Cybercrime Source Booklet 2026

Cybercrime Source Booklet:
Regulatory and policy developments
2026 Edition

Fincrime, AML, cybercrime, cybersecurity, neurocrime & neurosecurity
1. Research conducted by individuals, companies, associations and universities
1.1. January
1.1.1. International

World Economic Forum (WEF) & Accenture, Global Cybersecurity Outlook 2026, January 2026, accessible here;

1.2. February

1.2.1. International

ComplyAdvantage, The State of Financial Crime, February 2026, accessible here;
Sam Stockwell, Ardi Janjeva & Broderick McDonald, Adding Fuel to the Fire: AI Information Threats and Crisis Events, The Alan Turing Institute, Centre for Emerging Technology and Security (CETaS), February 2026, accessible here;
KPMG, Transforming financial crime with generative AI - Exploring the right application of autonomous agents to stay ahead!, February 2026, accessible here;

1.2.2. Europe

1.2.2.1. Russia

Kateryna Bondar, How Russia Is Reshaping Command and Control for AI-Enabled Warfare, Center for Strategic and International Studies (CSIS), CSIS Wadhwani AI Center, February 2026, accessible here;

1.3. April

1.3.1. Europe

1.3.1.1. United Kingdom

Broderick James McDonald & Sam Stockwell, AI Information Threats and Crisis Response: Practitioners’ Handbook, The Alan Turing Institute, Centre for Emerging Technology and Security (CETaS), April 2026, accessible here;

2. Reports, guidelines, recommendations and other documents published by regulatory and supervisory authorities, international organizations, and other public institutions and agencies
2.1. January
2.1.1. International

Tamás Gaidosch et al., Good Practices in Cyber Risk Regulation and Supervision, Monetary and Capital Markets Department, International Monetary Fund (IMF), January 2026, accessible here;
Gundars Bergmanis-Korāts, Tetiana Haiduchyk, & Bohdan Smolts, Social Media Manipulation for Sale - 2025 Experiment on Platform Capabilities to Detect and Counter Inauthentic Social Media Engagement, North Atlantic Treaty Organization (NATO), NATO Strategic Communications Centre of Excellence, January 2026, accessible here;

2.1.2. Europe
2.1.2.1. European Union

Alexandre Lotito & Hubert Dalli, Digital Package - Revision of the Cybersecurity Act: Implementation takeaways, European Parliamentary Research Service (EPRS), European Parliament, PE 774.675, January 2026, accessible here;
Sofia Karttunen, The Danish approach to copyright and deepfakes: A model for the EU?, European Parliamentary Research Service (EPRS), European Parliament, PE 782.611, January 2026, accessible here;
Mar Negreiro, Combating child sexual abuse online, European Parliamentary Research Service (EPRS), European Parliament, PE 738.224, January 2026, accessible here;
Mar Negreiro, Virtual private networks and the protection of children online, European Parliamentary Research Service (EPRS), European Parliament, PE 782.618, January 2026, accessible here;
European Union Agency for Cybersecurity (ENISA), ENISA International Strategy, January 2026, accessible here;
Europol, Prioritising post-quantum cryptography migration activities in financial services, Quantum Safe Financial Forum (QSFF), FS-ISAC, Quantum-Readiness Working Group of the Canadian Forum for Digital Infrastructure Resilience (QRWGCFDIR), Publications Office of the European Union, January 2026, accessible here;
European Union Agency for Fundamental Rights (FRA), Regulating online terrorist content - Balancing public safety and fundamental rights, Publications Office of the European Union, January 2025, accessible here;
Alessandro Davoli, Police Cooperation, European Parliament, Think Tank, January 2026, accessible here;
European Commission, Proposal for a Regulation of the European Parliament and of the Council on the European Union Agency for Cybersecurity (ENISA), the European cybersecurity certification framework, and ICT supply chain security and repealing Regulation (EU) 2019/881 (The Cybersecurity Act 2), 2026/0011 (COD), January 2026, accessible here;
NIS Cooperation Group Work Stream on Risk Assessment and Supply Chain Security, EU Coordinated Risk Assessment - Detection Equipment, European Commission, European Union Agency for Cybersecurity (ENISA), January 2026, accessible here & here;
NIS Cooperation Group Work Stream on Risk Assessment and Supply Chain Security, EU Coordinated Risk Assessment - Connected and Automated Vehicles, European Commission, European Union Agency for Cybersecurity (ENISA), January 2026, accessible here & here;
NIS Cooperation Group Work Stream on Risk Assessment and Supply Chain Security, EU ICT Supply Chain Security Toolbox, European Commission, European Union Agency for Cybersecurity (ENISA), January 2026, accessible here & here;

2.1.2.2. France

République française, Stratégie nationale de cybersécurité 2026-2030, January 2026, accessible here;

2.1.3. North America

2.1.3.1. United States of America

National Security Agency, Zero Trust Implementation Guideline - Primer, Cybersecurity Technical Report, U/OO/102936-26, PP-25-3613, Version 1.0, January 2026, accessible here;

2.2. February

2.2.1. International

Financial Action Task Force (FATF), Cyber-Enabled Fraud - Digitalisation and Money Laundering, Terrorist Financing and Proliferation Financing Risks, February 2026, accessible here;

2.2.2. Europe

2.2.2.1. European Union

Colin Murphy, New action plan against cyberbullying, European Parliamentary Research Service (EPRS), European Parliament, PE 782.632, February 2026, accessible here;
European Commission, Communication from the European Commission to the European Parliament, the Council of the European Union, the European Economic and Social Committee and the European Committee of the Regions - Action plan against cyberbullying "Safer online, stronger together", COM(2026) 71 final, February 2026, accessible here & here;
Zacharis Alexandros, ENISA Anna Sarri, ENISA Christian Van Heurck, ENISA Fanouris Fanourakis, Gema Fernández, Nikolaos Christoforatos, & Radu Arcus, The ENISA Cybersecurity Exercise Methodology - End-to-end guide on how to plan, run and evaluate an exercise, Version 1.0, European Union Agency for Cybersecurity (ENISA), February 2026, accessible here;
European Commission, Protect what matters - Drone and counter-drone security, Publications Office of the European Union, February 2026, accessible here;

2.2.2.2. United Kingdom

HM Treasury, Using digital identities with the Money Laundering Regulations, GOV.UK, February 2026, accessible here;

2.3. March

2.3.1. International

Financial Action Task Force (FATF), Targeted report on Stablecoins and Unhosted Wallets - Peer-to-Peer Transactions, March 2026, accessible here;
Andrea Minto et al., From cash to crypto: towards a consistent regulatory approach to illicit payments, Bank for International Settlements (BIS), Monetary and Economic Department, BIS Papers No 166, March 2026, accessible here;
Financial Action Task Force (FATF), Understanding and Mitigating the Risks of Off-shore Virtual Asset Service Providers, March 2026, accessible here;
Tommy Shaffer Shane, Simon Mylius, & Hamish Hobbs, Cheming in the wild - Detecting real-world Al scheming incidents with open-source intelligence, The Centre for Long-Term Resilience (CLTR), AI Security Institute (AISI), March 2026, accessible here;
Tanai Khiaonarong & Shanyuan Zheng, The Rise of Cyber Events and Digital Fraud in the Financial Sector, International Monetary Fund (IMF), WP/26/62, March 2026, accessible here;
Shaun Ee et al., Highly Autonomous Cyber-Capable Agents: Anticipating Capabilities, Tactics, and Strategic Implications, Institute for AI Policy and Strategy (IAPS), March 2026, accessible here;

2.3.2. Europe

2.3.2.1. European Union

European Commission, Communication to the Commission - Approval of the content of the draft Communication from the Commission - Commission guidance on the application of Regulation (EU) 2024/2847 (Cyber Resilience Act) & Annex, Ares(2026)2319816, March 2026, accessible here and here;
European Union Agency for Cybersecurity (ENISA), ENISA Technical Advisory for Secure Use of Package Managers, Version: 1.1, March 2026, accessible here;
Polona Car, Simplifying cybersecurity reporting: The Digital Omnibus Single-Entry Point mechanism, European Parliament, European Parliamentary Research Service (EPRS), PE 785.675, March 2026, accessible here;
Moritz Körner, Draft recommendation on the draft Council decision on the conclusion, on behalf of the European Union, of the United Nations Convention against Cybercrime; Strengthening International Cooperation for Combating Certain Crimes Committed by Means of Information and Communications Technology Systems and for the Sharing of Evidence in Electronic Form of Serious Crimes (14941/2025 – C10-0369/2025 – 2025/0231(NLE)), European Parliament, Committee on Civil Liberties, Justice and Home Affairs, PE778.040v02-00, March 2026, accessible here;
European Union Agency for Cybersecurity (ENISA), ENISA Cybersecurity Market Analysis Framework (ECSMAF) – V3.0 - A framework for market analysis, including market monitoring, in the cybersecurity domain, Version 3.0, March 2026, accessible here;

2.3.2.2. France

République française & Agence nationale de la sécurité des systèmes d'information (ANSSI), Panorama de la cybermenace 2025, Computer Emergency Response Team – France (CERT-FR), March 2026, accessible here;

2.3.2. North America

2.3.2.1. United States of America

The White House, President Trump’s Cyber Strategy for America, March 2026, accessible here;

2.3.3. Asia

2.3.3.1. Hong Kong

Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD), The PCPD Issues Alert over the Privacy Risks of OpenClaw and Agentic AI and Reminds Organisations and the Public to Use AI Safely, March 2026, accessible here;
Court of Justice of the European Union (CJEU), A police authority may, in a criminal investigation, collect biometric data solely on the ground that that collection is strictly necessary, Judgment of the Court in Case C-371/24 | [Comdribus], March 2026, accessible here;

2.4. April

2.4.1. International

Gundars Bergmanis-Korāts & Joshua Chia Tee Hiang, Beyond Spam Bots - The Rise of AI-Powered Disinformation Machines and the Imperative for Strategic Response, North Atlantic Treaty Organization (NATO), NATO Strategic Communications Centre of Excellence, April 2026, accessible here;

2.4.2. Europe

2.4.2.1. European Union

Polona Car & Öykü Dilara A., Ransomware resilience: Strategic targets and growing trends, European Parliament, European Parliamentary Research Service (EPRS), PE 785.699, April 2026, accessible here;
Council of Europe, Recommendation CM/Rec(2026)4 of the Committee of Ministers to member States on online safety and empowerment of users and content creators (Adopted by the Committee of Ministers on 8 April 2026 at the 1556th meeting of the Ministers' Deputies), April 2026, accessible here;
Council of Europe, CM(2026)12-add2final - [1556/5.1a] Steering Committee on Media and Information Society (CDMSI) - Explanatory Memorandum to Recommendation CM/Rec(2026)4 of the Committee of Ministers to member States on the online safety and empowerment of users and content creators, April 2026, accessible here;
Santiago Iglesias Escudero, International comparison of Anti-Money Laundering frameworks - Institutional design, supervision and enforcement across major financial jurisdictions, European Parliament, Economic Governance and EMU Scrutiny Unit (EGOV), Directorate-General for Economy, Transformation and Industry (DG ECTI), PE 779.866, April 2026, accessible here;
Colin Murphy & Greta Baltikauskaitė, Understanding the dark web, European Parliament, European Parliamentary Research Service (EPRS), PE 785.704, April 2026, accessible here;

2.4.2.2. Switzerland

Eidgenössischen Finanzmarktaufsicht (FINMA), FINMA Guidance 02/2026 - Digital fraud risks for banks and persons under Article 1b of the Banking Act, April 2026, accessible here;

2.4.2. North America

2.4.2.1. United States of America

Federal Bureau of Investigation (FBI), Federal Bureau of Investigation Internet Crime Report 2025, Internet Crime Complaint Center, April 2026, accessible here;

4. Litigation & case-law

4.1. March

4.1.1. Europe

4.1.1.1. European Union

Court of Justice of the European Union (CJEU), A police authority may, in a criminal investigation, collect biometric data solely on the ground that that collection is strictly necessary, Judgment of the Court in Case C-371/24 | [Comdribus], March 2026, accessible here;

Voltar

Cybercrime Source Booklet: Regulatory and policy developments 2026 Edition

​ Fincrime, AML, cybercrime, cybersecurity, neurocrime & neurosecurity 1. Research conducted by individuals, companies, associations and universities 1.1. January 1.1.1. International​

World Economic Forum (WEF) & Accenture, Global Cybersecurity Outlook 2026, January 2026, accessible here;

1.2. February

1.2.1. International

ComplyAdvantage, The State of Financial Crime, February 2026, accessible here;

Sam Stockwell, Ardi Janjeva & Broderick McDonald, Adding Fuel to the Fire: AI Information Threats and Crisis Events, The Alan Turing Institute, Centre for Emerging Technology and Security (CETaS), February 2026, accessible here;

KPMG, Transforming financial crime with generative AI - Exploring the right application of autonomous agents to stay ahead!, February 2026, accessible here;

1.2.2. Europe

1.2.2.1. Russia​

Kateryna Bondar, How Russia Is Reshaping Command and Control for AI-Enabled Warfare, Center for Strategic and International Studies (CSIS), CSIS Wadhwani AI Center, February 2026, accessible here;

1.3. April

1.3.1. Europe

1.3.1.1. United Kingdom​

Broderick James McDonald & Sam Stockwell, AI Information Threats and Crisis Response: Practitioners’ Handbook, The Alan Turing Institute, Centre for Emerging Technology and Security (CETaS), April 2026, accessible here;

2. Reports, guidelines, recommendations and other documents published by regulatory and supervisory authorities, international organizations, and other public institutions and agencies 2.1. January 2.1.1. International

Tamás Gaidosch et al., Good Practices in Cyber Risk Regulation and Supervision, Monetary and Capital Markets Department, International Monetary Fund (IMF), January 2026, accessible here;

2.1.2. Europe 2.1.2.1. European Union

Alexandre Lotito & Hubert Dalli, Digital Package - Revision of the Cybersecurity Act: Implementation takeaways, European Parliamentary Research Service (EPRS), European Parliament, PE 774.675, January 2026, accessible here;

Sofia Karttunen, The Danish approach to copyright and deepfakes: A model for the EU?, European Parliamentary Research Service (EPRS), European Parliament, PE 782.611, January 2026, accessible here;

Mar Negreiro, Combating child sexual abuse online, European Parliamentary Research Service (EPRS), European Parliament, PE 738.224, January 2026, accessible here;

Mar Negreiro, Virtual private networks and the protection of children online, European Parliamentary Research Service (EPRS), European Parliament, PE 782.618, January 2026, accessible here;

European Union Agency for Cybersecurity (ENISA), ENISA International Strategy, January 2026, accessible here;

European Union Agency for Fundamental Rights (FRA), Regulating online terrorist content - Balancing public safety and fundamental rights, Publications Office of the European Union, January 2025, accessible here;

Alessandro Davoli, Police Cooperation, European Parliament, Think Tank, January 2026, accessible here;

NIS Cooperation Group Work Stream on Risk Assessment and Supply Chain Security, EU Coordinated Risk Assessment - Detection Equipment, European Commission, European Union Agency for Cybersecurity (ENISA), January 2026, accessible here & here;

NIS Cooperation Group Work Stream on Risk Assessment and Supply Chain Security, EU Coordinated Risk Assessment - Connected and Automated Vehicles, European Commission, European Union Agency for Cybersecurity (ENISA), January 2026, accessible here & here;

NIS Cooperation Group Work Stream on Risk Assessment and Supply Chain Security, EU ICT Supply Chain Security Toolbox, European Commission, European Union Agency for Cybersecurity (ENISA), January 2026, accessible here & here;

2.1.2.2. France

République française, Stratégie nationale de cybersécurité 2026-2030, January 2026, accessible here;

2.1.3. North America

2.1.3.1. United States of America

National Security Agency, Zero Trust Implementation Guideline - Primer, Cybersecurity Technical Report, U/OO/102936-26, PP-25-3613, Version 1.0, January 2026, accessible here;

2.2. February

2.2.1. International

Financial Action Task Force (FATF), Cyber-Enabled Fraud - Digitalisation and Money Laundering, Terrorist Financing and Proliferation Financing Risks, February 2026, accessible here;

2.2.2. Europe

2.2.2.1. European Union

Colin Murphy, New action plan against cyberbullying, European Parliamentary Research Service (EPRS), European Parliament, PE 782.632, February 2026, accessible here;

European Commission, Protect what matters - Drone and counter-drone security, Publications Office of the European Union, February 2026, accessible here;

2.2.2.2. United Kingdom

HM Treasury, Using digital identities with the Money Laundering Regulations, GOV.UK, February 2026, accessible here;

2.3. March

2.3.1. International

Financial Action Task Force (FATF), Targeted report on Stablecoins and Unhosted Wallets - Peer-to-Peer Transactions, March 2026, accessible here;

Andrea Minto et al., From cash to crypto: towards a consistent regulatory approach to illicit payments, Bank for International Settlements (BIS), Monetary and Economic Department, BIS Papers No 166, March 2026, accessible here;

Financial Action Task Force (FATF), Understanding and Mitigating the Risks of Off-shore Virtual Asset Service Providers, March 2026, accessible here;

Tommy Shaffer Shane, Simon Mylius, & Hamish Hobbs, Cheming in the wild - Detecting real-world Al scheming incidents with open-source intelligence, The Centre for Long-Term Resilience (CLTR), AI Security Institute (AISI), March 2026, accessible here;

Tanai Khiaonarong & Shanyuan Zheng, The Rise of Cyber Events and Digital Fraud in the Financial Sector, International Monetary Fund (IMF), WP/26/62, March 2026, accessible here;

Shaun Ee et al., Highly Autonomous Cyber-Capable Agents: Anticipating Capabilities, Tactics, and Strategic Implications, Institute for AI Policy and Strategy (IAPS), March 2026, accessible here;

2.3.2. Europe

2.3.2.1. European Union

European Commission, Communication to the Commission - Approval of the content of the draft Communication from the Commission - Commission guidance on the application of Regulation (EU) 2024/2847 (Cyber Resilience Act) & Annex, Ares(2026)2319816, March 2026, accessible here and here;

European Union Agency for Cybersecurity (ENISA), ENISA Technical Advisory for Secure Use of Package Managers, Version: 1.1, March 2026, accessible here;

Polona Car, Simplifying cybersecurity reporting: The Digital Omnibus Single-Entry Point mechanism, European Parliament, European Parliamentary Research Service (EPRS), PE 785.675, March 2026, accessible here;

European Union Agency for Cybersecurity (ENISA), ENISA Cybersecurity Market Analysis Framework (ECSMAF) – V3.0 - A framework for market analysis, including market monitoring, in the cybersecurity domain, Version 3.0, March 2026, accessible here;

2.3.2.2. France

République française & Agence nationale de la sécurité des systèmes d'information (ANSSI), Panorama de la cybermenace 2025, Computer Emergency Response Team – France (CERT-FR), March 2026, accessible here;

2.3.2. North America

2.3.2.1. United States of America

The White House, President Trump’s Cyber Strategy for America, March 2026, accessible here;

2.3.3. Asia

2.3.3.1. Hong Kong

Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD), The PCPD Issues Alert over the Privacy Risks of OpenClaw and Agentic AI and Reminds Organisations and the Public to Use AI Safely, March 2026, accessible here;

Court of Justice of the European Union (CJEU), A police authority may, in a criminal investigation, collect biometric data solely on the ground that that collection is strictly necessary, Judgment of the Court in Case C-371/24 | [Comdribus], March 2026, accessible here;

2.4. April

2.4.1. International

Gundars Bergmanis-Korāts & Joshua Chia Tee Hiang, Beyond Spam Bots - The Rise of AI-Powered Disinformation Machines and the Imperative for Strategic Response, North Atlantic Treaty Organization (NATO), NATO Strategic Communications Centre of Excellence, April 2026, accessible here;

2.4.2. Europe

2.4.2.1. European Union

Polona Car & Öykü Dilara A., Ransomware resilience: Strategic targets and growing trends, European Parliament, European Parliamentary Research Service (EPRS), PE 785.699, April 2026, accessible here;

Council of Europe, Recommendation CM/Rec(2026)4 of the Committee of Ministers to member States on online safety and empowerment of users and content creators (Adopted by the Committee of Ministers on 8 April 2026 at the 1556th meeting of the Ministers' Deputies), April 2026, accessible here;

Colin Murphy & Greta Baltikauskaitė, Understanding the dark web, European Parliament, European Parliamentary Research Service (EPRS), PE 785.704, April 2026, accessible here;

2.4.2.2. Switzerland

Eidgenössischen Finanzmarktaufsicht (FINMA), FINMA Guidance 02/2026 - Digital fraud risks for banks and persons under Article 1b of the Banking Act, April 2026, accessible here;

2.4.2. North America

2.4.2.1. United States of America

Federal Bureau of Investigation (FBI), Federal Bureau of Investigation Internet Crime Report 2025, Internet Crime Complaint Center, April 2026, accessible here;

4. Litigation & case-law

4.1. March

Cybercrime Source Booklet:
Regulatory and policy developments
2026 Edition

Fincrime, AML, cybercrime, cybersecurity, neurocrime & neurosecurity
1. Research conducted by individuals, companies, associations and universities
1.1. January
1.1.1. International

1.2.2.1. Russia

1.3.1.1. United Kingdom

2. Reports, guidelines, recommendations and other documents published by regulatory and supervisory authorities, international organizations, and other public institutions and agencies
2.1. January
2.1.1. International

2.1.2. Europe
2.1.2.1. European Union