On 14 March 2023, the Financial Action Task Force (FATF) published a report on countering ransomware financing.

The report analyses the methods that criminals use to carry out their ransomware attacks and how payments are made and laundered. The report highlights that criminals are almost exclusively using crypto, or virtual assets and have easy access to virtual asset service providers around the world. Jurisdictions with weak of non-existent anti-money laundering and counter terrorist financing (AML/CTF) controls are therefore of concern.

The report proposes a number of actions that countries can take to more effectively disrupt ransomware-related money laundering. This includes building on and leveraging existing international cooperation mechanisms, given the transactional nature of ransomware attacks and related laundering. Authorities also need to develop the necessary skills and tools to quickly collect key information, trace the nearly instantaneous financial transactions and recover virtual assets before they dissipate. The multi-disciplinary nature of ransomware also means that authorities must extend their collaboration beyond their traditional counterparts to include cyber-security and data protection agencies.

The FATF has also finalised a list of potential risk indicators that can help public and private sector identities identify suspicious activities related to ransomware.