惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Engineering at Meta
Engineering at Meta
T
The Blog of Author Tim Ferriss
Recent Announcements
Recent Announcements
G
Google Developers Blog
Google DeepMind News
Google DeepMind News
The Register - Security
The Register - Security
MongoDB | Blog
MongoDB | Blog
U
Unit 42
B
Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
L
LangChain Blog
Stack Overflow Blog
Stack Overflow Blog
P
Privacy International News Feed
L
LINUX DO - 最新话题
博客园_首页
博客园 - Franky
大猫的无限游戏
大猫的无限游戏
小众软件
小众软件
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
Tor Project blog
V
Visual Studio Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
P
Privacy & Cybersecurity Law Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
K
Kaspersky official blog
C
Cisco Blogs
博客园 - 【当耐特】
阮一峰的网络日志
阮一峰的网络日志
I
Intezer
罗磊的独立博客
MyScale Blog
MyScale Blog
Last Week in AI
Last Week in AI
A
About on SuperTechFans
G
GRAHAM CLULEY
Y
Y Combinator Blog
Microsoft Security Blog
Microsoft Security Blog
GbyAI
GbyAI
T
Threat Research - Cisco Blogs
P
Proofpoint News Feed
D
DataBreaches.Net
The Hacker News
The Hacker News
Spread Privacy
Spread Privacy
AWS News Blog
AWS News Blog
I
InfoQ
T
The Exploit Database - CXSecurity.com
Simon Willison's Weblog
Simon Willison's Weblog
博客园 - 叶小钗
Project Zero
Project Zero

Opinion

Op-Ed: Microsoft’s July Patch Tuesday reveals 622 vulnerabilities Op-Ed: Why CISOs are drowning in alerts but missing the real threat Op-Ed: The reality of data-centric security and attribute-based access control Op-Ed: Australia’s cyber law is stuck in the past – the Slay Review is our chance to fix it Australian federal budget 2026: The industry perspective Op-Ed: Redefining performance in the AI-powered SOC Op-Ed: AI won’t patch the holes in your SOC Op-Ed: Australia inspired the EU’s online age restrictions, now it’s time for us to learn from them Op-Ed: Microsoft April Patch Tuesday reveals 167 vulnerabilities The industry speaks: World Identity Management Day 2026 Op-Ed: Why zero trust for OT should start at the boundary, not the boiler room The industry speaks: World Cloud Security Day 2026 The industry speaks: World Backup Day 2026 Op-Ed: Information sharing of cyber threats vital to national security Op-Ed: Building secure foundations for AI in the cloud Op-Ed: AI isn’t the threat, poor design is Op-Ed: Why Australia’s schools are becoming strategic targets for organised crime Op-Ed: Australia’s National AI Plan looks good on paper, but where are the teeth? Op-Ed: Australian organisations need federated authority to stay secure at scale Supply chain risk: Understanding the weakest link in cyber security
Op-Ed: The transaction was legitimate; the crime was hidden in the system
Keith Bulfin · 2026-06-03 · via Opinion

One of the biggest misconceptions in financial crime is the belief that sophisticated criminal activity is hidden because transactions themselves appear suspicious.

In reality, the opposite is often true.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

The most sophisticated criminal systems frequently operate through transactions that appear entirely legitimate. A payment is made; an invoice is issued; funds move through recognised financial institutions; goods are shipped; customs documentation is completed; containers arrive at their destination.

Every individual component may appear legitimate when viewed in isolation. The problem is that organised crime does not operate in isolation.

It operates as a system. This is where what I describe as the “Operational Interpretation Gap” begins to emerge.

Across the world, financial institutions invest billions of dollars into:

• transaction monitoring
• AML systems
• AI-driven detection
• sanctions screening
• compliance programs
• governance frameworks.

Yet global illicit financial flows continue to exceed US$4.5 trillion annually. Why?

Because institutions often analyse transactions individually, while criminal organisations operate behaviourally across multiple jurisdictions simultaneously.

A payment may be sent to a company in Europe for goods that appear legitimate. A shipment may move through several countries. Funds may pass through multiple financial centres. Ownership structures may span several jurisdictions.

No single transaction triggers concern.

No individual participant sees the complete picture.

The criminal activity is not hidden inside one transaction. The criminal activity is hidden within the architecture connecting all of them – this distinction is critically important.

Compliance systems are generally designed to identify anomalies, and operational intelligence seeks to understand intent.

Compliance asks: “Does this transaction trigger a rule?”

Operational intelligence asks: “What larger system is this transaction part of?”

That question is becoming increasingly important as organised crime groups continue evolving into highly sophisticated multinational enterprises.

Many now employ:

• cyber specialists
• financial professionals
• logistics experts
• technology teams
• recruiters
• facilitators operating across multiple countries.

They understand jurisdictions. They understand regulatory differences. They understand how institutions share information. Most importantly, they understand that modern systems often analyse activity in fragments.

Their advantage comes from understanding the whole picture.

The future challenge for financial institutions, cyber professionals, regulators, intelligence agencies, and governance leaders is not simply collecting more data. It is in developing the capability to interpret behavioural systems operating behind that data.

Because ultimately, the transaction itself is rarely the story. The behavioural architecture behind the transaction is the story.

And until institutions become better at understanding that architecture, organised criminal systems will continue adapting faster than the systems designed to stop them.


Keith Bulfin is the founder of the Applied Financial Intelligence Programme and author of the bestselling book “Undercover”. His background includes work across global financial intelligence, organised crime investigations, illicit finance systems, and operational intelligence environments involving international agencies and investigations.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.