Pig Butchering and Beyond: The Anatomy of Modern Romance and Investment Fraud Schemes

Investment fraud has undergone a structural transformation over the past five years. The emergence of ‘pig butchering’ — sha zhu pan in Mandarin — as the dominant global investment fraud typology represents a convergence of romance fraud, cryptocurrency manipulation, and industrial-scale criminal organisation that has proved devastatingly effective against victims across every demographic. Unlike traditional advance fee or Ponzi schemes, pig butchering is characterised by months-long victim grooming, sophisticated fake investment platforms, and a patient escalation of deposits before a sudden and total extraction.

The financial losses associated with romance and investment fraud are staggering. The FBI’s Internet Crime Complaint Centre (IC3) reported USD 4.57 billion in investment fraud losses in 2023, with cryptocurrency-based schemes accounting for the majority. The FTC in the United States, Action Fraud in the UK, and the ACCC in Australia have all reported record investment fraud losses in 2024. Critically, these figures represent only reported losses — victim shame and confusion mean that a significant proportion of romance and investment fraud goes unreported.

For financial institutions, the challenge is multifaceted. Victims of pig butchering are frequently willing participants in the movement of their own funds — a dynamic that makes fraud detection through traditional authorised payment monitoring extremely challenging. Simultaneously, the proceeds flow rapidly through mule accounts, crypto exchanges, and over-the-counter brokers in ways that present significant AML detection challenges. The fraud and AML dimensions of this threat are inseparably linked.

Regulatory, Enforcement, and Market Context

The regulatory response to romance and investment fraud has intensified. In the UK, the Payment Systems Regulator’s mandatory reimbursement regime for authorised push payment fraud — which came into force in October 2024 — creates direct financial liability for sending institutions that fail to apply adequate fraud prevention controls. This fundamentally changes the economics of consumer fraud protection for UK banks, making investment in friction, intervention, and consumer warning tools financially as well as reputationally necessary. The PSR regime is being watched closely by regulators in Australia, Singapore, and the EU as a potential model.

Enforcement actions against platforms and exchanges facilitating pig butchering proceeds have also escalated. The US DOJ has brought charges against operators of fraudulent cryptocurrency platforms used in sha zhu pan schemes, and OFAC has designated several crypto wallets and entities associated with Southeast Asian scam compound infrastructure. Virtual asset service providers with inadequate transaction monitoring have faced enforcement from FinCEN and international equivalents.

What the Data Is Showing

Chainalysis data shows that pig butchering addresses received at least USD 4.4 billion in cryptocurrency in 2023, with average victim losses significantly higher than other fraud typologies. Victim profiling analysis by the Global Anti-Scam Organisation (GASO) indicates that pig butchering victims skew toward educated, financially literate individuals aged 25–55 — a demographic that challenges the stereotype of fraud victims as elderly or unsophisticated. The emotional manipulation component of the scheme is its most powerful weapon, and it is specifically designed to override rational financial decision-making.

Network analysis of pig butchering money flows reveals a consistent pattern: victim funds are typically converted to cryptocurrency within 24–48 hours of transfer, routed through three to five intermediate addresses, and ultimately consolidated at exchanges with weak AML controls or OTC desks in high-risk jurisdictions. Institutions that can detect the pre-conversion payment stage — through outgoing payment friction, beneficiary risk scoring, and real-time customer intervention — have the greatest opportunity to prevent or reduce victim losses.

Implications for Financial Institutions

Payment friction and real-time customer intervention are the most powerful tools available to sending institutions. This includes investment fraud warnings on payments to cryptocurrency exchanges, cooling-off periods for first-time large transfers to new beneficiaries, and proactive outreach to customers displaying behavioural patterns consistent with victim grooming — such as sudden large account credits followed immediately by outbound crypto-related payments. The PSR’s consumer standard of caution framework provides a useful conceptual basis for designing proportionate intervention strategies.

On the receiving and laundering side, institutions must treat accounts that receive rapid inflows from multiple retail customers and immediately convert or transfer funds as high-priority SAR candidates. Intelligence sharing with industry platforms such as the UK’s Payment Systems Regulator’s Confirmation of Payee and AUSTRAC’s Fintel Alliance provides valuable typology indicators. Institutions should also engage their virtual asset service provider counterparties to establish information-sharing protocols for pig butchering-related transaction flows.

Conclusion

Romance and investment fraud has become one of the defining financial crime challenges of the decade — combining psychological sophistication, criminal infrastructure, and digital payment rails in ways that demand an integrated fraud and AML response. Institutions that approach this as purely a consumer protection issue, or purely an AML issue, will miss the full picture. Only those that connect the dots across fraud prevention, transaction monitoring, customer intervention, and financial intelligence will build genuinely effective defences.

Suggested Next Steps

• Implement real-time payment intervention for outbound transfers to cryptocurrency exchanges, including investment fraud warning screens, mandatory confirmation steps, and behavioural friction proportionate to transfer size and customer history.

• Build or enhance transaction monitoring scenarios that detect the mule account side of pig butchering — specifically, accounts receiving rapid multi-source retail inflows followed by immediate crypto conversion or onward transfer.

• Train customer-facing staff to recognise and sensitively intervene with potential romance fraud victims, using non-judgmental scripting that protects the customer relationship while creating space for disclosure.

• Establish information-sharing relationships with virtual asset service providers and payment system operators to exchange typology indicators and known fraudulent beneficiary accounts on a timely basis.

Sources: FBI IC3 Internet Crime Report (2023); Chainalysis Crypto Crime Report (2024); Global Anti-Scam Organisation Research (2024); UK Payment Systems Regulator APP Fraud Reimbursement Policy (2024); ACCC Scamwatch Annual Report (2024); US DOJ Investment Fraud Press Releases (2024).

TrustSphere helps financial institutions design and deploy intelligent fraud and financial crime detection solutions. Visit www.trustsphere.ai