Treasury Reports on Virtual Currency and Ransomware
According to a Financial Trends Analysis report from the US Treasury’s Financial Crimes Enforcement Network, 10 ransomware variants have accounted for more than $5 billion in bitcoin transactions. A report from the Treasury’s Office of Foreign Assets Control spells out sanctions compliance guidelines for the virtual currency industry.
If your organization is considering accepting “cryptocurrency,” make sure business, finance and legal managers are aware of the OFAC sanctions compliance guidance. The risk is not just the actual ransom obtained payments, using involved exchanges may put transactions using these alternative currencies at risk, as well.
If you’re using cryptocurrency, check the OFAC status of your exchange. Remember, sanctioned does not mean approved in this context. The use restrictions apply to U.S. persons, meaning citizens and “green card” holders, irrespective of their location. Violations of sanctions carry both civil and criminal penalties ranging up to $1 million and/or 20 years in prison for each violation. Additionally, there is an option for civil penalties which can hold you liable even if you did not know you were engaging in a prohibited transaction. Your financial institution is well versed in OFAC and can help you with references and understanding of the issues and risks as they see them.
Read more in
Gov Infosecurity: Treasury Dept. to Crypto Companies: Comply with Sanctions
ZDNet: $5.2 billion in BTC transactions tied to top 10 ransomware variants: US Treasury
FinCen: Financial Trend Analysis: Ransomware Trends in Bank Secrecy Act Data Between January 2021 and June 2021 (PDF)
Treasury: Sanctions Compliance Guidance for the Virtual Currency Industry (PDF)