OFAC official urges company transparency on ransomware events
Despite its reputation as a fierce enforcer of sanctions, the Treasury Department’s Office of Foreign Assets Control (OFAC) has a softer side and wants to help companies that are hit with ransomware attacks, according to the agency’s senior compliance officer.
“We’re here to help you comply with the regulations we’re enforcing,” said Kristen Berg during a session Thursday at the Securities Docket’s Incident Response Forum Ransomware event. “We’re not looking to play ‘gotcha.’ We’re looking to provide guidance and help.”
In September 2021, OFAC released a ransomware advisory to highlight the sanctions risks associated with ransom payments. The Treasury prohibits U.S. individuals and companies from engaging in transactions with sanctioned persons, businesses, or entities, including ransom payments.