The Treasury Department released a new report that found ransomware victims paid $590 million during the first six months of 2021, which is more than the value reported for the entirety of 2020 ($416 million).
The report is from the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), which found Bitcoin (BTC) to be the most common ransomware-related payment method.
“This analysis allowed FinCEN to chart the flow of ransomware payments in BTC to identify which CVC [convertible virtual currency] exchanges and services ransomware actors used to launder their proceeds,” the report says.
Between January 1 and June 30, 2021, 458 ransomware transactions and 635 Suspicious Activity Reports (SARs) were reported to FinCEN – “up 30 percent from the total of 487 SARs filed for the entire 2020 calendar year,” according to the report.
“Ransomware actors are criminals who are enabled by gaps in compliance regimes across the global virtual currency ecosystem,” said Deputy Secretary of the Treasury Wally Adeyemo in a press release. “Treasury is helping to stop ransomware attacks by making it difficult for criminals to profit from their crimes, but we need partners in the private sector to help prevent this illicit activity.”
Alongside the report, the Treasury Department’s Office of Foreign Assets Control (OFAC) also issued new guidance specific to the virtual currency industry for sanctions compliance best practices.
The OFAC recommends industry participants use geolocation tools, know your customer procedures, transaction monitoring and investigation, and implementation of remedial measures as best practices to strengthen internal controls for an effective sanctions compliance program.