Embedded Files
16th March – 19th March 2026
Sanctions
UK Government Amends Russia Sanctions List with New Variations and Revocations
On 17th March 2026, the UK Foreign, Commonwealth and Development Office updated the Russia sanctions list, implementing one variation, four administrative corrections, and one revocation. The variation applies to Viatcheslav Kantor, who remains subject to an asset freeze and transport sanctions due to his involvement with PJSC Acron, a firm operating in the strategically significant Russian chemicals and extractives sectors. Administrative corrections were issued for Nikolay Dmitrievich Peskov, the son of Vladimir Putin’s press secretary, as well as three financial institutions, namely JSC BBR Bank, Public Joint Stock Company "Transcapitalbank", and Joint-Stock Commercial Bank Fora-Bank, all of which remain under strict financial and trust services restrictions. Additionally, the UK revoked the designation of German Valentinovich Belous, a former deputy chairman in the financial services sector, who is no longer subject to an asset freeze or travel ban.
EU Expands Sanctions Regimes to Counter Global Cyber-Attacks and Russian Hybrid Threats
On 16th March 2026, the Council of the European Union adopted new restrictive measures targeting actors involved in malicious cyber activities and information manipulation aimed at undermining the security and democratic foundations of the Union. Under its horizontal cyber sanctions framework, the Council designated two China-based entities, namely Integrity Technology Group and Anxun Information Technology, along with their co-founders for hacking over 65,000 devices and targeting critical infrastructure, while also sanctioning the Iranian firm Emennet Pasargad for data theft and spreading disinformation during the 2024 Olympic Games. Simultaneously, the EU expanded its sanctions against Russian hybrid threats by listing four individuals, including propagandists Sergey Klyuchenkov and Graham Phillips, for their roles in Foreign Information Manipulation and Interference intended to justify the war of aggression against Ukraine. All designated parties are now subject to an asset freeze, a travel ban, and a prohibition on EU citizens or companies providing them with any financial resources, bringing the total number of individuals sanctioned under these respective regimes to 19 for cyber-attacks and 69 for Russian destabilising activities. The press releases are here and here.
OFAC Settles with TradeStation Securities Over Apparent Sanctions Violations
The US Treasury’s Office of Foreign Assets Control (OFAC) announced that TradeStation Securities will pay $1,110,661 to settle potential civil liability for 481 apparent violations of US sanctions programmes, involving the provision of brokerage and investment services to individuals in Iran, Syria, and Crimea between June 2021 and June 2022. OFAC classified the conduct as non‑egregious and noted that the company voluntarily self‑disclosed the issues, which contributed to the settlement outcome.
Money Laundering
UNOCT and MENAFATF train 180 regional experts on countering terrorist financing through virtual assets
A February 2026 webinar hosted by the UN Office of Counter‑Terrorism (‘UNOCT’) and MENAFATF brought together 180 experts from 21 MENA jurisdictions to strengthen their ability to counter the misuse of virtual assets and VASPs for terrorism financing, covering international standards such as the Delhi Declaration and Algeria Principles, regional risk considerations, investigative techniques, red‑flag indicators, evidentiary requirements, confiscation measures, and cross‑border cooperation. The session featured case studies from MENAFATF members, India, and Nigeria, insights from global bodies including CTED, INTERPOL, SCO‑RATS, AFRIPOL, and APG, and private‑sector perspectives on technological tools and challenges, alongside promotion of the UNOCT VA Handbook.
DOJ Seizes $14.9 Million Allegedly Tied to International Trade‑Based Money Laundering Scheme
The US Department of Justice announced the unsealing of a civil forfeiture case involving the seizure of more than $14.9 million allegedly connected to an international trade‑based drug money laundering operation, according to the Eastern District of Michigan. The complaint outlines a pattern in which drug proceeds were deposited into US bank accounts linked to companies engaged in international commerce, including entities associated with a Latin American musician and various import‑export businesses. Authorities state that the funds were moved abroad through the delivery of goods or services which could be sold for local currency. The investigation remains ongoing and forms part of Operation ‘Take Back America,’ a broader DOJ initiative targeting cartels, transnational criminal organisations, and related criminal activity.
Fraud
High Court Blocks Use of "Conversion" Tort for Stolen Cryptocurrency Recovery
In England, the High Court has delivered a landmark ruling clarifying that the traditional tort of conversion cannot be used to recover stolen cryptocurrency because digital assets are intangible. In the case of Ping Fai Yuen v Fun Yung Li & Anor [2026] EWHC 532 (KB), Mr Justice Cotter held that while Bitcoin is legally recognised as property, it does not fit the historical requirements of conversion or trespass, both of which are strictly tied to the physical interference with tangible goods. This decision establishes a clear boundary for legal remedies in the digital age, signalling that victims of crypto-theft must instead rely on causes of action such as unjust enrichment or proprietary restitution.
The dispute centred on the alleged theft of over 2,300 Bitcoin, valued between £160 million and £180 million, from a "cold wallet". The claimant alleged that his estranged wife obtained his 24-word "seed phrase" via covert audio recordings and transferred the assets to dozens of separate blockchain addresses. Despite the scale of the loss, the court struck out the conversion claim, noting it was bound by the House of Lords decision in OBG v Allan, which limits such strict liability torts to specific personal property. The judge remarked that extending conversion to digital assets would represent a "drastic reshaping" of the law which should be left to Parliament or higher appellate courts.
While the ruling creates a "roadblock" for certain common law claims, it reaffirms that the Property (Digital Assets etc) Act 2025 protects cryptocurrency as a third category of personal property. However, the court emphasised that "physical contact" remains a prerequisite for trespass, making it conceptually impossible to apply to the blockchain. For legal practitioners, the judgment serves as a critical reminder to frame pleadings accurately; while the tort of conversion remains unavailable, the court allowed the claimant to pursue the recovery of his assets through amended claims of breach of confidence and constructive trust.
INTERPOL Warns of the "Industrialisation of Fraud"
INTERPOL has released its 2026 Global Financial Fraud Threat Assessment, characterising fraud as a top-five global security threat with estimated annual losses reaching $442 billion. The report highlights the "industrialisation of fraud," driven by the proliferation of generative and "agentic" AI tools which can autonomously plan and execute campaigns, making AI-enhanced schemes up to 4.5 times more profitable than traditional methods. Key findings detail the global expansion of human trafficking-fuelled fraud centres and a rise in "hybrid" tactics, such as the systematic integration of sextortion into investment and romance frauds. Additionally, the assessment identifies a growing nexus in the African region where terrorist groups leverage crypto-based fraud to generate resources. To combat these evolving threats, INTERPOL has launched Operation Shadow Storm, a specialised task force targeting the criminal infrastructure behind fraud centres, while noting that law enforcement collaboration has already driven a 54 per cent increase in fraud-related Notices and Diffusions since 2024. The press release and report are here. The INTERPOL press release is here, the UNODC press release here, and the UK government minister’s speech at the Summit is here.
Global Task Force Launches Operation ATLANTIC to Disrupt Cryptocurrency "Approval Phishing" Networks
Law enforcement agencies from the United States, United Kingdom, and Canada have initiated Operation ATLANTIC, a joint international effort to identify and protect victims of sophisticated cryptocurrency fraud. The operation specifically targets a technique known as "approval phishing," which is frequently utilised in "pig butchering" investment frauds to trick individuals into granting criminals full control over their digital wallets. By using fraudulent links, apps, or pop-ups which appear to come from trusted sources, scammers gain the ability to transfer a victim's cryptoassets to untraceable accounts.
Led by a coalition including the US Secret Service, the UK National Crime Agency (NCA), and the Ontario Provincial Police, the initiative works in close collaboration with private industry Virtual Asset Service Providers. This partnership allows authorities to contact potential victims in near real-time by telephone and email to warn them of risks and provide guidance on securing their assets. This proactive approach builds upon the success of Project Atlas, a 2024 Canadian-led operation which similarly targeted international investment fraud networks.
Authorities emphasise that because cryptocurrency transactions are generally irreversible, early intervention is critical. The NCA and its partners advise users to double-check URLs before approving transactions and to use specialised tools to revoke unauthorised wallet permissions. Furthermore, officials have issued a stern warning regarding "recovery scams," noting that legitimate law enforcement participants in Operation ATLANTIC will never offer to recover stolen funds for a fee. Victims are encouraged to report incidents directly to their respective national fraud reporting centres and notify their financial institutions if bank accounts were used to fund the fraudulent activity. The Ontario Provincial Police press release is here, US Secret Service here, and National Crime Agency here.
White House Establishes National Task Force to Target Fraud
In the US, President Trump signed an Executive Order on 16th March 2026, creating a Task Force to Eliminate Fraud to coordinate a national strategy against waste and abuse within federal benefit systems. Chaired by the Vice President, the multi-agency body includes representatives from various executive departments, including Treasury, Justice, and Health and Human Services. The Task Force is directed to implement enhanced eligibility verification, develop pre-payment integrity controls, and dismantle networks engaged in large-scale fraud across programmes such as Medicaid, food assistance, and housing. Specific objectives include standardising anti-fraud requirements for state-administered programmes and evaluating the potential withholding of federal funds from jurisdictions which do not implement adequate oversight measures. Additionally, the order instructs the Attorney General to encourage private civil actions under federal law to pursue suspected fraud involving taxpayer dollars. The Executive Order is here, and the fact sheet is here.
Bribery and Corruption
South Sudan’s high‑profile corruption arrests spark scrutiny over credibility of accountability drive
Human Rights Watch has highlighted how South Sudanese authorities have detained at least seven senior current and former officials from the oil, finance, and revenue sectors in a sweeping anti‑corruption push which began on 24th February, but that the lack of clear charges, the involvement of security forces with a record of detainee abuse, and the sidelining of key oversight bodies, have all raised doubts about whether this is a genuine accountability effort or another politically selective campaign. Those arrested, including two former finance ministers, a former central bank governor, and senior petroleum officials, are being held largely by the National Security Service, while the roles of constitutionally mandated watchdog institutions remain opaque, prompting concerns that endemic corruption and its severe human‑rights consequences will persist without systemic reform and transparent, rights‑respecting processes.
EU- and UNDP‑Backed Initiative Expands Anti‑Corruption Awareness Across Mahallas in Uzbekistan
A nationwide initiative supported by the European Union, UNDP, and Uzbekistan’s Anti‑Corruption Agency delivered a series of awareness‑raising activities from October to December 2025 aimed at strengthening citizens’ understanding of corruption risks and public service access at the mahalla level. The programme reached more than a thousand residents across seven regions through sessions on financial literacy, digital skills, free medical services, and government benefits, with a strong focus on women’s participation and community‑based delivery. Activities also included youth engagement through school competitions and targeted household visits to inform vulnerable groups about available services and reporting mechanisms. The initiative forms part of a broader EU‑funded project to enhance civic participation and support the development of Uzbekistan’s national anti‑corruption ecosystem.
UK Committee Urges Ban on Crypto Political Donations and Stronger Donor Rules
A report from the Joint Committee on the National Security Strategy calls for an immediate ban on cryptocurrency donations to UK political parties, warning that such contributions pose an unacceptably high risk of illicit finance influencing politics. The Committee also recommends stricter rules for overseas donors, tighter corporate donation limits, and the creation of a national enforcement unit within the National Crime Agency to oversee political finance. It argues that fragmented oversight and rising foreign influence threats undermine public trust, urging the Government to amend the Representation of the People Bill to strengthen safeguards ahead of the next general election.
Other Financial Crime
Government to grant Environment Agency police‑style powers in major crackdown on waste crime
The UK government plans to expand police‑style powers to Environment Agency officers, enabling earlier intervention against increasingly sophisticated waste‑crime networks, from fly‑tipping to large illegal waste sites. The forthcoming Waste Crime Action Plan will outline a tougher stance, including enhanced powers under Police and Criminal Evidence and Proceeds of Crime Act, closer intelligence‑sharing with financial institutions, and penalties of up to five years’ imprisonment for illegal waste activity. Ministers frame the move as part of a zero‑tolerance approach to restore community pride and disrupt organised criminal groups, with recent enforcement figures showing 122 prosecutions and over 1,200 illegal sites shut down between 2024 and 2025.
FCA Prohibits Kasim Garipoglu from Working in UK Financial Services
The Financial Conduct Authority has banned Kasim Garipoglu from working in UK financial services after determining he lacked honesty and integrity, citing a decade of misconduct while leading a firm offering online foreign exchange and contract trading. According to the FCA, Garipoglu repeatedly disregarded regulatory requirements, undermined compliance and anti‑money‑laundering controls, encouraged improper behaviour among colleagues, and provided false or misleading information to regulators. The regulator also noted instances of document falsification, impersonation, and obstruction during investigations, concluding that his actions posed ongoing risks to consumers and the financial system.
Cybercrime
Global cybercrime sweep dismantles 45,000 malicious IPs and leads to 94 arrests in INTERPOL’s Operation Synergia III
An INTERPOL‑coordinated cybercrime crackdown across 72 countries has taken down more than 45,000 malicious IP addresses and servers, resulting in 94 arrests and over 110 additional suspects under investigation. Operation Synergia III, running from July 2025 to January 2026, targeted phishing networks, malware infrastructure, ransomware operations, and large‑scale fraud schemes. Authorities seized 212 devices and disrupted criminal activity ranging from fake casino and banking sites in Macau to romance‑fraud and sextortion rings in Togo and wide‑ranging cyber‑fraud operations in Bangladesh. INTERPOL highlighted the operation as evidence of the growing sophistication of cybercrime and the critical role of international cooperation in dismantling global threat networks.
Iran-Linked Wiper Attack Disrupts Stryker Systems and Personal Devices
The Centre for European Policy Analysis (CEPA) has published an article which reports that Stryker, a US medical technology company, was hit by a destructive cyberattack attributed to Iranian-linked actors using wiper malware, which erased data and disabled both corporate systems and employees’ personal devices connected through company networks. The incident is presented as part of a broader pattern of Iran’s use of wiper attacks, including earlier operations against regional energy sectors, and highlights how such malware is designed to destroy data rather than steal it. The piece notes that the spread to personal devices marks a notable escalation and highlights the need for organisations to strengthen protections across both corporate infrastructure and employee‑linked systems.
Page updated
Report abuse