News

In an article for Corporate Compliance Insights, Senior Counsel Dan Chirlin and Blackstone Compliance Services Founder David Tannenbaum describe the unique challenges cryptocurrency exchanges and financial institutions face amid increasing ransomware attacks in the United States. One of the government’s strategies is to prevent ransoms from being paid to sanctioned actors – and to generate both financial and cyber threat intelligence – through the filing of cyber-related suspicious activity reports (cyber SARs). However, new requirements to monitor, flag and report suspected ransomware payments will require a range of technological capabilities and a sophisticated approach to identifying suspicious patterns in transactions.

The authors write, “traditional anti-money laundering (AML) and sanctions compliance programs are not well equipped to address the unique challenges” posed by recent regulatory advisories. To remain compliant, they suggest “cryptocurrency exchanges must deploy transaction monitoring scenarios to identify ransom-related payments, as well as provide their compliance departments with specialized skills and technology to investigate the leads generated by those scenarios and work with the payees to address compliance issues.” Moreover, these programs must be combined with cybersecurity expertise “that understands the different threat actors and how to obtain and analyze IOC to properly assess the sanctions risk and provide the necessary SAR information.”

To read the full article, which includes detailed monitoring and screening guidance, please visit Corporate Compliance Insights here.