Capital Markets Cybercrime Espionage Money Laundering OpSec

Two Multinational Banks Ensnared in Panama Papers-Style Leak of FinCEN Data, as U.S. Election Draws Near

In several Thomson Reuters Regulatory Intelligence scoops last week, Aussie reporter Nathan Lynch revealed that the U.S. Treasury’s financial intelligence unit is bracing itself for the publication of a “Panama Papers-style” leak of sensitive data by the International Consortium of Investigative Journalists (ICIJ) and its media partners.

The TRRI story says that the ICIJ’s “consortium members are preparing to publish simultaneously on a pre-determined date. The participating media outlets have been collaborating for more than a year and are expected to release their first reports later this month.”

These news reports come on the heels of a cryptic statement released by the Financial Crimes Enforcement Network (FinCEN) last week. The Treasury’s FIU said they were “aware that various media outlets intend to publish a series of articles based on unlawfully disclosed Suspicious Activity Reports (SARs), as well as other sensitive government documents, from several years ago.”

In the statement, FinCEN also noted that “the unauthorized disclosure of SARs is a crime that can impact the national security of the United States, compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports.” FinCEN has referred this matter to the U.S. Department of Justice and the U.S. Department of the Treasury’s Office of Inspector General.

The fact that the matter was referred to the Treasury’s OIG indicates that the leak likely came from within and was not the result of external hackers. The Treasury OIG’s Office of Investigations is “responsible for investigating criminal activity and employee misconduct associated with the operations” of multiple departmental bureaus, including FinCEN, according to the OIG’s OIS website.  

A spokesman for FinCEN did not immediately respond to Shadow Banker’s request for comment. But John Cassara, an ex-intelligence officer and Treasury special agent who served in the government for nearly three decades, said, “I can only tell you that I was at FinCEN for six years and that nothing like this ever happened.”

ICIJ reporter William Fitzgibbon did not respond to Shadow Banker’s request for comment.

ICIJ member Drew Sullivan, the editor of the Organized Crime and Corruption Reporting Project, which published Shadow Banker’s USC Master’s thesis on the BTC-e Russian crypto-laundromat in 2019 – that almost got Shadow Banker killed in Matamoros of all places – said “no comment, OCCRP will neither confirm nor deny information on stories we work on.”

Robert Mazur, an ex-U.S. Customs and Drug Enforcement Administration undercover agent, who has previously reviewed documents related to ICIJ-published leaks also replied, “no comment,” when asked if he participated in the review of the looming FinCEN exposé.

Standard Chartered and Bank of America Compromised?

A source who is deeply plugged into the private-sector financial crimes compliance (FCC) industry, and who requested anonymity, tipped Shadow Banker about a raft of internal emails circulating at British multinational bank Standard Chartered and U.S.-based Bank of America, directing staff not to speak to members of the media regarding SARs.

Julie Gibson, the head of group media relations at Standard Chartered, told Shadow Banker: “We have no comment to make on any internal e-mail-mails but would direct you to FinCEN’s statement of September 1st in which they reiterate that unauthorized disclosure of SARs (which applies to confirming that one has been filed as well as its contents) is a criminal offense.”

Spokespersons for BoA did not immediately respond to several of Shadow Banker’s emails requesting comment.

Also, William J. Fox, BoA’s global head of financial crimes compliance, who reportedly circulated the internal email at his firm instructing staff to stay tightlipped with the press, according to the anonymous FCC-connected professional, did not immediately respond to Shadow Banker’s request for comment either.  

Troubling Precedent

With FinCEN already debased by a year-long insider leak where senior adviser Natalie Mayflower Sour Edwards illegally shared sensitive SAR data involving entities allegedly linked to the Trump administration with Buzzfeed reporter Jason Leopold, this “really gives the organization a black eye,” said Cassara.

“Financial intelligence (particularly SARs) is closely guarded.  The info is not classified but considered law enforcement sensitive.  Financial intelligence is a huge asset to law enforcement and is used responsibly,” added Cassara.

Additionally, FinCEN’s inability to safeguard sensitive financial intelligence, which has historically been held sacred by the institution, unblemished by the swamp of partisan politics, could lead to an erosion of trust within the FCC community, according to the TRRI report.

Beyond institutional degradation, details included in SARs, if exposed to the wrong people, could be used by the subjects of those reports to unmask the bank employees who filed them in certain jurisdictions, cautions FinCEN.

In fact, the net impact of this ‘woke’ FinCEN insider or insider cabal might result in a “chilling effect on the future flow of financial intelligence from the U.S.’ international partners,” said Bill Majcher, a former undercover operative with Canada’s Royal Canadian Mounted Police.

Cassara said, “when this story really breaks, there could well be a call by some Egmont members for FinCEN to be suspended by organization. The integrity of financial intelligence and data sharing is paramount.”

Cassara is referring to the Egmont Group, a Toronto-based supranational organization that consists of 165 FIUs from all over the world.

“The Egmont Group provides a platform for the secure exchange of expertise and financial intelligence to combat money laundering and terrorist financing,” according to the organization’s website. FinCEN is a founding member of the group.

But the threat of mortal danger is not the case for SARs filers in the U.S. Following law enforcement’s leak of SARs linked to convicted terrorist Aaifia “Lady al-Qaeda” Siddiqui to Newsweek for a 2004 feature on Saudi Arabian-linked financing for the September 11 attack, FinCEN modified the SARs submission form to better protect FCC personnel.

Ever since that point, FinCEN-covered financial institutions have been able to list a generic email as their point of contact for follow-ups from law enforcement, according to the anonymous FCC professional. In 2015, FinCEN revised their rules again and introduced “Item 96,” allowing SAR filers to list a contact office inside their financial institution, instead of a contact name.

According to FinCEN’s SAR frequently asked questions page, the “filing institution should enter the name of the office that should be contacted to obtain additional information about the report. It is the filing institution’s choice as to which office this should be. Examples may include “Compliance Office,” “Security Office,” “BSA Office,” or “Risk Management Office.”   

Thus, it’s not immediately clear who exactly would be ‘marked for death’ like Steven Seagal by a crack-peddling Jamaican Shower Posse set in Chicago if a SAR filing were to be inappropriately disclosed to the public. Regardless, Sours Edwards pled guilty to conspiring to unlawfully disclose SARs last January. She is now facing a maximum of five years in jail and awaiting sentencing.

What Goes into a SAR?

Per the mandates of the Bank Secrecy Act, a SAR is an obligatory tool that financial institutions must use when they detect suspicious activity.

Entities that must file SARs with FinCEN include depository institutions, money services businesses (MSBs), broker-dealers, investment companies, casinos, mortgage companies, loan companies, and precious metals dealers, according to the DOJ.

SAR filings are mandatory at the following thresholds: $2,500 for MSBs; $5,000 for an identified suspect; And 25,000 for an unknown subject. All transactions aggregating $5,000 or more, which a financial institution suspects to be of illicit origin, must also be reported, according to the law.

At their core, SARs are simply narratives that detect the flow of illicit funds and establish emerging threats through analysis of patterns and trends, according to FinCEN.

The Treasury’s FIU advises it filers to follow a chronological three-act structure consisting of an introduction, a body, and a conclusion. This composition should identify the entities involved in the suspect activity, the types of assets and transactions used and executed by suspect entities, when the suspicious activity occurred, where it took place, and the reasoning behind the filing.

Will FinCENgate be the New RussiaGate?

With the ICIJ and its media partners collaborating on this data leak for over a year, the timing of the FinCEN insider’s or insiders’ leak appears calculated to make an impact on the U.S. general election.

The 2016 Panama Papers dump of sensitive financial data from now-defunct law firm Mossack Fonseca by anonymous whistleblower “John Doe” in 2014 resulted in roughly two years of exhaustive indexing and investigation by the ICIJ, spanning 2.6 terabytes of complex, unstructured data.

So, it is unlikely that whatever FinCEN personnel leaked to the consortium would not have factored the painstaking manual processing entailed by this enterprise into their publishing expectations.

Now, whether the FinCEN insider(s) is willfully engaging in election meddling is not for Shadow Banker to decide. However, it’s worth noting that SARs in and of themselves are not smoking-gun proof of financial crime.

While FinCEN says these reports can assist “investigators in connecting the dots in their investigations by allowing for a more complete identification of the respective subjects with information such as personal information; previously unknown addresses; businesses and personal associations; banking patterns; travel patterns; and communication methods,” they are just supporting evidence of potential wrongdoing.

With the publication of this privileged and potentially incriminating financial data by the ICIJ, matters that should be decided by federal investigators, prosecutors, and grand juries, will thus be shifted into the court of public opinion in the most polarizing election perhaps ever in the history of the republic.

The million-dollar question, of course, is which candidate will be targeted by the leak, Donald Trump or Joe Biden? As the Sours Edwards case shows, there is an existing precedent for political favoritism within the Treasury’s FIU.

It’s also worth noting that BoA has loaned to Trump administration senior adviser Jared Kushner, either directly or via properties he co-owns, according to 2017 Wall Street Journal reporting. At the same time, credit card issuer and eventual BoA subsidiary MBNA donated roughly $200,000 to Joe Biden from 1989 to 2010 alone.

Meanwhile, Standard Chartered was assessed a collective $947 million fine by the U.S. Treasury in April 2019 for a slew of sanctions violations in countries, including Burma, Zimbabwe, Cuba, Sudan, Syria, and Iran.

The bank was also the target of controversy in June, generating criticism from a prominent shareholder and others over its support for Hong Kong’s recently enacted national security law that Beijing forced upon the territory last May to crack down on anti-Chinese dissent.

But until ICIJ goes live with their reporting, Shadow Banker is just grasping at straws.

The only certainty here is that FinCENgate will become the new RussiaGate, and once-hallowed financial intelligence will now be freely picked apart and misinterpreted by the cretins who call themselves QAnon, ANTIFA, Colin Kaepernick, Karen, and last but definitely not least, mainstream American media.

3 Responses

  1. Having worked in the space for quite some time, I wouldn’t say it is a stretch to say the problem is more perverse than even this article alleges (but looking at it from a different perspective: items that should trigger a SaR and yet don’t for a number of reasons):

    Assumptions being made that:

    a. we are collecting the correct data when the relationship is established (country of origin, real vs expected activity, beneficial ownership, etc.)

    b. that the models are flagging these transactions for SARs correctly,

    c. they have the necessary rigor built into their policies and procedures, operating models to investigate and escalate as required by the various governing bodies, and

    d. attestations by the MLRO / senior FCC MD / Compliance and or RM MDs (depending on the institution’s business matrixed hierarchy) that it has either been closed without need to suspend traction(s) and or accounts given the institutions internal due diligence are lofty aspirations (if attestations are even required [much harder to sell than one may think.)

    While not addressing the illegal leaking of SaRs data that the article speaks to, I believe the number of transactions and relationships that aren’t reported (or even caught) in reality; those stats (IMO) cause far greater concern (as in most instances, it is considered just the cost of doing business once you reach a senior enough management level.)

    Please keep this note anonymous (even though I didn’t name names in accordance with my NDAs.)

  2. Someone essentially lend a hand to make seriously posts I’d state. This is the very first time I frequented your website page and thus far? I amazed with the research you made to make this actual put up extraordinary. Great job!|

Leave a Reply

Your email address will not be published. Required fields are marked *