On December 4, FinCEN released a financial trend analysis showing that reported ransomware payments in BSA data totaled more than $2.1 billion between January 2022 and December 2024. FinCEN received 7,395 BSA reports related to 4,194 ransomware incidents during this period. The report found ransomware incidents and payments peaked in 2023, with 1,512 incidents and $1.1 billion in payments — a 77 percent increase in total payments from the previous year. By comparison, the report noted that, from 2013 through 2021, the agency received a combined 3,075 BSA reports totaling approximately $2.4 billion in ransomware payments.

FinCEN stated that the most impacted industries during the review period were financial services, manufacturing, and healthcare, which together accounted for over $950 million in reported payments. The analysis identified 267 ransomware variants and noted that the 10 most reported variants accounted for approximately $1.5 billion in payments. FinCEN also identified that threat actors overwhelmingly collected payments in “unhosted” convertible virtual currency (CVC) wallets and exploited CVC exchanges for money laundering purposes.