In recent speeches, Michael Chertoff, secretary of the Department of Homeland Security, has called on the country to begin making "tough choices" in the prosecution of the war on terrorism. His refreshing acknowledgment of the need to allocate limited resources more effectively should prompt all those involved in our anti-terrorism campaign to reassess their priorities.

A prime candidate for revamping is the Treasury Department's overly complex and burdensome anti-money-laundering policy, much of which was created after Sept. 11, 2001, to help prevent funds from flowing to terrorist groups. That policy -- summarized in a newly released manual of 300-plus pages -- forces financial institutions to perform many tasks for which they are poorly suited, at a cost of billions of dollars. The Treasury's policy requires, for example, that financial institutions report suspicious activities and analyze the risks that their customers might finance terrorist groups or activities. Financial institutions lack the infrastructure to do this, and the government has been at a loss to provide practical guidance. Instead, it has listed "risk factors," many of which are absurd.

It is no help to say, as the government does, that customers from "high-risk" jurisdictions should be scrutinized, when those jurisdictions include Baltimore, Chicago, Houston, New York, Los Angeles, Milwaukee, Philadelphia, San Francisco and Washington, among other cities, and the United States, Canada, Britain, France and Germany, among other countries. But the government sees amorphous risks everywhere and mandates dozens of practices to reduce these risks.

The result is massive waste. A recent study by the International Institute for Economics concluded that the anti-money-laundering system cost approximately $7 billion in 2003, or more than the entire budget of the Transportation Security Administration, and rests on "assumptions that do not look particularly plausible." Supporting that view, the government's own study concluded that financial institutions generally "lack the information and expertise to detect terrorist financing."

This waste has drawn little attention, at least in part because much of the cost is incurred by the financial services industry rather than the government. But when a financial services firm spends money on compliance mandated by the Sept. 11-inspired USA Patriot Act, that's a national security expenditure just as much as if the government had levied a tax and spent the money directly. And much of the compliance cost is borne by consumers, who pay higher fees for financial services. So does $7 billion spent this way improve security as much as $7 billion spent on foreign intelligence or transit police?

To be sure, financial institutions have an important role in the effort to combat the funding of terrorism. They maintain customer records to ensure that money is routed to the right people. It makes sense to harness this capability in the fight against terrorism by requiring uniform recordkeeping and ensuring that information is available to government investigators tracking.

But financial institutions are not good at detecting funds flowing to suspected terrorists. For that task, one has to be able to ascertain who the potential terrorists are, and the people best equipped to do that job are intelligence and law enforcement officials. They can run undercover operations, tap phones and do other things that financial institutions aren't suited for.

Parts of the current anti-money-laundering system do make good use of the recordkeeping capabilities of financial institutions, through customer identification rules (which should be extended to all types of financial institutions, not just the few types to which they apply), mechanisms to share customer information with the government upon request, and international efforts to ensure that other countries have similar provisions. This is the good news.

The bad news is that government regulators continue to emphasize requirements that financial institutions are ill-suited for and that provide little demonstrable gain. Billions could be saved if government regulators heeded Chertoff's call for tough choices and focused their limited resources on enforcing the customer identification and information-sharing requirements rather than the rest of the anti-money-laundering morass.

The writer is a Washington attorney. He represents financial institutions on anti-money-laundering matters and worked on these issues at the Justice Department.