Europol’s recent Serious and Organised Crime Threat Assessment (EU-SOCTA) report sheds light on the increasingly complex and sophisticated nature of organised crime across Europe. 

The headline message from the report paints a worrying picture: serious and organised crime has become more violent, more digitally savvy, and more embedded in the legal economy than at any time in recent memory. 

The report goes on to outline how criminal networks now operate like multinational firms, working across borders.

But the most sobering bit? These groups don’t just exploit compliance’s blind spots – they bet on them. And the more they adapt, the more we need to tighten the alignment between financial crime controls and what’s actually happening on the ground.

For Anti-Money Laundering (AML) compliance teams working within UK-regulated businesses, this provides a timely reminder that the financial sector is facing a rapidly evolving threat. It calls for a significant shift in how financial institutions approach compliance and risk mitigation.

The key message from Europol is clear: financial institutions and businesses across industries must adapt their compliance frameworks to stay ahead of these emerging threats, employing more advanced technologies and comprehensive strategies to combat illicit activities effectively. 

In this article, we’ll explore the implications of the findings outlined in the SOCTA report and how AML compliance teams can help firms combat the rise in financial crime.

The five top takeaways from the EU-SOCTA report for AML compliance teams

1. Criminal networks are embedding themselves into the legal economy: Organised crime groups are operating through seemingly legitimate businesses – especially in logistics, construction, real estate, import/export, and professional services. They are forming shell companies, using nominees, and exploiting legitimate supply chains.
2. ‘Crime-as-a-Service’ networks are fuelling professional money launderers: The report highlights the rise of “service-based” laundering – specialist networks offering bespoke laundering options (cash, crypto, trade-based) for multiple criminal clients. These operations can look like regular consultancy, import/export, or asset management services.
3. Corruption is an enabler of financial crime: Serious crime is actively relying on corrupt actors across borders – including officials, port staff, finance professionals, and even insiders in regulated firms.
4. Cash-based laundering is still thriving: While virtual currencies are increasingly being used to launder money, physical cash remains a central method of criminal profit movement – often layered through property, high-value goods, or commercial businesses to make it look clean.
5. Crypto, DeFi, and digital payments are now standard money laundering tools: Digital assets aren’t the future of money laundering, fraud, and financial crime – they’re the present. The borderless, instant nature of virtual currencies facilitate greater anonymity that enable criminals to obscure illicit transactions more effectively.

The surge in money laundering across Europe

One of the most significant findings in the SOCTA report is the sharp rise in money laundering activities across Europe. Criminal organisations are becoming more adept at concealing the origin of illicit funds through increasingly complex structures, such as shell companies, trade-based money laundering (TBML), and the use of intermediaries. This makes it more difficult to trace the flow of illicit money, even as firms, law enforcement and regulators ramp up efforts to combat financial crime.

“Money laundering is the backbone of organised crime. It allows criminals to legitimise the proceeds of their illegal activities and integrate illicit funds into our legitimate economy.”

– SOCTA report

The rise in tech-enabled financial crime

Europol’s report indicates that organised criminal groups are increasingly using technology to facilitate illicit activities. Cybercrime is now a central part of many criminal enterprises. 

“Criminal networks exploit digital infrastructure to its fullest, leveraging technology and online systems to facilitate illegal activities, evade law enforcement, and maximise their profits.”

– SOCTA report

Financial crime syndicates are exploiting the vulnerabilities in digital platforms to perpetrate fraud, money laundering, and other financial crimes. This includes using encrypted messaging services, cryptocurrencies, deepfake identities, and even darknet markets to move dirty money undetected.

This shift highlights the urgent need to enhance the technological capabilities within regulated firms in line with the increasingly digitally-savvy bad actor. Traditional methods of tracking and detecting suspicious activities, such as basic screening and ongoing monitoring, are no longer sufficient. The increased sophistication of digital financial crimes demands advanced solutions that can track and analyse large volumes of data in real-time.

What now? Where compliance teams need to focus

The Europol SOCTA 2025 report is loud and clear: the threat has evolved, and compliance needs to move with it. For UK-regulated businesses, making targeted changes to how you assess risk, verify customers, and spot unusual activity is key. Regulators will expect to see evidence that you’ve taken this seriously, and they’ll be looking at your controls through that lens.

Update your risk assessment

The SOCTA identifies a significant shift in how organised crime groups are operating. These groups are increasingly integrating into the legal economy, often through legitimate-looking companies and professional service providers. This development challenges the traditional differences between high-risk and low-risk sectors.

As such, a full review of your firm-wide risk assessment should be conducted promptly. The weighting applied to sectors such as logistics, construction, import/export, and high-value goods may no longer reflect the true exposure. Similarly, geographic risk ratings may need to be updated based on the report’s identification of high-threat routes and regions.

Strength due diligence of legal entities and complex structures

The report places strong emphasis on the role of corporate structures, particularly shell companies, nominee arrangements, and multi-jurisdictional entities, in concealing criminal ownership and facilitating illicit financial flows.

UK-regulated firms should respond by enhancing the depth and scope of their customer due diligence for corporate clients. This includes:

• Verifying beneficial ownership through independent means where possible
• Conducting enhanced scrutiny where nominee directors or shareholders are involved
• Assessing the commercial rationale of the client’s business model
• Mapping connections between clients, directors, and third-party service providers

It may also be appropriate to adjust onboarding procedures to flag certain structures or jurisdictions for secondary review, especially when the entity has little economic substance or a short trading history.

Consider the threat of internal corruption and insider risk

The SOCTA makes it clear that corruption is not confined to foreign jurisdictions or public officials. Organised criminal groups are relying on compromised actors within legitimate businesses, including regulated firms.

“The abuse of legal business structures (LBS) is a multi-functional tool to support, disguise, or facilitate any form of criminal activity and to launder its proceeds. All business sectors are at risk, to varying degrees, in all crime areas.”

– SOCTA report

AML programmes should therefore extend their focus beyond external threats and include internal integrity risk. Key actions include: 

• Ensuring whistleblowing mechanisms are actively promoted and independently managed 
• Including insider threat scenarios in staff training and fraud risk assessments

Firms with a documented culture of escalation and internal challenge are far better positioned to detect and mitigate insider abuse.