Faculty of Science, Technology and Medicine
Faculty of Law, Economics and Finance
Faculty of Humanities, Education and Social Sciences
Interdisciplinary Centre for Security, Reliability and Trust
Luxembourg Centre for Systems Biomedicine
Luxembourg Centre for Contemporary and Digital History
Luxembourg Centre for European Law
Luxembourg Centre for Socio-Environmental Systems
Author
Reviewed presentation
As the European Union (EU) moves towards a more digital society and economy, the DTU- GREITMA examines how the digital transformation is reshaping the regulatory and enforcement frameworks within the internal market. The 2025 edition of the EU Serious and Organised Crime Threat Assessment (EU-SOCTA) shows that serious and organised crime is not only adapting to new technologies but also finding ways to exploit the weaknesses that arise from digital transformation. Based on insights from EU Member States, third parties, and Europol’s expertise, the report serves as an indicator for shaping both the EU’s future security and criminal justice policy agenda as well as national and cross-border law enforcement strategies.
Serious and organised crime is regarded as one of the greatest security threats facing the EU today. Its nature ‘is evolving at an unprecedented pace’, exploiting technological developments and geopolitical instability to ‘expand its reach and deepen its impact’. Offences are frequently transnational, with digital infrastructures being employed by criminal networks to obscure the illicit origin of assets and to distance perpetrators from the crimes they commit. Starting from this premiss, the 2025 EU-SOCTA is structured in four main parts.
The report first outlines how the very ‘DNA’ of serious and organised crime is evolving, focusing on three interconnected trends. It then identifies the main tactics employed by criminal networks, followed by an analysis of the key threats these represent. Finally, it outlines how the geography of criminal networks is changing.
The report identifies three major dynamics behind what it describes as a ‘fundamental shift in the blueprint of serious and organised crime’. First, serious and organised crime has a twofold destabilising effect. On the one hand, it undermines the economy and erodes trust in the EU and national institutions by infiltrating the legal market with large volumes of illicit proceeds, while the EU’s asset recovery rate remains notably low at around two per cent. On the other hand, hybrid threat actors are increasingly cooperating with criminal networks to outsource specific criminal acts, such as cyber-attacks, disinformation campaigns, and money laundering schemes, thereby avoiding direct involvement. This form of cooperation is mutually beneficial, and by acting as proxies for hybrid actors, criminal networks obtain financial gain and access to cutting-edge resources.
Second, criminal networks are increasingly nurtured online. They make use of digital infrastructure to enable and scale up their illicit activities, while concealing their operations behind a layer of security and anonymity. Some criminal networks develop or rely on platforms designed specifically to facilitate unlawful activities, whereas others increasingly exploit encrypted communication services originally designed to protect privacy rights.
Third, serious and organised crime is being accelerated by the use of artificial intelligence (AI) and other emerging technologies, such as cryptocurrencies and quantum computing. In the financial sector, for example, blockchain technologies and cryptocurrencies are being employed to carry out transactions and launder illicit proceeds through decentralised systems and unregulated exchanges.
Together, these three trends show that the changing DNA of serious and organised crime is embedded in the way criminal networks operate. Money laundering, in particular, is undergoing significant transformation. Illicit proceeds are being invested into parallel economies designed to protect and grow wealth generated from criminal activities. This system is concealed behind digital platforms and enabled by technologies such as blockchain, marking the beginning of a new era of financial crime.
The report then identifies two main categories of threats: (i) online threats, including cyber- attacks, online fraud schemes, and (online) child sexual exploitation; (ii) physical threats, especially in cross-border crime areas such as migrant smuggling, drug trafficking, firearms trafficking, and waste crime. Although these crimes are traditionally physical in nature, the report underlines that parts of their modus operandi, including the recruitment, communication, and marketing phases, are increasingly shifting towards the online world, and will also be affected by the growing use of AI.
Finally, criminal networks operate across borders with increasing ease, both within and outside the EU. Therefore, the report stresses the importance of closely monitoring geopolitical developments and crime trends not only within the Area of Freedom, Security and Justice, but also in third countries, especially neighbouring ones.
In conclusion, a key overall message can be drawn from the 2025 EU-SOCTA. In the context of rapid changes in serious and organised crime, shaped primarily by the digital transformation of the economy and society, traditional criminal enforcement models solely based on reactive responses have proven insufficient. As most of the newly identified threats share common underlying features, the EU must adopt a proactive, intelligence-led and targeted approach to effectively combat serious and organised crime.