Compliance: Treasury issues ransomware advisories to thwart attacks

October 5, 2020

The Treasury's Financial Crimes Enforcement Network (FinCEN) issued advisory designed an assist U.S. individuals and businesses in efforts to combat ransomware scams and attacks, which continue to increase in size and scope.

Ransomware is a form of malicious software designed to block access to a computer system or data, often by encrypting data or programs on information technology (IT) systems to extort ransom payments from victims in exchange for decrypting the information and restoring victims’ access to their systems or data.

FinCEN's advisory alerts financial institutions to predominant trends, typologies and potential indicators of ransomware and associated money laundering activities, including 

  • The role of financial intermediaries in the processing of ransomware payments;
  • Trends and typologies of ransomware and associated payments;
  • Ransomware-related financial red flag indicators; and
  • Reporting and sharing information related to ransomware attacks.

An additional advisory from the Office of Foreign Assets Control alerts companies that engage with victims of ransomware attacks of the potential sanctions risks for facilitating ransomware payments.