Global Organised Crime Index 2025 - Global Crime Networks go Corporate as Foreign Actors Surge

It has been reported that Organised crime is retooling for the digital, cross-border era.

• The 2025 Global Organised Crime Index finds that while state-embedded actors remain the most influential worldwide, foreign criminal groups have grown the fastest since 2021.
• Private‑sector facilitators (from logistics to professional services) have posted the second‑sharpest rise since 2023, evidence that facilitation is being externalised from direct state involvement to diffuse networks leveraging corporate and cross-border enablers.
• [ocindex.net] https://ocindex.net/report/2025/
• https://ocindex.net/
• https://globalinitiative.net/analysis/organized-crime-resilience-democracy-and-the-rule-of-law-gi-tocs-global-organized-crime-index-2025/

The Index

• Highlights rapid growth in financial crime and cyber-dependent crime, both “invisible” markets that exploit finance and technology, outpacing traditional law‑and‑order responses.
• It also tracks a drug‑market shift toward a synthetics/cocaine duopoly, reshaping global logistics and trade routes.

Why this matters

• Exposure channels are changing: Illicit activity now leans more on foreign and private‑sector facilitators, logistics, finance, tech platforms, and professional services beyond traditional state corruption. [ocindex.net]
• Resilience is lagging GI‑TOC notes a widening gap between rising criminality and plateauing resilience, particularly against financial crime and cyber-dependent crime areas, where traditional controls underperform. [globalinitiative.net], [financialcrime.lu]
• Market dynamics: Non-violent but high-impact markets (financial crime, cyber) and evolving supply chains (e.g., synthetic drugs/cocaine) intensify cross-border risk, third-party exposure, and misuse of corporate infrastructure. [ocindex.net], [globalinitiative.net]

QUOTES

• Said Mark Shaw, Executive Director of the Global Initiative Against Transnational Organised Crime (GI TOC).
• “Organised crime is not only expanding, but it is also reorganising,”
• “We now have five years of data that enables us to measure trends.”  
• Added Laura Adal, Director of the Global Organised Crime Index
• “Resilience is not keeping pace with criminality,”
• “Despite this, the Index data shows us where concrete steps can be taken to close this dangerous and widening gap.”
• [globalinitiative.net] https://globalinitiative.net/wp-content/uploads/2025/10/EN-GOCI25-PR.pdf

Real-world cases underscore the trend.

• DRUGS
• A EUDA/WCO analysis documented 1,826 tonnes of illicit drugs seized in or en route to EU ports since 2019, with Antwerp and Rotterdam at the centre of evidence of deep port vulnerabilities and suspected corruption among dock workers and law enforcement.
• In 2025, Antwerp customs intercepted 82 cocaine shipments in the first half of the year, even as smugglers split loads to lower per-seizure weights and spread risk across containers.
• Rotterdam also reported more minor per-seizure quantities and diffusion to new routes, signs of adaptation by foreign networks.
• [occrp.org] https://www.occrp.org/en/news/crime-gangs-exploit-eu-ports-to-smuggle-record-drug-loads
• [brusselsmorning.com]
• [nltimes.nl],
• [dutchnews.nl]
• Scam centres go global and corporate.
• UNODC’s April 2025 brief describes industrial-scale scam centres moving beyond Southeast Asia into new regions, operating from special economic zones and business parks, with profits approaching $40 billion annually. Many compounds pose as legitimate IT companies, blending human trafficking, underground banking and AI-driven deception, an archetype of private‑sector facilitation exploited by foreign networks.
• Independent UN experts have called these scam centres a “human rights crisis,” citing the coercion and abuse of trafficked workers.
• [unodc.org],
• [jurist.org],
• [ungeneva.org]

Financial sector on the back foot - Industry surveys echo GI TOC’s warning:

• A ComplyAdvantage study of 600 senior compliance leaders found that 45% struggle to connect cross-border intelligence due to siloed data, and more than half want more explicit regulatory guidance, underscoring the resilience gap against networked foreign actors.
• [complyadvantage.com]
• The ACAMS Global AFC Threats Report 2025 flags the fusion of fraud, technology and organised crime as the most severe global threat and urges investment in AI, training and cross-border partnerships.
•  [acams.org]

Call to action: How policymakers and corporate leaders can close the gap:

1. Treat foreign and private‑sector facilitators as priority risk classes.Update national risk assessments, supervisory priorities, and corporate onboarding rules to reflect GI TOC’s actor trends, including explicit typologies for logistics firms, payment processors, corporate service providers, and professional enablers. [ocindex.net]
2. Make beneficial ownership transparency non-negotiable.
   Mandate UBO verification and control‑rights mapping for high-risk counterparties and third parties; align registries and enforcement across borders to prevent jurisdictional arbitrage used by foreign networks. (GI‑TOC frames foreign‑actor growth and private facilitators as core enablers.) [ocindex.net]
3. Supercharge public–private intelligence sharing.
   Scale adverse media, sanctions/PEP, and case intel exchanges with financial institutions and logistics hubs; mirror OCIndex’s cross-market perspective through port alliances and trade-route task forces. Evidence from EU ports shows infiltration and adaptive tactics that demand a joint response. [occrp.org]
4. Fuse AML and cyber defences.
   Mandate hybrid analytics (graph/link analysis, device intelligence, behavioural biometrics) to surface network linkages across finance and tech, where the Index sees growth in cyber-dependent crime. [ocindex.net]
5. Hard‑gate “gatekeepers.”
   Impose fit‑and‑proper standards, audit rights, and EDD triggers for professional services and CSPs frequently cited as facilitators; UNODC evidence shows corporate fronts are central to industrial-scale scam operations. [unodc.org]
6. Target trade-based laundering in logistics and chemicals.
   Embed dual-use precursors, HS‑code anomalies and reefer‑container risks in customs analytics to counter the synthetics/cocaine duopoly and port infiltration documented across Europe. [ocindex.net], [occrp.org]

Why it matters now:

• GI TOC’s dataset shows organised crime adapting faster than global defences, with nonviolent, systems-level markets (financial and cyber) expanding while resilience plateaus.
• The result is a widening opportunity space for criminal networks unless policymakers and corporate leaders act decisively. [globalinitiative.net]
• As Shaw put it, the Index is both “a mirror and a compass”, a reflection of how organised crime has evolved, and a guide to where collective action is most urgently needed. [linkedin.com]

Sources:

• GI‑TOC Global Organised Crime Index 2025 report and press release; UNODC briefs and UN Geneva news; EUDA/WCO port trafficking analysis; ACAMS and ComplyAdvantage industry reports.
• [ocindex.net], [globalinitiative.net], [occrp.org], [unodc.org], [ungeneva.org], [complyadvantage.com], [acams.org]

Key Risk Themes & GRC Implications

1. State-embedded actors remain dominant
• Risk: Enduring corruption networks, political patronage, and procurement capture create sanctions, PEP, and sovereign risk.
• GRC implication: Strengthen PEP/sanctions screening, beneficial‑ownership transparency, and heightened due diligence (HDD) for state-linked entities and contracts. [ocindex.net]
2. Fastest growth: Foreign criminal actors (since 2021)
• Risk: Transnational networks exploit jurisdictional arbitrage, complex supply chains, and shell networks.
• GRC implication: Expand cross-border risk assessments, country risk weighting, and multi-jurisdiction adverse‑media pipelines; enhance inbound/outbound correspondent onboarding standards. [globalinitiative.net]
3. Private‑sector facilitators rising (since 2023)
• Risk: Professional enablers (corporate service providers, lawyers, accountants, fintechs, logistics) enable trade-based laundering, fraud, and sanctions evasion.
• GRC implication: Embed facilitator typologies in onboarding/KYC; institute gatekeeper controls (source‑of‑funds/wealth, unusual corporate structuring red flags, rapid recapitalisation, nominee arrangements). [ocindex.net], [reliefweb.int]
4. Financial & cyber-dependent crime expansion
• Risk: High‑volume, cross‑border flows; synthetic identities; API abuse; mule networks.
• GRC implication: Shift monitoring from rules‑only to hybrid analytics (graph/link analysis, device intelligence); integrate cyber telemetry (device fingerprints, behavioural biometrics) into AML alerting. [globalinitiative.net], [financialcrime.lu]
5. Criminal market reorganisation (synthetics/cocaine duopoly)
• Risk: New production and transit geographies drive trade finance, shipping, and logistics exposure.
• GRC implication: Elevate trade-based money laundering scenarios, dual-use chemicals screening, and maritime sanctions checks on carriers/flags beneficial owners. [ocindex.net], [globalinitiative.net]

Governance Actions (Board / ExCo)

• Set risk appetite statements covering foreign‑actor exposure (jurisdictions, counterparties, and sectors known for facilitator risk). Require an annual heatmap refresh aligned with GI TOC global trends. [ocindex.net]
• Mandate cross-functional GRC‑Cyber‑Legal convergence for financial/cyber crime with clear ownership of data, tooling, and escalation pathways. [globalinitiative.net]
• Approve enhanced third-party due diligence policy for gatekeeper professions and high-risk corporate services (including outsourcing and cross-border shared services). [reliefweb.int]

Risk Management: Practical Controls.

1) Counterparty & Third‑Party Due Diligence

• Layered KYC/CDD: Base + HDD for (i) state-linked entities; (ii) cross-border intermediaries; (iii) professional facilitators (legal, accounting, CSPs). Please provide proof of ultimate beneficial ownership (UBO) and a control rights mapping. [ocindex.net]
• Jurisdictional triangulation: Combine country risk lists with GI‑TOC actor/market signals; document rationale for onboarding decisions. [globalinitiative.net]

2) Transaction Monitoring & Cyber Fusion

• Hybrid analytics: Introduce graph/network analytics to detect foreign‑actor linkages (shared addresses, directors, IP/device overlap). Pair with behavioural biometrics for cyber-enabled fraud. [globalinitiative.net]
• Trade-based typologies: Over/under‑invoicing, phantom shipments, round‑tripping; flag risky commodities (precursors, dual-use items). [ocindex.net]

3) Sanctions, PEPs, and Adverse Media

• Dynamic screening cadence: Increase refresh frequency for foreign networks and state-embedded proxies; calibrate lists to include corporate affiliates and fronts identified in multi-source media. [ocindex.net]
• Escalation playbooks: Predefine steps for suspected state corruption/foreign actor collusion; ensure legal privilege management in investigations. [reliefweb.int]

4) Supply Chain & Outsourcing Oversight

• Risk-based vendor due diligence: Prioritise logistics, customs brokers, and payments processors; assess cross-border subcontracting chains and ultimate controllers. [ocindex.net]
• Contractual safeguards: Audit rights, KYC attestation, beneficial ownership warranties, sanctions compliance, and right to terminate for facilitator red flags. [financialcrime.lu]

Detection Red Flags (to embed in frontline playbooks)

• Rapid creation of complex corporate structures spanning multiple high-risk jurisdictions; nominee directors or opaque trusts. [ocindex.net]
• Use of professional service firms to move funds/assets with unclear economic purpose, frequent re-papering of contracts. [reliefweb.int]
• Payments routed through new fintechs/PSPs with mismatched business profiles; device/IP evidence of multi-jurisdiction control. [globalinitiative.net]
• Trade anomalies: price/quantity mismatches, unusual shipping routes, or frequent HS code changes linked to chemical/precursor goods. [ocindex.net]

Assurance & Audit Focus

• Design effectiveness: Test that policies explicitly cover foreign actor and private facilitator risks (e.g., onboarding checklists, EDD criteria). [ocindex.net]
• Operating effectiveness: Sample transactions across cross-border corridors and facilitator-heavy sectors (legal/CSP/logistics) for CDD completeness, monitoring alerts, and case outcomes. [globalinitiative.net]
• Data & tooling: Evaluate adverse‑media coverage, sanctions list enrichment, and graph analytics implementation maturity. [financialcrime.lu]

Metrics & KRIs (board-level dashboard)

• EDD penetration rate for high-risk counterparties (% with HDD completed and UBO validated). [ocindex.net]
• Foreign‑actor exposure: # of counterparties in elevated GI‑TOC actor/market jurisdictions; trend month‑on‑month. [globalinitiative.net]
• Facilitator‑linked alerts: % of AML/cyber alerts tied to professional services/logistics/PSPs; conversion to SARs. [financialcrime.lu]
• Trade-based ML flags: Rate of anomalies caught pre-settlement; loss avoidance estimates. [ocindex.net]
• Resilience gap tracker: Internal maturity score vs. GI‑TOC trend indicators for financial/cyber markets; remediation velocity. [globalinitiative.net]

Policy & Training Updates (next 60–90 days)

1. Policy refresh: Update AML/CFT, Sanctions, Third‑Party Risk, and Outsourcing policies to name foreign actors and private facilitators as explicit risk categories, including typology-based HDD triggers. [ocindex.net]
2. Playbook rollout: Issue frontline red‑flag guides for onboarding, trade finance, payments ops, and procurement; embed escalation thresholds. [reliefweb.int]
3. Skills uplift: Run targeted training on financial/cyber crime convergence and trade-based ML, with case studies and simulator exercises. [globalinitiative.net]

References / Further Reading

• Global Organised Crime Index 2025 Crime at a Crossroads (GI‑TOC): interactive report and PDF. [ocindex.net], [globalinitiative.net], [globalinitiative.net]
• Press Release (10 Nov 2025): gap between criminality and resilience widening; rise of foreign/private‑sector actors; financial & cyber crime growth. [globalinitiative.net]
• Launch analysis & sector implications (FinancialCrime.lu). [financialcrime.lu]
• UNODC 2025 Research Brief on transnational organised crime structures and private‑sector involvement. [unodc.org]