by Vanessa Neumann

On 12-13 December 2016, the UN Security Council’s Counter-Terrorism Executive Directorate (CTED) hosted a joint special meeting of the ISIL (Da’esh) and Al-Qaida Sanctions Committee, Member States, the Financial Action Task Force (FATF) and other relevant international and regional organizations on “Depriving Terrorist Groups from Accessing, Raising, and Moving Funds.”

The Financial Action Task Force (FATF) is assisting the UN Security Council by monitoring whether Member States implement UN Security Council Resolutions on financial sanctions, and alerting the Security Council when they do not. Repeated offenses result in blacklisting and make a good argument for a UN Security Council Resolution on the country and its financial system. So, while FATF is an intergovernmental organization and not an international one — which means that it cannot enforce like the UN Security Council can — its power to grey- and blacklist is significant: it can raise the cost of sovereign and foreign debt, stem incoming financial flows and recommend sanctions.

Of the emergent trends in countering terror finance discussed at that two-day meeting, these are the highlights that may impact you and your company.

Role of Private Sector

FATF Pres. Juan Manuel Vega-Serrano was very clear that financial investigation is a key tool in the moral duty to stop terrorism. He cited an unprecedented state commitment to restrict terror funds and emphasized that FATF are seeking to work more closely with the private sector, which must be protected from abuse.

The three key factors in reinforcing the growing public-private partnership to fight the funding of terrorism are:

1. Identification: to roll back anonymity in the economy
2. Surveillance: to step up the awareness and due diligence obligations of all stakeholders, including banks, insurers, lawyers, notaries, art dealers, charities and others as necessary. All need to be educated about the risks of financing terrorism through their financial transactions.
3. Action: to bolster capacities to freeze terrorist assets with reciprocal requests from states, and also propose new designations at both the UN and EU levels

Risk Assessments

Post-ISIS, everyone is much more aware of the growing use and abuse of the international trade system. Now tackling the problem is far more complicated than following the cash: we should work to identify and stem the material resourcing used for terrorism-financing-related risks.

Mr. Tom Neylan, of the FATF Secretariat, emphasized the importance of developing a culture of conducting risk assessments for financial crimes. The growing consensus amongst the speakers was that increased work with the private sector is needed to identify activities where there is little KYC (know-your-customer) due diligence on those with whom one is doing business.

The formula for calculating risk is simple:

Risk = Likelihood x Consequences

It was an oft-repeated theme of the two-day meeting that policymaking (not just operations) should be based on a risk assessment. When building risk-based scenarios (as government strategists do), you want to consider both events that are high-probability and low-impact, and those that are low-probability, but high-impact.

Terrorist finance risk is spread across three areas:

• raising funds
• moving funds
• organizational or operational spending

Proper risk assessments for Member States have to distinguish between operational (terror attack) and organizational funding (such as for community infiltration).This parses out to three distinctions in risk assessments:

1. the risk of funding terrorism (terror finance)
2. the terrorist threat a country faces
3. money laundering risk

These three are not the same in countries. Specifically, the risk assessment should identify that country’s financial vulnerabilities, for example: large cash, large financial services, banking secrecy, etc.

Transit and finance hubs must be included in a vulnerability analysis of a national or regional geography. Examples of these would include high-volume ports, free trade zones, and important financial centers. A regional risk assessment of Southeast Asia, for instance, would include Hong Kong, Shanghai, Singapore and others.

Virtual Currencies

110,000 merchants in the EU accept Bitcoin, yet virtual currencies are not regulated at the EU level, and neither are anti-money laundering (AML) and counter-threat finance (CTF) protocols imposed at a national level on virtual currencies.

Virtual currency (VC) advocates argue that VCs are more transparent than money transfers amongst banks because, thanks to a decentralized ledger, the entire transaction is visible and inalterable, while the proprietary ledgers of banks can easily be falsified. However, what worries financial regulators about virtual currencies based on blockchain technology such as Bitcoin, is the invisibility of the private keys to execute the transactions and the lack of personally identifiable information (PII) of who holds the accounts.

As virtual currencies expand and touch other technologies and platforms, they present a number of multiplying concerns to both security authorities and industry.

1. The proliferation of both the number of entities accepting VCs and of anonymizing technologies complicates the enforcement of sanctions, which concerns both the UN Security Council and corporate compliance officers.
2. Because information & communication technology (ICT) is moving into virtual currencies (like Snapcash and Facebook Payments), these mobile and social media services could present emerging threats to telecommunications companies (‘telcos’): financial transactions carried out through phones could fall outside the financial regulatory framework, ensnaring the telcos in a terror finance problem.

Regulatory change is coming. The US has an expansive definition of ‘money transmission’ services that includes the transfer of value. This opens the way for AML/CTF protocols to apply to the virtual world of Bitcoin, Snapcash, Facebook Payments, etc. The first such case was FinCEN’s penalization of Ripple Labs in May 2015. You can bet there will be more such cases to come: the 4th EU Anti-Money Laundering Directive (known as AMLD4) already makes proposals to reduce anonymity.

In short, there are now two parallel financial environments: all-digital (the virtual wallet) and traditional banking. These can be onramps and offramps to each other. The easy and likely next step is to regulate the exit point where virtual currency gets transferred to real currency. The coming AML/CTF regulation will likely be of distributors of virtual currencies to report (or at least allow voluntary reporting of) personally identifiable information (PII) and suspicious activity reports (SARs). Regulators think virtual currency distributors will acquiesce out of enlightened self-interest: the lack of credibility (by lack of regulation) harms VC uptake by the general public, thereby reducing the value of the currencies and the underlying technology.

Lessons on Illicit Trade and Terrorist Funding

Terrorist funding by recruitment and facilitation networks occurs in two ways or sequentially in two stages:

1. Links between facilitator(s) in the home country and areas bordering the conflict zone
2. Links between facilitation networks and criminal organizations.

In short, the problem of stemming financial flows from illicit trade into support for terrorist networks or operations is so multi-faceted, that it requires not just that prosecutors or FIUs (financial intelligence units) talk to their colleagues in other countries, but that these professionals cross-talk amongst each other in joint analysis teams.

It was emphasized that there are many foundations for strong international cooperation, across layers, drivers and channels, including:

• Strong domestic collaboration or coordination
• Finding common ground
• Focused technical assistance
• Actionable intelligence
• Strategic perspective
• Informal channels: trusted individuals who have a good relationship with the partner nation or entity

What Comes Next?

1. FATF and UN will increasingly take information on systemic vulnerabilities for terror finance from the private sector
2. Greater KYC protocols will be applied across a number of industries and service providers identified as chokepoints for terror finance
3. Spreading regulation of virtual currencies by collecting PII and SARs at their point of intersection with bona fide currencies

Asymmetrica welcomes these initiatives and is honored to be a trusted partner in their design and implementation.

N.B.: Asymmetrica is a member of the Global Counter Terrorism Research Network (GCTRN) for the United Nations Security Council’s Counter-Terrorism Committee Executive Directorate (CTED). Dr. Neumann is on the Advisory Group of the Task Force on Countering Illicit Trade at the Organization for Economic Cooperation and Development (OECD), which houses FATF.

The original featured image can be found at the UN’s website here.