Christina Chapman, 50, pleaded guilty to conspiracy charges in February in connection with the scheme and authorities have recommended nine years in prison for her role, according to a sentencing memo filed last week. That’s despite her claim to the FBI she had no idea North Korea was involved. Prosecutors are also seeking 36 months of supervised release, and a money judgment in the amount of $176,850—the same amount authorities claim Chapman made for her part in the scheme, which netted at least $17.1 million for North Korea, per the IRS. 

“A sentence that is too lenient would convey the wrong message to both North Koreans and current and future U.S.-based facilitators that this conduct is tolerated in the U.S. and worth the risk of being caught by U.S. law enforcement,” prosecutors wrote in the memo, submitted by U.S. Attorney Jeanine Pirro. “Rather, the Court should send the message that participation in these schemes and related violations of law have serious consequences so that future would-be facilitators will be adequately deterred.”

Attempts to reach Chapman through her attorney were unsuccessful. 

According to court documents and law enforcement, thousands of IT workers trained in elite tech schools in North Korea have been involved in a vast global conspiracy to weaponize the remote-work economy by obtaining jobs in IT using fake, stolen, or borrowed identities. The workers, based in North Korea or locations such as China, Russia, or the UAE, use AI to manage sometimes a dozen or more personas and obtain legitimate jobs at U.S. and European companies. The U.S. has maintained sanctions on North Korea since 2016 because of its nuclear efforts, banning the regime from the U.S. financial system and curtailing all business between U.S. people and companies with North Korea. 

In Chapman’s case, a 2023 raid of her suburban Arizona home found an elaborate staging area with 90 laptops in an organized setup to track which device was meant for which worker, prosecutors wrote in court records. She labeled each device with notes identifying the associated company and the corresponding stolen identity, photos from the raid show. Authorities said she aided workers in the scheme for three years, at one point becoming so inundated with tasks that she needed to hire two assistants to help her. 

According to court records, Chapman helped the IT workers verify stolen identities so they could pose as real U.S. citizens and installed software after the companies shipped out laptops. She helped the North Korean workers log in remotely, and then kept the laptops organized and safe at her home so that U.S. companies would believe the North Korean workers were located in the U.S.

Authorities said Chapman shipped 35 packages to Dangdong, China, a city near the North Korean border, and helped ship at least 49 laptops and other hardware to China, Pakistan, the UAE, and Nigeria. She also helped them cash their checks by accepting their payments and depositing the money in her bank account before transferring it over to the workers. 

She charged the North Korean workers $176,850 in fees for her services, according to the memo.

The federal push for a significant sentence for Chapman isn’t just about individual punishment; it’s a strategic move to set a precedent, Andrew Borene, executive director at Flashpoint threat intelligence and former senior official in the Office of the Director of National Intelligence, told Fortune.

“This prosecution aims to draw a line, deterring future U.S. facilitators and sending a message to Pyongyang,” Borene said. “I would expect a ruling that underscores the gravity of aiding a sanctioned regime, marking a pivotal moment in how the U.S. government confronts American complicity in these transnational criminal enterprises.”  

Borene said the fallout from the IT worker scheme has intensified this year with indictments in December 2024, and a sweeping raid of 29 other laptop farms authorities announced in June. 

Prosecutors noted that even though Chapman claimed to be unaware of the involvement of a sanctioned nation, the victim impact is significant, and the case is one of the largest North Korean IT worker fraud schemes the Department of Justice has charged. Some 68 U.S. citizens had their identities stolen, and 309 U.S. businesses plus two multinationals were defrauded.

Those who had their identities stolen have had fake tax liabilities created in their name and are subject to ongoing monitoring from the IRS and Social Security Administration. One victim was denied unemployment because an IT worker was using their Social Security number, prosecutors wrote. The IT workers also allegedly created online and social media profiles to aid the scheme, which has made it difficult for those who had their identities stolen to regain control of their names. 

The impact on businesses has also been huge, prosecutors wrote. 

“First, the fact that U.S. companies had technologically savvy North Korean insiders accessing their sensitive IT systems generally caused U.S. companies to have to conduct internal and costly security reviews,” the memo states. “​​Second, some U.S. companies had their data stolen by an IT worker, causing further internal security review.”

 Authorities said Chapman also willfully obstructed the investigation because she deleted about 10 Skype conversations with IT workers when she found out the FBI was raiding her house. 

Her sentencing will take place on July 24 in Arizona.