In 2022, Brazil's investigative outlet Repórter Brasil revealed that Apple, Google, Microsoft, and Amazon had all purchased gold from Italian and Brazilian refiners under investigation by the Brazilian Federal Police for sourcing from illegal wildcat mining on protected indigenous land. Gold is fundamental in the production of electronics due to its ability to conduct electricity and malleability.
Unfortunately, regulatory gaps are where most often the window of opportunity appears for criminality. While the occurrence of smuggling per se may not be a surprising element, the scale in which supply chains are hijacked by organised crime is often underperceived. The companies involved in the export and refinement process of the illegal gold were certified under international responsible-sourcing standards. However, it is often easier to bypass regulations than to abide by them.
The resulting vulnerability is a combination of regulatory failure and human element. Illegal metals enter legitimate supply chains because people inside those chains make it possible, and as commodity prices hit record highs, the pressure on those people is intensifying.
The scale of the problem begins with commodity economics. Supply chain losses in the EMEA region surged to over half a billion euros. According to TAPA data, metal theft is the most popular type of supply chain incident, while Germany dominates the rankings of the most targeted countries,
TT Club is an independent provider of mutual insurance and related risk management services to the international transport and logistics industry. Their longitudinal claims data documents a more than eighteenfold increase in copper theft cases between 2016 and 2025. More specifically, in 2025 copper emerged as the most stolen cargo globally, with theft frequency directly correlated to commodity pricing. Critically, the loss is rarely limited to the stolen cargo: theft triggers delay, contractual dispute, reputational harm, and operational disruption across the wider chain.
Gold follows the same logic at a different layer. Record prices make supply chain fraud more economically compelling, and regulatory interventions can accelerate rather than solve the problem. Recently, India almost tripled tariffs on gold imports to 15%, immediately creating a grey market incentive to resume smuggling gold. In addition, the grey market discount that arose is around €175 per ounce, making it impossible for legitimate importers to compete. Industry sources estimate illegal imports could exceed 100 metric tons in 2026 as a result. Tariffs designed to regulate trade functioned as price support for the smuggling economy running alongside it. When legal supply becomes more expensive than illegal supply, the incentive to recruit insiders who can bridge the gap becomes structural.
Purchase fraud and document manipulation: the most systematic method is falsifying provenance at source. Investigators found that almost no countries fully report gold shipments or disclose the companies involved, creating a structural opacity that fraudulent documentation exploits. Ghost permits and false declarations of origin allow illegally sourced metal to enter certified supply chains with paperwork that satisfies every formal requirement.
Regulatory arbitrage: smuggling networks exploit gaps between jurisdictions. Different legal standards across extraction, refining, and consumption countries create seams that organised networks navigate with precision, for example by submitting documentation that satisfies one system while being unverifiable by another.
Convergence with organised crime: in September 2025, Eurojust supported a joint French-Italian investigation that dismantled two linked crime groups; one trafficking drugs, the other laundering its proceeds through an elaborate gold-bar trading system. Twelve suspects were arrested, close to 100 kilos of gold bars seized, and proceeds estimated at a minimum of €30 million. One network offered "crime as a service," using gold transactions designed to make proceeds untraceable. For any company whose supply chain touches the same logistics infrastructure, such as freight forwarders, storage facilities, or trading intermediaries, this is an acute third-party risk.
No smuggling network at industrial scale can operate without insiders. The question is not only whether they exist in a supply chain, but also where they are and which role they cover.
Turning a blind eye: it is sometimes hard to be able to discern whether malpractice stems from the attempt at cutting corners or for involvement in organised crime. However, such insiders can approve documentation without scrutinising it, accept third-party certifications as a substitute for upstream verification, and process anomalies as administrative noise. In the Apple case discussed in the introduction, the compliance failure was distributed across an entire chain, which each layer relying on the previous one to have asked the harder questions.
Providing physical access: where the merchandise is physical, insiders with access to cargo, warehousing, or port handling provide valuable insights on logistics for smuggling. Airport staff have become the documented case study: across major Indian airports, cargo handlers, airline crew, cleaning contractors, and retail workers have repeatedly been arrested for concealing and passing gold through the exact security perimeter that no external actor can cross without cooperation from within. The method is consistent: a network identifies a low-paid worker with airside access, pays a commission, and uses that person to bridge the gap physical security cannot close alone.
Providing information: sharing cargo manifests, container seal codes, inspection schedules, or routing data with criminal networks. Deception-based theft represents a growing share of copper cargo losses, namely a scheme in which criminals use fraudulent carrier identities to collect legitimate loads, dependent on inside knowledge of what is moving, when, and by which route. In addition, advance knowledge of which shipments will face scrutiny and which will not, can only come from inside the logistics or compliance chai
Gold and copper are enabling materials for the sectors underpinning new energy technology, semiconductor manufacturing, defence, and healthcare. Copper is essential for power transmission, battery storage, renewable energy systems, and advanced manufacturing, essentially the physical backbone of the energy transition. These are not commodities that can be easily substituted or sourced around, and the current shipping crisis due to the tensions in the Middle East is exacerbating the problem.
When contaminated metal enters a certified supply chain, the exposure surfaces far downstream and long after the transaction. EU due diligence obligations, LBMA responsible-sourcing requirements, AML frameworks, and OFAC sanctions all converge on one question: where did this metal come from, and who handled it on the way? The certification that answered that question may have been generated by the same insider network that facilitated the smuggling.
The pharmaceutical sector offers a preview of what happens at the acute end of this failure mode. Counterfeit opioid tablet seizures in Europe rose from 380 in 2022 to over 50,000 in 2024, with pills designed to be indistinguishable from genuine prescription medicines. An INTERPOL operation across 90 countries in 2024–2025 seized 50.4 million doses of illicit pharmaceuticals, 93% of which lacking regulatory approval from national authorities. These products reached patients because supply chains had insiders or lacked controls capable of detecting contamination before it reached the end user. Metals move more slowly, but the structural exposure is identical: by the time contamination is detected, the product is deployed, the counterparty has been paid, and the paper trail leads nowhere.
The Apple case exposes a paradox at the heart of responsible sourcing: the same system designed to keep illegal metal out of supply chains provided the cover that allowed it in. While the tech companies at the end of the chain had on paper done everything right, the gold was sourced illegally by refiners and certified at each audit point.
No certification scheme is set up to catch what an insider intends to conceal. No audit reviews every meeting or handshake between a logistics contractor and a criminal network. The controls that matter are built around people: who has access, what they can see, what pressures they face, and whether anyone is watching the watchers.
Supply chain resilience in the metals sector is not a procurement problem, but an insider risk problem. The networks exploiting these chains are adaptive, well-resourced, and systematically focused on the human variables that procedural controls miss.
Understanding variables such as which roles carry access risk, which contractors operate in low-oversight environments, or which geographies expose your chain to organised criminal convergence is the starting point for building real resilience.
Disclaimer: The cases discussed in this publication are based solely on publicly available information at the time of writing. They are intended for educational and illustrative purposes and should not be interpreted as definitive investigative findings. In some instances, official investigations may still be ongoing, and information may emerge that could alter the understanding of the events described. Signpost Six makes no claims regarding the actions, intentions, or liability of any individuals or organisations mentioned. While every effort has been made to ensure accuracy, Signpost Six accepts no responsibility for any errors, omissions, or misinterpretations arising from the use of publicly sourced information.