The European Commission is gearing up to propose new penalties for cybercrimes involving cryptocurrencies.

In a release yesterday, the European Union’s executive arm outlined its intent to introduce a new directive focused on digital crimes, citing recent ransomware attacks in the region and abroad. Part of that plan would involve the creation of a European cybersecurity agency to spearhead such efforts.

Included in the proposal is a plan to beef up punishments for those involved in related cybercrimes, including ransomware attacks.

The commission said:

“The proposed directive will strengthen the ability of law enforcement authorities to tackle this form of crime by expanding the scope of the offences related to information systems to all payment transactions, including transactions through virtual currencies.”

That the EU’s leadership would move in this direction is perhaps unsurprising given past moves to regulate the bloc’s cryptocurrency startups more closely.

Further, possible changes to EU regulations related to cryptocurrencies could extend beyond crimes involving ransomware, additional public documents show. In a separate release outlining “non-cash payment fraud” in the EU, officials said that existing statutes aren’t equipped to account for crimes involving the tech.

“The current rules on criminalization of non-cash payment fraud are set out in the Council Framework Decision 2001/413/JHA dating back to 2001,” the document states. “It has become clear that those rules no longer reflect today’s realities and do not sufficiently address new challenges and technological developments such as virtual currencies and mobile payments.”

EU flags image via Shutterstock