Ransomware Payments Potentially Violate AML Rules and Sanctions, Say US Officials

By Valentina Pasquali

New guidance from the U.S. Treasury Department lists 10 red flags of potentially illicit activity that certain cyberextortion payments often raise and instructs firms that handle those payments to register as money services businesses. The guidance, which Treasury's Financial Crimes Enforcement Network and Office of Foreign Assets Control issued in parallel advisories Thursday, notes the increased frequency and sophistication with which cyberthieves use malware to subvert the IT systems of government agencies as well as private firms in the financial, educational and healthcare sectors. According to OFAC, the novel coronavirus pandemic has fueled a spike in these schemes by forcing...