Introduction
In recent years, the digitalization of the economy has profoundly transformed not only markets and exchange mechanisms, but also the forms of economic and financial crime. Phenomena such as cybercrime, money laundering, and terrorist financing are not entirely new; what has changed, however, is the way in which they manifest, intertwine, and exploit the opportunities offered by technological innovation, the speed of financial flows, and the growing interconnection between economic systems.
In this context, analyzing individual crimes as separate phenomena risks providing only a partial understanding of the threat. Today, many criminal activities develop according to a chain logic: one offense may constitute the economic, operational, or functional prerequisite for another. Cybercrime, for example, can generate illicit proceeds; these funds may then be laundered; and, in some cases, the resources thus moved may support further criminal activities, including illicit financing or the backing of extremist networks.
For this reason, contemporary economic and financial crime requires a broader analytical approach, capable of examining not only individual phenomena but, above all, their interconnections. In other words, it is no longer sufficient to observe the crime itself: it is necessary to understand its position within a broader criminal chain, in which different offenses may represent successive phases of the same illicit process.
This contribution therefore proposes an integrated reading of these phenomena, analyzing them not as isolated events but as potentially interconnected segments of the same criminal dynamic.
The Transformation of Criminal Phenomena in the Digital Age
Digital transformation has deeply affected the operational methods of criminal organizations. Technology, in itself, does not create crime, but it expands opportunities for anonymity, accelerates transfers, multiplies payment channels, and makes tracking activities by authorities more complex. This is particularly true for economic and financial crimes, which find in the digital dimension a favorable environment for concealment, fragmentation of operations, and transnational movement of funds.
Cybercrime represents one of the most evident expressions of this evolution. Phishing attacks, ransomware, online fraud, identity theft, and system intrusions allow criminal groups to generate profits quickly and with a reach that transcends traditional geographic boundaries. The most relevant aspect, however, is not only the quantitative growth of these phenomena, but their integration into more complex criminal chains.
Once obtained, proceeds from illicit cyber activities cannot always be used directly. The risk of tracing, blocking of flows, or identification of beneficiaries often requires an additional phase: concealing the origin of the funds. It is precisely at this stage that cybercrime connects with money laundering, demonstrating how contemporary economic and financial crime does not develop in isolated compartments, but through operational links between different offenses.
From Digital Fraud to the Reuse of Funds: A Criminal Chain
One of the most relevant aspects in analyzing economic and financial crime is the need to overcome an isolated view of offenses. In many cases, the “visible” crime is only part of a broader process. Upstream there may be another criminal act that generates the financial resources, and downstream a further use of those resources.
A particularly effective example is the link between cybercrime, money laundering, and terrorist financing. A criminal group may carry out a phishing campaign, stealing banking credentials from individuals or businesses, or may target an organization through ransomware, blocking IT systems and demanding payment to restore data. In both cases, the result is the generation of illicit profit.
At this point, however, the obtained money presents a fundamental issue: its criminal origin. To use it without immediately exposing those responsible, it is often necessary to channel it through transactions that obscure its provenance. Funds may be transferred between different accounts, converted into crypto-assets, dispersed through micro-transactions, routed via digital platforms or online payment services, sometimes using third-party accounts or fictitious identities. In other cases, funds may be introduced into systems such as online gambling or other high-volume transactional environments, with the aim of making the reconstruction of the money trail more difficult.
In this perspective, money laundering is not separate from cybercrime, but often represents its subsequent phase within the same criminal sequence. The initial phase generates profit; the next phase attempts to “clean” it; the final phase may consist of reinvestment in the legal economy, support for other criminal activities, or, in certain cases, financing extremist or terrorist networks.
Simplified chain scheme
CYBERCRIME
(phishing, ransomware, online fraud)
↓
Generation of illicit proceeds
↓
MONEY LAUNDERING
(transfers, intermediary accounts, crypto-assets, digital platforms)
↓
Concealment of the origin of funds
↓
REUSE OF FUNDS
(legal economy, criminal networks, illicit activities)
↓
POSSIBLE TERRORIST FINANCING
This scheme has an essentially analytical value: it shows how, in contemporary reality, different crimes may represent successive phases of the same criminal sequence. For this reason, adopting a 360-degree perspective is not merely a theoretical choice, but an operational necessity.
Money Laundering and Terrorist Financing: Proximity and Differences
Among the most delicate connections is that between money laundering and terrorist financing. The two phenomena are often addressed within the same preventive regulatory framework, as they share countermeasures, obliged entities, reporting obligations, and monitoring mechanisms for financial flows. However, despite being closely connected, they are not overlapping.
In money laundering, the starting point is funds of illicit origin. The objective is to conceal their criminal provenance and reintegrate them into the legal economic system, making identification more difficult. In terrorist financing, however, what matters is not necessarily the origin of the money, but its destination. Funds may also come from legitimate activities or apparently lawful collections, but are directed toward illicit purposes.
This distinction between origin and purpose makes combating terrorist financing particularly complex. While in money laundering the investigative focus is mainly on the source of the funds, in illicit financing it becomes essential to understand the destination, connections, final beneficiaries, and transfer channels.
Nevertheless, in operational practice the two phenomena may significantly intersect. Funds generated by criminal activities and subsequently laundered may in fact be used to support terrorist activities or extremist networks. In this sense, although conceptually distinct, money laundering and terrorist financing can sometimes represent two sides of the same coin within broader and interconnected criminal dynamics.
The Problem of Measurement: What Is Not Seen Matters as Much as What Emerges
Another element of complexity concerns measurement. When discussing money laundering or terrorist financing, it is almost never possible to rely on precise and definitive data capable of quantifying the real volume of illicit activities. The very nature of these crimes implies opacity, concealment, and statistical underreporting. Many activities are never detected; others emerge only partially; still others are visible only through indirect indicators.
For this reason, risk analysis often relies on proxy tools (or indirect indicators), which allow estimation of the presence and intensity of the phenomenon without claiming completeness. Among these, a central role is played by Suspicious Transaction Reports (STRs), which represent one of the main channels through which the prevention system detects anomalous or potentially illicit behavior.
STRs do not represent the exact measure of money laundering or terrorist financing, but they provide a valuable indicator of the system’s level of attention, emerging vulnerabilities, the most exposed sectors, and possible evolutions in criminal operational methods. In other words, they do not capture the entire phenomenon, but they signal its movements, variations, and new configurations.
Prevention, Red Flags and the Role of Stakeholders
In the field of preventing economic and financial crime, zero risk does not exist. The realistic objective is not to completely eliminate the possibility of crime, but to reduce its likelihood, detect warning signals promptly, and limit the consequences when it occurs. This is the logic of prevention and risk mitigation.
Another often underestimated element in prevention concerns the role of information and user awareness. Many cyber frauds, such as phishing campaigns or online scams, rely on victims’ lack of knowledge of digital risks. In this sense, combating misinformation and promoting greater cybersecurity awareness is a fundamental preventive tool: being informed about common fraud schemes and warning signs often allows risks to be intercepted before the crime occurs.
Within the anti-money laundering and counter-terrorist financing system, this function relies on the cooperation of multiple actors. Banks, financial intermediaries, payment service providers, professionals, obliged entities, and competent authorities play a central role in monitoring transactions and identifying anomalies. Oversight cannot be static, because criminal methods are not static either.
In this context, so-called red flags become particularly important. These are indicators of anomaly which, while not constituting proof of a crime, may signal a risk requiring further investigation. Transactions inconsistent with a customer’s economic profile, frequent transfers to high-risk jurisdictions, artificial fragmentation of operations, combined use of multiple digital tools, unusual use of multiple accounts, and rapid transactions lacking clear economic justification are just some examples of warning signs that may require deeper analysis.
A crucial aspect is that red flags also evolve over time. Risk geographies change, channels multiply, technologies evolve, and so do behaviors. For this reason, continuous monitoring is an essential component of the prevention system: it is not enough to identify risk indicators once and for all, but they must be constantly updated in light of the evolution of criminal phenomena.
Conclusions
Contemporary economic and financial crime requires abandoning a fragmented view of offenses. Cybercrime, money laundering, and terrorist financing can no longer be studied as isolated compartments, because they increasingly appear as segments of the same criminal chain. Understanding this interconnection means adopting a broader perspective, capable of grasping the links between the origin of funds, concealment techniques, and the final destination of resources.
In this perspective, prevention and mitigation do not coincide with the illusion of completely eliminating risk, but with the ability to recognize it, monitor it, and address it through appropriate tools. Cooperation between public and private actors, the role of intermediaries, continuous updating of red flags, and the use of indirect indicators such as Suspicious Transaction Reports become essential elements of a system that cannot afford to be short-sighted.
Observing the phenomenon from a wide-angle perspective, anticipating possible combinations, and understanding the connections between different crimes is today one of the most significant challenges for those working in economic and financial security. It is precisely in this ability to read risk in a systemic way that a decisive part of prevention effectiveness is at stake.
Silvia Cardaci holds a degree in Compliance, Business Development and Crime Prevention and is currently pursuing a master’s degree in International Defense and Security Policy Analysis. Her academic interests focus on economic and financial crime, with particular attention to money laundering, terrorist financing, and emerging risks related to the digitalization of financial systems. Her analytical perspective also incorporates the behavioral dimension of crime, based on the understanding that every offense is, first and foremost, an expression of human behavior.