Cybersecurity

Subscribe to Cybersecurity

October is National Cybersecurity Awareness Month, and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and Office of Foreign Assets Control (“OFAC”) kicked off the month by issuing two advisories that aim to increase cybersecurity awareness, assist financial institutions in detecting and reporting ransomware activity, and highlight potential sanctions risks for facilitating ransomware payments.

The FinCEN and OFAC advisories signal the seriousness with which the Department of Treasury treats the threat of cybercriminals and ransomware attacks. Both FinCEN and OFAC have now squarely placed an obligation on financial institutions and other payment intermediaries to put procedures in place to detect ransomware payments and to restrict payments to blocked individuals. It appears FinCEN and OFAC want to make sure cybercrime does not pay by cutting off cybercriminals’ access into the financial system.

While both FinCEN and OFAC have offered guidance to financial institutions formulating policies and procedures for deciding whether to process or report payment requests that may be connected to ransomware attacks, OFAC has also offered a warning: facilitating ransomware payments may lead to an enforcement action and civil penalties. Given the growing national security concerns associated with ransomware attacks, the advisories rightly encourage financial institutions and other payment intermediaries that facilitate ransomware payments to share information via Suspicious Activity Reports (“SARs”) and to fully cooperate with law enforcement during and after ransomware attacks.
Continue Reading FinCEN and OFAC Advisories Aim to Increase Cybersecurity Awareness and Thwart Ransomware Attacks in the Financial Sector

The Financial Crimes Enforcement Network (“FinCEN”) just issued yet another Advisory regarding fraud threats faced by financial institutions, as exacerbated by the COVID-19 pandemic. This Advisory pertains to “Cybercrime and Cyber-Enabled Crime Exploiting the Coronavirus Disease (COVID-19) Pandemic.” We consistently have blogged on FinCEN’s pronouncements on the enhanced fraud risks created by COVID-19.

A Guest Blog by Professor Moyara Ruehsen

Today we are very pleased to welcome guest blogger Moyara Ruehsen, PhD, CAMS, CFCS, who is  an Associate Professor and Director of the Financial Crime Management Program at the Middlebury Institute of International Studies in Monterey, California. For more than 20 years, Professor Ruehsen has taught financial crime-related courses on a variety of topics including money laundering, trade-based financial crime, corruption, proliferation financing, terrorist financing and cyber-enabled financial crime.  She has published articles and book chapters on a variety of topics related to threat finance and is a Certified Anti-Money Laundering Specialist and a Certified Financial Crime Specialist. Professor Ruehsen also consults for the U.S. government, multilateral organizations and the private sector. She served for several years on the Editorial Advisory Board of Money Laundering Alert, and the Middle East Task Force of the Association of Certified Anti-Money Laundering Specialists, or ACAMS.

For an extremely entertaining and illuminating discussion by Professor Ruehsen of how popular TV and movies get money laundering right (and wrong), see here.

This blog post takes the form of a Q & A session, in which Professor Ruehsen responds to several questions posed by Money Laundering Watch about the critical topic of cyber-enabled financial crime. We hope you enjoy this discussion, which addresses how cyber-enabled financial crime threatens financial institutions and their customers. –Peter Hardy
Continue Reading Cyber-Enabled Financial Crime and Money Laundering

ABA Tax Fraud Panel to Discuss IRS CI and Crypto Criminals

The Internal Revenue Service – Criminal Investigation (IRS CI) has made it clear that it is focusing on the abuse of digital currencies to further tax evasion, money laundering, and other offenses. IRS-CI also has made it clear that this is an international effort, and that it is trying to partner with law enforcement agencies across the globe in order to coordinate and share investigative leads.

This is a hot topic, and we are honored that Ballard Spahr will be moderating a panel on these very same issues, at the ABA’s annual Tax Fraud/Tax Controversy Conference in Las Vegas on December 12, entitled Charging Cryptocurrency Violations—Tax Crimes or Money Laundering.  We are pleased to be joined by our wonderful panelists, Evan J. Davis, Betty J. Williams, and Ian M. Comiskey.  This is a unique conference, and we invite you to attend if you are interested in the fascinating cross-section of tax evasion and money laundering.

This blog will discuss the recent efforts by IRS-CI to “up its game” in investigating cross-border offenses committed through cryptocurrency, such as its participation in the international Joint Chiefs of Global Tax Enforcement task force. We then will discuss a recent high-profile case which exemplifies these two goals of fighting crypto-related crime and collaborating with foreign law enforcement officials to do so: the notorious “Welcome to Video” case, which led to a global takedown of a darkweb child pornography website, its administrator, and its customers. The Welcome to Video investigation, led by IRS-CI, also illustrates a key point we will discuss at the ABA conference: that cryptocurrency is only “pseudo-anonymous,” and that its protections can yield to a determined combination of modern digital forensics and old-fashioned investigative techniques.
Continue Reading IRS CI Highlights International Efforts to Tackle Cryptocurrency Abuse, Money Laundering and Tax Evasion

Organization Excels at Niche Branding but Stumbles in Avoiding Enforcement

The first paragraph of the press release sums it up:

Today the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) took action against Evil Corp, the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware.  Evil Corp has used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in theft.  This malicious software has caused millions of dollars of damage to U.S. and international financial institutions and their customers.  Concurrent with OFAC’s action, the Department of Justice charged two of Evil Corp’s members with criminal violations, and the Department of State announced a reward for information up to $5 million leading to the capture or conviction of Evil Corp’s leader.  These U.S. actions were carried out in close coordination with the United Kingdom’s National Crime Agency (NCA).  Additionally, based on information obtained by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), the Treasury Department’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) released previously unreported indicators of compromise associated with the Dridex malware and its use against the financial services sector.

The Department of Treasury press release is extremely detailed.  Summarized very broadly, it observes that OFAC’s designation targets 17 individuals and seven entities, including Evil Corp, its “core cyber operators, multiple businesses associated with a group member, and financial facilitators utilized by the group.”  The designation means that all property and interests in property of these persons subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited in engaging in transactions with them.

As noted below, the U.S. government is alleging that these cyber criminals are working with the Russian government.  FinCEN and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security also have issued an Alert to financial institutions regarding how to try to detect, mitigate and report the presence of the pernicious Dridex malware.
Continue Reading U.S. Treasury and DOJ Target “Evil Corp”

On October 1st, the Office of the Comptroller of the Currency (OCC) published the Fiscal Year 2020 Bank Supervision Operating Plan (“FY 2020 Plan”).

The FY 2020 Plan sets forth the OCC’s supervision priorities and objectives for the fiscal year beginning October 1, 2019 and ending September 30, 2020. The supervision priorities set forth align with the the OCC’s Strategic Plan, Fiscal Years 2019-2023.

The FY 2020 Plan facilitates the development of supervisory strategies for individual national banks, federal savings associations, federal branches, federal agencies, and technology services providers. OCC staff members use the plan to guide their supervisory priorities, planning, and resource allocations.
Continue Reading The OCC Releases Fiscal Year 2020 Bank Supervision Operation Plan

Remarks Focus on Account Takeovers, BEC Schemes, Beneficial Ownership, Technological Innovation and SARs

FinCEN Director Kenneth A. Blanco delivered prepared remarks on September 24 at the 2019 Federal Identity (FedID) Forum and Exposition in Tampa, Florida.

Director Blanco summarized the topics of his remarks by stating the following:

  1. First, I would like to tell you

The Federal Reserve and the Financial Crimes Enforcement Network, or FinCEN, both recently issued reports addressing worrisome trends in technology-assisted financial fraud.  The reports seek to engage the financial services industry in partnering more closely to reduce associated losses.

Specifically, the Federal Reserve issued a report entitled Synthetic Identity Fraud in the U.S. Payment System. FinCEN issued a report entitled Manufacturing and Construction Top Targets for Business Email Compromise. Collectively, the reports reflect how techonology-driven fraud and identity theft schemes can target financial institutions, businesses and consumers alike, thereby impacting the Anti-Money Laundering and related anti-fraud programs of the financial institutions implicated by such schemes.
Continue Reading Federal Reserve and FinCEN Raise Alarms Regarding Technology-Assisted Financial Fraud

On June 12, 2019, Kenneth A. Blanco, Director of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”), provided remarks at the NYU Law Program on Corporate Compliance and Enforcement that underscored the agency’s evolving approach to emerging threats in money laundering and terrorist financing.

His remarks specifically focused on:

  • FinCEN’s approach to addressing a number of emerging money-laundering threats, including the crisis in Venezuela and the rise in business email compromise (“BEC”) fraud schemes;
  • The agency’s collaboration with Congress to address the need to collect beneficial ownership information at a company’s formation; and
  • FinCEN’s ongoing efforts to strengthen and modernize the anti-money laundering (“AML”) and counter terrorism financing (“CFT”) system.


Continue Reading FinCEN’s Evolving Approach to Lurking Threats in Money Laundering and Terrorist Financing: Director Blanco’s Remarks at NYU Law

Director Blanco Emphasizes BSA Resource Sharing, Technological Innovation, and Collaboration Between Public and Private Sectors

The Financial Crimes Enforcement Network (FinCEN) released prepared remarks delivered by FinCEN director, Kenneth A. Blanco, at the Securities Industry and Financial Markets Association (SIFMA) Anti-Money Laundering (AML) & Financial Crimes Conference on February 4, 2019. Director Blanco’s speech highlights various regulatory reform efforts, including the approval of collaborative sharing of Bank Secrecy Act (BSA) resources and an interagency initiative to promote innovation in the technologies and methodologies used to combat money laundering and terrorist financing. The Director also emphasized the importance of collaboration among the public and private sectors.  These remarks do not occur in a vacuum; rather, they represent just part of what has been an ongoing conversation in the BSA/AML realm. Potential resource sharingtechnological innovation and information sharing have been repeated topics in this blog.
Continue Reading FinCEN Director’s Remarks Highlight AML Regulatory Reform Efforts