Treasury's War Read online

  We saw him as our arch-nemesis—the chief enemy moneyman to be countered. He was an important pivot point around which we could build pressure on the network. His job had to be getting harder and harder month by month. The intelligence community also saw him as a prime target.

  The intelligence community found and confirmed his true name by 2004—Mustafa al-Yazid—and then began the debate about what to do with it. I argued vigorously for making it public in order to further highlight his role and to isolate those willing to do business with or support him. The intelligence community wanted to keep his name quiet—in part to protect the methods by which we had acquired the name. This was a method that was worthy of protection, because it revealed other things about Sheikh Said and what he was doing to invest and diversify Al Qaeda’s assets. The financial trackers soon learned that he was investing in gold and beginning to hold euros instead of dollars.

  Said would grow in importance, especially as other senior Al Qaeda leaders were killed. He would serve as a gatekeeper as well as an operational manager—all the while using the trust put in him by Zawahiri and bin Laden in managing the organization’s financial operations to pull the levers of the global organization. We continued to track him and to watch the directions he took and the measures he put into place with the organization. Ultimately, Treasury designated him in August 2010.20 The US government wanted to make clear that we knew who he was and that anyone doing business with him would be targeted by intelligence and perhaps other US assets.

  In many ways, our ability to squeeze and distort Said’s budgetary decisions was the ultimate measure of whether we were succeeding. Were we able to affect Al Qaeda’s investment in strategic attacks? Could we ensure that Al Qaeda didn’t have money to pay Pakistani scientists or Russian smugglers, to acquire the knowledge or materiel for a nuclear device or dirty bomb? Could we harm morale by delaying pension payments to relatives of deceased terrorists and payments to new recruits? Was it possible to squeeze Al Qaeda, as it adapted to our pressure, to ensure that we altered its global reach and influence? At the end of the day, could we use financial pressure to constrict Al Qaeda’s threat to the United States and its allies? These were the strategic questions of import that would animate our discussions and our financial campaign against terror.21

  Our hopes for success put a premium on finding financial trails so that we could understand Al Qaeda’s network, disrupt its operations, and constrict its global reach and most strategic and threatening ambitions. Following Al Qaeda’s financial footprints became a new discipline and formed the backbone of our efforts to crush the organization and its operations. And to follow these tracks, the United States needed to build a new enterprise that would leverage access to massive amounts of financial data.

  The various tools and the community we began to forge after 9/11 to address terrorist financing would become the cornerstone of our ability to wage financial warfare more broadly. At the same time, we had begun to condition the financial system to the rejection of tainted capital, and our ability to tap and shape that environment would become a crucial element of Treasury’s power.

  2

  FINANCIAL FOOTPRINTS

  Within days after 9/11, Secretary O’Neill hosted a meeting in the Treasury Secretary’s small conference room located on the third floor of the Treasury building. This room traditionally has been used for senior-level briefings and meetings with foreign finance ministers and heads of state. Pictures of the Treasury Department from the eighteenth century and examples of pre–Civil War currency hang on the walls, and historical artifacts—such as silverware that used to belong to the first treasury secretary, Alexander Hamilton—adorn the room. Its view onto the East Wing of the White House leaves no doubt of one’s proximity to power. The intimate setting has a sense of deep historical import, and the room would be used to host some of the most sensitive and important meetings in the Treasury Department after 9/11. This was one of them.

  It was to be a small interagency meeting to develop new means of accessing financial information around the world. It was not enough merely to expand designation powers, investigate cases, or deepen Treasury’s global regulatory reach. The US government needed as much information as possible about the Al Qaeda network’s financial backers and conduits to be able to direct more intelligence collection and law-enforcement focus to this endeavor, and ultimately, to disrupt the financing of terrorist operations and infrastructure.

  Secretary O’Neill and Treasury had been given the job of launching an aggressive counter-terrorist-financing campaign. This was a new and unprecedented mission for the Treasury Department. The reality was that Treasury had been a minor institutional player in the world of terrorism until 9/11. Al Qaeda and terrorism in the 1990s had been the province of the big boys of national security: the CIA, the National Security Agency (NSA), the FBI, and the Defense and State departments.

  That was about to change. This meeting would spur the development of a new discipline for acquiring and analyzing financial intelligence—what would later be called “FININT.”

  Though technically part of the intelligence community, the Treasury Department had historically been little more than a passive consumer of intelligence products. In the wake of 9/11, what became clear to the department’s general counsel, David Aufhauser, to me, and to others in Treasury was that we needed to develop a more active financial intelligence capability, both at the Treasury Department and on behalf of the government as a whole. If the US government hoped to attack the financial underpinnings of terrorism, Treasury’s relationships and insights would be essential to developing the necessary financial intelligence to identify them.

  Financial intelligence can be defined in many ways. In its broadest sense, financial intelligence is any bit of information—however acquired—that reveals commercial or financial transactions and money flows, asset and capital data, and the financial and commercial relationships and interests of individuals, networks, and organizations. Such information can come in a variety of forms—crumpled receipts found in terrorist safe houses, the detailed ledgers of hawaladars, suspicious transaction reports from banks, and transnational wire-transfer records. Ranging from the incredibly vague to the blindingly detailed, such data can give focus and context to a mosaic of intelligence information. The most secret or closely held types of financial intelligence are those bits of data purposely hidden from view and considered inherently revealing and valuable by others. Tax cheats, money launderers, and terrorist financiers alike seek to cloak this kind of information from detection.

  Some crucial forms of financial intelligence have long been available to Treasury officials. The quintessential form is the information used and kept by banks and other financial institutions on its clients, customers’ accounts, and transactions. For this reason, the national and international anti-money-laundering frameworks built in the 1980s and 1990s focused on setting reporting requirements for banks and other bank-like financial institutions. These requirements were expanded well beyond the classic banking sector with the passage of Title III of the USA PATRIOT Act, which further expanded the reporting requirements to nonbank financial institutions such as insurance companies, money-service businesses, and brokers and dealers in precious stones and metals.

  Thanks to these requirements, it is an expected and standard requirement around the world today for banks and regulated institutions to submit suspicious transaction reports and currency transaction reports above a certain amount ($10,000 in the United States) to their host governments. Banks that make cross-border wire transfers are required to report specific information about the originator and ultimate beneficiary of any transaction. The governmental bodies throughout the world charged with interacting with financial institutions and collecting suspicious activity and currency transaction reports are known as financial intelligence units (FIUs). The US FIU (Financial Crimes Enforcement Network or FinCEN), sits within the Treasury Department.

  Perhaps just as impo
rtant, the Treasury Department also has economic expertise and insights thanks to its cadre of economists and tax experts and their daily contacts with foreign counterparts in finance ministries, central banks, the international and regional financial institutions such as the IMF and World Bank, the financial regulatory communities, and the private sector. Their insights and information constitute an underutilized and underappreciated form of financial intelligence necessary to understand the international financial ecosystem.

  Although there had been financial intelligence available prior to 9/11, with significant use by law enforcement to prosecute cases, its collection, analysis, and use were not given pride of place to address national security threats and issues. What makes financial intelligence so valuable is that it can reveal clear contours of relationships. Unlike the vagaries and complications of human intelligence (HUMINT) or misinterpreted and incomplete captured communications (SIGINT), financial footprints don’t lie. The passing of cash between operatives confirms a connection; the wiring of money between banks unveils a relationship between the account holders; the transfer of money or goods between brokers identifies historical business ties. The records of those transactions—addresses, phone numbers, real names, banks utilized—can be a gold mine of information. Money trails as well can reveal unanticipated and unorthodox ties and connections, since the thirst for profit or the need for material support can spawn unlikely marriages of convenience. Money is the great facilitator and connector—even among enemies. And money or value changes hands only where a relationship actually exists.

  The right information about the sender or recipient of funds can open a window on broader networks or identify unseen ties. If it is timely and specific enough, such intelligence can help disrupt terrorist acts. If intelligence services know that a terrorist operative will be receiving a financial infusion from an overseas donor or supporter, then the trail can be followed and the operative can be physically tracked and caught.

  Still, more often than not financial information alone doesn’t trigger counterterrorism operations, and it may not be the sole piece of data that stops a terrorist attack. The real value comes well in advance. The receipts found in an operative’s pocket, or the budget spreadsheet on a terrorist fundraiser’s computer hard drive, give context and meaning to existing understandings of the enemy’s operations. Relationships between terrorist leaders, operatives, couriers, and funders can be explained, and the ways that funds flow within a terrorist network crystallized, with financial intelligence. Such information can help complete the mosaic of intelligence being gathered by other means. The enemy networks can then be targeted, watched, and disrupted.

  Improving the collection and coordination of financial intelligence was the primary focus of the meeting in the secretary of the treasury’s conference room that day. Treasury would need to execute the most aggressive financial intelligence collection campaign it ever attempted. O’Neill and others had asked the question whether the U.S. government had access to the bank-to-bank transfer information contained in the databases of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), which operates a financial messaging service for financial transactions communicated between member banks. The SWIFT system, known well to the world’s bankers, is used daily by thousands of institutions around the world. The Treasury never had access to this information, but it would need to find a way of gaining access to this treasure trove of financial data.

  SWIFT, based in a well-manicured chateau in Brussels, is a member-owned cooperative that was founded in 1973 to standardize the communication of global financial transactions, and it forms the communication backbone of the formal financial system.

  Central banks from the Group of Ten (G10) countries oversee SWIFT. These include the Bank of Canada, Deutsche Bundesbank, the European Central Bank, Banque de France, Banca d’Italia, the Bank of Japan, De Nederlandsche Bank, Sveriges Riksbank, the Swiss National Bank, the Bank of England, and the Federal Reserve System, represented by the Federal Reserve Bank of New York and the Board of Governors of the Federal Reserve System. The National Bank of Belgium serves as the lead overseer, while SWIFT’s board is made up of top executives from the world’s major banks, including Citibank and Chase Manhattan in the United States.

  SWIFT exists to enable coordination between banks. When assets are moved across borders from one bank to another, banks need a harmonized, secure system by which to communicate and transfer those assets—detailing where the transfer is coming from, what amounts are being transferred, and what institutions and clients are the recipients and beneficiaries. SWIFT is that clearinghouse messaging system and has a virtual monopoly as the switchboard of the international financial system, ensuring the rapid and secure communication of these messages between its members worldwide.

  The SWIFT data is quintessential financial intelligence. Its messaging traffic is broken into data fields with specific information about the banks involved, accountholders, amounts transferred, dates and times of transactions and transfers, and contact information. SWIFT provides deep financial footprints for international transfers of assets. Access to SWIFT data would give the US government a method of uncovering never-before-seen financial links, information that could unlock important clues to the next plot or allow an entire support network to be exposed and disrupted. Blended with other intelligence, the potential of SWIFT data to reveal links and ties between unknown actors was enormous.

  This wasn’t the first time the US government had focused on SWIFT data. In the late 1980s, the Justice Department had approached SWIFT to ask the organization to change its messaging system. The American officials, led by Bob Mueller, who was then assistant attorney general but would become the director of the FBI in September 2001, wanted to be able to subpoena these messages and peer behind the veil of financial transactions to find out where money was coming from and who was receiving it. They made little progress. The American officials had no real authority to mandate this change, and the SWIFT officials and their lawyers knew it. At the end of a series of cordial meetings, the Justice Department officials were thanked for their interest and ushered to the door—without any concessions by SWIFT.

  Though past efforts had failed, Treasury officials and others knew that the SWIFT information could be incredibly valuable—providing direct access to the financial trails between banks. They also knew this had to be done quickly and quietly to ensure we understood Al Qaeda’s financial networks and to use that information to disrupt follow-on attacks. In theory, the information could have been used as part of an expansive, real-time capability that would allow the Treasury to access SWIFT data the moment a transfer occurred—allowing the government and its partners not only to see transactions but to act on the information if necessary.

  O’Neill and Aufhauser wanted the Treasury to control access to this information and relationship. They were instinctually wary, as their predecessors had been, of the intelligence and law-enforcement communities getting too close to the inner workings of the international financial system. They didn’t know the leadership of SWIFT personally, and didn’t know whether procuring data would even be feasible, let alone desirable.

  Nevertheless, the idea of leveraging SWIFT data intrigued Aufhauser. He and O’Neill recognized that Treasury needed to do anything it could to disrupt terrorist financing. As Aufhauser’s lawyer’s mind churned, he thought of a simple and direct way to acquire SWIFT’s data—perhaps right through the front door. Aufhauser had made his legal career finding solutions to hard problems by convincing litigants and adversaries, with careful confrontation, that it was in their interest to concede legal points and to cooperate. Risky as it might be for SWIFT to give up its data willingly, this was a rare moment in which they might be convinced. This would be done Treasury’s way.

  Within days, the deputy secretary of the Treasury Department, Kenneth Dam, had invited the CEO of SWIFT to visit the Treasury building. The CEO was a Massachusetts Institute of Technolo
gy–trained American, Leonard “Lenny” Schrank, who had risen to the heights of the financial world with business acumen and a New Yorker’s classic cutting wit. Schrank and SWIFT had been approached before to cooperate with authorities—including a 1992 visit from the chairman of the FATF arguing for more information to be shared with international law enforcement. Out of these discussions and requests for information, SWIFT developed policies and procedures for refusing subpoena requests for SWIFT messaging data.

  Aufhauser brazenly opened the meeting with a declaration: “I want your data.” Without a pause, Schrank responded, “What took you so long?” Aufhauser knew he had to convince Schrank to cooperate—to allow access to SWIFT data and to comply with broader administrative subpoenas without a legal fight. Aufhauser understood he was making the opening argument for a new relationship that would put SWIFT at some risk and would stretch the bounds of what the US government had done in the past with financial data. He had already determined that the legal authority to request and search the data was on the government’s side. Even so, he wanted to avoid a costly court battle that could delay access to the data and reveal publicly what the US government was seeking.

  As soon as Aufhauser and Schrank met, Aufhauser was convinced that they could make a deal. Schrank was there to cooperate—seeing himself first and foremost as an American—but he did not want SWIFT to be harmed in the process.

  Schrank, who had lived in Europe since 1981, also wanted to explain what SWIFT was and the sensitivities and limitations of what it could offer. Schrank did just this, staking out SWIFT’s need for legal clarity. SWIFT needed to remain apolitical to preserve its role in the financial world. Aufhauser spoke with the directness and rhythmic cadence of a seasoned litigator. “I know you could go into court to challenge our subpoenas. It would be destructive for both of us to go into court, and I don’t think this is a fight you can win. More importantly, it’s a fight you don’t want to win.”