A growing number of ransomware attacks are demanding cryptocurrencies for payment, creating compliance burdens for financial institutions, according to Reuters.
Reuters highlighted a recently published report by The Financial Action Task Force (FATF), which looked at the methods in which criminals are initiating these attacks. The research found that criminals are almost entirely using crypto in their attacks and have easy access to virtual asset service providers worldwide.
According to FATF,
“Ransomware criminals exploit the international nature of virtual assets to facilitate large-scale, nearly instantaneous cross-border transactions, sometimes without the involvement of traditional financial institutions that have anti-money laundering and counter terrorist financing (AML/CFT) programs. Criminals further complicate their transactions by using anonymity-enhancing technologies, techniques, and tokens in the laundering process, such as anonymity enhanced cryptocurrencies and mixers.”
To prevent criminals from accessing virtual asset service providers (VASPs) located in jurisdictions with non-existent anti-money laundering—as well as countering the financing of terrorism protocols—FATF recommends implementing solutions to mitigate risk that are tied to virtual assets and to regulate the VASP sector.
Disrupting Ransomware-Related Money Laundering
The FATF report also shed light on how attacks largely go unreported. This can be attributed to difficulty in detection by the organization within the private sector or fear of retaliation if the victim reports the attack. It is recommended that jurisdictions do more to provide resources for both detection and reporting. Additionally, partnerships should be leveraged at three distinct levels: public to public, public to private, and with foreign jurisdictions and multilateral organizations.
Other necessary measures that compliance teams at FIs and VASPs can take include training on typologies and red flags tied to ransomware to detect money laundering. Teams should also stay abreast of regulatory requirements, especially the Office of Foreign Assets Control (OFAC) sanctions requirements. Both policies and procedures should indicate these developments.
A Javelin Strategy & Research report, Ransomware Negotiation Market Landscape 2022, published last November, looked at how ransomware attacks pose a significant threat to all critical infrastructure sectors, and provided a snapshot of the ransomware negotiation landscape and how finding the right providers can help mitigate ransomware risks long-term.