The Department of the Treasury’s office of foreign assets control has released guidance outlining sanctions compliance best practices in the virtual currency industry as part of efforts to counter ransomware threats.
The brochure from OFAC provides an overview of sanctions requirements and best practices for technology companies, wallet providers, miners, exchangers and other operators in the sector and calls on industry stakeholders to integrate elements and controls in the guidance document into their sanctions compliance programs.
The department’s Financial Crimes Enforcement Network issued a report, which found that ransomware poses a major threat to the public, financial sector and businesses.
The Ransomware Trends in Bank Secrecy Act Data report from FinCEN analyzed suspicious activity reports related to ransomware from Jan. 1 to June 30 and found that the average monthly amount of reported ransomware payments filed was approximately $100 million.
FinCEN uncovered 68 ransomware variants reported in SAR data for transactions during the first half of 2021 and found that Phobos, Avaddon, DarkSide, Conti and Revil/Sodinokibi were the most commonly reported ransomware variants.
“Treasury is helping to stop ransomware attacks by making it difficult for criminals to profit from their crimes, but we need partners in the private sector to help prevent this illicit activity,” said Wally Adeyemo, deputy secretary of the Treasury.
FinCEN’s Financial Trend Analysis also discovered 177 convertible virtual currency wallet addresses used for ransomware-associated payments and identified ransomware money laundering typologies.