Cyber-scam centres have become a defining feature of transnational organised crime in Southeast Asia. Having grown in scale and scope over the past several years, these compounds now operate as complex criminal hubs combining large-scale online fraud with trafficking in persons, money laundering, illegal gambling, and other forms of exploitation. Hundreds of thousands of trafficked and coerced individuals from more than 70 nationalities remain trapped in these centres. Their forced labour fuels scams that generate billions of dollars in criminal proceeds, profits that are reinvested to expand operations, enable corruption, and destabilise governance across the region.
To better understand and support governments in efforts to disrupt this growing threat, the Global Initiative Against Transnational Organized Crime (GI-TOC), with support from the Regional Support Office of the Bali Process (RSO) and the ASEAN-Australia Counter Trafficking program, have published two reports: Compound Crime: Cyber-Scam Operations in Southeast Asia and The Business of Exploitation: The Economics of Cyber-Scam Operations in Southeast Asia.
Together, these reports provide a comprehensive analysis of how cyber-scam centres operate, how their financial networks function, and where intervention points exist to disrupt them.
This report offers a detailed look at the logistics, operations, and structures of cyber-scam centres, revealing how they recruit, coerce, and sustain large-scale fraud operations across the region. By uncovering the mechanics and enablers of these networks, the research provides policymakers and law enforcement with the insights needed to design smarter, more effective responses to these transnational organised crimes.
Key insights include:
- The dual layers of victimisation: those defrauded by scams and those trafficked to perpetrate them.
- How scam compounds function as multi-crime hubs connecting fraud, trafficking, money laundering, and illegal gambling.
- The roles of corruption, complicity, and “role-shifters” who facilitate or shield operations within both state and non-state systems.
- The adaptability and mobility of cyber-scam centres, which can close temporarily, relocate, or shift jurisdictions to evade enforcement.
This brief focuses on the financial structures and laundering networks that underpin cyber-scam centre operations. It explores how criminal proceeds move through formal and informal channels including banks, fintech platforms, and digital-asset exchanges, before being layered, obscured, and reinvested into criminal infrastructure. Its findings illuminate how these operations take advantage of loopholes in financial regulation and oversight and highlights practical steps for disrupting the profits that fuel these transnational organised crimes.
This report features:
- A close-up look at how illicit proceeds pass through regulated banks, fintech platforms, and cryptocurrency exchanges before entering unregulated channels.
- A discussion of gaps in financial oversight, such as weak Know-Your-Customer (KYC) procedures, high reporting thresholds, and limited cross-border information sharing, that enable large-scale laundering
- Examination of how profits are reinvested to expand criminal infrastructure, entrench influence over officials and institutions, and reduce regulatory scrutiny.
- Financial typologies that can guide FIUs, Anti-Money Laundering Offices (AMLOs), and regulators to better detect, trace, and disrupt scam centre-linked laundering.
- Discussion around broader regional economic risks posed by these flows, including threats to financial stability, public trust, and investment confidence.
Together, the two reports aim to support policymakers and law enforcement in Southeast Asia to better understand the modus operandi behind cyber-scam centre operations: illuminating the operations and logistics used to run cyber-scam centres, and unpacking their financial models, and systemic risks.
Both reports highlight the need for coordinated regional action and offer recommendations for strengthening responses. Moving from ad hoc interventions to strategic, collaborative approaches among countries in the region will be key to achieving lasting impact and making more efficient use of resources.
Building on these insights, several priority responses emerge for immediate regional action:
- Disrupt financial flows: Scale up cooperation between FIUs and counterparts across the region to apply the typologies identified in the report The Business of Exploitation: The Economics of Cyber-Scam Operations in Southeast Asia. Prioritise asset freezing, confiscation, and recovery to reduce the profitability of cyber-scam centres.
- Regulate and disrupt technological enablers: Jointly engage platforms, telecoms, and fintech providers to reduce misuse, including discussions of accountability and liability frameworks.
- Support transparency and victim-centred responses: Encourage civil society, journalists, and NGOs to play a greater role in sharing information on scam centre operations and identifying victims, ensuring protection remains central in law enforcement responses and that all responses are evidence-based.
- Advance an innovation agenda: Explore an AI-enabled counter-scam initiative to disrupt the growing use of deepfakes and other emerging technologies by cyber-scam centres.
The RSO welcomes interest from Member States and other relevant actors on the findings and recommendations in these publications, and opportunities to discuss further collaboration and support. To get in touch, please contact info@rso.baliprocess.net
