Episode 217

19th January – 22nd January 2026

Sanctions

Treasury Targets Houthi Revenue and Smuggling Networks

The US Department of the Treasury has announced new sanctions against 21 individuals and entities, along with one vessel, involved in oil smuggling, weapons procurement, and financial operations which support the Iran‑backed Houthi organisation. The action focuses on networks spanning Yemen, Oman, and the UAE which facilitate illicit oil sales, weapons trafficking, and revenue generation enabling Houthi military activities and attacks in the Red Sea. The designations block assets under US jurisdiction and restrict transactions with US persons, aiming to disrupt the Houthis’ financial lifelines and pressure the group to change its behaviour.

Fraud

SFO Convicts Three Directors in £70m Ethical Forestry Fraud

Three former directors of Ethical Forestry Limited have pleaded guilty to running a £70 million investment fraud which deceived around 3,000 UK investors over seven years, using cold‑calling pension “review” services to funnel savings into a Costa Rica tree‑planting scheme which was never capable of generating returns. Instead of investing properly, the men spent the funds on luxury homes, high‑end sports cars, lavish holidays, and a tax‑avoidance scheme, with the Serious Fraud Office stating that the guilty pleas mark a major step toward justice and compensation for victims.

Money Laundering

Strengthening Suspicious Activity Reporting in Pakistan’s High‑Risk Sectors

A UNODC-led, UK-supported training in Karachi brought together Pakistan’s high‑risk Designated Non‑Financial Businesses and Professions, especially real estate agents and dealers in precious metals and stones, to improve the quality of suspicious transaction reporting. The two‑day programme focused on recognising red flags, understanding sector‑specific risks, and producing clearer, more actionable reports for the Financial Monitoring Unit. Through hands‑on exercises using the goAML system and case‑based discussions, participants learned to identify meaningful indicators, localise risk assessments, and enhance the data foundations needed for automated risk detection and strategic analysis, supporting Pakistan’s broader AML/CFT progress.

EBA Transfers All AML/CFT Mandates to the New EU Anti‑Money Laundering Authority

The European Banking Authority (‘EBA’) and the new Authority for Anti‑Money Laundering and Countering the Financing of Terrorism (‘AMLA’) completed the full transfer of AML/CFT mandates on 1st January 2026, marking a major structural shift in the EU’s fight against financial crime. The handover moves key tools, including the EuReCa database, supervisory insights, and risk assessments, to AMLA, which will now sit at the centre of an integrated EU supervisory system, directly overseeing 40 high‑risk financial institutions and coordinating FIUs across the Union. Existing EBA AML/CFT guidelines remain in force until AMLA replaces them, ensuring continuity while the new authority advances supervisory convergence and strengthens cross‑border intelligence sharing.

South Africa expands 2025 AML/CFT Amendment Bill to close remaining FATF gaps

South Africa’s National Treasury has released an updated draft of the General Laws (Anti‑Money Laundering and Combating Terrorism Financing) Amendment Bill, 2025, incorporating new measures for NGOs and lifestyle audits further to strengthen the country’s AML/CFT framework. The revisions aim to address the final deficiencies identified in the 2021 FATF Mutual Evaluation and the subsequent grey listing remediation process, proposing targeted amendments across the FIC Act, Companies Act, Nonprofit Organisations Act, and Financial Sector Regulation Act to enhance sanctions, beneficial‑ownership compliance, information‑sharing, and regulatory enforcement. Public comments are invited until 13th February 2026 before the Bill proceeds to Cabinet and Parliament. The bill was published on 14th January in Government Gazette 53955.

Market Abuse

FCA Fines Consultant for Insider Dealing

The UK Financial Conduct Authority (‘FCA’) has fined oil‑rig consultant Russel Gerrity £309,843 for repeatedly using confidential drilling results to trade shares in two oil and gas companies, profiting when discoveries were positive and avoiding losses when they were not. The FCA identified suspicious activity through industry reports and its own surveillance systems, noting that Gerrity traded across multiple accounts while based outside the UK. He received a 30 per cent discount for settling early, but the regulator stressed that his actions undermined market integrity and that it will continue pursuing those who abuse privileged information.

Other Financial Crime

Tribunal Upholds FCA Ban on Corrupt Adviser

In the UK, the Upper Tribunal Financial Services has confirmed the Financial Conduct Authority’s decision to issue a permanent ban to financial adviser, Darren Antony Reynolds, and fine him £2,037,892 for what it described as “dreadful misconduct”. Reynolds encouraged British Steel Pension Scheme members to transfer out of valuable defined‑benefit pensions despite knowing the advice was unsuitable, pushed clients into high‑risk investments, hid fees, falsified documents, and allowed unapproved individuals to give pension advice. His actions caused serious financial harm to hundreds of customers, with more than £17.6 million paid in compensation to over 470 affected individuals. The Tribunal fully endorsed the FCA’s findings, calling Reynolds “corrupt and dishonest,” and the regulator has pledged to recover the penalty in full. The Upper Tribunal decision is here. The FCA’s 2023 Decision Notice is here.

Cybercrime

Youth Cybercrime Often Begins with Everyday Online Risk‑Taking, UEL Study Finds

New research by the University of East London reveals that many young people slip into cybercrime through a gradual escalation of risky online behaviour, from digital piracy to accessing harmful content, with nearly half of interviewed offenders reporting early illegal activity. Drawing on UK and Swiss interviews, the study highlights how blurred legal boundaries, opportunity, and lack of awareness contribute to offences ranging from hacking and fraud to sexual crimes, often with long‑term consequences such as damaged reputations and restricted life opportunities. The findings also show gender differences in offending patterns and emphasise the need for early, collaborative prevention involving families, educators, industry, and policymakers.

South African Judiciary Trains to Strengthen National Response to Cybercrime

More than 35 South African judges and magistrates have completed Commonwealth-led “train‑the‑trainer” workshops aimed at improving how courts handle cybercrime, focusing on digital evidence, legal safeguards, and protecting vulnerable victims. Supported by the UK government and delivered with the South African Judicial Education Institute, the sessions used mock cases and practical exercises to build confidence in managing online offences, which cost the country over ZAR 2.2 billion annually. Judicial leaders emphasised the need for a tech‑savvy judiciary capable of keeping pace with digital threats, while participants committed to sharing their new expertise nationwide to strengthen South Africa’s overall cybercrime response.

The Industrialisation of Deception: How AI and Corporate Efficiency Built a New Cyber Underworld

The modern cybercrime landscape has evolved from a fragmented collection of skilled hackers into a highly sophisticated, "as-a-service" shadow economy which often outpaces the bureaucratic inertia of traditional IT departments. By adopting corporate structures, often complete with R&D departments, customer support, and performance-based recruitment, criminal syndicates have industrialised ransomware and data extortion into a scalable, franchised business model. This professionalisation is being hyper-charged by artificial intelligence, which has effectively dismantled the traditional technical and linguistic barriers to entry, allowing low-skilled "opportunists" to launch polished, native-level phishing campaigns and automated attacks with the click of a button. As AI-powered tools turn amateurs into legitimate threats and criminal organisations operate with the efficiency of Silicon Valley startups, the focus for modern enterprises must shift from the unattainable goal of absolute prevention to a culture of radical cyber-resilience and rapid recovery.

UK Regulators Warned: “Wait‑and‑See” Approach to AI Puts Consumers and the Financial System at Risk

A Treasury Select Committee report, published on Tuesday, warns that the Bank of England, the FCA, and the Treasury are exposing consumers and the wider financial system to serious risks by taking an overly passive approach to AI adoption in financial services. With more than 75 per cent of firms already using AI, often in core functions such as claims processing and credit assessment, MPs argue that regulators are not keeping pace with the technology’s rapid integration. The Committee calls for AI‑specific stress tests, clearer FCA guidance on accountability and consumer protection, and urgent designation of critical AI and cloud providers under the UK’s Critical Third Parties regime, which has yet to name a single firm despite being in place for over a year. Dame Meg Hillier, Committee Chair, warns that the system is not prepared for a major AI‑related incident and urges a more proactive regulatory stance.

Pro‑Russian hacktivists intensify DDoS attacks on UK organisations

Russian‑aligned hacktivist groups continue to target UK local government and critical infrastructure with ideologically motivated DDoS attacks, aiming to disrupt services and overwhelm systems. The NCSC warns that these campaigns, active since 2022 and escalating through 2025–26, increasingly threaten operational technology environments and urges organisations to strengthen upstream defences, improve scaling capacity, and rigorously evaluate their DoS resilience.