On February 17, the Department of Justice unsealed a sprawling indictment against three members of North Korea’s military intelligence agency – known as the Reconnaissance General Bureau –
Providing yet more proof that anything positive can be twisted into something negative, the Financial Crimes Enforcement Network (“FinCEN”) released a Notice yesterday “to alert financial institutions about the potential for fraud, ransomware attacks, or similar types of criminal activity related to COVID-19 vaccines and their distribution.” This Notice comes on the heels of several
On December 18, 2020, the Office of the Comptroller of the Current (OCC), Federal Reserve Board (FRB), and Federal Deposit Insurance Corporation (FDIC) announced an interagency notice of proposed rulemaking that would require supervised banking organizations to provide notification of significant computer security incidents to their primary federal regulator. Under the proposed rule, for incidents
October is National Cybersecurity Awareness Month, and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and Office of Foreign Assets Control (“OFAC”) kicked off the month by issuing two advisories that aim to increase cybersecurity awareness, assist financial institutions in detecting and reporting ransomware activity, and highlight potential sanctions risks for facilitating ransomware payments.
The FinCEN and OFAC advisories signal the seriousness with which the Department of Treasury treats the threat of cybercriminals and ransomware attacks. Both FinCEN and OFAC have now squarely placed an obligation on financial institutions and other payment intermediaries to put procedures in place to detect ransomware payments and to restrict payments to blocked individuals. It appears FinCEN and OFAC want to make sure cybercrime does not pay by cutting off cybercriminals’ access into the financial system.
While both FinCEN and OFAC have offered guidance to financial institutions formulating policies and procedures for deciding whether to process or report payment requests that may be connected to ransomware attacks, OFAC has also offered a warning: facilitating ransomware payments may lead to an enforcement action and civil penalties. Given the growing national security concerns associated with ransomware attacks, the advisories rightly encourage financial institutions and other payment intermediaries that facilitate ransomware payments to share information via Suspicious Activity Reports (“SARs”) and to fully cooperate with law enforcement during and after ransomware attacks.
Continue Reading FinCEN and OFAC Advisories Aim to Increase Cybersecurity Awareness and Thwart Ransomware Attacks in the Financial Sector
The Financial Crimes Enforcement Network (“FinCEN”) just issued yet another Advisory regarding fraud threats faced by financial institutions, as exacerbated by the COVID-19 pandemic. This Advisory pertains to “Cybercrime and Cyber-Enabled Crime Exploiting the Coronavirus Disease (COVID-19) Pandemic.” We consistently have blogged on FinCEN’s pronouncements on the enhanced fraud risks created by COVID-19.
Today we are very pleased to welcome guest blogger Moyara Ruehsen, PhD, CAMS, CFCS, who is an Associate Professor and Director of the Financial Crime Management Program at the Middlebury Institute of International Studies in Monterey, California. For more than 20 years, Professor Ruehsen has taught financial crime-related courses on a variety of topics including money laundering, trade-based financial crime, corruption, proliferation financing, terrorist financing and cyber-enabled financial crime. She has published articles and book chapters on a variety of topics related to threat finance and is a Certified Anti-Money Laundering Specialist and a Certified Financial Crime Specialist. Professor Ruehsen also consults for the U.S. government, multilateral organizations and the private sector. She served for several years on the Editorial Advisory Board of Money Laundering Alert, and the Middle East Task Force of the Association of Certified Anti-Money Laundering Specialists, or ACAMS.
For an extremely entertaining and illuminating discussion by Professor Ruehsen of how popular TV and movies get money laundering right (and wrong), see here.
This blog post takes the form of a Q & A session, in which Professor Ruehsen responds to several questions posed by Money Laundering Watch about the critical topic of cyber-enabled financial crime. We hope you enjoy this discussion, which addresses how cyber-enabled financial crime threatens financial institutions and their customers. –Peter Hardy
Continue Reading Cyber-Enabled Financial Crime and Money Laundering
ABA Tax Fraud Panel to Discuss IRS CI and Crypto CriminalsThe Internal Revenue Service – Criminal Investigation (IRS CI) has made it clear that it is focusing on the abuse of digital currencies to further tax evasion, money laundering, and other offenses. IRS-CI also has made it clear that this is an international effort, and that it is trying to partner with law enforcement agencies across the globe in order to coordinate and share investigative leads.
This is a hot topic, and we are honored that Ballard Spahr will be moderating a panel on these very same issues, at the ABA’s annual Tax Fraud/Tax Controversy Conference in Las Vegas on December 12, entitled Charging Cryptocurrency Violations—Tax Crimes or Money Laundering. We are pleased to be joined by our wonderful panelists, Evan J. Davis, Betty J. Williams, and Ian M. Comiskey. This is a unique conference, and we invite you to attend if you are interested in the fascinating cross-section of tax evasion and money laundering.
This blog will discuss the recent efforts by IRS-CI to “up its game” in investigating cross-border offenses committed through cryptocurrency, such as its participation in the international Joint Chiefs of Global Tax Enforcement task force. We then will discuss a recent high-profile case which exemplifies these two goals of fighting crypto-related crime and collaborating with foreign law enforcement officials to do so: the notorious “Welcome to Video” case, which led to a global takedown of a darkweb child pornography website, its administrator, and its customers. The Welcome to Video investigation, led by IRS-CI, also illustrates a key point we will discuss at the ABA conference: that cryptocurrency is only “pseudo-anonymous,” and that its protections can yield to a determined combination of modern digital forensics and old-fashioned investigative techniques.
Continue Reading IRS CI Highlights International Efforts to Tackle Cryptocurrency Abuse, Money Laundering and Tax Evasion
Organization Excels at Niche Branding but Stumbles in Avoiding EnforcementThe first paragraph of the press release sums it up:
Today the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) took action against Evil Corp, the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware. Evil Corp has used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in theft. This malicious software has caused millions of dollars of damage to U.S. and international financial institutions and their customers. Concurrent with OFAC’s action, the Department of Justice charged two of Evil Corp’s members with criminal violations, and the Department of State announced a reward for information up to $5 million leading to the capture or conviction of Evil Corp’s leader. These U.S. actions were carried out in close coordination with the United Kingdom’s National Crime Agency (NCA). Additionally, based on information obtained by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), the Treasury Department’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) released previously unreported indicators of compromise associated with the Dridex malware and its use against the financial services sector.
The Department of Treasury press release is extremely detailed. Summarized very broadly, it observes that OFAC’s designation targets 17 individuals and seven entities, including Evil Corp, its “core cyber operators, multiple businesses associated with a group member, and financial facilitators utilized by the group.” The designation means that all property and interests in property of these persons subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited in engaging in transactions with them.
As noted below, the U.S. government is alleging that these cyber criminals are working with the Russian government. FinCEN and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security also have issued an Alert to financial institutions regarding how to try to detect, mitigate and report the presence of the pernicious Dridex malware.
Continue Reading U.S. Treasury and DOJ Target “Evil Corp”
On October 1st, the Office of the Comptroller of the Currency (OCC) published the Fiscal Year 2020 Bank Supervision Operating Plan (“FY 2020 Plan”).
The FY 2020 Plan sets forth the OCC’s supervision priorities and objectives for the fiscal year beginning October 1, 2019 and ending September 30, 2020. The supervision priorities set forth align with the the OCC’s Strategic Plan, Fiscal Years 2019-2023.
The FY 2020 Plan facilitates the development of supervisory strategies for individual national banks, federal savings associations, federal branches, federal agencies, and technology services providers. OCC staff members use the plan to guide their supervisory priorities, planning, and resource allocations.
Continue Reading The OCC Releases Fiscal Year 2020 Bank Supervision Operation Plan
Remarks Focus on Account Takeovers, BEC Schemes, Beneficial Ownership, Technological Innovation and SARsFinCEN Director Kenneth A. Blanco delivered prepared remarks on September 24 at the 2019 Federal Identity (FedID) Forum and Exposition in Tampa, Florida.
Director Blanco summarized the topics of his remarks by stating the following: