In the past month, the Office of Foreign Assets Control of the US Department of Treasury has issued two advisories that highlight the heightened US sanctions risk associated with cyber related activities, including ransomware attacks and the virtual currency platforms that ransomware payers often use to facilitate payments.
These advisories provide a number of key takeaways for all companies dealing with cryptocurrency and other cybersecurity issues, including the corresponding potential sanctions risks. Most importantly, they highlight OFAC’s heightened focus on cybersecurity issues as a general matter, and put financial institutions, virtual currency platforms, and other companies on notice of OFAC’s expectations for how the private sector should deal with these issues. Companies should strongly consider heeding OFAC’s calls to implement preemptive compliance measures (such data backup, incident response plans, screening and blocking protocols, and company training) and/or to cooperate with US law enforcement in the face of an attack—the best ways to mitigate today’s increasing number of cybersecurity related landmines.
Source: