On October 1, the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) issued an advisory clarifying that banks and payments companies could be fined for facilitating ransomware payments to sanctioned entities. The same day, the Financial Crimes Enforcement Network (FinCEN) issued a related advisory concerning the threats posed by ransomware payments and the obligation of money services businesses to file suspicious activity reports (SARs) concerning suspicious ransomware payments.

As Jeff Alberts, co-head of the FinTech Group, discusses in this video, banks and FinTechs who facilitate ransomware payments can be fined even if they did not know or have reason to know that the payments involved sanctioned persons. OFAC's threat to impose penalties under this strict liability standard is highly concerning because victims seldom know who hacked their accounts and banks and money transmitters typically do not know the ultimate beneficiary of ransomware payments. 

To learn more about OFAC's position on ransomware and how to mitigate the risk of OFAC penalties, check out this video.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mr Jeffrey Alberts
Pryor Cashman LLP
7 Times Square
New York
NY 10036
UNITED STATES
Tel: 212421 4100
Fax: 212326 0806
E-mail: marketingdepartment@pryorcashman.com
URL: www.pryorcashman.com

© Mondaq Ltd, 2020 - Tel. +44 (0)20 8544 8300 - http://www.mondaq.com, source Business Briefing