The ad network will only have to comply with that for websites that operate out of said country, a US website doesn't have to comply with EU cookie policy for example unless it's operated by a company from within the EU.
Yes right now the website will serve a script from a third party ad network, which itself serves a script from a fourth party ad network, etc, etc. When you visit a US website you would be lucky that all the companies that help themselves on your browser are all US based.
What you're describing is typically considered publisher fraud and not unique to this situation. Ad networks will revoke that website or any of the parties in between that serves their ads fraudulently.
