Background

Last Friday, the Office of Foreign Assets Control (OFAC) published more targeted guidance for digital asset companies related to compliance with sanctions and best practices for mitigating risks. This guide comes on the heels of OFAC’s first enforcement action against a cryptocurrency exchange, SUEX (which we discussed in our blog here). Given the rise of ransomware threats from malicious cyber-actors that are often linked to sanctioned countries and persons, the lack of very robust regulatory oversight of the virtual currency world, the emerging nature of the technologies, and the growth of the market, it is clear that OFAC hopes crypto companies will pay more attention to sanctions risks and compliance with the issuance of this guidance. While the guide covers a lot of familiar territory, we outline a few key takeaways below.


Continue Reading Sanctions Compliance for Crypto: OFAC Issues Guidance Targeting Virtual Currency Industry

Yesterday, the Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions on SUEX OTC, S.R.O, a cryptocurrency exchange, for its role in laundering money to ransomware attackers. According to OFAC, SUEX facilitated criminal transactions involving at least eight ransomware variants and 40% of SUEX’s known transaction history involved bad actors. The designation of SUEX is the first time OFAC has sanctioned a virtual currency platform – and this approach may prove to be a useful regulatory tool to make malicious cyberactivity less profitable and therefore deter cyber-criminals. Treasury Secretary Janet Yellen said the government is “committed to using the full range of measures, to include sanctions and regulatory tools, to disrupt, deter, and prevent ransomware attack[s].”

Continue Reading First OFAC Sanctions Against a Cryptocurrency Exchange: Could the Designation of SUEX Signal an Enforcement Trend to Combat Cybercrime?