24 April 2025: EU-SOCTA - The changing DNA of serious and organised crime

EU SOCTA threat assessment EUropol GSC logo

The EU Serious and Organised Crime Threat Assessment (EU-SOCTA) 2025, recently published by Europol, provides a comprehensive analysis of the evolving landscape of serious and organised crime within the European Union. The report highlights significant transformations in criminal activities, driven by global instability, digitalisation, and emerging technologies.

It is important for all jurisdictions to consider these insights to enhance their own strategies and responses. By understanding the trends and threats identified in the report, we can better collaborate, share intelligence, and implement effective measures to combat organised crime on a global scale. This collective effort is essential to safeguarding society and maintaining the integrity of our financial and non-financial systems.

 

Key Findings

“In the same way that DNA is composed of four basic building blocks that combine in countless ways to create genetic instructions, the changing blueprint of crime is defined by three interconnected dynamics that are increasing the threat of criminal activities to varying degrees: crime is progressively Destabilising society, increasingly Nurtured online, and strongly Accelerated by AI and other new technologies.”

 

Destabilising Impact

Organised crime now poses a direct threat to EU institutions and societal structures. Criminal networks engage in activities such as money laundering, corruption, and the exploitation of young individuals, undermining public trust and governance. Additionally, some groups collaborate with state-linked actors, contributing to hybrid threats that destabilise societies. 

 

Virtually all forms of serious and organised crime have a digital component. Criminals exploit online platforms for activities including cyber fraud, ransomware attacks, drug trafficking, and money laundering. The internet provides anonymity and a global reach, complicating law enforcement efforts.  The internet is no longer just a platform – it is the pillar of a criminal enterprise.

Cryptocurrency (Virtual Asset) technology has also come with its own risks. Criminals will “Chain-Hop” – move funds through various currencies and platforms in order to obfuscate their origins. Chain hopping can also include the use of accounts already set up by criminals that have passed certain checks. Although this technique is not new, the understanding of cryptocurrency typologies remains limited.

 

Emergence of New Technologies

The adoption of artificial intelligence (AI) and other emerging technologies has accelerated criminal operations. AI enables automation and scalability, enhancing the efficiency and reach of illicit activities while making detection more challenging. 

  • Cybercrime – Ransomware and other cyberattacks increasingly target critical infrastructure, businesses, and government entities, often with objectives aligned with state-sponsored actors.
  • Online Fraud – AI-powered scams leverage stolen personal data, making fraudulent activities more effective and widespread.
  • Child Exploitation – Generative AI is being misused to create and disseminate illegal material, with evolving online grooming tactics posing additional challenges.
  • Migrant Smuggling – Criminal networks exploit geopolitical crises, charging significant fees and displaying a blatant disregard for human welfare.
  • Drug Trafficking – The drug market is diversifying, with shifting supply routes and increased violence accompanying this evolution.
  • Firearms Trafficking – Technological advancements and online marketplaces have facilitated increased access to illegal weapons.
  • Waste Crime – Criminals infiltrate legitimate businesses in the waste sector, causing severe environmental damage.
  • Trade Exploitation - International trade is increasingly exploited for crimes, particularly money laundering and illicit financial transfers. Criminal networks leverage strategic trade partnerships — including free trade zones (FTZs), shell companies, trade misinvoicing, and opaque supply chains — to launder money, evade sanctions, and finance illicit activities.

 

Important points for the gambling sector

  1. Infiltration of Legal Business Structures (“LBS”)

Organised crime groups are increasingly exploiting legitimate businesses to facilitate illicit activities, including money laundering. Criminal networks can exert varying degrees of influence over LBS. They may use an LBS without its knowledge, infiltrate it at a low level by colluding with employees, or at a high level by coercing key individuals. In some cases, they may set up their own LBS to fully control its operations.

Employees, managers, or executives in legitimate positions are increasingly exploited by criminal networks to gain access, knowledge, and influence over operations. A recent report by the UNODC notes a typology whereby software services are used by criminal groups “seeking to establish a presence in the regional online gambling industry for the purposes of money laundering and underground banking”. It is possible for criminals to exploit turnkey solutions that require no significant infrastructure investments or prior understanding of the Gambling business. As part of this typology, “…white-label-based online casino operators appear and advertise as licensed, regulated entities across the region despite not being subject to any of the oversight of their white label providers.”

Consequently, where the GSC identifies websites with claims to be licenced by the GSC which are untrue, the GSC will issue cease and desist letters.

 

  1. Cybercrime and AI-Driven Fraud

The report identifies a surge in cyberattacks and AI-powered fraud schemes targeting various industries. Online Gambling operators may be at risk of ransomware attacks and AI-Enhanced fraud.

These threats require robust cybersecurity measures and continuous monitoring to maintain the integrity of operators’ systems and controls. Monitoring of social platforms may be helpful, for instance chats on gambling sites, as part of ongoing player monitoring.

Don’t forget to utilise advice and guidance from the Cyber Security Centre for the Isle of Man.

 

  1. Money Laundering Using Cryptocurrencies / Virtual Assets

The increasing use of virtual assets presents additional challenges for all sectors, including gambling. Virtual assets provide criminals with opportunities to obfuscate financial flows. Gambling operators that accept virtual assets must implement stringent AML/CFT/CPF controls to mitigate this risk.

The GSC has AML/CFT/CPF Virtual Assets guidance which includes red-flag indicators and typologies.

 

Key Takeaways for the sector:

  • Understand Cryptocurrency – Build in-house expertise or invest in cryptocurrency analysis technology.
  • Robust AML/CFT/CPF Measures – Implement comprehensive AML policies, including transaction monitoring systems capable of detecting suspicious or unusual activities.
  • Ongoing Monitoring – Ensure all staff know and understand monitoring and reporting obligations to ensure the timely reporting of suspicious activity.
  • Information Sharing – To provide for an all-island approach to countering financial crime, operators should cooperate and share information with regulatory bodies and law enforcement agencies.
  • Cybersecurity Investment – Allocate resources to strengthening cybersecurity infrastructure, regularly update systems, and train staff to recognise and respond to cyber threats effectively. Remember, if you have received an email which you’re not quite sure about, forward it to OCSIA’s Suspicious Email Reporting Service (SERS) SERS@ocsia.im
  • Regulatory Compliance - Stay informed about regulatory matters, ensuring adherence to domestic and international standards. The GSC aims to keep industry up to date on all regulatory developments through the usual channels - the AML/CFT Forum, LinkedIn, YouTube and on our website.

 

Conclusion

The EU-SOCTA 2025 serves as a foundation for Europe’s strategic approach to combating serious and organised crime. It underscores the need for law enforcement agencies to enhance intelligence capabilities, foster international cooperation and develop innovative strategies to counter these evolving threats.

The GSC will continue to keep operators informed on evolving threats, both domestic and international.

Main News