InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
NYDFS circulates advisory on file transfers
On June 2, NYDFS notified all regulated entities that an identified SQL injection vulnerability found in a web application of a managed file transfer software may allow unauthenticated attackers to gain access to its database. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and others circulated the advisory, which cautioned that this vulnerability is being actively exploited by threat actors to deploy ransomware, steal data, and disrupt operations. NYDFS advised all regulated entities to conduct prompt risks assessments on their organizations, customers, consumers, and third-party service providers to mitigate risk. Regulated entities were also reminded about the requirement to report cybersecurity events as promptly as possible but no later than 72 hours at the latest, and that “evidence of unauthorized access to information systems, such as webshell installation, even if there has been no malware deployed or data exfiltrated,” are considered a reportable cybersecurity event under 23 NYCRR Section 500.17(a)(2).
OFAC designates evasion network supporting Hizballah financier
On April 18, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions, pursuant to Executive Order 13224, as amended, against a “vast international money laundering and sanctions evasion network” comprised of 52 individuals and entities in Lebanon, the United Arab Emirates, South Africa, Angola, Côte d’Ivoire, the Democratic Republic of the Congo, Belgium, the United Kingdom, and Hong Kong. The designated network assisted a Hizballah financier and Specially Designated Global Terrorist (previously sanctioned by OFAC in 2019) in evading U.S. sanctions by facilitating the payment, shipment, and delivery of goods and services, including cash, diamonds, art, and luxury goods, for the benefit of the sanctioned individual who used the funds to finance the Hizballah financier and his lifestyle, OFAC said, explaining that the network used shell companies and fraudulent schemes to disguise the Hizballah financier’s role in the financial transactions. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson warned in the announcement that “[l]uxury good market participants should be attentive to these potential tactics and schemes, which allow terrorist financiers, money launderers, and sanctions evaders to launder illicit proceeds through the purchase and consignment of luxury goods.” Treasury has issued warnings on money laundering and terrorist financing risks associated with the trade of works of art in a February 2022 report and an October 2020 art advisory (covered by InfoBytes here and here).
As a result of the sanctions, all property and interests in property belonging to the sanctioned persons that are in the U.S. or in the possession or control of U.S. persons are blocked and must be reported to OFAC. “[A]ny entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” U.S. persons are also generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons. OFAC warned that “persons that engage in certain transactions with the persons designated today may themselves be exposed to sanctions or subject to an enforcement action.” Additionally, “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the targets designated today pursuant to E.O. 13224, as amended, could be subject to U.S. sanctions.”
The action by Treasury was taken in coordination with the Department of Homeland Security, the Department of State’s Rewards for Justice program, and the United Kingdom. The same day, the DOJ unsealed a nine-count indictment charging the Hizballah financier and eight co-defendants with conspiring to evade terrorism-related sanctions. According to the DOJ, despite being sanctioned and prohibited from engaging in transactions with U.S. persons, the Hizballah financier and the other co-defendants used a complex web of business entities to conduct money laundering transactions involving valuable artwork and diamond-grading services.
OFAC announces sanctions tied to drug trafficking
On November 9, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 14059 against three individuals and nine entities for supplying certain drugs to U.S. markets through internet sales and a host of shell companies. OFAC noted that the sanctions would not have been possible without collaboration with the Drug Enforcement Administration and Homeland Security Investigations. As a result of the sanctions, all property and interests in property belonging to the sanctioned persons subject to U.S. jurisdiction are blocked and must be reported to OFAC. Additionally, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” U.S. persons are also generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons. Persons that engage in certain transactions with the designated individuals or entities may themselves be exposed to sanctions or enforcement action, OFAC warned.
Agencies issue Burma advisory
On January 26, OFAC, along with Departments of State, Commerce, Homeland Security, Labor, and the Office of the U.S. Trade Representative, published a business advisory titled Risks and Considerations for Businesses and Individuals with Exposure to Entities Responsible for Undermining Democratic Processes, Facilitating Corruption, and Committing Human Rights Abuses in Burma (Myanmar), which informs the public of the heightened risks associated with conducting business in Burma, specifically business that involves the military regime. According to the announcement, since the military coup in 2021, the military has engaged in serious human rights abuse against the people of Burma. The specific entities and sectors of greatest concern for corruption and other illicit finance risks include, among other things, state owned enterprise and real-estate and construction projects.
OFAC issues advisory for China’s Xinjiang region
On July 13, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), along with the Departments of State, Commerce, Homeland Security, and Labor, as well as the Office of the U.S. Trade Representative, issued an updated advisory on the risks for businesses with possible exposure in their supply chain to entities involved in human rights abuses in the Xinjiang Region. The recent advisory updates the original version released in July 2020 (covered by InfoBytes here), which was issued after OFAC announced sanctions pursuant to Executive Order 13818 against a Chinese government entity and four current or former government officials for alleged corruption violations of the Global Magnitsky Human Rights Accountability Act. The updated advisory outlines risks to be considered when “assessing business partnerships with, investing in, sourcing from, or providing other support to companies operating in Xinjiang, linked to Xinjiang, or with laborers from Xinjiang.”
OFAC sanctions Mexican cartel members and facilitator
On May 12, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to the Foreign Narcotics Kingpin Designation Act against a commander and his organization responsible for facilitating drug trafficking between Mexico and the U.S. OFAC also designated six other individuals and one entity as Specially Designated Narcotics Traffickers pursuant to the Kingpin Act for their connections to the organization. Director of OFAC Andrea Gacki noted that the sanctioned organization “help[s] fuel our nation’s opioid epidemic” and that “Treasury and our U.S. government partners, including the Drug Enforcement Administration, will continue to use every available resource to dismantle these criminal networks.” As a result of the sanctions, all property belonging to the sanctioned persons subject to U.S. jurisdiction are blocked and must be reported to OFAC. U.S. persons are also generally prohibited from engaging in any dealings involving the property of blocked or designated persons.
These sanctions against the drug trafficking cartel are the most recent efforts taken by OFAC pursuant to the Kingpin Act (covered in InfoBytes, here and here).
OFAC sanctions Mexican cartel members and facilitator
On May 12, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to the Foreign Narcotics Kingpin Designation Act against a commander and his organization responsible for facilitating drug trafficking between Mexico and the U.S. OFAC also designated six other individuals and one entity as Specially Designated Narcotics Traffickers pursuant to the Kingpin Act for their connections to the organization. Director of OFAC Andrea Gacki noted that the sanctioned organization “help[s] fuel our nation’s opioid epidemic” and that “Treasury and our U.S. government partners, including the Drug Enforcement Administration, will continue to use every available resource to dismantle these criminal networks.” As a result of the sanctions, all property belonging to the sanctioned persons subject to U.S. jurisdiction are blocked and must be reported to OFAC. U.S. persons are also generally prohibited from engaging in any dealings involving the property of blocked or designated persons.
These sanctions against the drug trafficking cartel are the most recent efforts taken by OFAC pursuant to the Kingpin Act (covered in InfoBytes, here and here).
FDIC, OCC, NCUA identify essential critical infrastructure workers during Covid-19
On March 26, the FDIC issued FIL-25-2020 stating that the financial services sector is a “critical infrastructure” during the Covid-19 pandemic pursuant to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (CISA) March 19 guidance. The guidance is intended to help state, local, and industry partners identify critical infrastructure sectors and essential workers in order to ensure continuity of critical functions. The FIL advises company leadership to provide workers with documentation identifying them as critical infrastructure workers who need “to travel inside restricted areas in order to support critical infrastructure.”
On March 25, the OCC issued similar guidance pursuant to CISA’s guidance. Bulletin 2020-23 encourages essential critical infrastructure workers to maintain normal work schedules during the Covid-19 pandemic, and offers guidance for banks concerning workers who may need to move within and between restricted areas. Essential critical infrastructure workers include those who are needed to: (i) “process and maintain systems for processing financial transactions and services (e.g., payment, clearing and settlement; wholesale funding; insurance services; and capital markets activities)”; (ii) “provide consumer access to banking and lending services,” such as ATMs and armored cash carriers; and (iii) support financial institutions (e.g., staffing data and security operations centers). The workers also include key third party providers who deliver core services. The OCC advises banks to, among other things, update business continuity plans and provide documentation to workers detailing work-related travel.
The NCUA also sent a letter to member boards of directors, chief executive officers, chief information officers, and chief information security officers identifying essential critical infrastructure workers pursuant to CISA’s guidance. Updates to Covid-19 NCUA resources are available here.
Departments of Treasury, State, and Homeland Security issue joint advisory warning businesses of North Korean sanctions evasion tactics
On July 23, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), in conjunction with the Department of State and the Department of Homeland Security, issued an advisory to warn businesses—including manufacturers, buyers, and service providers—of the potential risks that may result from sanctions evasion tactics used by North Korea across supply chains. The advisory also provides assistance for businesses complying with Title III of the Countering America’s Adversaries Through Sanctions Act of 2017 with respect to North Korean sanctions. According to the advisory, the U.S. government “is focusing its disruption efforts on North Korean citizens or nationals whose labor generates revenue for the North Korean government.” Specifically, the advisory warns businesses to examine their entire supply chains and adopt appropriate, well-documented due diligence best practices, which “may be considered mitigating factors when the U.S. government determines the appropriate enforcement response.” The advisory also outlines penalties for violations of sanctions and enforcement actions.
See here for previous InfoBytes coverage on North Korea sanctions.
White House Releases Proclamation Announcing National Cybersecurity Awareness Month
On September 30, President Trump issued a Proclamation announcing October 2017 as National Cybersecurity Awareness Month. As part of the initiative, the Department of Homeland Security (DHS) issued tools and resources for both consumers and organizations to manage cybersecurity risk. As previously covered in InfoBytes, the President issued an Executive Order earlier this year entitled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” that requires agencies to submit risk management reports to DHS and develop recommendations for cybersecurity improvements affecting all critical infrastructure, including the financial services industry.