White House Issues Executive Order Targeting Cybercrime, Fraud, And Foreign “Scam Centers”

On March 6, 2026, President Trump issued Executive Order 14390, a sweeping directive aimed at combating cyber-enabled fraud schemes targeting Americans. The Executive Order was published in the Federal Register on March 11, 2026.

The Order reflects growing federal concern about large-scale cyber fraud operations—often referred to as “scam centers”—run by transnational criminal organizations (TCOs) that target U.S. consumers and businesses. According to the Order, these schemes include ransomware attacks, phishing campaigns, impersonation scams, sextortion schemes, and other forms of cyber-enabled financial fraud. The Administration characterizes these operations as part of a global shadow economy frequently linked to organized crime networks and, in some cases, tolerated or supported by foreign governments.

Although the Executive Order does not impose direct regulatory obligations on financial institutions or other private-sector firms, it signals a significant shift toward a more coordinated and potentially aggressive federal strategy to combat international cyber fraud operations.

We are laser-focused on this massive problem and applaud the Administration for sharing our concern. In our February 26, 2026 episode of the award-winning Consumer Finance Monitor podcast, Alan Kaplinsky was joined by Nick Bourke, Kate Griffin, and Ballard Spahr partner Joseph Schusterto discuss a groundbreaking new report from the Aspen Institute Financial Security Program: United We Stand: A National Strategy to Prevent Scams. (the “Aspen Report”)

Our February 26 podcast built on Nick and Kate’s prior appearance on the podcast last July, when the report was still in development. Now finalized, the report offers one of the most comprehensive frameworks to date for addressing what has become a systemic threat to American households and the broader financial system.

On March 6, 2026, Joseph Schuster, testified before the U.S. House of Representatives Financial Services Committee on the danger posed by new forms of financial fraud. “Financial fraud is increasingly industrialized, technology-enabled, cross-channel, and scalable,” he told lawmakers as part of a hearing titled “Fighting Fraud on the Front Lines: Challenges and Opportunities for Financial Institutions.” His written testimony is here. The hearing, including his oral testimony, is here.

Interagency Review and National Action Plan

The Executive Order directs several federal agencies—including the Department of Justice, Department of Homeland Security, Department of the Treasury, and Department of State—to review the operational, regulatory, and diplomatic tools currently available to combat cyber-enabled fraud carried out by foreign TCOs.

Within 60 days, these agencies must assess how existing authorities and frameworks can be strengthened. Within 120 days, they must submit an action plan to the President identifying the TCOs responsible for scam centers and proposing measures to prevent, disrupt, investigate, and dismantle these organizations.

A key element of the plan will be the creation of an operational cell within the National Coordination Center (NCC) to coordinate federal efforts to detect and disrupt cyber-enabled criminal activity targeting U.S. persons, businesses, and critical infrastructure. The operational cell is intended to improve real-time coordination across federal agencies and support rapid responses to emerging cyber threats. Immense credit for this part of the EO belongs to the Aspen Report which called for the federal government to put a coordinator in change of a national scam strategy. The EO appears to do just that, with the coordination coming from the White House.

Greater Use of Private-Sector Cyber Intelligence

The Executive Order also emphasizes the importance of collaboration with the private sector. It directs federal authorities to leverage threat intelligence, technical capabilities, and operational insights from commercial cybersecurity firms and other non-federal entities to enhance attribution and tracking of malicious cyber actors.

This provision reflects the reality that many cybercrime investigations depend heavily on information generated by private companies that monitor internet infrastructure, detect malicious software activity, and identify criminal networks operating online.

For financial institutions and technology companies, this focus suggests that government agencies may increasingly rely on industry cooperation in identifying fraudulent activity and sharing intelligence about emerging cyber threats.

Support for State and Local Governments

The Executive Order also directs the Cybersecurity and Infrastructure Security Agency (CISA), within the Department of Homeland Security, to expand support for state, local, tribal, and territorial governments. CISA will work with these entities to provide training, technical assistance, and threat intelligence designed to strengthen cybersecurity defenses and protect critical infrastructure systems from cyber-enabled exploitation by criminal organizations.

These initiatives may include efforts to expand defensive capabilities, improve information sharing, and help government partners detect and respond to cyber fraud schemes targeting their systems or residents.

Potential Victim Restoration Program

Another noteworthy provision directs the Attorney General to recommend, within 90 days, whether to establish a Victim Restoration Program designed to provide restitution to victims of cyber-enabled fraud schemes. The program would distribute funds recovered through forfeiture or seizure from criminal organizations responsible for the fraud.

While federal law already allows restitution in criminal cases, the proposed program could create a more structured process for returning recovered funds to victims of cyber fraud schemes, which often affect thousands of individuals across multiple jurisdictions.

Diplomatic Pressure on Countries Harboring Cybercriminals

The Executive Order also directs the Department of State to increase diplomatic engagement with foreign governments where scam centers operate. The State Department is instructed to demand stronger enforcement actions against cybercriminal networks operating within those countries and to encourage greater cooperation with U.S. law enforcement authorities.

Where foreign governments tolerate or fail to act against these activities, the Order contemplates the possibility of additional consequences, including targeted sanctions, visa restrictions, limitations on foreign assistance, trade penalties, and the expulsion of diplomats involved in or complicit with cyber fraud operations. The Order also encourages coordination with allied governments to increase the effectiveness of these measures.

Implications for Financial Institutions, Fintechs, and Technology Platforms

Although the Executive Order does not create enforceable rights or impose new compliance obligations, it nonetheless has important implications for financial institutions, fintech companies, payment providers, and digital platforms.

First, the directive underscores that cyber-enabled financial fraud remains a major enforcement priority for federal authorities. Banks and payment providers may therefore see increased engagement from law enforcement and regulatory agencies seeking information or cooperation in investigations involving cross-border fraud schemes.

Second, the Order’s emphasis on public-private collaboration suggests that financial institutions and technology firms may play an increasingly central role in identifying suspicious activity and helping authorities disrupt cybercrime networks.

Third, the Order’s focus on transnational criminal organizations and foreign jurisdictions highlights the national security dimension of cyber fraud. This framing may lead to greater use of sanctions authorities, cross-border law enforcement partnerships, and other national security tools to address large-scale scam operations targeting U.S. consumers.

Looking Ahead

The practical impact of the Executive Order will depend largely on the action plan federal agencies must deliver within 120 days. That plan may outline new enforcement initiatives, additional interagency coordination mechanisms, and potential regulatory or legislative proposals designed to strengthen the government’s ability to combat cyber-enabled fraud.

For financial services providers and other companies operating in the digital ecosystem, the Executive Order signals continued federal focus on large-scale online fraud schemes and the role of public-private partnerships in identifying and disrupting them.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.