Treasury Department takes new steps to combat ransomware

The U.S. Department of the Treasury has launched some new initiatives to help the virtual currency industry prevent exploitation by sanctioned persons and illicit actors.

© Shutterstock

New industry-specific guidance from the Treasury outlines sanctions compliance best practices tailored to the unique risks posed in this dynamic space. Further, new data from the Financial Crimes Enforcement Network (FinCEN) shows the increasing threat ransomware posed to the U.S financial sector, businesses, and the public during the first half of 2021.

“Ransomware actors are criminals who are enabled by gaps in compliance regimes across the global virtual currency ecosystem,” Deputy Secretary of the Treasury Wally Adeyemo said. “Treasury is helping to stop ransomware attacks by making it difficult for criminals to profit from their crimes, but we need partners in the private sector to help prevent this illicit activity.”

Treasury officials said the private sector plays a key role by implementing appropriate sanctions and anti-money laundering/countering the financing of terrorism (AML/CFT) controls to prevent these abuses.

Specifically, the Treasury Department’s Office of Foreign Assets Control (OFAC) issued a brochure to promote sanctions compliance in the virtual currency industry. OFAC sanctions compliance requirements apply to the virtual currency industry just as they do to traditional financial institutions – with civil and criminal penalties for failing to comply. The guidance issued by OFAC today provides an overview of OFAC sanctions requirements and provides examples of compliance best practices for operators in this space.

In addition, FinCEN is publishing Ransomware Trends in Bank Secrecy Act data today. The first report focuses on pattern and trend information pertaining to ransomware. FinCEN analysis of ransomware-related Suspicious Activity Reports, or SARs, filed during the first half of 2021, further establishes that ransomware is a significant threat to the U.S. financial sector, businesses, and the public. The report found that the average ransomware transactions per month filed in the first half of 2021 was approximately $100 million, with about 68 different ransomware variants.