Episode 239

6th April – 9th April 2026

Fraud

FTC Announces 2026-2030 Strategic Plan Amidst Record $15.9 Billion in Reported Consumer Fraud Losses

American consumers reported record financial losses to fraud in 2025, totalling $15.9 billion, a significant increase from the $12.5 billion reported the previous year. Data from the Federal Trade Commission (FTC) indicates that investment fraud was responsible for approximately $7.9 billion of these losses, while imposter fraud resulted in $3.5 billion in losses across more than one million reports. Fraudsters frequently initiated contact via text messages and social media, with the highest aggregate losses occurring through bank payments and cryptocurrency.

To address these challenges, the FTC’s Strategic Plan for Fiscal Years 2026-2030 emphasises a mission vigorously to enforce consumer protection laws while aiming to avoid placing unnecessary burdens on legitimate business operations. The agency's strategy includes a heightened focus on protecting children online, holding major technology firms accountable for harmful conduct, and increasing cooperation with international partners to disrupt foreign-based fraud networks. Additionally, the plan outlines the deployment of innovative technologies, including artificial intelligence and big data analytics, to enhance the agency's capacity to identify, investigate, and deter deceptive marketplace practices.

FBI Reports Sharp Rise in Cryptocurrency and AI‑Driven Fraud in 2025

The FBI’s 2025 Internet Crime Report shows that cyber‑enabled crimes resulted in nearly $21 billion in losses, an increase from the previous year. The Internet Crime Complaint Center (IC3) received more than one million complaints, with phishing, extortion, and investment schemes among the most common.

Investment fraud remained the largest source of financial loss, representing almost half of all reported scam‑related losses. Complaints involving cryptocurrency accounted for more than $11 billion in losses. Americans over 60 reported $7.7 billion in losses, a 37% rise from 2024.

The report includes its first section on artificial intelligence‑related fraud, documenting over 22,000 complaints and nearly $893 million in losses. These schemes often use fabricated online identities, voice cloning, and manipulated videos.

The FBI highlighted ongoing initiatives such as Operation Level Up, which aims to identify and notify victims of cryptocurrency investment fraud, and Operation Winter SHIELD, which promotes digital security practices. The Bureau encourages the public to slow down, assess potential red flags, and report suspected fraud to IC3.

Justice Department Announces Prosecutions Targeting Large‑Scale Healthcare and COVID‑19 Fraud

The US Department of Justice announced enforcement actions involving approximately half a billion dollars in alleged healthcare and COVID‑19 fraud affecting federally funded programmes, according to the department. The update highlights multiple cases across different states, including schemes involving unnecessary medical services, misuse of pandemic relief funds, and unlawful distribution of controlled substances. The department states that these actions reflect ongoing efforts to address fraud impacting public resources and safeguard taxpayer‑funded programmes.

Money Laundering

ICITAP and IRS Deliver Advanced Training in Montenegro to Strengthen Financial Crime Investigations

The US Department of Justice’s ICITAP programme, working with IRS Criminal Investigation specialists, conducted an advanced training course in Montenegro focused on financial investigative techniques related to transnational crime and money laundering. The programme brought together participants from police, prosecutorial, tax, and anti‑corruption bodies to enhance their ability to trace illicit financial flows, identify laundering patterns, and calculate criminal proceeds with evidentiary precision. According to the DOJ, the initiative aims to reinforce interagency cooperation, align partner institutions with US investigative standards, and support broader efforts to disrupt criminal networks which threaten international financial integrity and US security interests.

FinCEN Outlines Proposed Overhaul of AML/CFT Programme Requirements

The US Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued a proposed rule which would significantly revise how financial institutions design and implement anti‑money laundering and counter‑terrorist financing programmes under the Bank Secrecy Act, aiming to modernise the regulatory framework and reduce compliance burdens. The proposal emphasises risk‑based, effectiveness‑focused programmes, clarifies expectations for functions such as independent testing, and introduces a consultation process between federal banking supervisors and FinCEN for major supervisory actions. It also reflects statutory changes from the Anti‑Money Laundering Act of 2020 and replaces a prior 2024 proposal, with public comments invited for 60 days after publication. ‘The Federal Deposit Insurance Corporation (FDIC), Office of the Comptroller of the Currency (OCC), and the National Credit Union Administration (NCUA) (collectively, the “Agencies”) [also] invite public comment on a proposed rule to amend the respective requirements for their supervised institutions to establish and maintain effective risk-based anti-money laundering and countering the financing of terrorism (AML/CFT) programs designed to identify, assess, and mitigate risks of illicit finance. The amendments are intended to align each agency’s AML/CFT rules with changes concurrently proposed by the US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN).’

Other Financial Crime

Fiscal Year 2027 Budget Proposal Outlines Resource Shifts for Federal Financial Crime and Anti-Fraud Initiatives

The US Government’s Fiscal Year 2027 Budget proposal includes several funding adjustments which impact the federal response to financial crime, fraud, and illicit finance. Under the proposal, the Department of Justice (DOJ) would receive $30 million to establish a new National Fraud Division dedicated to investigating complex fraud schemes. The Department of the Treasury’s Office of Terrorism and Financial Intelligence is slated for a $15.2 million increase to expand its capacity to trace and sanction financial networks associated with narcotics trafficking. Additionally, the budget allocates $30 million for a Programme Integrity Initiative at the Department of Housing and Urban Development aimed at reducing fraud in rental assistance programmes. For international efforts, $1.2 billion is requested for International Narcotics Control and Law Enforcement to target transnational criminal organisations. These investments are accompanied by significant funding reductions elsewhere, including a $1.4 billion cut to the Internal Revenue Service and the elimination of the DOJ’s Office of Access to Justice and Community Relations Service. The budget also proposes the removal of approximately 30 DOJ grant programmes, representing a $1.7 billion decrease in funding for various state and local initiatives.

Cybercrime

Cyber Threats Reported Across Infrastructure, Education, and AI Sectors

Anthropic has cautioned that upcoming artificial intelligence models like Mythos may eventually be capable of executing novel cyber-attacks which exceed existing defensive capabilities. Concurrently, the Education Authority in Northern Ireland is investigating an attack on the C2K school IT system which has locked students out of essential revision materials and prompted a system-wide password reset just before exams. In the United States, the FBI is assisting with an investigation into a ransomware incident at a water treatment plant in Minot, North Dakota, which forced staff to switch temporarily to manual operations. Additionally, Italy’s Uffizi Galleries recently addressed a cyber-attack where hackers reportedly extracted operational data and issued a ransom demand, although the museum maintains that its core security systems and artworks remained secure.

US and UK Authorities Warn of Concurrent Cyber Threats from Iranian and Russian State-Linked Actors

Several United States government agencies, including the EPA, FBI, CISA, and NSA, issued a joint advisory regarding an ongoing Iranian-affiliated cybersecurity threat targeting critical infrastructure. This activity involves the exploitation and occasional disruption of operational technology within drinking water and wastewater systems. Reported incidents include configuration wiping, the tampering of mechanical sensors via software, and the disruption of human-machine interfaces, which have resulted in operational disruptions and financial losses. Because the water sector remains an attractive target for groups seeking to undermine critical services, authorities emphasise that organisations should adopt cybersecurity best practices and report suspicious activities to prevent further breaches.

Simultaneously, the United Kingdom’s National Cyber Security Centre warned that the Russian state-linked group APT28 has been compromising vulnerable internet routers to facilitate covert operations. This group uses Domain Name System (DNS) hijacking to reroute internet traffic through malicious servers, allowing them to intercept sensitive information such as login passwords and access tokens from personal web and email services. The activity is described as opportunistic, with the actors initially casting a wide net to reach many potential victims before focusing on specific targets of intelligence interest. To mitigate these risks, network defenders are encouraged to maintain up-to-date software, protect system management interfaces, and implement two-step verification.