Sep 03ThreatMetrix Ensures Businesses Avoid Stiff OFAC Fines of $250,000 (or More)
The ThreatMetrix TrustDefender Cybercrime Protection Platform’s Location Detection Capability Maintains Business Compliance with OFAC Regulations
The United States Treasury’s Office of Foreign Assets Control (OFAC) regulations prohibit American corporations from doing business with embargoed or restricted countries or entities. The problem is it’s often difficult for businesses such as banks to discover customers’ true locations.
Heavy fines for infractions
Maintaining privacy and protecting personal data might be legitimate reasons for some companies to disguise their locations. However, using proxy servers, TOR network, etc, cybercriminals intentionally hide their locations and place banks and other entities innocently doing business with them in jeopardy of violating OFAC regulations, which have substantial penalties — fines up to $250,000 per incident or twice the value of the offending transactions, whichever is greater.
Most detection outdated
As it stands, most companies use outdated technologies such as IP addresses to determine a customer’s location. These are the equivalent of facing a tank with a BB gun when it comes to cybercriminals who use sophisticated techniques that alter their IP addresses and make it look like they’re in a friendly country (by OFAC standards).
Bert Rankin, chief marketing officer
“We’re addressing a major gap and solving a growing problem in the way business is conducted,” said Bert Rankin, chief marketing officer, ThreatMetrix. “Banks and institutions are significantly impacted when OFAC regulations are violated. France’s largest bank, BNP Paribas, for instance, was recently fined $8.9 billion. This doesn’t have to happen. Our SaaS-based fraud prevention solution is easy to implement and can provide measurable financial benefits to the businesses, in addition to protecting their reputations.”
TrustDefender Cybercrime Protection Platform
The ThreatMetrix TrustDefender Cybercrime Protection Platform significantly enhances an organizations’ ability to comply with OFAC regulations by detecting location spoofing and identifying users’ true locations. The platform’s real-time trust analytics enable context-aware security combining device, identity, and behavioral analytics with collaborative feedback from millions of users across thousands of sites to accurately identify good users and block out cybercriminals.
Additionally, the TrustDefender platform provides organizations with an accurate assessment of suspicious account registrations and transactions as well as the ability to instantly determine if a request or transaction should be blocked, prohibited, accepted or held for manual review.
Leveraging global intelligence from the world’s most comprehensive database, the ThreatMetrix Global Trust Intelligence Network (The Network), the platform is able to detect hidden proxies, Virtual Private Networks (VPNs) and other methods used to conceal visitors’ true locations.
Using real-time advanced device profiling and data from The Network to detect proxy use and evaluate the entire context surrounding each transaction, ThreatMetrix’s solution includes:
- Device analytics: Uniquely identifies each device, determines its location, association with the user, and ties to criminal activity or hacker rings. It detects the presence of proxies, anonymizers, bots or malware and exposes other anomalies that may indicate fraudulent locations, hacking or a compromised device.
- Identity analytics: Pinpoints the end user’s association(s) with trusted entities, or any history or affiliation with crime, fraud, or hacking activities.
- Behavior analytics: Analyzes normal login patterns such as login frequencies, locations, typical access times, login names, and devices used.