On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an updated advisory on potential sanctions risks for companies that facilitate ransomware payments in response to cyberattacks, guidance on preventative measures companies can implement to mitigate such risks, and criteria that OFAC will consider as mitigating factors in