Regulators’ crackdown on crypto-related ransomware




Date: October 28th 2021

Published on: Global News, Regulation


AML, AML/CFT, CFT, crypto AML, Crypto Compliance, Cryptocurrency, Cryptoregulation, Cybercrime, Ransomware, Risk assessment,

Ransomware is one kind of cybercrime. The aim is to gain access to a person or entity’s network and lock the stored files. Then, the criminal asks the victim for a ransom, often with cryptocurrency, to get back the locked files.

Today, there is more and more ransomware-reported activity which leads governments worldwide to take steps to tackle this. For instance, the Financial Crimes Enforcement Network (FinCen) reported, in a study released in October, that in the first six months of 2021, $590 million related to ransomware have been identified in SARs, a 42% percent increase compared to the same period in 2020.

Crackdown on ransomware in Australia…

In October, the Australian government released a Ransomware Action Plan1 aimed at implementing additional legislation tackling such activity in the country. Indeed, the country witnessed a 15% increase in ransomware over the last 12 months according to the Australian Cyber Security Centre.

As a result, the Australian government plans to implement some specific actions such as:

  • Filing ransomware incident reports with the Australian Government;
  • Introducing a stand-alone offense for all forms of cyber extortion;
  • Establishing a task force named Operation Orcus to combat ransomware threat; or
  • Enabling law enforcement to track and seize or freeze ransomware proceeds

By adding additional steps to prevent this, the Ransomware Action Plan will help the country to be less targeted by cybercriminals.

…and in the United States

The US is also starting a war against ransomware. For example, in late September, the US Department of Treasury issued a press release2 explaining that the authorities will take harsh actions against such activity. Also, the OFAC announced it added, for the first time, a cryptocurrency exchange that has facilitated transactions involving ransomware funds, on its Specially Designated Nationals (SDN) list, prohibiting any economic relationship with the entity3. The OFAC is the entity responsible for the economic sanctions enforced on individuals and entities.

Besides, OFAC has updated its Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments4 which, among others, discourages ransomware payments and encourages the reporting of such attacks. The Treasury also insists on the importance of international cooperation and AML/CFT controls on virtual currencies to combat this activity.

At the beginning of October, the Department of Justice announced the creation of the National Cryptocurrency Enforcement Team (NCET) which will help trace and recover lost assets including cryptocurrency ransomware payments5. Moreover, a newly introduced bill6 aims to provide data on ransomware payments to the Department of Homeland Security (DHS) to better understand cyber crimes operations and require victims to report payment information to the DHS.

More recently, on October 15, the OFAC (Office of Foreign Asset Control) released guidance7 on sanction compliance for the cryptocurrency industry. This guidance compiles the best practices cryptocurrency operators can adopt to remain compliant with OFAC’s sanction list for:

  • Management Commitment;
  • Risk Assessment;
  • Internal Controls; 
  • Testing and Auditing; and
  • Training

At a global level

According to an article8 published on October 14 by the Wall Street Journal, 31 governments and the EU met virtually to find responses to the increasing ransomware activity problem. In short, the governments agreed to “share information about cyberattacks and investigations, push firms to shore up security, and disrupt the financial infrastructure of a criminal hacking economy that has flourished in recent years”. 

Moreover, the meetings concluded that global cryptocurrency surveillance is key to tackling and tracking ransomware payments. Indeed, this is the main method of payment requested by their operators.

Importance crypto compliance for ransomware and sanction

In conclusion, ransomware attacks are more and more common and target big corporations. Therefore, a growing number of regulators are starting to toughen anti-money laundering combatting the financing of terrorism rules (AML/CFT). These are of utmost importance to tackle these attacks.

Operators working with cryptocurrencies are subject to a set of AML/CFT rules. For example, these rules include: ​​

  • customer due diligence (CDD)
  • suspicious transaction reporting (STR)
  • investigation on illicit finance activities (such as ransomware).

Scorechain helps companies working with cryptocurrencies to comply with AML/CFT rules including ransomware and sanction lists. So, don’t hesitate to reach out to discover more about our solution.

How can Scorechain help you comply with these rules?

Complying with AML/CFT rules on cryptocurrencies can be a hassle. We provide a risk-AML and compliance solution for virtual assets to help companies in their crypto compliance journey.

For example, with our solution, compliance teams can check crypto transactions. And easily spot ransomware-related funds or activity (or any kind of illicit financial activity for that matter). Also, Scorechain automatically red flags addresses added to OFAC’s sanction list.  Our users can trust our risk scoring system and our risk indicators to be notified of suspicious/ransomware activity. Then, they can investigate the suspicious activity and get data for STR with the same solution.

About Scorechain

Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance, the Luxembourgish company has helped more than 200 customers in 40 countries since 2015, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets, customers onboarding, audit and law firms, and some LEAs.

Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger, and Tezos. The software can de-anonymize the Blockchain data and connect with sanction lists to provide risk scoring on digital assets, transactions, addresses, and entities. The risk assessment methodology applied by Scorechain has been verified and can be fully customizable to fit all jurisdictions. 300+ risk-AML scenarios are provided to its customers with a wide range of risk indicators so businesses under the scope of the crypto regulation can report suspicious activity to authorities with enhanced due diligence.