On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an updated advisory on potential sanctions risks for companies that facilitate ransomware payments in response to cyberattacks, guidance on preventative measures companies can implement to mitigate such risks, and criteria that OFAC will consider as mitigating factors in any potential enforcement action. OFAC also announced that it has added SUEX OTC, S.R.O. (“SUEX”), a Russian virtual currency exchange, to its Specially Designated Nationals and Blocked Persons List (the “SDN List”), as a result of its role in facilitating ransomware payments. This represents OFAC’s first-ever designation of a virtual currency exchange.

Click here to continue reading the full version of this alert.