Good morning. Victims of ransomware schemes and financial institutions could violate sanctions or anti-money-laundering rules—and face stiff penalties—if they facilitate or make payments to attackers, the U.S. Treasury Department said in a pair of advisories Thursday.

The notices, issued by units of Treasury’s Office of Terrorism and Financial Intelligence, warned victims and businesses that assist them to be particularly wary of making ransomware payments to blacklisted individuals and entities, including hacker groups in countries such as Iran, North Korea and Russia.

[Continued below…]

Many companies pay off attackers if losing the data would cripple their businesses, but the decision to pay can be particularly vexing when the attackers are under sanctions by the U.S. government. Paying them would be a violation of U.S. law, presenting the possibility of steep penalties. And the Treasury is unlikely to grant special licenses to allow a payment to a blacklisted attacker, according to one of the advisories, issued by the department’s Office of Foreign Assets Control, which enforces sanctions.

The Treasury’s warnings suggest the agency could take a harder line on enforcement in the future, cybersecurity experts said. “This announcement is absolutely going to cause significant waves and push companies to reconsider whether paying is an option,” said Charles Carmakal, chief technology officer of cybersecurity firm FireEye Inc.’s consulting arm, Mandiant.

The advisories come on the heels of high-profile ransomware attacks that have disrupted schools, hospitals and global shipping in recent days.

Join us on Thursday for the WSJ Risk & Compliance Forum, where risk managers, compliance officers and legal professionals will provide insights on how their roles are changing as companies grapple with remote workforces, digitization and an amplified focus on corporate ethics. To register, click here.

Generali Global Assistance Inc. agreed to pay nearly $5.9 million to resolve apparent violations of U.S. sanctions on Cuba, in a settlement that the U.S. Treasury Department said underscored the need for companies to be cognizant of indirect sanctions risks.

The self-reported case stems from Cuba-related insurance reimbursements that the San Diego-based travel services provider routed through a Canadian affiliate in an attempt to avoid U.S. sanctions, the department’s Office of Foreign Assets Control said Thursday.

The co-founders of one of the world’s largest exchanges for trading cryptocurrency derivatives have been charged with violating U.S. anti-money-laundering rules as American authorities ramp up enforcement in one of the world’s least regulated markets. BitMEX executives Arthur Hayes, Benjamin Delo, Samuel Reed and Gregory Dwyer were charged with one count of violating the Bank Secrecy Act and one count of conspiracy, according to an indictment made public Thursday.

• The European Union reached a deal to advance a sanctions package on Belarus in coming days after Cyprus and Greece won the bloc’s backing on a statement demanding an end to Turkish drilling in what they claim as their waters, leaders said.
   
• Mexico’s Supreme Court approved a plan by President Andrés Manuel López Obrador to hold a referendum on whether five former presidents should be investigated and possibly prosecuted for corruption.
   
• The Senate Commerce Committee voted to authorize subpoenas forcing testimony from Facebook CEO Mark Zuckerberg, Twitter CEO Jack Dorsey, and Sundar Pichai, CEO of Alphabet Inc. and its subsidiary Google, setting up what could be a contentious hearing with the largest U.S. social-media companies in the midst of a national election.
   
• U.K. pension funds, insurance firms and asset managers need to better explain the purpose and governance structure of their organization, a regulator found. In a report Wednesday, the Financial Reporting Council said few businesses met its expectations for financial reporting in 2019.
   
• The amount of sugar used in the dough supplied by Subway and used in heated sandwiches exceeds the maximum level of sugar content for bread under Irish law, Supreme Court of Ireland Justice Donal O’Donnell said in a judgment, part of a tax case involving one of the chain’s franchisees.

• U.S. stock futures slid after President Trump and first lady Melania Trump tested positive for Covid-19, adding to the political uncertainty in the final weeks before the election.
   
• Pfizer Inc.’s chief executive sought to assure the drugmaker’s employees that their experimental Covid-19 vaccine wouldn’t be influenced by politics, two days after President Trump mentioned the company during the presidential debate.
   
• A drop in household income and persistently high layoffs are threatening to further slow the U.S. economic recovery, which already appears to be losing momentum as the pandemic continues. New applications for unemployment benefits in the U.S. fell slightly last week but remained between 800,000 and 900,000 for the fifth straight week, reflecting a stubborn labor-market recovery. Meanwhile, hiring gains likely cooled in September.

The International Maritime Organization, the United Nations arm that regulates global shipping, said its London headquarters was hit by a cyberattack that brought down its website and internal web-based services—the latest in what appears to be a increasing number of cyberattacks on companies and organizations around the world.

The regulator was hit “by a sophisticated cyberattack against the organization’s IT systems that overcame robust security measures in place,” the IMO said on Thursday. “IMO technicians shut down key systems to prevent further damage from the attack.”

• Amazon said more than 19,000 of its workers have tested positive for the novel coronavirus, the first time the tech giant has revealed such detailed data. The company said the number of positive cases is below what it expected. Amazon, which months ago began to build its own testing labs, has been testing thousands of employees since March and said it would be testing 50,000 employees a day by November.
   
• U.S. manufacturing activity continues to rebound from the sharp downturn last spring, when factories closed to contain the spread of the coronavirus. A pair of new manufacturing surveys shows firms saw solid demand domestically and from abroad in September, leading to backlogs of new orders.
   
• London’s standing as the one-stop shop for American banks doing business in Europe is slipping, as lenders speed up movement of people and assets from the U.K. to the continent before a Brexit transition period ends Dec. 31.

• Nikola Corp. is by far the highest-profile blowup for Trevor Milton, 38, who resigned last month as executive chairman of the electric-truck maker. But combined with a number of past ventures, a pattern emerges for the self-described serial entrepreneur. Mr. Milton through his career built businesses using charm and salesmanship. He often ended up with disputes, litigation and disappointed investors, according to former employees, customers, investors and documents.
   
• Tim Stone, Ford Motor Co.’s chief financial officer, is leaving the auto maker after 18 months to join a software firm, the latest high-profile Detroit auto executive to defect to the technology industry.