For most of the last decade, financial crime enforcement has functioned as a treadmill. Investigators arrest the operators, prosecutors charge the executors, regulators sanction the firms closest to the loss. The criminal infrastructure: the financiers, the platforms, the patronage networks, the licensing regimes that make industrialised fraud possible, keeps operating, and rebuilds within months.

April 2026 was the month that started to change.

Across four weekly editions of Lab Report, produced by The Financial Crime Lab, I have tracked an unusually concentrated period of structural enforcement activity. Four threads dominated the month, and they tell a coherent story: enforcement is finally moving up the value chain.

The United States Rebuilt How It Prosecutes Fraud

The most consequential institutional development of the month was the launch of the Department of Justice’s National Fraud Enforcement Division, absorbing and reorganising components of the Criminal Division’s Fraud Section. Assistant Attorney General Colin McDonald put the doctrinal shift bluntly:

“No longer will the Department be uninterested in low levels of fraud; we will be interested in all of it.”

In its first full week of operation, the Division announced arrests, convictions and sentences representing over $340 million in taxpayer fraud. By the end of the month, it had executed something even more remarkable: an unprecedented joint operation with Chinese authorities, producing 276 arrests and the closure of nine pig-butchering scam compounds.

Sustained US-China cooperation on transnational crime has historically been politically constrained. That this operation happened at all suggests both sides have concluded the reputational costs of inaction now outweigh the political costs of cooperation. The criminological lesson is one I have made before: organised fraud has become so structurally globalised that no single jurisdiction can disrupt it. The political lesson is that necessity, eventually, produces alignment.

The reorganisation matters because it addresses one of the central problems in fraud enforcement: jurisdictional fragmentation. Fraud has historically fallen between institutional cracks; too complex for local prosecutors, too low-value for federal attention. From a rational choice perspective, this matters: the perceived certainty of detection and prosecution is more determinative of offending decisions than the severity of any individual sentence.

The Patronage Layer Started Taking Direct Hits

If the DOJ reorganisation was the institutional headline, OFAC’s sanctions package against Cambodian Senator Kok An was the doctrinal one. Kok An, alleged to own and operate scam compounds through Crown Resorts and Anco Brothers Co Ltd, was designated alongside 28 individuals and entities, including casinos, front companies, and Heng Feng Cambodia Bank plc. He is the first sitting national legislator sanctioned for hosting compound infrastructure.

In parallel, the DOJ’s Scam Center Strike Force unsealed criminal complaints against compound managers, executed a first-of-its-kind seizure of a Telegram recruitment channel with more than 6,000 followers, and restrained more than $701.9 million in cryptocurrency tied to scam money laundering. The State Department offered up to $10 million for information leading to seizure of proceeds related to the Tai Chang scam compound in Burma’s Karen State.

This matters criminologically because the field has long understood what enforcement was slow to acknowledge: scam compounds do not exist as autonomous criminal enterprises. They depend on territorial sovereignty, political protection, casino licensing, and banking access. Sanctioning the operational layer addresses symptoms. Sanctioning the patronage layer addresses the conditions of possibility.

The displacement dynamic that the Cambodian authorities themselves described is striking. Cambodia closed approximately 190 scam centres and deported 11,000 workers across the month. Still, Kampot’s police chief told Reuters that combined police and military forces could not stop “around 6,000 to 7,000 individuals who left this location.” Workers are being deported, yet criminal capital remains.

The UK Built Institutional Plumbing to Match

The UK’s response was structural rather than spectacular. The £250 million Fraud Strategy 2026–2029 produced its centrepiece this month: the Online Crime Centre became operational, embedding the NCA, GCHQ, the National Cyber Security Centre, the City of London Police, banks and telecoms operators in a single coordinated structure for the first time. The Communications Crime Strategy Group, consisting of BT/EE, Sky, TalkTalk, Tesco Mobile, Virgin Media O2, and VodafoneThree, has formally backed the centre, alongside NatWest and Lloyds.

In parallel, the final results of Operation Henhouse 2026 demonstrated what the model can deliver at pilot scale: 557 arrests, 172 voluntary interviews, account freezing orders against £9 million, seizures of £18.1 million, and 6.5 million scam calls blocked at the network level, saving an estimated £2.1 million in losses. Henhouse is the proof-of-concept. The Online Crime Centre’s task is to make it work permanently, at scale, and across all major UK telecoms operators simultaneously.

This is the only model capable of disrupting industrial-scale fraud, and it is consistent with everything situational crime prevention theory tells us about removing opportunity at scale rather than chasing offenders one by one. The risk is governance: the public-private model only works if data flows in both directions, with clear legal authority and clear accountability for what the partners do with the intelligence they receive. The Centre’s first six months will establish whether that bargain holds.

Regulators Turned Their Attention to the Actors Closest to the Harm

The fourth thread was regulatory, and these three actions stand out.

The FCA, working through IOSCO, coordinated a global operation against illegal “finfluencers” – financial influencers promoting unauthorised investment products on social media. The activity included 120 account takedown requests, a guilty plea from a Geordie Shore reality TV star, and criminal proceedings against two further individuals. The traditional regulatory toolkit was built for firms – authorised entities with fixed addresses and balance sheets that can be fined. It was never designed for content creators with no authorisation, no jurisdiction, and audiences in the millions. The takedown-request mechanism transfers part of the enforcement burden to platforms, which is consistent with the SCAM Act in the US and the Online Safety Act in the UK.

FinCEN’s record $80 million penalty against Canaccord Genuity LLC, the largest ever imposed on a broker-dealer for BSA violations, punished six years of failure to file at least 160 SARs related to OTC securities, with two compliance employees having falsified records to mislead regulators. This is a textbook example of what Sutherland would recognise as institutional enablement. The firm did not merely fail to prevent fraud; its structural deficiencies allowed illicit actors to perpetrate and profit from fraud schemes.

And Treasury, FinCEN, OCC, FDIC and NCUA together proposed sweeping changes to the AML/CFT compliance framework. FDIC Chairman Travis Hill called the proposal “perhaps the most important of the reforms Congress envisioned in the AML Act.” The doctrinal shift is from procedural compliance to outcomes-based effectiveness. Whether it works depends on whether supervisors are willing to credit institutions for fewer, better SARs over more, lower-quality SARs.

Alongside this, FinCEN announced a Notice of Proposed Rulemaking establishing a formal whistleblower programme under the Bank Secrecy Act – what one analysis correctly identifies as “a structural shift in U.S. financial enforcement architecture: moving from a model historically centred on regulatory reporting toward an incentivised, insider-driven enforcement regime.”

The Structural Picture: Everybody’s problem, nobody’s responsibility. Until now?

Financial crime is the most prevalent crime in England and Wales, is the most under-prosecuted serious crime in the United States, and is the most globalised criminal infrastructure in the world. For most of the past decade, it has also been the most institutionally orphaned – too complex for local capacity, too dispersed for federal attention, too profitable for offenders to abandon, too transnational for any single jurisdiction to address.

April was the month enforcement started catching up. Not by working harder at the operational layer, though it did that too, but by attacking the structural conditions that have made industrial-scale fraud possible. The patronage relationships, the compound infrastructure, the platform business models, the licensing regimes – the institutional architecture of compliance itself.

This is not a victory lap. The structural enforcement work is fragile, dependent on the political appetite of a small number of states, and operationally early. The Cambodian patronage layer can rebuild, and is. Compounds have already been found in Peru, the Philippines, and, as a BBC News investigation documented, the Isle of Man. Platform takedowns will be tested by replacement velocity. The Online Crime Centre will be tested by governance. AML reform will be tested by supervisory practice.

But the direction of travel has changed. After a decade of treating financial crime as a problem of individual offenders, enforcement has finally started treating it as a problem of structure.

About Lab Report

Lab Report is the weekly newsletter from the Financial Crime Lab. Each week I examine the week’s most significant developments in fraud, money laundering, sanctions, cybercrime and regulatory policy – through the lens of criminological theory and evidence. It is expert commentary, written for people who think the world’s most prevalent crime deserves more serious treatment than it gets.

If you work in fraud prevention, financial regulation, AML compliance, law enforcement, or policy, or if you simply think this matters, read past Lab reports & subscribe Here.