In this Compliance Officers Playbook episode, we uncover the rapid rise of transnational organised crime networks spreading across Southeast Asia—and how digital technology is supercharging their reach. From fortified scam compounds in Myanmar and Cambodia to billions of dollars laundered through crypto, these criminal syndicates are fusing illegal online gambling with cyber-enabled fraud on an industrial scale.

We break down how trafficked workers are forced to run sophisticated “pig butchering” romance and investment scams, and how criminals are weaponising AI deepfakes, custom malware, and social engineering to outsmart even the most tech-savvy victims. The episode also explores the shadowy financial infrastructure behind these operations, including underground banking networks, anonymous money mules, and the growing use of stablecoins like USDT to move and clean illicit funds.

Finally, we examine the global response—from US Department of Justice strike forces to record-breaking asset seizures—and why law enforcement is still struggling to keep pace with the professionalisation of crime-as-a-service. This is the story of how organised crime went digital, and why stopping it is harder than ever.

This episode explores a fundamental shift in risk leadership as organisations look toward 2026—one that moves beyond surface-level compliance and toward risk as a driver of meaningful decision-making. We examine why traditional tools like risk heatmaps often fail to deliver value and how risk management only becomes effective when it influences corporate choices before problems materialise.

The discussion places strong emphasis on accountability and governance, challenging organisational structures where ownership is unclear or uncomfortable truths are diluted for senior leadership. We also highlight the critical role of healthy escalation cultures, showing how suppressing bad news can turn manageable risks into inevitable losses.

Ultimately, this episode reframes risk not as a control function, but as a strategic capability—one that strengthens resilience and prepares organisations to navigate multiple future scenarios with confidence.

This episode examines the rapidly evolving fight against financial crime, with a particular focus on the wholesale brokerage sector and the critical role of Suspicious Activity Reports (SARs). Drawing on insights from the Financial Conduct Authority (FCA), we explore key vulnerabilities in capital markets and why firms must combine effective transaction monitoring with strong customer risk assessments.

We also look at recent regulatory updates and industry developments showing how artificial intelligence and large language models are transforming SAR reporting—improving both detection accuracy and the quality of investigative narratives. Supporting data from the National Crime Agency and the ICAEW highlights a sharp increase in SAR submissions, while also revealing persistent under-reporting in sectors such as accountancy.

The episode concludes by emphasizing collaboration between regulators, law enforcement, and private firms. As financial crime techniques grow more sophisticated, the industry must adopt innovative technologies, strengthen governance frameworks, and invest in staff training to protect market integrity and combat money laundering effectively.

This episode explores the growing overlap between corporate IT security, cryptocurrency compliance, and international sanctions enforcement. We begin with the challenges system administrators face when employees use VPNs to bypass workplace controls, exposing organizations to hidden legal, security, and operational risks—while raising difficult questions about privacy and oversight.

The discussion then shifts to real-world enforcement actions by the U.S. Office of Foreign Assets Control (OFAC), examining high-profile cases involving fintech and crypto platforms such as Kraken and Exodus Movement. These companies faced multimillion-dollar penalties after failing to properly block users in sanctioned regions, including Iran, through effective geolocation controls.

We also analyze emerging data showing a sharp increase in government monitoring of digital wallets and the use of blockchain analytics to trace transactions and freeze illicit assets. The episode concludes with a clear takeaway: both IT professionals and financial institutions must maintain strong controls and proactive monitoring to navigate the legal, regulatory, and security risks tied to unauthorized network access and digital currency use.

This episode breaks down the Digital Operational Resilience Act (DORA), the EU’s landmark regulation aimed at strengthening the financial sector against ICT and cyber-related disruptions. We explore DORA’s five core pillars, including ICT risk management, incident reporting, resilience testing, and oversight of third-party technology providers.

The discussion also compares DORA with other major EU frameworks such as GDPR and the EU AI Act, showing how organizations can align overlapping requirements into a single, cohesive compliance strategy. Insights from technology providers like Qualys, Copla, and Red Hat illustrate how automation tools can support asset discovery, vulnerability management, and third-party risk monitoring at scale.

As the January 2025 compliance deadline approaches, this episode highlights a key shift facing financial institutions: moving away from flexible guidance toward strict, rule-based operational standards. Essential listening for compliance leaders, risk professionals, and technology teams preparing for DORA implementation.

In this Compliance Officers Playbook episode, we explore the role and responsibilities of the European Union’s Anti-Money Laundering Authority (AMLA) and how it is reshaping financial crime supervision across member states. AMLA’s core mission is to create legal and regulatory consistency throughout the EU by developing binding technical standards, practical guidelines, and supervisory recommendations.

We discuss how these tools clarify compliance expectations, strengthen cooperation between national supervisors, and improve the overall effectiveness of anti-money laundering and counter-terrorism financing controls. The episode also highlights how AMLA balances innovation with continuity by incorporating established regulatory frameworks originally developed by the European Banking Authority.

By bringing supervision under a more rigorous and harmonised structure, AMLA aims to reduce systemic vulnerabilities and better protect the EU financial system from money laundering and terrorist financing risks. This episode provides essential context for compliance professionals, policymakers, and financial institutions preparing for the next phase of EU AML oversight.

In this episode, we break down the Financial Conduct Authority’s Final Notice against Nationwide Building Society, which resulted in a £44.1 million fine for serious anti-money laundering (AML) failures. Covering the period from October 2016 to July 2021, the FCA found that Nationwide breached regulatory Principle 3 by failing to adequately organise and control its affairs.

We explore the key weaknesses identified by the regulator, including poor customer risk assessments, widespread failures to refresh customer due diligence, and an ineffective transaction monitoring system. The episode also examines how these shortcomings created significant financial crime risks—most notably in cases where customers used personal accounts for business activity without proper oversight.

One particularly stark example involved the laundering of millions of pounds in fraudulently claimed Coronavirus Job Retention Scheme (JRS) funds, highlighting how systemic control failures can be exploited at scale. We also discuss how Nationwide’s early settlement led to a reduced penalty, bringing the fine down from more than £62 million.

Whether you work in financial services, compliance, or risk management—or simply want to understand how AML failures happen and why regulators are taking a tougher stance—this episode offers clear insights into one of the UK’s most significant recent enforcement actions.

In this episode, we break down the Financial Conduct Authority’s (FCA) latest move to simplify and strengthen the way complaints are reported across the UK financial services sector. The FCA—responsible for regulating firms, overseeing markets, and protecting consumers—is rolling out a major change: replacing five separate complaints returns with one streamlined, consolidated report.

We explore why the FCA is making this shift, how it aims to improve data quality and comparability, and what it means for firms’ compliance processes. A key highlight of the new framework is a dedicated requirement for reporting complaints involving vulnerable customers—a step designed to help the FCA better monitor risks and enhance protection for individuals who may need additional support.

Tune in for a clear, accessible breakdown of how this initiative supports the FCA’s broader ambition to become a smarter, more effective regulator—reducing unnecessary burdens on firms while reinforcing its consumer-protection mission.

In this Compliance Officers Playbook podcast episode, we break down the core purpose of internal auditing—from its foundation in independence and objectivity to the two key services it provides: assurance and consulting. We highlight how assurance offers an unbiased assessment of risks and controls, while consulting supports improvement without taking on management roles. At a high level, we show how internal audit helps organisations achieve their goals by strengthening governance, risk management, and internal controls through a disciplined, structured approach.

In this Compliance Officers Playbook podcast episode, we break down the essential difference between risk appetite—the level of risk a board is willing to take—and acceptable risk, the amount an organisation can tolerate without adding new controls. We highlight why zero risk is never realistic, how risk appetite guides what becomes acceptable, and why higher-impact risks are escalated to senior leadership. A quick, clear primer for anyone looking to strengthen their risk management understanding.