By Ellen Nakashima
Washington Post Staff Writer
Wednesday, January 17, 2007
The Treasury Department reported to Congress yesterday that a data-collection program to give counterterrorism analysts routine access to as many as 500 million cross-border financial transactions a year could not be implemented until 2010. The department had hoped to implement it by the end of this year.
The Cross-Border Electronic Funds Transfer Program was part of the 2004 Intelligence Reform Act, and Congress directed the Treasury secretary to determine if the program would be effective in tracking terrorist financing. In a report to Congress to be released today, the Treasury Department concluded that the program was technologically feasible and has value, but said it needs to determine whether the counterterrorism benefit outweighs banks' costs of compliance and to address privacy concerns.
The program is opposed by bankers, who view it as burdensome and invasive.
Unlike another Treasury program, which uses administrative powers that bypass traditional banking privacy protections to tap into the vast global database of transactions maintained by the Brussels-based Society for Worldwide Interbank Financial Telecommunication, the cross-border plan is the result of legislation sought by Treasury and would require congressional oversight.
Both programs were inspired by the Sept. 11, 2001, terrorist attacks.
Banks and money services are required by law to keep records on all wire transfers of $3,000 or more. The proposed program would mandate that each of those transactions -- if they cross the U.S. border -- be reported to the Treasury Department's Financial Crimes Enforcement Network (FinCEN).
The type of data captured would include the names and addresses of senders, the amount and dates of the transfers, the names and addresses of the beneficiaries and their financial institutions.
Treasury officials said in interviews and in the report to Congress that the data would give analysts more information to ferret out illicit activity as they try to detect links between suspects.
FinCEN said that Australia and Canada had used similar data effectively. Australia has used it to catch tax evaders and predict the movement of drugs into and out of the country. But those countries deal with much smaller numbers of transactions.
Treasury receives more than 16 million currency transaction records and suspicious activity reports a year from banks and other financial institutions, which help officials track money launderers and terrorist activity.
Bankers say the additional reporting requirement would be a tremendous burden.
"We're talking about a volume of transactions that dwarfs anything that has been done in the name of [financial regulatory reporting] up to now," said Richard R. Riese, director of the American Bankers Association Center for Regulatory Compliance.
Beyond the reporting burden, he said, privacy concerns are significant. "All this information will now end up in the hands of the U.S. government for them to sift through at their leisure without any apparent process to assure that it is being used for the most significant national security investigations," Riese said. He likened it to a "fishing expedition" -- "except that the government no longer has to go and put their hook in the water. We have to give all the fish."
To streamline reporting, Treasury officials are recommending a "first in" and "last out" system so that only a single U.S. financial institution -- the last one in a transfer out of the country, or the first one in a transfer in -- would have to report each transaction.
"It's another example of the U.S. government's pattern of sweeping up massive amounts of data that it can't possibly analyze, that is not likely to have any significant security benefit, but does threaten privacy" -- that of Americans and of foreigners doing business with Americans, said Barry Steinhardt, director of the American Civil Liberties Union technology project.
European officials, too, raised privacy concerns. "If the program affects non-U.S. citizens, it should be developed in close cooperation with these other countries," said Sophie in't Veld, a member of the European Parliament from the Netherlands.
Stephen R. Kroll, former Democratic special counsel for the Senate Banking Committee, said the statute "wasn't designed to require reporting of every wire transfer that goes in and out of America -- both because that's billions of transactions and because most of them are perfectly ordinary."
He said the law was designed to give the Treasury Department power for "targeted data collection," aimed, for example, at a country where there is known terrorist activity.
In an October interview, Robert W. Werner, who then was director of FinCEN, said most of the data collected would be "commercial oriented" transactions and "irrelevant" to FinCEN's mission to detect and prevent illicit activity. "The key is to have a system that allows you to be able to pull the relevant data without people worrying that irrelevant data is being browsed and used inappropriately," he said.
FinCEN would also need to develop the technical capability to store and analyze the information, the study noted. FinCEN is considering setting up a "federated data warehouse" to store the data, which would be held separately from other financial records data.
Officials said there would be strict rules to ensure that the data is not shared inappropriately, including audit trails to check for improper access. The program would be developed through a public rulemaking process over an extended period, officials said.
"We know there will be costs. We believe there is value. How do those two play out?" said Eric Kringel, senior policy adviser at FinCEN. He said that as a regulatory body, FinCEN "would not want to proceed" without determining if the benefit is worth the cost.
FinCEN has proposed taking a year to conduct a $1.1 million cost benefit analysis. Implementation would cost $32.6 million and take 3 1/2 years, officials said.