Partnership with the Financial Industry in Developing Financial Intelligence
These international financial standards are premised upon close cooperation between the financial industry and the public sector in order to combat the abuse of the financial system for money laundering, terrorist financing and other illicit activity. It may be a bit of an oversimplification, but to me the obligations and responsibilities upon financial institutions essentially can be grouped into two categories: (i) efforts to make their institutions hostile to abuse by criminal actors, and (ii) the providing of information regarding financial transactions to the government.
The former category includes what is known as customer due diligence - to know the customer to whom the bank or other financial intermediary is providing financial services, as most financial institutions would not wish to promote illicit activity. In order to make this happen, financial institutions are required to develop AML/CFT compliance programs with dedicated and trained professionals, and to provide for independent review of those programs. The AML/CFT programs directly contribute to the quality of the data on financial transactions that are provided to the government - e.g., because a bank has been diligent in requiring proper identification of its customer, a law enforcement agent can often rely on a report from that bank to correctly identify an individual at issue.
Countries differ in the financial information that they require by regulation to be reported by financial institutions. The most universal type of reporting is with respect to suspicious transactions (STRs) or Suspicious Activity Reports (SARs) as they are known in the United States. FATF Recommendation 13 states:
- If a financial institution suspects or has reasonable grounds to suspect that funds are the proceeds of a criminal activity, or are related to terrorist financing, it should be required, directly by law or regulation, to report promptly its suspicions to the financial intelligence unit (FIU).
It is critical that the financial industry not only be compelled by law to devote the necessary resources to its reporting obligations, but also that the industry understands and is able to take comfort in the specific and necessary purposes for which they bear these costs and dedication of resources. This requires that the government protect the reported information and use it appropriately, as it contains sensitive commercial and personal information. With respect to SARs, it has been recognized that even greater protections are merited to foster as open a flow of information as possible about suspected illegal or at least unexplainable activity with respect to a given customer. FATF Recommendation 14 provides that financial institutions should be protected under national law from any civil or criminal liability for the filing of a SAR, and should not even reveal the existence of a SAR filing.14
Other information that is often reported by financial institutions to the FIU is with respect to cash transactions, often above a certain threshold.15 This is in recognition of the fact that criminals often try to exploit the anonymity of cash.16 More recently, certain countries have begun requiring financial institutions to report information on cross-border funds transfers.
This information stream becomes more valuable than the sum of individual data points when government analysts can combine not only the insights of multiple different reporting entities in the financial industry over time, but also leverage information technology and telecommunications to combine this information with other data, whether from law enforcement or intelligence community sources, and other public or commercially available information. It is through careful and experienced analysis that the individual points of data can be turned into financial intelligence that aids in criminal and counterterrorism investigations as law enforcement "follows the money."
Defining the Role of the Financial Intelligence Unit (FIU)
Now working from the presumption of the value to law enforcement of financial intelligence, how in practice can we put information from the financial industry to use, especially in an international context, to address global vulnerabilities and fight transnational crime? A consensus has emerged that a key role in this effort should be played by the respective FIU in each jurisdiction.
It is quite rare that international law prescribe how states should carry out particular sovereign functions, and even rarer that international law would have some limited view into the way a government organizes its agencies to carry out certain sovereign functions. (For many in the audience here today, I must ask you to set aside your expertise in the field of central banking, which in the past generation has grown to be one of the primary exceptions to the general proposition just stated.) Yet while some aspects of international law develop over centuries, the consensus over the specific role for an FIU within a country's legal system, and as a predicate to international cooperation in the AML/CFT area, developed within the past dozen years.
In June 1995, a group of government agencies and international organizations gathered at the Egmont-Arenberg Palace in Brussels to discuss money laundering and ways to confront this global problem. They established a Legal Working Group to examine obstacles to the cross-border exchange of financial intelligence. In 1996, they adopted a definition of an FIU (slightly revised in 2004 to extend the focus from money laundering to explicitly reference terrorism financing):
- A central, national agency responsible for receiving, (and as permitted, requesting), analysing and disseminating to the competent authorities, disclosures of financial information:
- (i) concerning suspected proceeds of crime and potential financing of terrorism, or
- (ii) required by national legislation or regulation, in order to combat money laundering and terrorism financing.17
The few agencies in place that acted more or less consistently with this definition continued meeting on an informal basis after the 1995 gathering in what became known as the "Egmont Group" (discussed in more detail below).
The United Nations Convention Against Transnational Organized Crime (Palermo Convention) of 2000 essentially adopted this definition and urged countries, among other measures, to combat money laundering and, in particular, the exchange of information internationally to create an FIU. Article 7 of the Convention states that each Member State "shall consider the establishment of a financial intelligence unit to serve as a national centre for the collection, analysis and dissemination of information regarding potential money-laundering."18 That UN Convention entered into force on September 29, 2003 and currently has 147 signatories and 143 parties that have completed ratification.19 The United Nations Convention Against Corruption of 2003 contains identical language with respect to the potential role of the FIU.20
While the original FATF Recommendations from 1990 as revised in 1996 stated that countries should "consider" the concept of a "national central agency" to receive reports of financial transactions,21 it was in the 2003 revisions that the specific role of the FIU was made explicit. FATF Recommendation 26 now reads:
- Countries should establish a FIU that serves as a national centre for the receiving (and, as permitted, requesting), analysis and dissemination of STR and other information regarding potential money laundering or terrorist financing. The FIU should have access, directly or indirectly, on a timely basis to the financial, administrative and law enforcement information that it requires to properly undertake its functions, including the analysis of STR.
Once again, somewhat unique in international law, there has been a global effort to establish FIUs as operational entities within countries. The Anti-Money-Laundering Unit (AMLU) of the United Nations Office on Drugs and Crime (UNODC), as part of its Global Programme against Money-Laundering (GPML), provides AML/CFT technical assistance consistent with UN-related instruments and worldwide accepted standards. The GPML has developed, in collaboration with UNODC's Legal Advisory Section and International Monetary Fund (IMF), model laws for both common law and civil law legal systems that include the establishment of an FIU.22
In the United States, FinCEN was established in 1990 as an office within the Department of the Treasury.23 It was under the USA PATRIOT Act of 2001, however, that its functions were statutorily formalized as a bureau within the Treasury Department.24 FinCEN's responsibilities to receive, analyze, and disseminate financial intelligence for AML/CFT purposes and to coordinate with foreign FIUs were codified into law.25
Within the European Union, all Member States had an agency conducting some FIU functions by no later than 2000.26 In 2005 this was more formally enshrined in Community law in the Third Money Laundering Directive, which states unequivocally: "Each Member State shall establish a FIU to combat money laundering and terrorist financing."27