Lawyers & Professionals

Firm Overview

Instead of trying to be everything to everybody, we’ve made a name for ourselves by delivering what our clients need most: in-depth, hands-on legal counsel throughout the financial services sector — and beyond.

Get to know us

Firm News

There’s a lot going on at Schulte — we’re wrapping up high-profile matters, welcoming talented new lawyers, speaking on issues that affect our clients, and more.

Read all about it

Pro Bono

Throughout our history, Schulte has provided comprehensive pro bono services to local and national nonprofit organizations. Today, we serve more than 50 nonprofits and work to advance a variety of social justice causes.

Learn more

Diversity, Equity and Inclusion

Inside the firm, we work hard to attract diverse, talented lawyers and encourage their career growth and advancement. And outside the office, we’re active in volunteer drives and local initiatives that support underrepresented groups.

See what we’re up to

Alumni

If you’re a current or former Schulte lawyer, join our Alumni Network on LinkedIn to stay connected with old friends, make new contacts, and share your successes, ideas and insights.

Stay in touch

Social Responsibility

We take doing “good work” seriously — whether we’re talking about our high ethical standards or the way in which we foster a positive and inclusive culture for our personnel and support local communities.

See how we work

Offices

  • New York

    • 919 Third Avenue
    • New York, NY 10022
    • United States of America
      • +1 212.756.2000 Phone
      • +1 212.593.5955 Fax
  • Washington, DC

    • 901 Fifteenth Street, NW, Suite 800
    • Washington, DC 20005
    • United States of America
      • +1 202.729.7470 Phone
      • +1 202.730.4520 Fax
  • London

    • One Eagle Place
    • London SW1Y 6AF
    • United Kingdom
      • +44 (0) 20 7081 8000 Phone
      • +44 (0) 20 7081 8010 Fax

On Oct. 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) each issued advisories on ransomware that, when taken together, make it more difficult for victims to lawfully pay ransoms to regain access to hijacked systems and recover stolen data.

The frequency of ransomware attacks has surged, as has the amounts cybercriminals demand. In the last quarter of 2019, the average ransom payment more than doubled from $84,116 to $190,946, with several organizations reporting seven-figure payments.[1] Navigating a ransomware attack has also become increasingly challenging as perpetrators develop more sophisticated means to infiltrate systems.

The OFAC advisory warns OFAC will impose sanctions on U.S. persons who engage in transactions (including making payments or facilitating payments) with individuals and entities involved in ransomware if they have appeared on OFAC’s Specifically Designated Nationals and Blocked Persons List (an “SDN”) or if they are covered by country or region embargoes. OFAC cautions that a U.S. person need not know that the recipient of payment has been designated because civil penalties may be imposed for sanctions violations based on strict liability (i.e., without knowledge the transaction was prohibited). This poses a significant risk when paying a ransom, as cybercriminals often disguise their identities when demanding payment, and ask for payment by digital currency, making it nearly impossible to determine whether a recipient has in fact been designated by OFAC.

The FinCEN advisory discusses predominant trends, typologies and potential red flag indicators of ransomware and associated money laundering activities and the related suspicious activity reporting requirements applicable to financial institutions. Specifically, FinCEN reminds financial institutions they may be required to file a SAR when dealing with an incident of ransomware.

The new advisories raise the familiar debate over “negotiating with terrorists.” On one hand, paying ransoms makes ransomware attacks more lucrative for cyber criminals and encourages future attacks. On Oct. 13, member nations of the G-7 warned that perpetrators of ransomware attacks might be state-sponsored or linked actors who might use the ransom funds for further illicit purposes, such as funding weapons of mass destruction.[2] On the other hand, regulations that cause delays or impose prohibitions on paying ransoms inhibit what can be an economically efficient way for victims to respond to attacks and minimize the damage to their business continuity.[3]

For private equity sponsors and other fund managers that establish control positions, OFAC’s new restrictions could have significant consequences for portfolio companies in certain subsectors, such as hospitals, that have been particularly hard hit by ransomware and have relied on ransom payments to avert attacks with devastating (and potentially deadly) consequences. In addition to potential sanctions from OFAC, G-7 officials have warned of additional coordinated sanctions applying across member nations.

The restrictions and other risks involved with ransom payments reinforce the importance of fund managers having plans in place to prevent and respond to ransomware attacks.[4] Fund managers should be familiar with the OFAC and FinCEN advisories and review them carefully if they become victims of ransomware. In the heat of the moment during a ransomware attack, it will be critical for the manager to determine if the ransom payment that is being demanded would violate applicable U.S. or non-U.S. law.

This article appeared in the November 2020 edition of SRZ’s Private Funds Regulatory Update. To read the full Update, click here.


[1] The New York Times

[2] Law360

[3] The Department of Justice (“DOJ”) has also signaled an increased focus on the payment of ransoms and other interactions with cyber criminals. On Aug. 20, 2020, the former Chief Security Officer of Uber was indicted in federal court in California for obstruction of justice and misprision of felony in connection with the attempted cover-up of a 2016 hack, which included a ransom payment. The executive allegedly lied to the Federal Trade Commission, which was investigating a 2014 hack at the time the 2016 ransom was paid, and took efforts to conceal the ransom payment. The DOJ said the case should send a broader message about not concealing cybercrime: “While this case is an extreme example of a prolonged attempt to subvert law enforcement, we hope companies stand up and take notice. Do not help criminal hackers cover their tracks. Do not make the problem worse for your customers, and do not cover up criminal attempts to steal people’s personal data.”

[4] Our Aug. 17, 2020 Alert provides further information on the increasing risk of ransomware attacks, including steps that fund managers and financial institutions can take to increase preparedness for a cyber-attack.


This communication is issued by Schulte Roth & Zabel LLP and Schulte Roth & Zabel International LLP for informational purposes only and does not constitute legal advice or establish an attorney-client relationship. In some jurisdictions, this publication may be considered attorney advertising. ©2020 Schulte Roth & Zabel LLP and Schulte Roth & Zabel International LLP. All rights reserved. SCHULTE ROTH & ZABEL is the registered trademark of Schulte Roth & Zabel LLP.