AML Watcher is an all-in-one compliance toolkit enabling easy, efficient, and simplified screening for individuals and businesses alike.
Ever-Evolving Cyber Sanction Regime in Response to Cyber Crime - Is Your Business Ready to Comply?
With the advent of cyberspace, came a massive shift in the art of war. This shift did not happen overnight. It evolved gradually over the decades. This new military tactic is increasingly being known as 'cyber warfare' where international players, i.e. the states, deliberately attempt to disrupt the cyber activities of rival states by penetrating their electronic devices, cyber networks, and information technology systems, with the intention to cause damage.
In the age of the internet, countries no longer fight conventional wars alone. Now, most conflicts are fought discreetly, with no physical battle or announcement of war.
Governments today employ malicious cyber attacks as national instruments of power by using non-state actors such as hacktivist groups, corporate espionage, organized crime rings, insiders, and mercenary hackers. Cyber attacks are now used as a part of a state’s offensive strategy to achieve its national interests.
In the last few decades, China, North Korea, Russia, and Iran have actively conducted several cyber attacks targeting the financial institutions, government agencies, and business enterprises of Western nations, in particular, the United States, in an attempt to damage their national IT infrastructure.
By 2025, cybercrimes are estimated to cost the global economy an estimated loss of $10.5 trillion annually. The total loss caused by the spillover damage could be much higher.
In 2016, realizing the damaging threat posed by state-sponsored cyber attacks to commerce, financial systems, and national security, the United States was the first to pass legislation against cyber-attacks, followed by the European Union in 2020, United Kingdom (after its EU Exit Regulations) in 2020 and now quite recently, Australia followed the lead and introduced its first cyber sanctions in December 2021.
If evaluated as a state’s economy, cybercrime would have been the third biggest economy totaling USD 6 trillion globally after the U.S.'s $21.44 trillion economy and China’s $14.14 trillion economy as per the World Economic Forum.
Take for example - ransomware, the most preferred method of attack by cybercriminals. The frequency of ransomware attacks has increased from every 40 seconds back in 2016 to every 11 seconds in 2021, as predicted by Cyber Security Ventures.
To combat these rising cyberattacks, cyber sanctions, a rather recent addition to the regulatory environment, are introduced to obstruct the state-sponsored actors responsible for attacking the rival state’s IT infrastructure in cyberspace, which is widely unregulated under international law.
Cyber sanctions are therefore, put in place to penalize those involved in state-sponsored cyber attacks including theft of intellectual property, ransomware, phishing, spreading false information on cyberspace, and hacking
Cyber Sanctions are now used as a foreign policy toolkit to counter the extraterritorial nature of state-sponsored cyber-attacks. Although primarily imposed unilaterally by the targeted state, it sends a strong message in cyberspace and it's a complementary effort undertaken at the transnational level.
The U.S. State Department together with the Department of Treasury and other state agencies collaborate to identify and penalize cybercriminals that pose any unusual threat to the foreign policy, economy, and national security of the United States. In this respect, two executive orders have been issued by the President of the United States:
Executive Order 13694
Issued on April 1, 2015, these sanctions were introduced to counter cyberattacks by individuals committing malicious cyber-related crimes or are being an accomplices to it.
Executive Order 13757
Issued on December 28, 2016, these cyber-related sanctions have authorized government organizations to counter cyberattacks against entities interfering or meddling in the U.S electoral process and institutions
In 2018, after the hacking attempt by the Organisation for the Prohibition of Chemical Weapons (OPCW) in the Hague by the Russian military intelligence (GRU), the members of the European Union, in particular the Netherlands, pushed for cyber sanctions to enhance EU’s resilience to combat malicious cyber attacks.
Therefore, in 2020 the European Union introduced its first-ever cyber sanctions to target entities threatening the government institutions, financial systems, and security of the European Union.
After the UK’s withdrawal from the European Union, the Cyber (Sanctions) (EU Exit) Regulations 2020 (“the Regulations”) were put in place under the Sanctions and Anti-Money Laundering Act 2018.
On 21 December 2021, Australia introduced a thematic autonomous sanctions regime which, unlike other cyber sanctions legislations, applies to cybercriminals worldwide. In January 2024, Australia used its autonomous cyber sanctions for the first time targeting a Russian individual linked to a destructive cyber attack on Medibank.
As per the 2022 report by the European Union Agency for Cybercrime, the Public or government Administration is the top most sector threatened by cyber-attacks, followed by digital service providers, General public accounts, services sectors, the financial industry, and the health sector respectively.
There’s no telling how big the business of cybercrimes is going to grow. Cybercriminals now have deep connections and collaborate in a ransomware-as-a-service (RaaS) model to target organizations and countries. Advanced technologies like artificial intelligence and machine learning are being used by cybercriminals as well. Therefore, the real challenge is to stay one step ahead.
Given the rising cybercrimes and a new wave of digitization around the globe, the cyber-sanction landscape is going to expand exponentially. Just in January 2024, the United States, United Kingdom, and Australia sanctioned Russian cyber-actor Alexander Ermakov for Medibank hack responsible for Like the other forms of sanctions, the financial industry must comply with cyber sanctions too. In most jurisdictions, failing to comply or neglecting cyber sanctions could lead to fines.
Therefore, financial institutions like insurance firms, banks, investment corporations, and others must keep an eye on the cyber-sanction landscape. A high net-worth client who is also an investor in some tech-powered start-up could also be a sanctioned individual for involvement in offenses like cybercrime.
Given that cyber sanctions are less prevalent than other types of sanctions, watchlist screening tools must offer precise data contextualization to facilitate screening by the specific jurisdictional requirements of individual businesses. A suitable AML watchlist screening tool should proactively gather information on reported cybercrimes and associated convictions, laying the groundwork for evaluating risks about potential cyber sanctions in the future.
Insights
Check out related resources for further insights into relevant topics.
Our best articles, news and stories, delivered to your inbox every week.
Insights
Insights
Insights