US Regulator Warns Virtual Currency Enables Cyberattacks on Banks

OCC
13 July 2016

The federal agency that oversees national banks in the US has named virtual currencies an operational risk due to their perceived role in facilitating and enabling cybercrime.

Part of its newly released semiannual risk survey, the US Office of the Comptroller of the Currency (OCC) warned that virtual currencies continue to be used as payment in extortion efforts by criminals aimed at banks and other businesses. The comments came amid an overall focus on credit and strategic risk in the US markets, particularly for small- and mid-size banks.

As for virtual currencies, the agency named the emerging technology as an enabler of distributed denial of service (DDoS) efforts and the theft of proprietary information against financial institutions.

However, the OCC also stated virtual currencies are also playing a role in the funding of such efforts by providing “anonymity for cyber criminals, including terrorists and other groups seeking to transfer and launder money globally”.

The report reads:

“These methods not only pose substantial challenges for compliance with the Bank Secrecy Act and Anti-Money Laundering (BSA/AML) laws and regulations, but also help cybercriminals raise funds to pay for physical and cyberattacks.”

While not named directly, the umbrella term “virtual currency” has been used previously by US regulators to denote bitcoin and other blockchain-based cryptocurrencies. For example, in March, the OCC lauded virtual currencies and blockchain technology as having potentially “revolutionary” promise.

The remarks come as new research suggests that criminal activity in the bitcoin economy may be reaching historical lows.

OCC image via Shutterstock