooperation, including direct engagement with service providers across jurisdictions, expedited emergency collaboration, and joint investigations, all of which is underpinned by strong human rights and rule of law safeguards. The Council of Europe’s Cybercrime Programme Office and CyberSEE project supported Bosnia and Herzegovina in preparing for this milestone.