Financial institutions, cyber insurance firms and others that facilitate a ransom payment after a ransomware attack could face federal penalties. Some cybersecurity experts say the warning isnt necessarily a sign of a looming enforcement effort. Paying or facilitating a ransom to a threat actor can be a violation of the Treasury Departments Office of Foreign Assets Control regulations. The advisory amounts to a “shot across the bow” warning of potential repercussions, not necessarily an indicator of increased enforcement, several cybersecurity experts observe.”]
Source: https://www.cuinfosecurity.com/treasury-dept-warns-against-facilitating-ransom-payments-a-15108