Cybersecurity

Subscribe to Cybersecurity

The “Highlights” — To Russia, With Crypto

The Financial Crimes Enforcement Network (“FinCEN”) issued on November 1 a Financial Trend Analysis regarding ransomware-related Bank Secrecy Act (“BSA”) filings during the second half of 2021 (the “Report”).  This publication follows up on a similar ransomware trend analysis issued by FinCEN regarding the first half of 2021, on which we blogged here.  

In the most recent analysis, FinCEN found that both the number of ransomware-related Suspicious Activity Reports (“SAR”) filed, and the dollar amounts at issue, nearly tripled from 2020 to 2021.  The notable takeaways from the Report include:

  • Ransomware-related SARs were the highest ever in 2021 (both in number of SARs and in dollar amounts of activity reported).
  • Ransomware-related SARs reported amounts totaling almost $1.2 billion in 2021.
  • Approximately 75% of ransomware-related incidents between June 2021 and December 2021 were connected to Russia-related ransomware variants.

The Report, which stated that the majority of these ransomware payments were made in Bitcoin, serves as a particular reminder to cryptocurrency exchanges of their role in both identifying and reporting ransomware-related transactions facilitated through their platforms.  The Report stresses that SAR filings play an essential role in helping FinCEN identify ransomware trends.

Continue Reading  FinCEN Reports Staggering Increase in Reported Ransomware Attacks

On June 23, 2022, the Office of the Comptroller of the Currency (OCC) released its Semiannual Risk Perspective (SRP) for spring 2022.  In the SRP, the OCC opines on its current safety and soundness concerns for banks under its regulatory umbrella, focusing on Russia sanctions, climate-related risk, and rising inflation.  Despite these challenges, the OCC believes that “[b]anks’ financial condition remains strong and positioned to deal with the economic headwinds.”

Of special note, the OCC also believes compliance risk is “heightened” for Bank Secrecy Act/Anti-Money Laundering (BSA/AML) and Office of Foreign Assets Control (OFAC) compliance because of world events and compliance staffing concerns.  In addition, the OCC warns that banks face an “elevated” risk of cyber attacks and fraud or cybersecurity risks related to digital assets.

Continue Reading  OCC Highlights Risks Associated with Compliance Staffing Concerns, Russia Sanctions, Environmental Crimes, Cyber Attacks and Digital Assets

On June 15, FinCEN issued an Advisory on Elder Financial Exploitation (“Advisory”) to warn financial institutions about the rising trend of elder financial exploitation (“EFE”), which FinCEN defines as “the illegal or improper use of an older adult’s funds, property, or assets, and is often perpetrated either through theft or scams.”  The Advisory is detailed.  It highlights new EFE typologies and potential red flags and builds upon a related advisory issued in 2011.  It also offers tips on Suspicious Activity Report (“SAR”) filings and describes other resources available to fight EFE.

Continue Reading  FinCEN Warns Against Elder Financial Exploitation

On May 19, 2022, the Associate Director of the Enforcement and Compliance Division of the Financial Crimes Enforcement Network (“FinCEN”), Alessio Evangelista, spoke at the Chainalysis Links Conference in New York City on the topic of “The Intersection of Cryptocurrencies and National Security.”  Associate Director Evangelista stressed “responsible innovation” by the cryptocurrency industry, in order to protect consumers and national security interests, as well as to combat cybercrime and other illicit financial activity.  Associate Director Evangelista also denied that FinCEN’s enforcement efforts represent a “gotcha” enterprise.

Shortly after Associate Director Evangelista’s speech, Acting Comptroller of the Currency Michael J. Hsu discussed vulnerabilities in the cryptocurrency framework and recent volatility with stablecoins in pointed remarks at the DC Blockchain Summit 2022.  Describing himself as a “crypto skeptic,” Acting Comptroller Hsu acknowledged the potential value of innovation presented by crypto, but repeatedly bemoaned a “hyped-based” crypto economy, and stressed that “hype is not harmless.”

Combined, these speeches leave no doubt that regulators are exceedingly focused on digital assets and cryptocurrencies, and in particular are increasingly focused on consumer protection concerns, beyond the usual illicit finance and terrorist financing concerns.

Continue Reading  FinCEN and OCC Address Cryptocurrency:  Responsible Innovation and Pervasive Hype

Enforcement Trends, Crypto, the AML Act — and More

We are very pleased to be moderating, once again, the Practising Law Institute’s 2022 Anti-Money Laundering Conference on May 17, 2022, starting at 9 a.m. This year’s conference will be both live and virtual — and it will be as informative, interesting and timely as always. 

On April 5, 2022 the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced sanctions against “the world’s largest and most prominent darknet market, Hydra Market” and Garantex, a virtual currency exchange registered in Estonia but operating in Moscow and St. Petersburg, Russia.  The sanctions are part of a larger initiative targeting Russian cybercrime that spans across multiple federal departments—including the U.S. Department of Justice, Federal Bureau of Investigations, Drug Enforcement Administration, Internal Revenue Service Criminal Investigation, and Homeland Security Investigations—and across the globe—including international partners like the German Federal Criminal Police and Estonia’s Financial Intelligence Unit.  The sanctions follow September and November sanctions of SUEX OTC, S.R.O. and CHATEX, two virtual currency exchanges operated out of Moscow that allegedly facilitated transactions for ransomware actors.  SUEX was the first virtual currency exchange subject to OFAC sanctions (and the subject of a previous post).

While ostensibly focused on closing another avenue for ransomware purveyors to profit off of their wares, the sanctions may also cut off all types of cybercriminals who allegedly find “a haven” in Russia and used Hydra or Garantex.
Continue Reading  OFAC Designates “Hydra” –  the Largest Darknet Market – and Third Russian Virtual Currency Exchange

On March 1, 2022, the U.S. Department of the Treasury (“Treasury”) published its National Risk Assessment for Money Laundering, Terrorist Financing, and Proliferation Financing (the “NMLRA”), identifying the national threats, vulnerabilities, and risks facing the U.S. financial system.  The NMLRA is 74 pages long and comprehensively covers many different perceived threats and vulnerabilities, including the misuse of legal entities, virtual assets, real estate, investment advisors, and casinos.  This post therefore selects three key issues for closer analyses.

First, cybercrime (a topic we cover frequently) in the form of ransomware received the dubious honor of representing “a larger and growing share of the overall money laundering threat in the United States.”  Second, professional money laundering organizations (“PMLOs”) continue to peddle their illicit services internationally to launder the proceeds of cybercrime, narcotics trafficking, and other schemes on behalf of organized criminal enterprises.  Third, merchants and professionals, such as lawyers, real estate professionals, and financial services employees, continue to perform – knowingly or unknowingly – critical functions in support of money laundering schemes and obfuscating the source of ill-gotten gains.
Continue Reading  U.S. Treasury Identifies Ongoing and Emergent Money Laundering Risks and Vulnerabilities

Federal law enforcement and regulators continue to focus on technology-driven financial crime — specifically, cyber-enabled fraud and the laundering of illicit funds through cryptocurrency.  Last week, the Department of Justice (“DOJ”) announced that Eun Young Choi will serve as the first Director of the National Cryptocurrency Enforcement Team (“NCET”).  As we have blogged, the DOJ created in 2021 the NCET in order to address issues on which we repeatedly have blogged:  crypto exchangers and their AML obligations; the process of tracing digital asset transactions; ransomware; so-called “professional” money launderers; and the use of crypto to launder serious crimes such as drug trafficking and human trafficking.  This attempt at a coordinated government approach to crypto enforcement followed the announcement earlier in 2021 by the Financial Crimes Enforcement Network (“FinCEN”) of appointing its first-ever Chief Digital Currency Advisor.

Meanwhile, FinCEN has stressed the need for, and utility of, specific information to be submitted by the victims of cyber-enabled financial crime schemes, or the financial institutions of those victims, to FinCEN’s Rapid Response Program, or RRP.  The RRP seeks to share financial intelligence and recover the proceeds of crime.
Continue Reading  DOJ, FBI and FinCEN Continue to Focus on Crypto and Cyber Financial Crime

As anticipated, the Office of the Comptroller of the Currency, the Federal Reserve Board, and the FDIC recently approved and released the Final Rule Requiring Computer-Security Incident Notification (“Final Rule”).  The Final Rule is designed to promote early awareness and stop computer security incidents before they become systemic.  It places new reporting requirements on both

On October 15, 2021, the Financial Crimes Enforcement Network (“FinCEN”) issued a financial trend analysis on ransomware relating to Suspicious Activity Reports (“SARs”) filed in the first half of this year (“Analysis”).  According to the Analysis, U.S. banks and financial institutions reported $590 million in suspected ransomware payments in SARs filed between January and June 2021, more than the total for all of 2020.  FinCEN found that ransomware payments are often made using virtual currency, such as Bitcoin (“BTC”).  The Office of Foreign Assets Control (“OFAC”) also released guidance in tandem with the FinCEN Analysis, addressing how the virtual currency industry can address sanctions-related risks.

Ransomware appears to be top-of-mind at the U.S. Treasury, as we have blogged.  FinCEN’s Analysis and OFAC’s guidance came quickly on the heels of OFAC issuing on September 21 a six-page Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, which states that OFAC will consider self-reporting, cooperation with the government and strong cybersecurity measures to be mitigating factors in any contemplated enforcement action against a ransomware victim that halts an attack by making the demanded payment to attackers who were sanctioned or otherwise had a sanctions nexus.  Also on September 21, 2021, OFAC issued its first sanctions designation against a virtual currency exchange by designating the virtual currency exchange “for its part in facilitating financial transactions for ransomware variants.”
Continue Reading  FinCEN Reports Spiraling SARs Relating to Ransomware