This week’s ACAMS Hong Kong Symposium brought together practitioners from every corner of the risk and compliance world. What stood out was how seamlessly the discussions ranged across disciplines (AML, sanctions, virtual assets, fraud, cyber, trade, and even outbound investment rules), turning the event into a snapshot of where financial-crime risk is truly heading.

A few weeks ago, I read an article in The Economist on how modern drug traffickers now outsource parts of their operations to independent criminal networks. The vertically integrated “cartel” model, the one Netflix built entire genres around, has splintered into something far more distributed.

That observation echoed throughout the Symposium. If there is a single word that captures the programme this year, it is convergence. Multiple sessions, from regulators to law enforcement to industry, pointed to the same trend: once-separate risk domains are now intersecting in ways that fundamentally change how we must respond.

There is only so much that can be discussed in open source, but several higher-level observations are worth sharing.

Crime is Converging Faster Than Anyone Expected

Across every session, one message emerged: financial-crime risk is no longer siloed. It has become an ecosystem risk.

Different speakers described this in different ways:

• HKMA emphasised macro-supervision: shifting from firm-by-firm examination to an ecosystem-wide view of interconnected risk.

• Hong Kong Police Force illustrated how scams, mule accounts, crypto off-ramps, malware and social engineering now reinforce each other in a single chain.

• Virtual asset practitioners framed stablecoins, OTC flows, custody risks and KYT analytics as core banking risks rather than “crypto risks”.

• Sanctions specialists connected outbound investment rules (OIR), export controls and secondary sanctions as overlapping tools shaping the same risk universe.

My key takeaway: The days of “AML team here, sanctions team there” are coming to an end. Continuous learning across adjacent fields is no longer optional.

Information Sharing Is Becoming a Core Control

The Symposium repeatedly underscored that no single actor sees enough of the risk picture alone. Real case mechanisms were highlighted:

• HKMA detailed strengthened bank-to-bank information sharing, enabling earlier detection of networked threats.

• HKPF introduced VAIT: a dedicated intelligence-sharing channel between police, regulators and licensed VASPs.

• Hong Kong Customs urged institutions to be more explicit in STRs, especially on TBML patterns (mis-invoicing, mis-description, under/over-invoicing, clustering, phantom shipments).

The common thread: collaboration is no longer a “nice to have”. It is becoming part of the control environment itself.

Sanctions, Export Controls and OIR Are Converging

The sanctions & geopolitics session was one of the most technically dense and insightful of the day. My key observations:

• OIR, export controls and secondary sanctions now operate in parallel, even when issued by different authorities.

• Complexity is generating a grey-zone problem: the hardest cases are no longer obvious prohibitions, but borderline situations requiring structured, evidence-based reasoning.

• Regulators expect documented analysis especially when dealing with dual-use technologies or conflicting jurisdictional regimes.

The mandate shifted from “what rule applies?” to “show me your reasoning.”

Virtual Assets Are Now a Mainstream Supervisory Priority

Virtual assets weren’t treated as an emerging niche. They were discussed as a core financial-crime vector:

• Stablecoin licensing, OTC supervision, custody risk and exchange governance are moving into concrete regulatory frameworks.

• On-/off-ramps are firmly a TradFi issue, requiring banks to understand VA flows across exchanges, OTC shops and unhosted wallets.

• HKPF case studies showed direct links between hacking, malware, insider abuse, fake investor calls and subsequent AML investigations.

In a phrase: VA is inseparable from the broader financial-crime landscape.

Fraud, Cyber and AML Are Collapsing Into One Operational Workflow

The fraud–AML integration session and HKPF panels illustrated the same pattern:

• Fraud is increasingly the entry point for AML cases, because funds hit the financial system through victims.

• Cyber (malware, phishing, takeovers, social engineering) sits immediately downstream.

• Crypto and payment rails appear in the layering and cash-out stages.

For firms, this creates a single operational challenge: fraud, AML and cyber intelligence need to converge, because criminals already treat them as one ecosystem.

Parting Thoughts

After a full day of sessions, one conclusion stood out:

We are living through a structural shift in how financial crime works and in how we must respond.

Criminal networks have become distributed, cross-border, tech-enabled and opportunistic. The traditional boundaries between AML, sanctions, fraud, cyber, VA and trade rules have blurred into one chain of risk.

The Symposium’s message was that our response must evolve at the same speed, anchored in:

• shared intelligence across institutions,

• common situational awareness between public and private sectors,

• technical literacy across adjacent disciplines, and

• a mindset that treats financial crime as an ecosystem problem, not a departmental issue.

As new mechanisms take shape (VAIT, bank-to-bank sharing, stablecoin oversight, risk-based OIR frameworks) one insight is becoming hard to ignore: no single institution has a wide enough aperture on its own.

Going forward, the work will demand not just skill, but connected expertise, such as the ability to translate across domains, share intelligence and recognise emerging patterns before they fully form.

If you are is exploring these topics or you’re comparing approaches across firms, I’m always happy to exchange views.

Thanks for reading,
Alexey