Treasury Department Issues Advisories on Ransomware Attacks: FinCEN and OFAC Advisories Highlight Risks Associated With Ransomware Payments as Well as “Red Flags” and Reporting Requirements for Ransomware Attacks

Sullivan & Cromwell LLP - October 2, 2020
Read More

On October 1, 2020, the United States Department of the Treasury’s Office of Terrorism and Financial Intelligence issued, through Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and Treasury’s Office of Foreign Assets Control (“OFAC”), two advisories focused on the implications of payments made or facilitated by financial institutions and other entities in response to ransomware attacks.  The advisory issued by FinCEN, entitled Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments, discusses the role played by financial intermediaries in ransomware payments, discusses trends and typologies of ransomware and associated payments, identifies ransomware-related “financial red flags,” and provides instructions on the reporting and sharing of information related to ransomware attacks.  The advisory issued by OFAC, entitled Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, outlines the sanctions risks of facilitating ransomware payments, and highlights the threat that ransomware poses to U.S. national security interests.  Both the FinCEN and OFAC advisories warn that payment of ransomware demands may promote future attacks, and encourage financial institutions and other companies that facilitate ransomware payments to share information and to cooperate fully with law enforcement during and after ransomware attacks.