Industry News

Banks must release details on cyberattacks, says US Treasury

Cybercrime has turned the financial sector into a top target. The Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Department of the Treasury, has issued an advisory asking financial institutions to release details on cyberattacks to build better security strategies against terrorism financing and cyber-related crimes.

The advisory aids financial institutions in understanding their obligations under the Bank Secrecy Act (BSA) regarding cybercrime and illicit activity. It addresses institutions such as casinos, depository institutions, insurance industry, money services businesses, mortgage co/broker, precious metals/jewelry industry, securities and futures.

From now on, when issuing reports on fraud and money laundering, details on cyberattacks are mandatory in Suspicious Activity Reports to better fight cybercriminals. The reports should contain IPs with timestamps, virtual-wallet information and device identifiers. Timely notifications and comprehensive reporting of unauthorized access and transactions and other criminal activity may pinpoint further leads.

“BSA reporting by more than 20 financial institutions—on transactions related to cyber-enabled crimes—played an important role in the investigation of an internet-based company, its co-founders, and other collaborators,” FinCEN said. “Criminals used this company to conduct over $6 billion in illicit transactions involving proceeds from cyber-attacks, credit card fraud, child pornography, Ponzi schemes, identity theft, and trafficking in narcotics and other contraband.”

About the author

Luana PASCU

From a young age, Luana knew she wanted to become a writer. After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats. Luana is a supporter of women in tech and has a passion for entrepreneurship, technology, and startup culture.

1 Comment

Click here to post a comment
  • It's really good to know that Banks are asked to give details on cyber-attacks if it happens. As, cyber-related information, such as information about specific malware signatures, IP addresses and device identifiers, and seemingly anonymous virtual currency addresses, for example, can help identify the individuals, entities, organizations, or countries involved or responsible for the cyber-event or cyber-enabled crime linked to money laundering or any other cyber-crime.

    Apart from this, it will also be helpful for institutions to know that how much security they are having, and what the mistakes they are doing in their current cyber-security. So, they can make an initiative in improving those vulnerable points and make plans and strategies according to it.