Skip to content
Risk Fraud & Compliance

Strategic Corruption: The cybercrime & corruption connection

Marren Haneberg  Risk Intelligence Analyst / FiveBy Solutions

· 5 minute read

Marren Haneberg  Risk Intelligence Analyst / FiveBy Solutions

· 5 minute read

In the second of a two-part series, we will examine how US firms can stay proactive in their risk and compliance obligations amid the increasing interplay between cybercrime and strategic corruption

In the first part of this series, we discussed President Biden’s recent designation of the fight against corruption and kleptocracy as a core national security interest. Now, we look at the increasing threat of the interplay between cybercrime and strategic corruption and ways that US firms can stay proactive in their risk and compliance obligations.

In the first half of 2021, the Financial Crimes Enforcement Network (FinCEN) received 30% more ransomware-related suspicious activity reports than in the entire previous year. In late January 2022, the US Department of Homeland Security warned that Kremlin-backed hackers could soon target critical US infrastructure, such as utility providers and banks. The White House countercorruption strategy notes that the US government will continue assessing how digital assets and cybercrime are supporting corrupt actors, and how corrupt regimes are using ransomware and other illicit cyber activities to further their foreign policy goals.

The efforts to counter the threat will almost certainly include additional designations against digital wallets linked to malign actors and increased cooperation between law enforcement and private-sector entities to identify, track, and recover ransom payments and take down malign actors.

Ransomware operations are dominated by Russian-speaking cyber actors, and Russian intelligence agencies turn a blind eye to, protect, and sometimes support these criminals, as long as they do not target Russian assets and occasionally perform tasks for the government. Possible government tasks include targeting adversaries’ financial institutions and critical infrastructure as a form of hybrid warfare.

FinCEN and other government agencies will play a key role in the battle against ransomware and state-linked cyber actors by issuing advisories and working with law enforcement to recover funds. The US government also will almost certainly focus on mixing services, virtual currency exchanges, and other operations that help malign actors conceal transfers of cybercrime proceeds. The US Treasury has an array of cyber-focused sanctions tools and an expansive executive order targeting Russia’s malign activities at its disposal to mitigate the risk of malicious cyber-attacks linked to state  actors.

Staying ahead of the curve

US firms must be forward leaning in their efforts to examine their compliance programs and reassess their risk appetites regarding corruption, particularly with many new sanction designations related to Russia’s invasion of Ukraine, and especially against Russian elites, government officials, and oligarchs. Strategic corruption red flags include jurisdictional risks, lack of transparency, involvement of politically exposed persons (PEPs) in financial transactions, and other indicators.

Russia and China are known for weaponizing corruption to achieve their geopolitical goals, but other countries, such as Turkey and Azerbaijan, also use this strategy. Turkey’s state-owned Halkbank is accused of helping Iran evade US sanctions, and several attorneys with links to the US government were involved in efforts to free a Turkish businessman connected to the sanctions-evasion conspiracy. Azerbaijan and other post-Soviet states like Kazakhstan have co-opted elites, creating kleptocratic networks to further their foreign and domestic policy goals.

Jurisdictions labelled as being of primary money laundering concern by FinCEN under Patriot Act Section 311, such as Iran and North Korea, or greylisted for strategic deficiencies in anti-money laundering and countering the financing of terrorism (AML/CTF) by the intergovernmental Financial Action Task Force (FATF) also tend to weaponize corruption as a tool further their geostrategic goals.

On December 7, 2021, FinCEN issued a proposed Beneficial Ownership Reporting Rule, soliciting comments from those stakeholders who would be required to file Beneficial Ownership Information (BOI) reports. US firms and financial institutions should be particularly cautious about transacting or working with entities whose ownership and control is hidden behind a web of shell or front companies, as well as those located in jurisdictions with lax transparency requirements that do not require the identification of ultimate beneficial owners.

Although the involvement of a PEP in a business transaction or a company structure does not, in and of itself, indicate the presence of strategic corruption, PEP status warrants additional scrutiny. Enhanced due diligence is particularly important when the PEP is working in vulnerable industries, such as real estate, energy, defense, or IT, or in risky jurisdictions, or has an unexplained amount of wealth.

Companies engaged in these sectors should reassess their risk programs, possibly perform transaction monitoring, track changes in employment for clients — especially those in risky jurisdictions or who raise other red flags. Companies also should keep abreast of possible upcoming regulatory changes mandated by the Corporate Transparency Act, given the Biden administration’s commitment to treating corruption as a national security concern.