What the Ongoing War in Ukraine Means for Financial Institution in the U.S. | #cybersecurity | #cyberattack

By Rene Perez, Financial Crimes Consultant at Jack Henry & Associates

More than two months ago, on February 23rd at 5 a.m. local time, Russia invaded Ukraine. Since then, media channels and social media news feeds around the world have been covering developments daily, including the implementation of economic sanctions on Russia.

Since the beginning of the war, the U.S. government has imposed an extensive list of sanctions against Russia, which aim to have both immediate and long-term effects on the country’s economy. Sanctions have targeted Russia’s largest financial institution, Sberbank, and Russia’s largest private bank, Alfa Bank, Russian elites and their family members, major Russian state-owned enterprises, and have prohibited new investments in Russia, amongst others.

At the start of the war, Bank Secrecy Act (BSA) officers in U.S. financial institutions took immediate actions to remain compliant with sanctions. Firstly, officers monitoring all foreign transactions, ensuring their financial institution’s Office of Foreign Assets Control (OFAC) list was in line with the latest update and running all transactions and customers through the list. This has proven difficult, as not all Russian industries are on the sanctions list – for instance, oil and gas transactions are still allowed. As a result, BSA officers have been closely monitoring and examining every transaction, making sure they cancel some and allow others. When they come across a positive hit, they immediately issue a Suspicious Activity Report (SAR) to remain compliant.

BSA officers have also focused on adding Russia to their sanctioned country list to determine if any active transactions, or those pushed through the SWIFT system after February 26th – the day SWIFT removed Russian financial institutions from its channel – originated from sanctioned entities. If so, they also need to immediately file a SAR. Interestingly, Russia has been pushing China’s Cross-Border Interbank Payment System (CIPS) as an alternative payment channel to SWIFT. CIPS was set up in 2015 as a settlement and payment clearing system for transactions that use the yuan, as part of China’s broader ambition in international finance.  The channel has never really taken off globally like SWIFT, being mainly used by Chinese financial institutions. However, as sanctions continue to intensify, BSA officers should keep an eye on transactions coming through CIPS, as it has already stared being used by some Russian financial institutions.

While remaining compliant with OFAC and monitoring for SWIFT transactions were obvious immediate actions for most experienced BSA officers, watching out for virtual currencies was probably not. As conventional assets have been experiencing volatility in the past couple of months, crypto has gained traction as many Russians have liquidated their savings from traditional financial institutions and invested them into crypto, a non-regulated channel. Cryptocurrency continues to be very fluid as the war develops, and we have already started seeing funds moving from crypto accounts into U.S. financial institutions. For example, a Jack Henry client started receiving crypto deposits in a dormant business account that was already flagged as a potential shell company, raising serious alarms bells within the institution. BSA officers should remain alert and monitor all crypto transactions, and if they see a large incoming deposit from a foreign national account, they should immediately file a SAR.

Lastly, we have already seen an uptick in cyber-attacks on U.S. financial institutions, food producers, and utility companies from the Conti ransomware gang. Conti, one of the most prolific ransomware groups in the world, is known to have originated in Russia. In February, members of the gang came out in support of the Russian invasion of Ukraine. Cybersecurity has always been a big component of Russia’s arsenal and the country is a real threat to the U.S. and our allies in the cyber-world. U.S. financial institutions and enterprises need to be on the highest alert, build or review their cybersecurity policy and complete their risk assessments, as well as review and potentially raise their escalation levels. Moreover, they should also inform and educate their employees and their customers of the heightened threat level and prepare them to respond efficiently in case of an attack.

As with everything in the financial crime world, this crisis too shall pass. In the meantime, U.S. financial institutions, and specifically BSA officers, need to remain extra cautious and vigilant, review internal processes, and closely monitor for suspicious activity. This is the only way to remain compliant with the government’s sanctions while keeping their customers and employees safe and their reputation intact.

About Author:

Rene Perez is a financial crimes consultant at Jack Henry & Associates, leading the company’s financial crimes portfolio for the past 13 years. He also contributes to the Federal Reserve Bank Payments Improvement Fraud work group. Jack Henry (NASDAQ: JKHY) is a leading SaaS provider primarily for the financial services industry. Read more about their risk management contributions here.

Original Source link

Leave a Reply

Your email address will not be published.

seventy eight − = seventy four