There are few events in a lifetime that evoke deep seated emotion and vivid recollection. The terrorist attacks against the United States by Al Qaeda on September 11, 2001, are clearly one of those historic moments that remain frozen in our minds. I poignantly remember my personal reaction then and how it affects me now. 9/11 changed my life, as it did many of us. I was overwhelmed with a sense of wanting to directly respond to those unconscionable attacks. Fortunately, as the agent in charge of the FBI’s Financial Crimes Program, I was in a unique situation where I was afforded an opportunity to respond in a manner few other people could. I was in a position to “follow the money.” In retrospect, that was the most rewarding place to be.
One of the first places I turned was to the financial services sector (FSS). Our financial institutions are a repository for financial fingerprints that law enforcement can use to follow the money. Finance and communications are the two biggest organizational vulnerabilities for criminals and terrorists. The ability to follow the money to identify and disrupt terrorist activity is a powerful weapon. The response we had from the FSS was phenomenal. I am extremely proud of how the industry stepped up, driven by a sense of patriotism, duty and commitment. In the days, months and first few years after 9/11, the FBI and segments of the FSS teamed to establish five distinctive initiatives to proactively investigate terrorist financing. I had the privilege to be directly involved in these initiatives and witnessed firsthand the dedication of our private sector partners. In addition to the FBI and other federal agencies, these initiatives included:
- A working group of representatives from approximately 20 financial institutions. This group was comprised of anti-money laundering (AML) and fraud investigative compliance officers. This group focused on how banks could provide financial information to law enforcement in a more timely and efficient manner.
- Select financial services providers, who were in a position to legally provide law enforcement with near real time transactional information for select investigative purposes.
- A 24/7 network of specific contacts at more than 200 financial institutions. A designated bank representative was available on an around-the-clock basis to provide financial information to law enforcement on terrorist threat leads.
- One financial services provider established a platform for law enforcement to legally obtain certain and specific transactional information. This information was not only critically important to domestic investigations, but also enabled the FBI to provide financial intelligence to another country that assisted an intelligence service in preventing six terrorist attacks in that country.
- A working group of representatives from seven major financial institutions. This group worked on sensitive high-level issues that were intended to enhance information sharing between law enforcement and financial institutions.
Many people working in the FSS contributed to the above initiatives and were true unsung heroes. Their tireless and unselfish behind-the-scenes work enabled law enforcement to succeed time and again. Unfortunately, most of them were not aware of just how important their contributions were and continue to be. These collaborative initiatives served as the model for public-private partnerships. Such partnerships are essential to our ability to conduct meaningful investigations and prevent terrorist activity.
Through proper legal process, the U.S. Treasury Department obtained messaging information from SWIFT on a recurring basis. The FBI was the ultimate consumer of this information that was used on a limited, predicated and targeted basis. This initiative was extremely sensitive and an important investigative tool.
So, where are we as a country and as an industry 10 years later?
Today, we as a country are much more vigilant and cognizant of our vulnerability to terrorism than we were before 9/11. Likewise, the FSS is more committed and determined to root out those instances where terrorists exploit financial institutions in furtherance of terrorist activity.
On the government side, we have made tremendous strides going forward. In assessing our investigative and intelligence collection capabilities prior to 9/11, we were woefully unprepared and worse, systemically flawed. The FBI and CIA were widely criticized. Both agencies made noteworthy changes to their institutional cultures. What we have witnessed in the past 10 years has been a significant transformation in our ability to deal with the daunting challenge of the threat of terrorism. The government has made consistent incremental gains across agency lines at detecting, deterring and preventing terrorist attacks. There have been occasional setbacks. However, we have consistently demonstrated improved sophistication and execution of counterterrorism strategies. Our investigative, intelligence, sanctioning, diplomatic and military capabilities have collectively thwarted numerous terrorist threats over the past 10 years. The seminal moment for this was the killing of Osama Bin Laden by Navy Seals on May 2, 2011. The coordination, cooperation and communication between the CIA and Navy Seals was a defining moment and resulted in one of the greatest intelligence operations we have undertaken as a country.
On the private sector side, especially in the FSS, the challenge has been different yet quietly successful. As previously mentioned, the FBI has been engaged in a series of productive public-private initiatives regarding terrorist financing. Other federal agencies have also had successful collaborations with each other and with the private sector. In addition, the private sector, through grass roots efforts, has established cohesive and dedicated working groups that have contributed to government initiatives regarding terrorist financing. Financial institutions are on the front line in our fight against terrorism. Terrorists inevitably use either formal or informal financial channels to move and have money available to them when they need it. The use of financial institutions as a facilitation tool by terrorists to move and access money makes the bank compliance function a critically important component of national security. It is possible to identify terrorists and their funding channels. However, it is not probable, or likely, that this could be accomplished without specific input from the government. Even with specific input, it would be difficult to identify terrorist financing. The possibility versus probability challenge is one of the most important challenges we face. Similar to the government, as the years have passed since 9/11, the private sector has made incremental gains in dealing with terrorist financing through transaction monitoring, training and detection. The more the industry can improve the possibility of identifying terrorist financial activity, the more the probability of detection increases. In this regard, even the smallest steps forward can be monumental, as has been selectively proven.
Today, we as a country are much more vigilant and cognizant of our vulnerability to terrorism than we were before 9/11
The U.S.A. PATRIOT Act was signed into law on October 26, 2001. This was a pivotal moment in building the framework to effectively fight terrorism. The PATRIOT Act gave law enforcement and the intelligence community enhanced investigative capabilities. It enabled them to share intelligence information, which prior to that, was not possible. This was one of the greatest shortcomings of our pre-9/11 situation. The PATRIOT Act also brought new and enhanced regulations to financial institutions. The broadened Bank Secrecy Act reporting requirements were costly and burdensome to financial institutions. Nonetheless, the FSS responded and implemented strong anti-money laundering programs that have ultimately benefited law enforcement in fighting terrorist financing. I am a firm believer that the benefits to law enforcement and the enhanced levels of due diligence taken by banks have outweighed the burdens by ultimately disrupting the flow of terrorist funding.
Are we safer today than we were on 9/11?
For a variety of reasons, we are much safer today than we were on 9/11.
- First and foremost, we as a nation do not take our security for granted as we did prior to 9/11. We understand we are vulnerable to a terrorist attack. As a society, this has made us an extremely vigilant nation. This vigilance has resulted in at least two cases, in the past year, where the public reported suspicious activity, resulting in the arrests of individuals’ intent on committing terrorist acts.
- The law enforcement and intelligence communities have greatly enhanced their human and signal intelligence capacity. Prior to 9/11, this was a significant shortcoming. Enhanced intelligence has resulted in the prevention of numerous terrorist attacks since 9/11.
- Law enforcement has been more proactive and aggressive in using sophisticated investigative techniques to identify and prevent terrorist attacks.
- The CIA’s use of drone missiles to target and kill Al Qaeda leadership has essentially depleted and neutered the core Al Qaeda group.
- Military, sanctioning and diplomatic actions have further eroded the ability of terrorists to function and to have the organizational capacity to attack our homeland.
- The exploitation of financial information based on collaborations between law enforcement, the Treasury Department and the FSS have disrupted terrorist funding streams and enabled law enforcement to take proactive investigative steps to disrupt and prevent terrorist activity.
Placing things in perspective, we are a much safer nation
Unfortunately, even though we are far safer than we were on 9/11, there will likely be another attack in the United States. We are an open society and therefore vulnerable to attack. Whether the attack is on the scale of 9/11 involving aircraft, or like the attacks in Madrid and London involving the rail transit systems or like the low tech but deadly and crippling attack in Mumbai or like attacks on hotels in Pakistan, Jordan and Afghanistan, an attack will happen. We have been hit by a handful of one-off attacks such as Fort Hood. The attack in Norway on July 22, 2011, illustrates how one lone wolf attacker can cause massive death and destruction.
Placing things in perspective, we are a much safer nation. However, we remain vulnerable and we will encounter a terrorist attack. When that occurs, before we rush to judgment as we are prone to do, we must assess the situation and adequately understand the problem and cause of the attack. We must keep in mind, the numerous potential attacks that were prevented since 9/11. Will the successful attack be the result of a one-off situation we failed to detect or will it be the result of systemic failure, such as we encountered prior to 9/11? My sense is it will be a one-off failure. We should demand accountability but we should exercise restraint in demanding change until we fully grasp the facts.
What lessons have we learned in the last 10 years?
These last 10 years have been a learning experience. Lessons learned include:
- We must be vigilant.
- We, as a nation, are extremely vulnerable to terrorists in terms of terrorist attack and exploitation of our financial system.
- We need to truly understand our risks and the threats we face.
- We need to be proactive in countering the threat of terrorism.
- We need to have a sense of urgency and time sensitivity in dealing with terrorism.
- Public-private partnerships afford us greater opportunity to disrupt and prevent terrorist acts.
- Communication, cooperation and coordination between government agencies and with the private sector are extremely important.
- Finance and communication are the biggest vulnerabilities for terrorists.
- The public and private sectors need to continue to implement new and innovative mechanisms to exploit the vulnerabilities of terrorists.
- Following the money and disrupting funding flows diminishes the ability of terrorists to operate or succeed in their plans to commit acts of terrorism.
The fact is, although we are extremely vulnerable to another significant terrorist attack, we are a much safer nation today than we were on the morning of 9/11. We have much to be grateful for. We owe the public servants who protect us on a daily basis and work to prevent terrorists from attacking us our gratitude and respect. Likewise, the myriad of financial sector compliance professionals who monitor and report suspicious activity and who safeguard our financial institutions deserve recognition. They are our unsung heroes, and they need to know this. What many people do not realize is that Bank Secrecy Act reporting, particularly in the form of suspicious activity reports, is incredibly important and makes a significant difference.
Even though we are 10 years removed from 9/11, I vividly remember the events that unfolded that day. I will never forget the sense of helplessness I felt or the exhilaration I experienced when I realized the opportunity we were presented to “follow the money” and identify the heinous individuals responsible for the attack. That feat was accomplished in a matter of weeks through the analysis of financial records by law enforcement, as facilitated by the FSS. This also set the stage to look forward and develop methodologies to disrupt terrorist financing. There is much we can do to disrupt the threat of terrorism. Chasing the bullets and bombs is more sensational. However, the most direct and productive route is to chase the dollars. The key is “follow the money.” We must continue to move forward and develop mechanisms to make it more difficult and challenging for terrorists to use our financial system. The key is to understand the flow and take the possible and make it probable.