On October 1, 2020, the US Department of the Treasury issued a pair of advisories regarding ransomware. The first advisory was issued by FinCEN and is titled Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments. This advisory provides information on the role of financial intermediaries in payments, ransomware trends and typologies, and related financial red flags.
The second advisory was issued by OFAC and is titled Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments. This advisory explains the sanctions risks associated with making ransomware payments. For example, some individuals or entities who install ransomware and demand payment are actually found on the OFAC list, making it illegal for businesses who get ransomware on their computers to pay these entities and regain access to their systems and data.
The FinCEN Advisory can be found here.
The OFAC Advisory can be found here.