Cyber-Security Awareness Month & Phishing FINRA

Burr & Forman

Burr & Forman

Phishing FINRA 

October is cyber-security awareness month, so it’s only appropriate that FINRA started it with another Regulatory Notice warning member firms to beware of a false-survey phishing scheme.  The Notice warns of “a widespread, ongoing phishing campaign” soliciting survey responses in an email using the fake domain “”  See Reg. Notice 20-35 (Oct. 6, 2020), here.

That’s more of the same for FINRA.  It warned in August that fraudsters were using a fake FINRA domain ( – with an extra “n”) in Regulatory Notice 20-27, here. Later that month, FINRA warned that fraudsters were ginning up a fake registered representative website.  See Regulatory Notice 20-30, here.

It shouldn’t be any surprise that fraudsters are targeted FINRA:  It’s a potentially rich source to mine, given the combination of “other peoples’ money” and a regulator that can summarily suspend a license for failure to respond to its inquiries.  See FINRA Rules 8210, 9552.

FinCEN & OFAC Ransomware Warnings

FinCEN and OFAC opened cyber-security awareness month with Advisories on financial-institution involvement in the processing of ransomware payments.

Ransomware payments typically involve multiple financial institutions, for example:  A depository institution’s wire transfer to a convertible-virtual-currency (“CVC”) exchange – a money-service business (“MSB”) – before sending to the perpetrator’s wallet, where the laundering process begins.

FinCEN’s Advisory lists 10 ransomware red-flags to watch for and reminds covered institutions of their SAR-reporting obligations:

Financial institutions should determine if filing a SAR is required or appropriate when dealing with an incident of ransomware conducted by, at, or through the financial institution, including ransom payments made by financial institutions that are victims of ransomware. As a reminder, a financial institution is required to file a SAR if it knows, suspects, or has reason to suspect a transaction conducted or attempted by, at, or through the financial institution involves or aggregates to $5,000 (or, with one exception, $2,000 for MSBs)16 or more in funds or other assets and involves 16. See 31 C.F.R. §§ 1020.320, 1021.320, 1022.320, 1023.320, 1024.320, 1025.320, 1026.320, 1029.320, and 1030.20. The monetary threshold for filing money services businesses SARs is, with one exception, set at or above $2,000. See also 31 C.F.R. § 1022.320(a)(2). FINCEN ADVISORY 7 funds derived from illegal activity, or attempts to disguise funds derived from illegal activity; is designed to evade regulations promulgated under the BSA; lacks a business or apparent lawful purpose; or involves the use of the financial institution to facilitate criminal activity. Reportable activity can involve transactions, including payments made by financial institutions, related to criminal activity like extortion and unauthorized electronic intrusions that damage, disable, or otherwise affect critical systems. SAR obligations apply to both attempted and successful transactions, including both attempted and successful initiated extortion transactions.

The Advisory requires that ransomware SARS use the reference “CYBER-FIN-2020-A006” in Field 2.

At the same time, OFAC warned that facilitating ransomware payments on behalf of a victim may subject the facilitating financial institution to sanctions under OFAC regulations.

The FinCEN Advisory is here.

The OFAC Advisory is here.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Burr & Forman | Attorney Advertising

Written by:

Burr & Forman

Burr & Forman on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.