Op-Ed: Why organised crime is adapting faster than AI governance

This raises an uncomfortable question: Why are organised criminal systems still adapting faster than the institutions attempting to stop them?

The answer may not lie in a lack of technology.

It may lie in the growing gap between detecting suspicious activity and understanding adaptive criminal behaviour operating behind increasingly sophisticated financial and cyber-enabled systems.

Across banking, cyber security, governance, and compliance environments, institutions are increasingly becoming overwhelmed by alerts, anomalies, fragmented intelligence, transactional noise, and endless reporting requirements.

Criminal systems understand this. In many ways, modern financial crime environments now resemble adaptive corporate ecosystems more than traditional criminal organisations.

These networks:

VIEW ALL

• test systems continuously,
• identify operational blind spots,
• exploit jurisdictional seams,
• leverage AI themselves,
• and evolve behaviourally faster than institutional structures traditionally adapt.

This creates what I increasingly describe as the “operational interpretation gap”.

Technology can detect anomalies. Humans still need to interpret intent. That distinction is becoming critically important globally.

In many modern financial crime cases, the transaction itself may appear entirely legitimate.

The real issue is understanding the behavioural architecture operating behind the movement.

I encountered this repeatedly during operational financial investigations involving international syndicates moving funds across multiple jurisdictions through layered commercial structures.

In one case, a syndicate borrowed substantial funds through what initially appeared to be legitimate commercial lending arrangements. However, the underlying capital originated offshore, was circulated through multiple financial structures, repaid strategically, and ultimately transferred through Dubai-based channels, where the funds were effectively cleaned and reintroduced into broader commercial systems.

From a pure transactional perspective, many movements appeared lawful.

The operational question was different: Why was the structure created? Who controlled the behavioural movement behind the transactions? What broader network sat behind the activity?

Those questions often matter far more than the transaction itself. This is one of the major limitations now emerging globally inside heavily automated governance environments.

Most systems are designed to identify:

• irregularities,
• anomalies,
• reporting triggers,
• sanctions indicators,
• or behavioural deviations from known patterns.

But sophisticated criminal systems increasingly operate inside the grey space between:

• legitimacy,
• jurisdiction,
• technology,
• governance,
• and behavioural adaptation.

Increasingly, organised criminal groups are no longer isolated gangs. They now operate like multinational adaptive corporations. Many maintain:

• cyber teams,
• finance divisions,
• legal structures,
• shell companies,
• operational security capability,
• recruiters,
• payroll systems,
• and sophisticated digital infrastructure.

Some human trafficking and cyber scam compounds operating throughout parts of Asia now function with corporate-style management structures involving:

• recruitment divisions,
• social media targeting,
• crypto payment systems,
• internal enforcement teams,
• and sophisticated financial laundering pathways.

The scale is staggering. Yet many institutions continue approaching these systems through fragmented compliance structures designed for an earlier criminal environment.

Artificial intelligence unquestionably provides extraordinary capability. However, one of the growing risks now emerging globally is the assumption that increased automation automatically equals increased understanding.

It does not. AI can identify patterns at extraordinary speed. But criminal systems increasingly focus on something far older and far more dangerous:

Human behaviour.

They understand:

• fear,
• urgency,
• greed,
• trust,
• vulnerability,
• and institutional fatigue.

They also understand that many organisations are now overwhelmed operationally by the sheer volume of alerts and data generated daily.

The system becomes exhausted by noise. Criminal systems know this.

The future challenge for CISOs, governance leaders, operational intelligence professionals, and financial crime investigators may therefore not simply be:

“How do we collect more data?”

The real question increasingly becomes:

“How do we interpret adaptive intent operating inside increasingly sophisticated financial and cyber-enabled systems?”

This is where operational intelligence, behavioural interpretation, and human judgement become critically important.

The organisations that adapt successfully over the next decade are unlikely to be those relying solely on automation.

They will be the organisations capable of combining:

• AI capability,
• operational intelligence,
• behavioural interpretation,
• governance oversight,
• strategic investigation,
• and human judgement.

Because while technology continues scaling detection capability globally, organised criminal systems continue scaling adaptation.

Keith Bulfin is the founder of the Applied Financial Intelligence Programme and author of the bestselling book “Undercover”. His background includes work across global financial intelligence, organised crime investigations, illicit finance systems, and operational intelligence environments involving international agencies and investigations.