Treasury's War Read online

  Sensitive to the tough position he was putting Schrank in, Aufhauser offered to help address any of SWIFT’s concerns about the privacy of its data and any agreement. Aufhauser knew SWIFT might be unwilling to allow the US government direct access to its databases, or even be technically unable to do the kind of targeted searches in their system that the US officials desired. Aufhauser tried to reassure Schrank, saying, “We can build a model that protects our interests—one that allows us both to search for the bad actors misusing the system.”

  Schrank and the SWIFT lawyers listened intently. They understood that the US government would not wait long for their answer. Soon after the meeting, the SWIFT officials delivered the verdict: they would cooperate. Schrank knew that 9/11 had changed everything, later noting, “Given the magnitude of what was now at stake, SWIFT would cooperate—although they would extract the most rigorous protections for their members’ data.”

  Aufhauser would later recall that the entire arrangement between Treasury and SWIFT could not have worked without Schrank’s commitment, trust, and willingness to take a risk. “Lenny was everything,” he said. Schrank has said that the key to working with the US Treasury was officials’ willingness to “problem solve” complex issues rather than “just negotiate with a legal club.”

  Although the program was legal, SWIFT was still taking a giant leap of faith by allowing US government access. Even if Schrank could persuade his board, the banking community and the court of public opinion might not be so forgiving. SWIFT was supposed to be apolitical and neutral, but with this move, it seemed to be cooperating with the United States in its war on terror. The SWIFT officials had made a hard and risky decision to comply. They knew they could be opening themselves up to criticism from their member banks, European politicians, and a European public wary of invasions of privacy.

  By the end of October 2001, the Treasury Department was getting the information from SWIFT that it requested and beginning to build the program that would later become known as the Treasury Terrorist Financing Tracking Program. Within Treasury, we affectionately gave it the code name “Turtle”—the opposite of SWIFT—so we could speak about it outside of classified arenas. The program took on a great deal of secrecy and more code names, with limited access given to a select group of officials and analysts.

  Aufhauser would later set off for Brussels to meet with the SWIFT officials, including their general counsel and their private lawyers, to nail down the mechanics of the process. In the early days of the program, requests for SWIFT data were urgent, tied to suspected terrorist plots. The entire US government was bracing for another Al Qaeda attack, and the intelligence community was under intense pressure to find any shreds of data to uncover and disrupt plots. Aufhauser was the middleman for these early requests from the US government. Having pledged not to abuse the arrangement, but to back up requests with subpoenas, first he would cross-examine the requests for SWIFT information. Then he would call Schrank directly to ask for particular streams of data. He was careful to keep the requests to a minimum, so that SWIFT and their lawyers would not be tempted to conclude that he was crying wolf. Starting in October 2001, the Treasury Department typically served one subpoena per month to SWIFT, with each subpoena incorporating multiple requests for data.1 Treasury was required to have reason to believe that an individual was involved in terrorism to access his or her records.

  Initially, Treasury got access to a subset of the SWIFT financial database. Technically, SWIFT did not have the forensic capability on its own to do the targeted searches for specific names, addresses, dates of transactions, and bank accounts that the Treasury was requesting. At the same time, the Treasury Department did not want to create a system where it had to spoon-feed every classified query to SWIFT, in part because this would require revealing key bits of terrorism-related intelligence necessary to target the searches. The subpoenas therefore were crafted to request data in bunches for select periods of time. The data would be handled in a separate, quarantined database. The restrictions on the program and the inability to blend it with other intelligence community databases chafed at those who wanted to use the data more expansively.

  From the start, some within the US government argued that the procedure should allow for real-time access to permit the possibility of real-time disruptions. Others also argued that the data should be searched more aggressively and widely to look at the intersection of terrorist and proliferation, criminal, and state-sponsored networks. Experts and analysts knew that apparently unrelated criminal or suspicious financial tracks could lead to terrorist actors. Such experts were worried that the United States was needlessly blinding itself to possible financial leads and tracks by only querying limited parts of the SWIFT data fields with specific terrorist suspect names. The information and program were very good, but for some in the US government, the SWIFT data was not being used to full effect.

  This was not an all-out fishing expedition in a sea of financial data. There were clear—and in some ways artificially constrained—limits to what could be done with the SWIFT information. The Treasury remained cautious about access and use of the data. For those in the intelligence community, this was an odd program. The information was being subpoenaed by the US Treasury, and the relationship with the source was being handled by a small team of lawyers and policy officials. SWIFT was actively involved in managing the contours of the program and the limits of the data’s use. And there was a relatively wide array of banking and government officials in Europe and the United States who were made aware of the agreement.

  Many eyes were on this program. Treasury’s deputy general counsel, George Wolfe, had recognized from the start that the program needed to be legal, constrained, managed, and monitored closely. All of us knew that if this program were not handled carefully it might bring down SWIFT and create a public firestorm that would call the integrity of the US Treasury and the entire financial system into question. This preoccupation drove Treasury officials to constrain the program, ensuring that it was limited to only that information that was useful and that could be scrutinized and audited to head off concern from the SWIFT board—which only increased as the program went on.

  As SWIFT grew increasingly antsy, it was Aufhauser’s job to maintain the trust of the board. The litigator in Aufhauser knew he had to make a convincing case that the information being shared was actually needed to disrupt terrorism. The problem was that analysts in the intelligence community did not want to reveal secrets tied to ongoing operations.

  Aufhauser pressed his case: he needed examples to share with the SWIFT board that were authentic, understandable, and demonstrated real value. Aufhauser and the team settled on five examples, all of which remain classified.

  Aufhauser and Bill Fox flew from Washington to Brussels ready to make the “value” presentation. There was so much concern over the sensitivity of the information being conveyed that an agent was sent on the trip to hand-carry the briefing material in a classified, locked bag, which remained handcuffed to the agent’s hand until they arrived at the US embassy in Brussels. The agent and the material handcuffed to his hand flew in first class. Aufhauser and Fox flew in back, in coach.

  Aufhauser again treated this meeting like an opening argument, trying to win over the jury that would judge whether the program was valuable and SWIFT’s risk was worth it. He underscored the value of the program and the gratitude of the US government and then launched into the five case examples—one by one—telling the committee members exactly how the SWIFT data had helped in each. Terrorists had been arrested, networks disrupted, and lives saved around the world. Each example was impressive on its own—and SWIFT data had provided the critical link in every case. Strung together—moving from plot to plot and country to country—the examples were remarkable. When he finished—with the flourish of a closing argument about the immense and growing value of the program—the committee members sat there stunned and silent. Some of the silence probably resulted from the shock
of being allowed to see some of the fresh information about arrests and disruptions just made. Schrank, along with a representative from the Swiss banking giant UBS and the SWIFT lawyers, were clearly convinced—and relieved that their earlier decision to cooperate was justified.

  When he left the committee room, Aufhauser knew that he left no doubt about the significance of SWIFT’s data in fighting terrorism. The integrity of Treasury’s assurances about the value of the program was now clear. This did not mean that SWIFT would simply acquiesce to providing the data forever. Aufhauser knew that the trust established needed to be maintained and measures taken to limit the use of the data as much as possible. SWIFT would continue to demand that access be limited and the scope of the queries reduced, regardless of the value of the data to security services.

  Treasury lawyers and officials traveled to Europe in the summer and fall of 2002 to reassure the key overseer banks and stakeholders in SWIFT. Federal Reserve Chairman Alan Greenspan reassured his fellow central bankers at meetings and in phone calls. Greenspan’s voice and assurances throughout the duration of the program proved invaluable for the treasury secretary and his foreign counterparts. Aufhauser, Fox, and their small team would meet with the Technical Oversight Board for SWIFT seven times during Aufhauser’s tenure as general counsel. This proved to be a critical series of meetings and relationships that kept the program alive and well.

  Some meetings and briefings regarding the program did not go well, especially as more individuals were briefed about the details of the program. Deputy Secretary of the Treasury Dam had met with the head of one of the foreign overseer banks to brief him on the program. The central bank governor told Dam to “stop it,” which then required an entire effort to ensure that this bank and host government were comfortable with the contours of the program at every turn—to include frequent meetings between Paul O’Neill and the head of that country’s finance ministry.

  On one occasion, Aufhauser met with the central bank governor of another country over coffee and briefed him on the program. As soon as Aufhauser finished his initial, informal presentation, the governor of this bank looked straight at him and said, “What you have just told me, I want to know nothing about. Our meeting is over.” The governor stood up and left.

  SWIFT periodically became nervous about the program in spite of Aufhauser’s work and its commitment to keeping the cooperation going. SWIFT soon grew impatient and worried about the direction of the program and the use of the data. With each day that passed and every subpoena received, SWIFT wondered when the program would end. Some of the SWIFT board members had assumed there would be a short shelf-life for the project.

  On two occasions—once in 2002 and again in 2003—SWIFT leadership visited Washington to discuss the program with US leaders. Each time, the US government rolled out the red carpet. In addition to the secretary of the treasury and Chairman Greenspan, core leaders of American national security, including FBI Director Bob Mueller, CIA Director Porter Goss, and National Security Adviser Condoleezza Rice, met with them—including in the White House Situation Room—to reassure them of the value of the program and US fidelity to the constraints placed on the use of the data. Vice President Cheney hosted Schrank several times at his residence. All of this was intended to demonstrate the importance of the data and the seriousness with which the US government took the program and SWIFT’s cooperation.

  Even with all this, Schrank drove a hard bargain, and SWIFT demanded that more processes be put into place to ensure the integrity of the data. SWIFT insisted on outside, independent auditors to ensure that the data was being handled properly and that access and probes were limited to terrorism queries. The auditors submitted reports to the SWIFT board. If there were any problems, they were immediately fixed or addressed. SWIFT also demanded that “scrutineers,” appointed by SWIFT, have real-time access to each search made by US government analysts to verify the terrorism nexus. SWIFT called for a “red button” function to be created, so that the scrutineers could block access to the database immediately if they were concerned about a request. All financial searches of the SWIFT data would eventually be reviewed by at least two SWIFT scrutineers, and internal audits were done to verify that the monitoring was effective. Over time, SWIFT and Treasury officials also agreed to reduce the range of data fields required to fulfill subpoenas—as a fair bit of the messaging information had not proved useful to analysts. This was a remarkable program, with the concerns of civil liberties, privacy, and perceived intrusion informing its very architecture. It was unprecedented for a highly classified and critical information-gathering program to be managed so directly by both Treasury officials and outside actors.

  Although the program was to remain secret and compartmentalized, it was also clear that the Treasury Department should be open about its intentions and desires to track terrorist funds and use all means available to disrupt Al Qaeda’s finances. We injected this theme into any testimony that Treasury senior officials gave. This was part of an explicit communications strategy to explain what we were doing without revealing the details of the methods we were using. I was explicit on more than one occasion in testimony about the tracking of terrorist funding as a core component of the US government strategy in the war on terror. Everyone who was involved in this issue did so—because it was what we were doing. Our enemies and the public just did not know exactly how we were doing it.

  At the same time, we attempted to make it clear that getting access to more usable cross-border wire-transfer data was a common international goal, based on FATF standards and best practices. The anti-money-laundering community required law enforcement, financial intelligence units, and regulators to use such information to detect suspect transactions and to take action to freeze assets. These were accepted principles, but the world did not yet know how the United States was tracking terrorist financing bank transfers so effectively. That story was yet to be printed.

  The Treasury was not the only element of the US government focusing on leveraging financial intelligence. The intelligence and law enforcement communities were developing offices and analytic teams to focus on financial leads and information that could uncover leads to terrorist networks, pinpoint operatives, and help disrupt attacks. At the FBI, long-standing financial crimes experts and agents were assigned to the terrorist financing task force, eventually called the Terrorist Financing Operations Section (TFOS). In the intelligence community, new offices and resources were applied to collect and analyze financial information.

  In the late 1990s, Cofer Black and his team tracking Osama bin Laden in Sudan had offered suggestions for disrupting the bank accounts and financial mechanisms that bin Laden was relying on to store and move money as part of his business enterprise in the Sudan. The intelligence community had proposed aggressive methods to monitor and disrupt Al Qaeda’s financing. Such suggestions were anathema to the Treasury at the time. Revelation of such operations—which was considered inevitable—could crumble US credibility and shake international confidence in the US and global financial system. The Treasury Department had always been reticent to let the intelligence community near the financial system. The government thus resorted to self-censorship to avoid any actions that might be perceived to upset the balance of the international financial system.

  This was a common Treasury view in all the administrations before 9/11. The intelligence community felt burned by this experience. Congressional overseers and the White House had demanded that intelligence agents “follow the money” prior to 9/11, yet from the intelligence community’s perspective, thanks to Treasury, it had been hamstrung in its efforts to disrupt Al Qaeda’s finances. Now, with the smoldering remnants of the 9/11 attacks still filling the air in New York City and Washington, intelligence and law enforcement leaders were not only being asked why they had failed to do more to prevent the attacks, but being asked to disrupt the next one. To create capabilities to prevent the next attack and follow the terrorist financial trails, the int
elligence community turned to some of its veterans in this field.

  The intelligence community had gotten into the illicit financing game as early as 1972 in the hopes of better understanding the growing ties between the narcotics trade and organized crime. Analysts and operatives at the time studied both the networks and the money that bound the people and organizations in the narcotics trade—a business worth billions of dollars coursing through US and other banks.

  Financial investigations and intelligence uncovered the intricate financial networks of the Bank of Credit and Commerce International (BCCI) in the late 1980s. BCCI, which became known as the “Bank of Crooks and Criminals International,” was an all-purpose illicit financial hub, providing banking services for drug trafficking, arms trafficking, and money laundering from the Middle East, Europe, and South America. It was the quintessential bad bank.

  The small group of financial intelligence analysts, operatives, and agents saw in the BCCI case and the illicit financial cases and operations a pattern that proved fundamental to the world of illicit financing: “There was always a bank controlled by the enemy.” Banks were essential components of any global network and the enabler of global commercial and financial activity. If you needed to ship something, you needed a bank for lines of credit. If you needed to shift assets from one country or account to another, you often needed correspondent accounts in banks to do it. (A correspondent account is one held for another financial institution to allow access to banking facilities.) And if you wanted to store money and use it to leverage trading relationships or conceal the origins of the proceeds, you needed a bank willing to take, hide, and/or move the money for you—or at least one that would accept its fees while turning a blind eye. Illicit financial networks of any scope or reach need banks to do business.