Cybercrimes, Human Trafficking, and Cryptocurrency in Southeast Asia’s Special Economic Zones

Executive Summary

Southeast Asia’s special economic ones (SEZs) were designed to attract investment through deregulation and streamlined governance. Those same features have made them ideal substrate for the growth of transnational criminal networks. Across Myanmar, Cambodia, Laos, and the Philippines, Chinese-led syndicates have embedded industrial-scale cyber-fraud operations inside these SEZs, generating an estimated $50 billion-$75 billion annually while relying on a traffic workforce of at least 300,000 people. In 2024 alone, U.S. victims lost more than $10 billion to such schemes.

This report maps operations, and the political economies sustaining them, in Laos’ Golden Triangle SEZ, Myanmar’s Shwe Kokko and KK Park, Cambodia’s Sihanoukville and Thmor Da, the Philippines’ Clark Freeport, and East Timor’s emerging Oecusse Digital Trade Zone. It traces the money-laundering infrastructure, armed group protection arrangements, and legal exceptionalism that have made meaningful enforcement persistently elusive. It also examines how forced criminality structurally blurs the line between victim and perpetrator and how existing countermeasures have prioritized visible disruption over the systemic dismantling of this ecosystem.

Recent U.S. actions, including from the Office of Foreign Asset Control, have targeted entities such as the Prince Group and Huione Network, in attempts to cut this ecosystem from the U.S. financial sector. The November 2025 launch of the Scam Center Strike Force is a step in the right direction for these efforts, but the momentum needs to be codified and institutionalized.

This report argues that durable progress will require reframing these ecosystems as hybrid security threats, targeting both the operators themselves and their financial and political enablers. Victim protection should also be treated as a driver of these efforts, as well as a valued intelligence asset, and not just a humanitarian afterthought.

Recommendations

The United States cannot resolve Southeast Asia’s cyber-scam crisis unilaterally, but it can meaningfully reshape the incentive environment in which scam ecosystems operate. Given the transnational, politically embedded nature of these operations, an effective U.S. strategy should prioritize financial disruption, institutional leverage, and victim-centered enforcement rather than compound-by-compound takedowns. The objective would be to substantially increase systemic pressure on enablers.

1. Reframe Cyber-Scam Operations as a Hybrid Security Threat

The U.S. should formally treat large-scale scam ecosystems as a hybrid threat encompassing transnational organized crime, human trafficking, illicit finance, and, where applicable, conflict financing. This framing would justify sustained interagency prioritization rather than ad hoc responses driven by individual cases or media attention.

Practically, this means elevating Southeast Asian scam networks within U.S. strategic documents on transnational crime and integrating them into Indo-Pacific security dialogues. Doing so would align cybercrime policy with broader U.S. objectives on human rights, regional stability, and economic integrity, rather than isolating scams as a consumer-protection issue.

2. Shift the Center of Gravity to Financial and Enabler Targeting

U.S. efforts should move decisively away from an operator-centric enforcement model toward enabler-centric disruption. This includes:

• Expanding Treasury-led sanctions against developers, financiers, shell companies, and logistics providers linked to scam ecosystems using the Global Magnitsky Act, which authorizes the U.S. government to sanction foreign individuals responsible for human rights abuses or significant corruption.
• Prioritizing financial intelligence cooperation focused on real estate laundering, casino-linked cash flows, and crypto-fiat conversion points rather than individual scam wallets.
• Supporting partner-country investigations into commercial infrastructure such as telecom providers, hosting services, and payment processors, which are all used systematically by scam networks.

UNODC and U.S. government reporting consistently show that scam operations survive enforcement by replacing labor and infrastructure but struggle when capital access and elite protection are constrained. Targeting these choke points offers the highest leverage at lowest operational cost.

Recent U.S. legal momentum suggests movement in this direction. The Office of Foreign Assets Control’s action against the Prince Group and Huione Group is an important step. As well, the U.S. Treasury Department has targeted Funnull Technology for selling bulk IP infrastructure to cybercriminals, and the Karen National Army for compound protection. The pattern across these actions show that there is a shift towards enabler-centric logic. The challenge now is sustaining and deepening it, rather than treating each action as discrete.

3. Embed Victim Protection as an Intelligence and Enforcement Asset

The U.S. should explicitly promote non-punitive, trafficking-aware enforcement models as a core component of counter-scam strategy. It can’t be framed solely a human rights issue, and should be appreciated as an intelligence multiplier.

Policy tools include:

• Conditioning certain forms of U.S. law-enforcement assistance on the adoption of victim screening and protection protocols consistent with the Palermo Protocol.
• Supporting regional victim-identification training tied to evidence preservation and witness cooperation, rather than rapid deportation.
• Funding NGO and international-organization programs that facilitate safe cooperation pathways for trafficking victims willing to provide testimony.

Evidence from prior interventions indicates that coerced workers possess critical insight into command hierarchies, financial flows, and relocation patterns. This is insight that is lost when victims are treated as offenders.

4. Use ASEAN+ Mechanisms Without Forcing ASEAN Centrality

The U.S. should continue engaging ASEAN as a normative anchor while accepting its institutional limitations. Rather than pushing for new ASEAN-wide enforcement bodies, which are unlikely to materialize, the U.S. should focus on modular, opt-in cooperation among willing states.

This includes:

• Supporting minilateral investigative coalitions among high-capacity partners (Thailand, Singapore, Philippines) that can later be expanded.
• Leveraging ASEAN+ platforms to standardize financial and evidentiary cooperation, even where policing remains national.
• Coordinating discreetly, but deliberately, with China on cases of shared interest, while avoiding overdependence on Chinese-led enforcement priorities.

This approach preserves ASEAN legitimacy without allowing consensus constraints to paralyze action.

5. Integrate Scam Ecosystems into U.S. Conflict and Stability Planning

In areas such as Myanmar’s border regions, scam operations intersect directly with armed conflict and fragmented sovereignty. The U.S. should incorporate cyber-scam economies into its conflict analysis and sanctions planning and recognize their role in sustaining local power structures.

Where appropriate, this includes:

• Assessing whether scam-derived revenue contributes indirectly to armed actors or conflict persistence.
• Aligning counter-scam sanctions with existing human rights and conflict-related measures.
• Avoiding enforcement actions that inadvertently strengthen armed intermediaries by eliminating rival revenue streams without addressing protection arrangements.
• Treating scam ecosystems as part of broader war-crime economies improves coherence across U.S. policy domains.

Recent shifts in U.S. policy have also shown a somewhat greater willingness to directly sanction conflict-entangled entities. This precedent supports integrating similar analysis into future sanctions planning across Myanmar’s fragmented armed landscape.