SWIFT has been breached. We can argue about the definition of this, but we'll knock that one right on the head:
CIA operatives trying to track Osama bin Laden's money in the late 1990s figured out clandestine ways to access the SWIFT network. But a former CIA official said Treasury officials blocked the effort because they did not want to anger the banking community.
Unlike telephone lines and e-mail communications, the SWIFT network cannot be easily tapped. It uses secure log-ins and state-of-the-art encryption technology to prevent intercepted messages from being deciphered. "It is arguably the most secure network on the planet," said the former SWIFT executive who spoke on condition of anonymity. "This thing is locked down like Fort Knox."
So what was holding back the CIA from tracing Osama's cash through SWIFT in the late 1990s? The Treasury department, that's who:
Historically, "there was always a line of contention" inside the government, said Paul Pillar, former deputy director of the CIA's counterterrorism center. "The Treasury position was placing a high priority on the integrity of the banking system. There was considerable concern from that side about anything that could be seen as compromising the integrity of international banking."
The money system is the be-all and end-all. It is the rock on which society is built - it intermediates all transactions. It counts all wealth, at the end of the day. It delivers the information that makes the economy work. So when the Treasury said to the spooks "mitts off" it was speaking with more than ordinary concern.
Which all vanished when 9/11 came along. The economy -- the money system -- became second priority, and the US isn't a country for second places. Damage control is immediate by John Snow, Treasury Secretary:
"President Bush has made it clear that ensuring the safety of the American people and citizens around the globe must be our number one priority.
"Consistent with this charge, one of the most important things we at Treasury do is to follow the flow of terrorist monies. They don't lie. Skillfully followed, they lead us to terrorists themselves, thereby protecting our citizens.
Some more damage control here.
The danger of breaching SWIFT and putting the database into the hands of the various and many US agencies is still present, or the US Treasury was talking out its hat to the CIA in the 1990s. This is obviously going to surprise the banks around the world, not to mention governments like Iran which are "by US fiat" terrorist supporting, China that is locked in a resource battle, and Russia which is emerging from the old cold war days as power that wants reckoning with. Even in the cold war, Russia and allies like Cuba dealt in dollars.
Does this system work? Does John Snow have the picture? We have to make a judgement call here. Every official will leap to the defence, but these are the same officials that kept it secret in the first place. But we can expect some ex-officials to express their skepticism:
Current and former U.S. officials said the effort has been only marginally successful against Al Qaeda, which long ago began transferring money through other means, including the highly informal banking system common in Islamic countries.
The value of the program, Levey and others said, has been in tracking lower- and mid-level terrorist operatives and financiers who believe they have not been detected, and militant groups, such as Hezbollah, Hamas and Palestinian Islamic Jihad, that also operate political and social welfare organizations.
Of course there is another reason why this won't be much good: If Osama Bin Laden or his team were congenitally stupid, they might imagine that SWIFT had not been breached, and the somewhat famed Belgian penchant for banking secrecy would protect them. Sadly for all his victims, we have plenty of evidence that he is fairly smart, he is very far from dumb, and even if this were the case, even the stupidist and thuggiest of drugs dealers seem to be quite adept at hiring good money launderers, if the claimed growth of that money flow is any guide.
(To be frank, I'm a bit surprised at the blow up of this one. I suppose I simply assumed from way back that SWIFT records were already being funnelled to the UST. Consider any outrage written here to be journalistic.)
In effect, the Bush administration have taken on the ire of the banking world, for no gain. It remains to be seen what will be made of this in other countries. John Snow, Treasury Secretary, says response is isolated to the Press. Keep reading those papers, Mr Snow - Banks normally do not signal their displeasure so openly, so you can be sure that you won't have too much worry there...
Moving on from the mild gossip stuff, let's get to the harder governance questions.
We can imagine that many banks and many governments will be going through that "Big Badda Boom" moment as they realise who's reading their traffic. Expect more pressure on the dollar, and more pressure for independent systems. The islamic world will almost certainly push for something, but probably not Sealand, which burnt out today. Any country on the axis-of-evil list is a gonna, as they are by US-definition terrorist-related.
Examine the case of SWIFT. In comes the subpoena, which they make great stress of as compulsory. But let's make no bones about it -- this was a force-based subpoena, and probably an illegal one at that, or backed up by an Executive Order that was probably itself "presidential writ of the novel kind."
What then to do? Comply, probably, in the instance. There is no point in SWIFT leaving the United States, as there are more banks there than the rest of the world put together (an artifact of State banking, not necessarily anything else.) But, in the meantime, design of systems to very carefuly limit the damage would be appreciated. Minimal information, and oversight.
Oversight? Let's talk about oversight.
In a major departure from traditional methods of obtaining financial records, the Treasury Department uses a little-known power - administrative subpoenas - to collect data from the SWIFT network, which has operations in the U.S., including a main computer hub in Manassas, Va. The subpoenas are secret and not reviewed by judges or grand juries, as are most criminal subpoenas. ... Treasury shares the data with the CIA, the FBI and analysts from other agencies, who can run queries on specific individuals and accounts believed to have terrorist connections, Levey said Thursday in an interview with The Times. ... Levey said the program is subject to "robust" checks and balances designed to prevent misuse of the data. He noted that requests to access the data are reviewed by Treasury's assistant secretary for intelligence; that analysts can only access the data for terrorism-related searches; and that records are kept of each search and are reviewed by an outside auditor for compliance.
Levey said there had been one instance of abuse in which an analyst had conducted a search that did not meet the terrorist-related criteria. The analyst was subsequently denied access to the database, he said. New safeguards have been added, he said, noting that SWIFT officials are now allowed to be present when analysts search the data and to raise objections with top officials.
Officials from other government agencies have raised the issue of accessing the records for other investigative purposes, but Levey said such proposals have been rejected - largely out of concern that doing so might erode support for the program.
Asked what would prevent the data from being used for other purposes in the future, Levey said doing so would likely trigger objections from SWIFT and the outside auditor. A SWIFT representative said that Booz Allen Hamilton, an international consulting firm, is the auditor, but provided no further details on how the oversight process works.
OK, so this time they have taken data sharing seriously. They know this data is hot, hot, hot, given the unprecedented step to protect it before being caught. They have 3 sets of guardians (2 better than hapless Sealand).
Unfortunately the oversight is crippled: An internal review of requests. SWIFT officers, who are already compromised and an auditor who is unlikely to blow the lid on it, as he's covered by national security, secrecy, and great pay. In short, nothing independent, nothing open and nothing with teeth. No judge, not even FISA. Signs are Congressional oversight is limited to the extent that they cannot see what it does:
Lee Hamilton, a former congressman and co-chairman of the commission who said he has been briefed on the SWIFT program, said U.S. intelligence agencies have made significant progress in recent years, but are still falling short. "I still cannot point to specific successes of our efforts here on terrorist financing," he said.
I'd give it 3 years before it is comprehensively breached. If they didn't want that then they would have set up the tracking in Brussels, and put in international oversight. Curiously, maybe Congress will wake up at this point and realise that they've got a tiger by the tail. When that transaction tracking starts getting used for non-terrorist purposes, there are going to be some very annoyed people.Posted by iang at June 24, 2006 02:10 PM | TrackBack