Ransomware attacks have become a widespread threat to individuals, businesses, and government agencies across the world. The impact of these attacks can be devastating, and they can even disrupt essential infrastructure and services.
A ransomware attack is a form of extortion and the FATF Standards require that it be criminalized as a predicate offence for money laundering.
Criminals typically carry out these attacks using crypto or virtual assets, which makes it challenging for authorities to track and trace their activities.
The recently published FATF report on ransomware analyzes the methods that criminals use to carry out their attacks and how payments are made and laundered. Here are some key takeaways:
- Criminals have easy access to virtual asset service providers around the world, and jurisdictions with weak or non-existent AML/CFT controls are of particular concern.
- To disrupt ransomware-related money laundering more effectively, the report proposes a number of actions that countries can take, including:
- Building on and leveraging existing international cooperation mechanisms, given the transnational nature of ransomware attacks and related laundering.
- Developing the necessary skills and tools to quickly collect key information, trace nearly instantaneous financial transactions, and recover virtual assets before they dissipate.
- Extending collaboration beyond traditional counterparts to include cyber-security and data protection agencies.
In addition, the FATF has finalized a list of potential risk indicators that can help public and private sector entities identify suspicious activities related to ransomware. This list can be a valuable tool for organizations to strengthen their AML/CFT measures and identify and report suspicious activity.
Countries can take the following steps to combat ransomware-related money laundering more effectively:
- Building on existing international cooperation mechanisms
- Developing necessary skills and tools
- Extending collaboration beyond traditional counterparts
- Utilizing risk indicators to identify and report suspicious activity.