Europol issues organized crime threat assessment focusing on cybercrime, hacking, money laundering and drugs

Europol’s SOCTA Report on Organized Crime

by Christine Duhaime

Europol has issued its first Serious and Organized Crime Threat Assessment (“SOCTA“), under the umbrella of the newly created European Cybercrime Centre (“EC3“). The SOCTA is divided into three general sections: (A) identification of organized crime groups; (B) prevalent types of crime in the EU; and (C) environmental factors that enable crime, each summarized below:

A. Organized Criminal Groups

SOCTA estimates that there are at least 3,600 international organized criminal groups active in the EU involved in a wide range of criminal behaviour but more particularly drug trafficking and fraud which are estimated to represent approximately 50% of the illegal activity among those groups. Of those activities, VAT fraud and trafficking of drugs are the most prevalent.

The growth of the use of the Internet, and in particular, mobile-based communications, has facilitated the exponential growth of identified criminal behaviour in the EU and has also facilitated the ability of criminal organizations to network globally. As a result, SOCTA reports that approximately 70% of the organized criminal groups are multinational. Non-EU organized crime groups include persons from Latin America, former USSR countries, Afghanistan, Pakistan, Maghreb and East Asia (China, Korea, Japan, Taiwan, Mongolia).

Organized crime groups tend to launder funds through purchases of real property and set up corporations to facilitate criminal activities, camouflage key persons involved and allow for money laundering through corporate bank accounts. Additionally, they tend to use bribery and avoid obvious violent behaviour because of the unwanted attention.

B. Prevalent Types of Crimes Committed by Organized Crime Groups

In the EU, SOCTA has identified 8 specific crimes of concern. The 4 material ones are as follows:

1. Cybercrime & Hacktivism

Cybercrime is linked primarily to financial fraud in the EU, in particular bank fraud that is primarily committed from malware. An estimated 38% of computers in the EU are infected with malware. Malware extortion is vastly prevalent in the EU as is DDoS (distributed denial of service) and phishing – both are used to obtain confidential banking information from account holders to obtain access to their bank accounts to effect illegal online financial transfers. As consumers have become more savvy, cybercriminals have started attacking service providers where they can gain vastly more information more rapidly.

Two growing concerns in respect of cybercrime and hacktivism are that corporations continue to allow employees to bring personal computer devices into office environments unimpeded, facilitating security breaches and hacking (not to mention the potential theft of trade secrets); and the growing use of cloud computing services that have inherent security issues that, due to the nature of the open Internet, can never be fully protected by any IT system.

SOCTA also identified issues with child sexual exploitation with increased demand for video material depicting child abusive material that is trafficked online.

2. Human Trafficking & Illegal Immigration

SOCTA reports that organized crime groups facilitate the abuse of legal channels that allow ‘irregular’ migrants to enter the EU or to legalize their immigration status within the EU. These organized crime groups are adept at exploiting weaknesses in refugee systems in the EU and not controllable because they are driven by factors external to the EU.

An increase in human trafficking was also noted among Member States as a result of freer movement within the EU arising from the enactment of the Schengen Agreement. The report notes that some sectors of the EU economy depend on the trafficking of humans for labour, although it fails to identify what Member States, what industries and which economic sectors are dependent on human trafficking.

3. Trafficking in Drugs

Approximately 33% of organized crime groups in the EU are engaged in illegal drug trafficking, and it is the most profitable organized criminal activity in the EU, particularly in respect of synthetic drugs and psychoactive substances, given the relative low cost of production.

Heroin is an approximately €12 billion business in the EU. Most heroin consumers are from the UK, France, Germany and Italy. Cocaine remains the drug of choice after cannabis and over 124 tons of it is consumed by EU citizens every year. The biggest concern, however, is the growing production and trafficking of synthetic drugs and psychoactive substances. Criminals use commercial transportation options, such as containers, aircraft, couriers and postal services, for shipments of illegal drugs and their precursors (such as acetic anhydride essential for heroin production). Internet technology has also emerged as an important facilitator and is commonly used in the marketing and sale of illegal drugs across Member States.

4. Economic Crimes

In the EU, the VAT-specific crime, the so-called ‘missing trader intra community (“MTIC“) fraud’ also known as ‘carousel’ fraud, results in billions of Euros of tax losses to governments annually. MTIC fraud involves charging and retaining VAT from sales but not reporting or remitting it to tax authorities. Vast networks of MTIC fraud rings apparently operate in all parts of the EU and are becoming an increasing economic problem for governments.

Also of concern is the increase in advance fee fraud, a scheme whereby consumers are asked to pay in advance for goods or services over the Internet that are never provided. The advent of the Internet means that cybercriminals can operate remotely and far distances from the victims.

Interestingly, SOCTA noted the emergence of economic fraud cases exploiting electricity and gas markets following a scheme targeting carbon credit trading. Apparently, 90% of carbon trading credits in the EU in recent years were driven by fraud.

Organized crime groups such as the Cosa Nostra, Camorra and Ndrangheta are reported in the SOCTA as being heavily involved in renewable energy (wind and solar) and waste management businesses all over the EU which are used to launder funds.

With respect to renewable energy, the involvement of organized crime commences at the financing of infrastructure and continues to operating wind farms and solar energy companies. The generous EU subsidies, tax credits and tariff fees are attractive to organized crime because it means ultimately that the government is funding organized criminal activities.

C. Factors that Enable Crime

Crime enablers are certain environmental horizontal factors that facilitate the existence and growth of criminal conduct.

Such horizontal factors include the economic crisis in Europe that makes certain people susceptible to corruption; logistical hotspots such as Turkey which has become a transit intersection point for illegal migrants and the transportation of illegal goods from Asia, and such as Dubai for MTIC fraud; the use of specialized experts such as lawyers to set up corporations and provide advice on trade, renewable financing and government subsidies, and other essential services necessary to operate illegal enterprises, and the use of accountants for accounting-related advice; gaps in legislation; and the Internet which acts not only as a vehicle for crime but a location where crime occurs. Stolen personal data allows criminals to commit a wide range of diverse organized fraud activities including bank account hijacking. The SOCTA notes that virtual currencies, electronic banking and  online gambling now feature heavily in money laundering techniques.

The full text of the SOCTA by EC3 is available here.

EC3 acts as the focal point in the EU’s fight against cybercrime to allow for more rapid collaboration and national responses to online crimes, whose mandate is to support Member States and EU institutions in building capacity to combat the growing problem of cybercrime in Europe and indeed, internationally.