In the United States, online fraud linked to Southeast Asian scam compounds has moved from a niche cybercrime issue to a major law-enforcement, sanctions and national-security concern.
The U.S. Department of Justice has created a Scam Center Strike Force targeting cryptocurrency investment fraud, cyber-enabled fraud, human trafficking and money-laundering operations connected to scam centres primarily in Southeast Asia. In June 2026, the DOJ stated that the Strike Force was launched to address the growing threat posed by Chinese organised crime syndicates operating scam centres, primarily in Southeast Asia, and that these operations had cost American victims billions of dollars.
The U.S. has also taken direct enforcement action against the infrastructure around these operations. In April 2026, the DOJ announced major actions against Southeast Asian scam centres targeting Americans. According to the DOJ, reported losses from cryptocurrency investment fraud rose sharply, with IC3 reporting more than USD 7.2 billion in crypto-investment-fraud losses in 2025.
The U.S. Treasury has used sanctions as part of this response. In September 2025, OFAC sanctioned networks in Burma and Cambodia connected to cyber-scam operations. Treasury stated that Southeast Asia-based scams cost Americans at least USD 10 billion in 2024 and that scam centres often recruit people under false pretences and use debt bondage, violence and threats to force them to scam strangers online.
This is the important point: the U.S. is no longer treating scam compounds merely as remote cybercrime. It is treating them as a transnational organised-crime infrastructure that combines online fraud, forced labour, crypto, payment channels, shell companies and laundering networks.
Europe should ask itself a simple question: why is this issue still so quiet in the EU debate?
The Compounds May Be Abroad — But the Architecture Is Global
Scam compounds are often discussed as physical sites in Southeast Asia. That is true, but incomplete.
A scam compound cannot operate at global scale with workers and phones alone. It needs a wider architecture: websites, fake investment platforms, social-media targeting, messaging channels, payment accounts, crypto ramps, corporate shells, nominee structures, professional service providers and legitimacy layers in respected jurisdictions.
This is where Europe and the United Kingdom become relevant.
The question is not only where the physical compound is located. The question is which role Europe plays in the ecosystem: victim market, legitimacy provider, corporate-shell jurisdiction, payment gateway, crypto-conversion layer, laundering channel — or all of them.
EFRI does not claim that every EU or UK entity linked to China, Hong Kong or Southeast Asia is part of a scam-compound network. Ownership nationality is not the issue. The issue is the risk pattern: opaque control structures, weak registrations, mass company formation, virtual-office abuse, victim-facing payment accounts, rapid fund sweeps, crypto conversion, fake investment apps and unanswered downstream fund-flow questions.
The UK Business Factory Case Is a Warning
The United Kingdom recently provided a striking example.
On 29 January 2026, the High Court wound up Yunma Tianlong International Consulting Co., Limited, Busy Secretary Service Limited and J&C Business (UK) Co., Limited. According to the UK Insolvency Service, the companies had helped set up thousands of businesses with no real UK presence. They supported overseas clients, mainly from China, to register businesses in the UK. None of the companies was registered with HMRC as a trust or company service provider, meaning they operated outside the UK anti-money-laundering framework for TCSPs.
The Insolvency Service reported more than 11,000 company formations. It also found that one address on Brighton Road in South Croydon had more than 8,500 companies registered to it. Post was left uncollected, and the companies filed dormant accounts despite information suggesting active trading that could not be verified.
This is not just a Companies House problem.
It is a fraud-infrastructure problem.
A UK company registration can create credibility. A company number, a UK address, Companies House records and apparently formal corporate documents can be used to reassure victims, can be onboarded by European licensed payment providers, platforms and commercial counterparties. In online investment fraud, legitimacy is part of the machinery. Fraudsters do not only need a fake trading platform; they need a story that makes the platform appear real.
Even if victim funds did not flow through a particular UK company, the company may still have served a critical role: making the fraud look legitimate.
The UK case illustrates how Western corporate infrastructure can be industrialised. The next question is whether similar dynamics exist within EU-facing payment and crypto systems.
Europe Should Not Ignore the Western Legitimacy Layer
This is the missing debate in Europe.
The public focus is often on the physical scam compounds in Myanmar, Cambodia, Laos or other jurisdictions. That focus is justified, especially because of the human-trafficking and forced-criminality dimension. But it is not enough.
If a fraud network uses a UK company to appear legitimate, a European payment institution to collect funds, a Polish VASP registration to claim regulatory status, a Malta vIBAN to receive victim deposits, a social-media platform to recruit victims and a crypto gateway to move funds onward, then Europe is not outside the ecosystem.
That does not mean that every European node knowingly participates in a scam. But it does mean regulators, FIUs, payment supervisors, company registries, platforms and law enforcement should stop treating these elements in isolation.
A UK shell company is not just a shell company when it is used as a trust signal.
A vIBAN is not just a technical account when it receives victim funds.
A VASP registration is not just a registry entry when it is used to imply regulatory credibility.
A social-media advertisement is not just content when it feeds victims into a fraud funnel.
The whole chain must be examined.
Investigative Reporting Points to EU-Facing Asian Payment and Crypto Nodes
This is why recent FinTelegram reporting deserves attention.
FinTelegram has published a series of reports on alleged fraud rails involving OpenPayd, Klickl Europe, fake investment apps and victim-facing vIBAN structures. According to FinTelegram, victim files in the KXTRA / KKR Global Investment case point to funds being paid into OpenPayd-linked vIBANs and then swept to Klickl Europe. FinTelegram describes Klickl Europe as a Polish VASP and alleges that it appears as an EU-facing rail node inside a broader China-linked crypto-finance structure.
FinTelegram also reported that a victim-organised list identified dozens of fake investment-app entries and multiple app/front-end names allegedly connected to the OpenPayd–Klickl rail. In another article, FinTelegram describes the KXTRA app as the fraud interface and the payment rail as the machine.
The reporting raises an important supervisory question: are EU and UK payment, VASP and company-registration infrastructures being used as legitimacy, collection, conversion or laundering layers for Asian fraud ecosystems? Europe should not assume that the infrastructure behind online investment fraud is static. Earlier waves were often linked to Israeli- and Russian-speaking networks. INTERPOL has already warned that Asian organised-crime networks are not confined to Asia and that scam-centre operations have become a global threat.
The question is not whether Asian organised-crime networks can operate beyond Asia — INTERPOL has already made clear that their activities are global. The real question is how deeply they have already penetrated the European fraud ecosystem: company formation, VASP registrations, payment rails, crypto conversion, vIBAN structures, fake investment platforms and victim-facing legitimacy layers.
This is not an argument about nationality. It is an argument about infrastructure, control, payment access and regulatory blind spots.
So what is Europe's position?
The United States is sanctioning, seizing, indicting and openly discussing scam-centre infrastructure. The UK has shut down a corporate-formation factory that created thousands of UK companies for mainly China-based clients without proper AML registration. Investigative journalists are mapping EU-facing payment and crypto rails allegedly appearing in victim files.
Yet the EU debate still tends to treat online investment fraud as a fragmented issue: a consumer problem, a platform problem, a bank-fraud problem, a crypto problem, a money-laundering problem or a law-enforcement problem.
That fragmentation is precisely what modern fraud networks exploit.
Europe should not wait until victims reconstruct the architecture years later. It should investigate the role of EU and UK-facing infrastructure now: company registries, TCSPs, virtual offices, payment institutions, EMIs, acquirers, vIBAN providers, VASPs, crypto ramps, platforms and telecom channels.
The question is not whether Europe is affected.
The question is how.
EFRI's Position
Europe should not treat scam compounds as a distant Southeast Asian phenomenon.
The compounds may be abroad, but the victim market, credibility layer and financial infrastructure may be here.
EFRI calls for a coordinated European review of the Western architecture that enables global online fraud: company formation agents, virtual offices, payment institutions, vIBAN providers, acquirers, VASPs, crypto ramps, social-media platforms and professional enablers.
Where thousands of companies are created without real presence or AML checks, this must be treated as a financial-crime infrastructure risk.
Where EU payment institutions or VASPs appear in victim files, regulators must require full downstream fund-flow explanations.
Where fake investment apps connect to real payment rails, payment providers must not be allowed to hide behind technical neutrality.
Where European legitimacy signals are used to deceive victims worldwide, Europe must take responsibility for the trust it exports.
The U.S. has started to frame scam compounds as organised-crime infrastructure. Europe should do the same — and examine its own role in making that infrastructure credible, scalable and financially useful.
If Europe does not investigate the Western architecture of scam compounds, it will continue to provide the trust signals that make industrial-scale online fraud possible.
