[House Hearing, 115 Congress]
[From the U.S. Government Publishing Office]
LOW COST, HIGH IMPACT: COMBATING
THE FINANCING OF LONE WOLF AND
SMALL SCALE TERRORIST ATTACKS
=======================================================================
HEARING
BEFORE THE
SUBCOMMITTEE ON TERRORISM
AND ILLICIT FINANCE
OF THE
COMMITTEE ON FINANCIAL SERVICES
U.S. HOUSE OF REPRESENTATIVES
ONE HUNDRED FIFTEENTH CONGRESS
FIRST SESSION
__________
SEPTEMBER 6, 2017
__________
Printed for the use of the Committee on Financial Services
Serial No. 115-37
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
U.S. GOVERNMENT PUBLISHING OFFICE
29-538 PDF WASHINGTON : 2018
____________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Publishing Office,
Internet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800
Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001
HOUSE COMMITTEE ON FINANCIAL SERVICES
JEB HENSARLING, Texas, Chairman
PATRICK T. McHENRY, North Carolina, MAXINE WATERS, California, Ranking
Vice Chairman Member
PETER T. KING, New York CAROLYN B. MALONEY, New York
EDWARD R. ROYCE, California NYDIA M. VELAZQUEZ, New York
FRANK D. LUCAS, Oklahoma BRAD SHERMAN, California
STEVAN PEARCE, New Mexico GREGORY W. MEEKS, New York
BILL POSEY, Florida MICHAEL E. CAPUANO, Massachusetts
BLAINE LUETKEMEYER, Missouri WM. LACY CLAY, Missouri
BILL HUIZENGA, Michigan STEPHEN F. LYNCH, Massachusetts
SEAN P. DUFFY, Wisconsin DAVID SCOTT, Georgia
STEVE STIVERS, Ohio AL GREEN, Texas
RANDY HULTGREN, Illinois EMANUEL CLEAVER, Missouri
DENNIS A. ROSS, Florida GWEN MOORE, Wisconsin
ROBERT PITTENGER, North Carolina KEITH ELLISON, Minnesota
ANN WAGNER, Missouri ED PERLMUTTER, Colorado
ANDY BARR, Kentucky JAMES A. HIMES, Connecticut
KEITH J. ROTHFUS, Pennsylvania BILL FOSTER, Illinois
LUKE MESSER, Indiana DANIEL T. KILDEE, Michigan
SCOTT TIPTON, Colorado JOHN K. DELANEY, Maryland
ROGER WILLIAMS, Texas KYRSTEN SINEMA, Arizona
BRUCE POLIQUIN, Maine JOYCE BEATTY, Ohio
MIA LOVE, Utah DENNY HECK, Washington
FRENCH HILL, Arkansas JUAN VARGAS, California
TOM EMMER, Minnesota JOSH GOTTHEIMER, New Jersey
LEE M. ZELDIN, New York VICENTE GONZALEZ, Texas
DAVID A. TROTT, Michigan CHARLIE CRIST, Florida
BARRY LOUDERMILK, Georgia RUBEN KIHUEN, Nevada
ALEXANDER X. MOONEY, West Virginia
THOMAS MacARTHUR, New Jersey
WARREN DAVIDSON, Ohio
TED BUDD, North Carolina
DAVID KUSTOFF, Tennessee
CLAUDIA TENNEY, New York
TREY HOLLINGSWORTH, Indiana
Kirsten Sutton Mork, Staff Director
Subcommittee on Terrorism and Illicit Finance
STEVAN PEARCE, New Mexico Chairman
ROBERT PITTENGER, North Carolina, ED PERLMUTTER, Colorado, Ranking
Vice Chairman Member
KEITH J. ROTHFUS, Pennsylvania CAROLYN B. MALONEY, New York
LUKE MESSER, Indiana JAMES A. HIMES, Connecticut
SCOTT TIPTON, Colorado BILL FOSTER, Illinois
ROGER WILLIAMS, Texas DANIEL T. KILDEE, Michigan
BRUCE POLIQUIN, Maine JOHN K. DELANEY, Maryland
MIA LOVE, Utah KYRSTEN SINEMA, Arizona
FRENCH HILL, Arkansas JUAN VARGAS, California
TOM EMMER, Minnesota JOSH GOTTHEIMER, New Jersey
LEE M. ZELDIN, New York RUBEN KIHUEN, Nevada
WARREN DAVIDSON, Ohio STEPHEN F. LYNCH, Massachusetts
TED BUDD, North Carolina
DAVID KUSTOFF, Tennessee
C O N T E N T S
----------
Page
Hearing held on:
September 6, 2017............................................ 1
Appendix:
September 6, 2017............................................ 37
WITNESSES
Wednesday, September 6, 2017
Hughes, Seamus, Deputy Director, Program on Extremism, The George
Washington University.......................................... 10
Levitt, Matthew, Director, Stein Program on Counterterrorism and
Intelligence, the Washington Institute for Near East Policy.... 5
Moreno, Joseph V., Partner, Cadwalader, Wickersham & Taft LLP.... 8
Reynolds, Frederick, Global Head of Financial Crime Legal,
Barclays....................................................... 11
APPENDIX
Prepared statements:
Hughes, Seamus............................................... 38
Levitt, Matthew.............................................. 48
Moreno, Joseph V............................................. 63
Reynolds, Frederick.......................................... 71
LOW COST, HIGH IMPACT: COMBATING
THE FINANCING OF LONE-WOLF AND
SMALL-SCALE TERRORIST ATTACKS
----------
Wednesday, September 6, 2017
U.S. House of Representatives,
Subcommittee on Terrorism
and Illicit Finance,
Committee on Financial Services,
Washington, D.C.
The subcommittee met, pursuant to notice, at 2:11 p.m., in
room 2128, Rayburn House Office Building, Hon. Stevan Pearce
[chairman of the subcommittee] presiding.
Members present: Representatives Pearce, Pittenger,
Rothfus, Tipton, Williams, Poliquin, Love, Hill, Emmer, Zeldin,
Davidson; Perlmutter, Maloney, Foster, Kildee, Delaney, Sinema,
Vargas, Gottheimer, Kihuen, and Lynch.
Ex officio present: Representative Waters.
Chairman Pearce. The Subcommittee on Terrorism and Illicit
Finance will come to order.
Without objection, the Chair is authorized to declare a
recess of the subcommittee at any time. Also without objection,
members of the full Financial Services Committee who are not
members of the Subcommittee on Terrorism and Illicit Finance
may participate in today's hearing.
Today's hearing is entitled, ``Low Cost, High Impact:
Combating the Financing of Lone-Wolf and Small-Scale Terrorist
Attacks.''
I now recognize myself for 2 minutes to give an opening
statement. I want to thank everyone for joining us today.
Today's hearing will examine issues concerning small-scale acts
of terrorism and the mechanism used to fund this type of
terrorism. Although overall numbers remain low, one study has
found that since the 1970s, lone-wolf attacks have grown almost
50 percent in the United States, and by over 400 percent in
other Western countries.
Law enforcement as well has previously expressed concern
that there is a greater likelihood of lone-wolf terrorism than
large-scale attacks in the United States. One of the likely
reasons is the relatively low cost for funding such an attack.
Roughly 75 percent of extremist terrorist plots in Europe
occurring between 1994 and 2013 have an average cost of just
$10,000.
As we will hear today, whether an act of terrorism is
directly funded by a known terrorist group or carried out by a
sympathizer, the relatively low financial cost presents a
hurdle to tracking the movement of funding through the
financial system. Whether it be through petty crime, working a
temporary job, misappropriating government benefits, or
engaging in scam transactions, terrorist organizations are
utilizing new means to finance their operations, and are
increasingly turning to newer financial technologies as well as
less traditional transfer methods to move their funds.
As we have seen a change in tactics to lone-wolf terrorist
acts, what is clear, however, is that the cooperation between
policymakers, law enforcement, intelligence agencies, and
financial institutions is necessary to detect, identify, and
disrupt the funding of those actors.
In today's hearing, I hope our witnesses can discuss how we
are currently combating terrorism and illicit finance including
what tools and partnerships are working well in the effort to
detect and disrupt lone-wolf and small-cell attacks. I would
also appreciate any comments about deficiencies in our system
that may impede our fight against terrorist finance.
Finally, I would welcome a discussion about the new and
innovative technological solutions that are being developed to
help tackle this problem. Inhibiting terrorist financing is not
a new problem, but I hope that today we can shed some light on
this issue and help inform this subcommittee on ways in which
we can help disrupt that flow of money.
Again, I would like to thank our witnesses for being here
today. I look forward to their expert testimony on this very
important issue.
I now recognize the gentleman from Colorado, Mr.
Perlmutter, for 2 minutes for an opening statement.
Mr. Perlmutter. Thank you, Mr. Chairman. And thank you to
each of our witnesses for being here today.
This subcommittee takes on some difficult but important
issues. In recent years, we have seen a rise in lone-actor
terrorist attacks. While these terrorists are often inspired by
extremist ideologies, they have little to no specific help from
terrorist organizations, and the attacks are often self-
financed, making them more difficult to uncover and prevent.
We have seen that lone-actor terrorists can be radicalized
by foreign as well as domestic extremism. In the San Bernardino
shooting, the Orlando nightclub attack, and the Boston Marathon
bombing, the terrorists were inspired by foreign terrorist
organizations.
However, in the Charleston church shooting, the car attack
in Charlottesville, and the Planned Parenthood shooting in
Colorado Springs, the terrorists were motivated by domestic
extremism. Regardless of the source of radicalization, we must
look for ways to prevent the financing of these kinds of
activities. The low cost of these attacks can be challenging to
our current antiterrorism financial protocols, but that doesn't
make them any less important to stop.
I am eager to hear from our witnesses on how to recognize
financial patterns in small-scale terrorism, how the government
or financial institutions can better block extremist networks,
and other ideas on how to disrupt lone-actor terrorism
financing.
With that, I yield back, Mr. Chairman.
Chairman Pearce. The gentleman's time has expired. The
Chair now recognizes the gentleman from North Carolina, Mr.
Pittenger, for 1 minute.
Mr. Pittenger. Thank you, Mr. Chairman, and Ranking Member
Perlmutter, for hosting today's hearing on combating lone-wolf
terrorism and small-scale terrorist attacks.
I would also like to thank our distinguished panelists for
lending their expertise to our subcommittee, particularly Mr.
Reynolds. Thank you for your engagement in working with us and
traveling to other countries to carry the important message of
terrorism finance and how we can prevent the bad guys from
getting the money.
Last Congress, I pursued legislation that would punish
those who move to support lone-wolf terrorists. Furthermore, I
will continue to pursue legislation that arms law enforcement
and assists our partners abroad to mitigate the impact of
potential terrorist attacks.
Lone-wolf and small-scale terrorist attacks continue to
threaten the United States and the rest of the world. It is
important that we continue to track illicit finance and illegal
transactions by cooperating with the private sector to thwart
these bad actors.
Mr. Chairman, I look forward to today's important hearing,
and I yield back.
Chairman Pearce. The gentleman's time has expired. The
Chair now recognizes the gentleman from Minnesota, Mr. Emmer,
for 2 minutes.
Mr. Emmer. Thank you, Mr. Chairman, for yielding, and thank
you for holding this hearing today.
This subcommittee has held a number of important hearings
during its inaugural session. And today's topic will hopefully
help us better understand and address what seems to be a shift
in the way acts of terror and violence are carried out.
While we will never forget the images of a large-scale
attack like the one we witnessed almost 16 years ago against
the World Trade Centers and the Pentagon, there is an increased
and concerning pattern of smaller, less coordinated attacks
around the globe.
Less than a month ago, a terrorist using a rented cargo van
targeted and killed 14 people in a popular tourist location in
Barcelona, Spain. Just over a year ago, on September 17, 2016,
a suspected terrorist wielding kitchen knives wounded 10 people
at a shopping mall in my district in Minnesota. The attacker
was fortunately subdued by the heroic actions of another
Minnesotan before any innocent lives were lost. However, areas
of recreation and enjoyment must now be viewed as potential
soft targets, where even the most common household items can be
used as a weapon.
Our financial institutions have and will continue to play a
critical role in the fight against terrorism. As food and water
are essential to sustaining life, terror organizations need
financing and resources to further their agenda of violence and
hate. We must continue our efforts to deprive them of these
essential resources, and we must constantly evolve as the
threats facing our Nation so often do.
I look forward to hearing from our witnesses today and
working with my colleagues on this subcommittee to find ways we
can partner with our financial services sector to better track
and defeat small-dollar, small-scale acts of terror in the
future.
Thank you, and I yield back the remaining balance of my
time.
Chairman Pearce. The gentleman yields back. The Chair now
welcomes each one of our witnesses today.
To introduce Mr. Moreno, I would like to recognize
Representative Lee Zeldin.
Mr. Zeldin. Thank you, Mr. Chairman.
Mr. Joseph Moreno is a partner in the white collar defense
and investigations group at the law firm of Cadwalader,
Wickersham and Taft. Mr. Moreno rejoined Cadwalader after
serving at the U.S. Department of Justice in the National
Security Division's Counterterrorism Section where he
investigated and prosecuted international money laundering,
material support, structuring, and terrorist financing cases.
He was also appointed a Special Assistant U.S. Attorney for the
Eastern District of Virginia where he prosecuted a wide variety
of criminal cases regarding the Classified Information
Procedures Act, the Foreign Intelligence Surveillance Act, and
the USA PATRIOT Act.
In 2014, Mr. Moreno was appointed as a consultant to the
Federal Bureau of Investigation where he served on the staff of
the FBI's 9/11 Review Commission.
Prior to joining his current firm, Mr. Moreno was an
associate in the structured finance and white collar crime
group at the law firm Skadden Arps. Mr. Moreno earned his
undergraduate degree in political science cum laude from Stony
Brook University in the greatest Congressional district in
America, New York 1, and his JD cum laude from St. John's
University School of Law.
A decorated combat veteran, Mr. Moreno is a Lieutenant
Colonel in the U.S. Army Reserve. And I was honored to serve
with Mr. Moreno, because we were in the same Army Reserve unit
until recently.
Thank you, and I yield back.
Chairman Pearce. Dr. Matthew Levitt, I understand that you
have a hard stop at 4:00? Okay. So at that time, I will excuse
you. The rest of you are good until 7:00?
Okay. Checking. That was a little grimace there instead
of--
Okay. Dr. Levitt is the Director of the Stein Program on
Counterterrorism and Intelligence at the Washington Institute
for Near East Policy. From 2008 through 2009, he served as
State Department Counterterrorism Advisor to the Special Envoy
for Middle East Regional Security. From 2005 to early 2007, he
served as Deputy Assistant Secretary for Intelligence and
Analysis at the U.S. Department of the Treasury.
From 2001 to 2005, Dr. Levitt served the Washington
Institute as founding director of its terrorism research
program, which was established in the wake of the September
11th attacks. Previously, he served as counterterrorism
intelligence analyst at the Federal Bureau of Investigation.
Dr. Levitt holds a bachelor's degree in political science
from Yeshiva University, as well as a master's degree in law
and diplomacy, and a doctorate from Tufts University Fletcher
School of Law and Diplomacy.
Thank you for being here, Dr. Levitt.
Mr. Seamus Hughes is the deputy director of the Program on
Extremism at George Washington University. Mr. Hughes
previously worked at the National Counterterrorism Center
(NCTC) serving as lead staffer on the U.S. Government effort to
implement a national countering violent extremism strategy.
Prior to NCTC, Mr. Hughes served as a Senior
Counterterrorism Advisor for the U.S. Senate Homeland Security
and Governmental Affairs Committee.
On the Hill, Mr. Hughes authored numerous legislative
bills, including sections of the 9/11 Commission
Recommendations Act, and the Special Agent Samuel Hicks
Families of Fallen Heroes Act.
He is a graduate of the University of Maryland and a
recipient of the National Security Council outstanding service
award and two NCTC Director's Awards for outstanding service.
Mr. Hughes also teaches classes at George Washington University
and Georgetown University.
Thank you for being here, Mr. Hughes.
Mr. Frederick Reynolds is global head of financial crime
legal for Barclays. Mr. Reynolds joined Barclays from Bank of
America where he was an FIU executive and was responsible for
global AML investigations, global AML detection and monitoring,
risk data analytics, and AML behavior modeling.
Prior to entering the private sector, Mr. Reynolds served
as the Deputy Director of Treasury's Financial Crimes
Enforcement Network, or FinCEN. Prior to being appointed the
Deputy Director of FinCEN from 2010 to 2012, he was Deputy
Chief of the Asset Forfeiture and Money Laundering section at
the Department of Justice where he oversaw numerous high-
profile money laundering and financial crime cases, including
ones involving Mexican cartels, terrorist financing, and
transnational organized crime.
From 2006 to 2010, Mr. Reynolds was a Federal prosecutor at
DOJ where he investigated and prosecuted high-profile cases
involving significant money laundering, and financial crime in
violations of the International Emergency Economic Powers Act
and the Bank Secrecy Act.
Prior to joining DOJ, Mr. Reynolds was the assistant
attorney general for the Republic of Palau and a litigation
associate for several private firms. Mr. Reynolds has an
undergraduate degree from Brandeis University and a law degree
from Emory University School of Law.
Each one of you will now be recognized for 5 minutes to
give an oral presentation of your testimony. And without
objection, each of your written statements will be made a part
of the record.
Dr. Levitt, you are now recognized.
STATEMENT OF MATTHEW LEVITT, DIRECTOR, STEIN PROGRAM ON
COUNTERTERRORISM AND INTELLIGENCE, THE WASHINGTON INSTITUTE FOR
NEAR EAST POLICY
Mr. Levitt. Thank you, Chairman Pearce, Ranking Member
Perlmutter, and distinguished members of the Terrorism and
Illicit Finance Subcommittee of the House Financial Services
Committee. It is an honor and a privilege to testify before you
today.
Unlike large attacks orchestrated over time by large
groups, lone- offender and small-group attacks can be carried
out very quickly with minimal funding and preparation. The
result is that, in some cases, authorities can be denied both
the lag time within which they can run an effective
investigation and the benefit of key traditional trip wires,
like the ability to be able to follow travel, communications,
and financial trails, that in the past have proved to be
especially productive lines of investigative inquiry.
Lone offenders and small groups are--their attacks are on
the rise, especially coming on the heels of explicit calls by
groups like the Islamic State and al-Qaida for like-minded
followers to carry out attacks in their home countries.
ISIL has been pushing such attacks for years now. In an
online 2015 book entitled, ``How to Survive in the West: A
Mujahid Guide,'' the group argued, and I quote, ``With less
attacks in the West being group-networked attacks and an
increasing amount of lone-wolf attacks, it will be more
difficult for intelligence agencies to stop an increasing
amount of violence and chaos from spreading in the West.''
The terrorist threat from lone offenders in small groups is
also magnified by the phenomenon of returning foreign terrorist
fighters. Some of these battle-hardened fighters move on to new
battlefronts. Some may return disgruntled and disillusioned.
Some are sure to return intending to do harm.
The 2015 National Terrorist Financing Assessment Risk notes
one case from Houston of an individual who planned to travel
abroad to fight with radical groups in Syria by using an
expected tax refund to cover his expenses. The same types of
simple funding could also underwrite attacks at home. And this
includes the variety of trends that we need to look at here, as
you have all mentioned, the low cost of attacks, one particular
issue. The self-financing is another. That can be using your
own salary. And there is nothing at all suspicious about that.
It could be small-scale crime. It could be borrowing money from
family or friends, either with or without the knowledge that it
intends to do some harm.
Just last week, an Uzbek man in Brooklyn pled guilty to
conspiring to provide material support to the Islamic State in
a related case. There are legal and illegal financial loans.
But one of the things I think is most interesting is that
the idea of the lone wolf is actually a little bit of a
misnomer. In more cases, people are ``known wolves'' rather
than ``lone wolves,'' either from what they are posting on
social media or from what they are telling their close friends
and family, or from external activities. External support
continues to be something that is a useful line of
investigation.
Last month, U.S. investigators uncovered an ISIS financial
network that was transferring money to an operative in the U.S.
through false eBay transactions. The recipient, Mohamed El-
Shinawy in Maryland, pretended to sell printers on eBay as a
cover for the payments he was receiving through PayPal and
Western Union for operational purposes in the United States.
The U.N. Security Council has reported that despite
military pressure and falling revenues, the ISIL core continues
to send funds to affiliates worldwide using a combination of
money or value transfer services and the transport of bulk
cash. This transferring of money is an opportunity for us, even
with small-scale incidents.
The U.N. Security Council report goes on to note that the
ISIL core has sent money to places where it does not have
affiliates, which, according to a member state assessment, is
an attempt to prepare for its eventual military defeat in Syria
and Iraq. In other words, not only is ISIL preparing to move
funds to its other provinces, it is also moving funds to other
places where newly inspired followers or returning foreign
terrorist fighters can use or access ISIL funds to carry out
attacks. Australian officials report similar issues.
The bottom line is that countering homegrown financing is
not something new. The 9/11 Commission Report specifically
talked about how, while terrorists have shown considerable
creativity in how they move money, we have had some success.
But over time, if some of their terrorist operations do not
require as much outside money that may--they may be more self-
funding either through legitimate employment or low-level
criminal activity.
We should have anticipated this coming. And, therefore,
there are several things that we could be thinking about. The
first is that lone offenders and small groups still need money.
And despite the challenges noted above, even the Financial
Action Task Force (FATF) underscores that their need for money
means we have opportunities.
Consider the case of Dhiren Barot in the U.K., where
financial trails played one small part in identifying who he
was. He was only known as Musa al-Hindi and was thwarted in his
plot several years ago to blow up a limousine filled with gas
canisters in the City of London.
Second, the private sector has access to tremendous
financial information and can be better positioned to act on it
and share it with us if we provided them greater insight.
Now, in the U.S. Government, we do this type of thing all
the time. We assess and reassess what the trends are. FinCEN
does this all the time in terms of updating its automated
business rules that develops in terms of how it and its
partners search Bank Secrecy Act information. There is a lot
more that we could be doing here. And a great example is the
U.K.'s joint money laundering intelligence task force. That is
a great example in the U.K.
And finally, financial intelligence is not going to solve
all of your problems. There will be some cases in a true lone-
wolf situation where someone has no connectivity to others and
is taking money out of their own bank account, and this
particular tool set will not be as effective.
But financial intelligence continues to surprise. In one
instance, financial intelligence helped the U.S. Air Force
determine what oil refineries to target in Iraq and Syria. And
so, we should not rule this out as a tool that will no longer
be effective. We just have to find new ways to partner with the
private sector to make it as effective as possible.
Thank you very much.
[The statement of Dr. Levitt can be found on page 48 of the
appendix.]
Chairman Pearce. The Chair will now recognize Mr. Moreno
for 5 minutes.
STATEMENT OF JOSEPH V. MORENO, PARTNER, CADWALADER, WICKERSHAM
& TAFT LLP
Mr. Moreno. Chairman Pearce, Vice Chairman Pittenger,
Ranking Member Perlmutter, and distinguished members of the
subcommittee, thank you so much for the invitation to appear
before you today. It is truly an honor to be part of this
discussion.
Since the attacks of September 11th, we have been largely
successful in preventing the next catastrophic attack, and have
prosecuted hundreds of financiers, facilitators, and charities
for supporting terrorism. However, as pointed out, identifying
and preventing lone-wolf or small-scale terrorist attacks
presents a unique set of challenges. Lone-wolf attackers are
typically self-radicalized with no direct connection to an
organized terrorist group. With minimal training and
coordination, they can carry out a mass shooting, detonate
explosives, or drive a vehicle into a crowd of civilians.
These attacks are frequently self-funded at amounts often
considered too small to detect solely through the tracking of
financial transactions. But studies show there is almost always
some identifiable behavior leading up to a lone-wolf attack,
whether it be an online manifesto, training, reconnaissance, or
the acquisition of weapons or other materials.
Knowing this, we must continue exploring ways to identify
these behaviors before an attack takes place. First, we should
take a hard look at whether we can better utilize our existing
prosecution tools and financial reporting framework. The Bank
Secrecy Act criminalizes the act of money structuring or making
transactions under $10,000 to cause a bank to fail to report
that transaction to the Federal Government. Structuring
prosecutions and the use of asset forfeitures have come under
criticism in recent years due to cases where the funds of law-
abiding citizens were seized, and they were left fighting to
get their money back.
As a result, both the IRS and the Department of Justice
have taken the position they will focus only on structuring
cases that involve significant criminal activity. The problem
with this approach is that it focuses only on where the money
originates, not on where the money is going.
If a person is making multiple withdrawals of just under
$10,000 within days, or withdrawals from multiple bank branches
or multiple ATMs on the same day, for example, they are
probably trying to hide what they plan to do with that money.
We should also examine how we utilize suspicious activity
reports prepared by banks and other financial institutions. We
need to explore better technology to flag small transactions
that may be indicative of illicit use, such as artificial
intelligence systems designed to detect suspicious activity in
real time.
At the same time, we need to make sure that joint Federal
and local SAR review teams have the personnel and funding they
require to get through and follow up on the tremendous volume
of reports they receive each year. The suspicious activity
reporting process is seriously impeded if the reports are not
actually reviewed and acted on.
Second, we need to look at ways that would-be attackers
anonymously solicit, move, and spend money. If we were having
this conversation 15 years ago, we would focus primarily on
hawalas, cash couriers, and charities.
Now, new payment methods such as virtual currencies, crowd-
funding technologies, mobile payment applications, and online
peer-to-peer payment systems provide persons with ever-
expanding methods to raise and move funds anonymously. As these
technologies develop, we must ensure that our reporting
requirements keep pace.
Another emerging issue is the proliferation of pre-paid
cards. Today, anyone can go into a supermarket and buy packages
of pre-paid cards in cash which can be used to purchase
virtually anything. You don't even need the physical card to
make a purchase. Individuals can cut and paste the account
number, expiration date, and security code into an email or
text message and effectively transfer that purchasing power
anywhere in the world. By doing so, they effectively convert
their cash to a form of anonymous buying power, significantly
working around the financial reporting safeguards that apply to
traditional credit and debit cards.
Finally, we should consider other methods to address this
issue. There have been proposals to regulate various types of
consumer products commonly used in attacks, such as ammonium
nitrate. Tagging agents currently required for plastic
explosives could be required for use in gunpowder in bullets
and fireworks to help trace those products after an attack.
Data on the purchases of items such as pressure cookers, diesel
fuel, and other products could also be collected and tracked.
At the same time, we must continue aggressive surveillance
and infiltration of websites and social media used to spread
propaganda, raise funds, and incite violence. And operators
such as Facebook and Twitter must be pressed to enforce their
terms of service and close accounts that are used to incite
illegal activity.
Just as we strive to cut off terrorist organizations from
financial systems, we must also make it as difficult as
possible for them to use the internet to finance and coordinate
attacks.
Finally, many lone-wolf attackers, at some point,
demonstrate indicia of depression, paranoia, or violence prior
to an attack. In most communities, the only option for
reporting someone is to call the police or the FBI. If there
was a mechanism for some sort of mental health intervention,
concerned friends and family members may be more willing to get
that individual the help they need before they go down the path
to violence.
I fully acknowledge that each of these options comes with
costs, both to taxpayers and consumers and to individual
privacy. And these costs must be weighed against the likelihood
these activities would, in fact, be effective, either as
prevention and disruption, or for criminal prosecution after
the fact.
Addressing the threat of lone-wolf and small-scale
terrorist attacks presents many challenges, and I applaud this
subcommittee for taking on this difficult issue and opening up
this bipartisan dialogue. And I stand ready to answer any
questions you may have.
Thank you, sir.
[The prepared statement of Mr. Moreno can be found on page
63 of the appendix.]
Chairman Pearce. Thank you.
And the Chair will now recognize Mr. Hughes.
STATEMENT OF SEAMUS HUGHES, DEPUTY DIRECTOR, PROGRAM ON
EXTREMISM, THE GEORGE WASHINGTON UNIVERSITY
Mr. Hughes. Thank you.
Chairman Pearce, Ranking Member Perlmutter, distinguished
members of the subcommittee, it is a privilege to be invited to
speak on the threat of extremist financing in the United
States.
Extremism inspired by jihadist groups, like al-Qaida and
ISIS, remains a potent threat to the United States. Since 2014,
133 individuals have been charged with ISIS-related activities
in the United States. The vast majority of these individuals
are U.S. citizens, speaking of a threat of homegrown terrorism.
While violent plots often garner the most attention, a
broad swath of cases demonstrate the enduring relevance of
finance-related activities by jihadists in the West.
This testimony concerns ISIS-related extremism, but there
are other extremist organizations that pose a threat to
national security. Recently, the FBI and the DHS issued a joint
intelligence bulletin stating that actors of the white
supremacist extremist movement will likely continue to pose a
threat of lethal violence within the next year.
Despite these concerns, few studies to date unpack the
financing of domestic extremism groups. There are significant
differences between financing schemes utilized by domestic
extremists and their jihadist counterparts.
Funding a designated terrorist organization is a criminal
offense under the material support statute, whereas there is no
statutory designation for domestic extremist groups. The result
is domestic extremist groups are not under the same pressure to
disguise their funding as foreign terrorist organizations.
However, I will focus primarily on my testimony on ISIS.
The activity of ISIS here in the U.S. ranges from individuals
using cryptocurrencies online to coordinated clusters
supporting actors abroad. Impactful terrorist attacks do not
require large sums of money, but, rather, low-level costs such
as plane tickets, guns, or rental cars. In this way,
participation in terrorist organizations is easier than it has
been before. For counterterrorism practitioners, detecting
suspicious financial transactions is difficult. Modern
terrorist financing entails a range of behaviors that disguise
illicit activity or circumvent detention altogether.
A brief review of the ISIS and America cases highlights the
diversity of the modern-day terrorist financing. In one type of
scheme, individuals, or groups of individuals, crowdsourced
moneys for foreign fighters who were already in ISIS-controlled
territory. One illuminating example is a case of a husband-and-
wife team in Missouri who raised money for the Bosnian
Diaspora, and then gave that money to a high-ranking Bosnian
American ISIS commander.
Another type of financing is where individuals or groups
garner resources to fund someone to travel overseas. This form
of activity was especially common when traveling to ISIS was
easier. Matt mentioned the case of a young man from Brooklyn
who was financing two people to go join ISIS. In Minnesota, we
had three men who were using fraudulent student loans to fund
their travels. However, in the case of the terrorist attack in
San Bernardino, the attacker allegedly used legal financial
loans to acquire the money necessary to purchase weapons. And
sometimes it is a back and forth. Sometimes ISIS is the
instigator for funding. A good case of that is Mohamed Jalloh
in Virginia, or Aaron Daniels in Ohio, who were giving money to
al-Sudani, an external ISIS commander, to fund his attacks.
One of the most striking cases of ISIS-related financing in
the U.S. is that of Mohamed Elshinawy. Elshinawy was working
with an ISIS commander in Syria. That commander gave him money
through a series of U.K. shell companies, and then funded the
money through Maryland so he could get enough funding to attack
the United States. All told, he got about $8,700 before he was
arrested.
The review of the cases reveals four broader trends in the
terrorist financing and counterfinancing programs. First,
government regulations is not the only approach to deter
extremists. A public-private partnership of best practices can
sometimes augment a government-led approach.
Second, countering violent extremism programs should target
violent extremists of various ideological shades, not just the
Omar Mateens of the world, but also the Dylann Roofs.
Third, financing has largely become decentralized, as
illustrated by the Maryland case. Terrorists now have a
multitude of online platforms to exchange funds. Additionally,
relatively small transactions are unlikely to draw attention,
allowing terrorist finances to hide in plain sight.
Lastly, initiatives aimed at detecting and disrupting
finance-related activities should account for emerging
technologies, whether it is violent extremists that mark their
transfers in cryptocurrencies, or hide their funds in plain
sight, committed terrorist actors are clearly willing to take
the road less traveled to advance their aims.
Thank you very much for your time, and I look forward to
your questions.
[The prepared statement of Mr. Hughes can be found on page
38 of the appendix.]
Chairman Pearce. The Chair now recognizes Mr. Reynolds for
5 minutes.
STATEMENT OF FREDERICK REYNOLDS, GLOBAL HEAD OF FINANCIAL CRIME
LEGAL, BARCLAYS
Mr. Reynolds. Thank you, Chairman Pearce, Vice Chairman
Pittenger, and Ranking Member Perlmutter. I appreciate the
opportunity to appear before you here today to discuss how the
financial sector and law enforcement can work together to
combat lone-wolf terrorist attacks.
Over my career, I witnessed the critical role that
financial institutions play in the detection and prevention of
money laundering and terrorism financing. Without their
assistance, it would be difficult, if not impossible, for law
enforcement to follow the money.
Recently, we have witnessed the rise of lone-wolf terrorist
attacks. Because these attacks are often inspired by, but
unconnected to larger terrorist groups, the techniques that we
typically employ to track the terrorists are, at times, ill-
suited to this new threat.
When looking to identify the financial indicators of lone-
wolf attacks, the challenge for financial institutions is
threefold. First, lone-wolf attacks are characterized by low-
dollar financial transactions. This makes our traditional
detection and reporting tools less effective.
Second, lone wolves don't exhibit typical terrorist
financing behavior, frequently using their own clean money for
the attack. Or said differently, their financial behavior
blends with the myriad legitimate transactions conducted every
day by law-abiding customers.
Third, financial institutions are currently limited by
domestic laws in their ability to share information between
institutions or even across borders within the same
institution. This can result in financial institutions being
unable to identify normal client behavior.
Given these challenges, how do financial institutions
differentiate between normal customer activity and a customer
planning a lone-wolf attack? Often, a single piece of
information--an account number, an IP address, or even a
telephone number--becomes a Rosetta Stone that allows financial
institutions to correctly identify a nefarious actor engaging
in what might be otherwise innocuous conduct.
While not a silver bullet, continuing to receive these
Rosetta Stones from law enforcement and modernizing the current
sharing system, is critical to the detection and prevention of
future attacks.
A few areas where information sharing could be improved
include: authorizing U.S. financial institutions to share SARs
with foreign branches and affiliates; explicitly expanding the
types of information sharing permitted under the Section 314(b)
safe harbor; deprioritizing the investigation and reporting of
low-value activity and allowing financial institutions to
reallocate these resources to higher value intelligence
activities; encouraging the formation of a U.S. joint money
laundering intelligence task force; and clarifying financial
institutions' ability to discuss the filing of SARs when
working together on a case, and encouraging them to jointly
file a SAR.
I would like to take a moment to illustrate the power of
information sharing by discussing an investigation that
Barclays conducted after law enforcement alerted us to an IP
address that it believed was connected to a terrorism suspect.
Using this IP address, Barclays identified Mr. A, who was a
student. Mr. A received money from a variety of sources,
including over 522,000 pounds from Mr. C, 10,000 British pounds
from Mr. J, and 4,000 pounds from Mr. C.
Through further network analysis, we identified that Mr. C
was part of a broader funding mechanism for potential terrorist
activities. Additionally, we found that in addition to funding
Mr. A, Mr. J also funded Mr. M, whom Barclays had previously
tracked and reported as a potential foreign terrorist fighter.
In Mr. H and Mr. B, whom Mr. A also funded, both had
characteristics of foreign terrorist fighters. Perhaps most
interestingly, we determined that Mr. A transferred money to a
heavy machinery company that makes oil field placement parts.
From one IP address, we were able to identify related
individuals who may have funded multiple foreign terrorist
fighters, purchased oil-filled parts, and had links to others
who were also funding or supporting suspected terrorist
activities. While not every IP address will yield such
potentially significant results, this case illustrates the
power of the public-private partnership.
Before I close, I would be remiss if I did not address the
very real issue of customer privacy. Barclays takes our
customers' privacy interests seriously. And rather than cast an
impossibly wide net that includes data from millions of
innocent customers, targeted information sharing allows us to
focus on the few high-value cases where true national security
risks are present. Moreover, by increasing our understanding of
these transactions, it will allow us to discount alerts that
would otherwise turn into SARs, because we cannot understand
the purpose of the transaction. So while at first it seems
counterintuitive, robust information sharing actually enhances
individual privacy, though admittedly not for the lone-wolf
terrorist.
Financial institutions want to get this right. We are
committed to ensuring that terrorists do not use our
institutions to fund their activities. But we cannot do it
alone. We need to be able to share and receive information both
from law enforcement and between financial institutions to be
most effective in identifying terrorist financing.
I would like to, once again, thank the subcommittee for the
opportunity to speak on this important topic as well as for its
continued engagement on this important national security issue.
I look forward to your questions.
Thank you.
[The prepared statement of Mr. Reynolds can be found on
page 71 of the appendix.]
Chairman Pearce. Thank you, each one of you, for your
presentations today.
The Chair will now recognize himself for 5 minutes for
questions.
Mr. Reynolds, you appropriately, at the end of your
presentation, talked about the need for privacy concerns and
special people who are uninvolved.
How do you see that playing out in our attempts to detect
and deter? Tell me a little bit more about that?
Mr. Reynolds. I think it is a great question, Mr. Chairman.
And I think that in many ways, we have to balance, obviously,
customer privacy and some of the new technology that we have to
exploit data.
One of the reasons why I am a great supporter of increased
information sharing is because I think it allows financial
institutions, first and foremost, to target particular
individuals, or particular cells or groups, and to do network
analysis that is a great benefit to law enforcement.
So, again, rather than casting a very broad net, it allows
us to really focus on the individuals who are of most concern
to law enforcement which, in my view, helps protect customer
privacy.
Second, especially in the United States, very often because
of the way the rules are structured, where an institution
cannot discern, really, from what is in front of it, the
lawful, or commercially reasonable purpose for the transaction,
very often by default, you have to file a SAR. So in my view,
very often institutions have to file SARs on cases where, if
they had additional information on that particular customer,
that particular transaction, they very well might not file that
SAR. So I do think it both enhances our ability to focus on
those suspects that present the greatest national security
issues, but also allows us not to file on customers whom, I
think with just a little more information, we could probably
understand the point of the transaction and, therefore, we
wouldn't need to file a SAR.
Chairman Pearce. And on page 3, Mr. Reynolds, in your
testimony, you talk about the need for financial institutions
to be able to receive and share information.
In your opinion, is that sharing going on currently, or do
we need a change in law, a change in regulations? And if the
sharing is ongoing, do you think that it is not enough or--give
me a little bit more flesh there, if you can.
Mr. Reynolds. Sure.
So it currently is going on. I would have to say that I
think our law enforcement partners are working very hard, most
especially the FBI, at sharing information. So I do want to
give credit where credit is due. I do think there is a great
amount of sharing that goes on. I think, though, that, really,
we could do more. And I think if we had more targeted sharing
we would do better.
On Section 314(b), I think that is where we probably do
need either a regulatory or a legislative fix. Currently, under
the regulations and law, institutions can only share where
there is a suspicion of money laundering or terrorism
financing. So what that essentially means is, once you have
already detected something you have decided is suspicious, that
is the point when you are really allowed to share.
Really, in my view, we need to back that up, because some
of the benefit to sharing is actually detecting the activity in
the first place. I think if you look at lone-wolf terrorism,
like we are looking at here today, this is a great example
where if we moved that sharing line back and institutions were
allowed to share at an earlier stage, I think we would have a
greater ability to both understand transactions, so exclude
innocent suspects, but also focus on those suspects who present
the greatest risk.
Chairman Pearce. Dr. Levitt, if you could, I would like
your opinion on the privacy issue also, and how we are
balancing that, and what your long-term concerns would be.
Because typically, in my opinion, we establish a protocol, and
then we try to work up to the edge of the protocol. Sometimes,
we might go over that. And so I would like your insights, if
you could?
Mr. Levitt. I agree completely with Mr. Reynolds that we
have to take the privacy concerns into account in the very
first moment and balance these equally important concerns. I
also think that if we provide more information, we could have
better SARs filing.
It was my experience at Treasury that we would sometimes
find ourselves swimming in a sea of unnecessary SARs. And it
takes time to go through those. So even from the law
enforcement side, from the government side, this has great
utility.
It is difficult, though, because if we do expand the
ability, for example, under Section 314(b), if we move the
needle earlier in the process as the baseline, so you are going
to be opening up more accounts to potential investigation on
the potentially negative side. The potential positive side is
that you will be in a better position to rule out the people
that you don't really need to be looking at. But you could be
looking at a larger number of accounts in the first instance.
And so I think we need to be clear about what it is we are
concerned about with privacy.
I think the biggest thing is how that information is
handled. What is the purpose of looking, how you look, what is
done with that information as opposed to, in that first
instance, how strong is the baseline for the look. Because I
agree, right now the baseline is such that if you don't already
have a money laundering or terror financing concern, you can't
look. And for the purpose of lone offenders or lone wolves,
that is a little bit too late.
Chairman Pearce. Thank you. My time has expired.
I now recognize the gentleman from Colorado, Mr.
Perlmutter, for 5 minutes for questions.
Mr. Perlmutter. I want to follow a similar line. Mr.
Reynolds, Mr. Hughes, you talked about public-private
partnerships. And, Mr. Reynolds, you gave us the example of Mr.
A, Mr. B, Mr. C, Mr. D, Mr. H, and Mr. J. But it all came off
of one IP address that was delivered to you.
So explain to me--are you expecting something from law
enforcement to help you focus? Because basically, this was
coming from probably--and I think, Mr. Hughes, you talked about
it--some social media statement or something that tipped off
law enforcement to help you focus. So is that what you are
expecting from the FBI or somebody?
Mr. Reynolds. I think that is absolutely right,
Congressman. In this case, it was an IP address that was given
to us. And what we found is, while the bank--and I won't speak
for every bank, but I think most banks have strong programs and
work very hard to detect these on their own.
What we have found is that, where we are given that piece
of information, whether it is an IP address or a phone number
or a name or an account number, very often it is that initial
thread that we are able to pull that really allows us to do
some very, very exciting network analysis and allows us to
really build out the network. Because, again, when you are
talking about lone-wolf terrorists, very often, their activity
looks very much like a normal consumer.
Mr. Perlmutter. Would it have made any difference? In your
example, you said that one of the transfers was for 522,000
pounds. If it were a smaller amount, would you have not been
tipped off?
Mr. Reynolds. No. I think, actually, we would have still
found that. The 522,000, to be clear, was not one transfer, it
was multiple transfers over time. So what we did is we
essentially started from Mr. A, who was the initial person we
detected using that IP address, and then started to build out
using other factors, and looked and really built the network
out for Mr. A, and then found a lot of the actors. And then it
jumped to--as you can see in the chart, there are various parts
of the chart, it is quite large. In fact, we sort of condensed
some of it to make it fit on one page.
But at the end of the day, we found, actually, multiple
groups that were all in concert and acting together. We saw
links between them, whether it be addresses or transfers. And
so what we were able to do to the--this was the U.K. Government
who had given us this information--we were able to then turn
back to the U.K. Government and give them a chart. And, again,
we obviously don't have visibility into exactly what these
individuals were doing other than their financial footprint,
but we were able to give the U.K. Government a very clear
picture of what, at least to us, looked like a financing
network. And it really came from that one IP address.
Mr. Perlmutter. Mr. Hughes?
Mr. Hughes. Yes. I think you are absolutely right. In many
ways, you are just looking--law enforcement is going to be a
thread, and you want to pull it to see how big the sweater is,
right? And so you are looking for law enforcement to give you
something that is going to give you leads.
I would note, though, when you look at the actual homegrown
terrorism attacks, the successful attacks, the overwhelming
vast majority were already on the FBI's radar prior to attack.
And so it is not necessarily the lack of information. It is the
lack of the ability to act, and sometimes people haven't
crossed the legal threshold. Sometimes the FBI doesn't have the
resources to run things down. And so I think that is where the
public-private partnership comes into play.
So going to Barclays and saying, I have this, I know there
is something there. You have some resources there. Can you help
me pull this thread a little bit more? I think that is where we
play a role.
Mr. Perlmutter. All right. Mr. Moreno, I want to switch to
domestic terrorism for a second, because you talked about that
and the difference between the laws available for detecting a
foreign kind of financial assistance versus domestic. And I am
thinking of Timothy McVeigh and Terry Nichols blowing up the
Murrah Building in Oklahoma City.
So I don't know how much that ammonium nitrate, or whatever
it was he packed into that truck cost him, maybe you guys have
some estimate, but how--I am worried about those guys too--
would you say we can best stop that murderous act?
Mr. Moreno. Yes, sir. I think that the approach for
domestic attacks is a bit different. I know there has been talk
about potentially criminalizing or creating a proper Federal
crime for domestic terrorism versus just what we have now,
which is basically application of State and Federal law.
As far as the ammonium nitrate from the Oklahoma City
bombing--we have had DHS-proposed rules for about 10 years now.
The fact is that we just haven't seen a lot of further
explosives attacks with ammonium nitrate use. So I think in
each one of these cases, we really have to balance the costs:
the cost to the government; the cost to the consumer; and the
cost to people's privacy. People do not want to be tracked. And
are we going to be running down every time someone goes to Home
Depot and buys fertilizer versus a significant purchase of
product used in an attack like that?
So, I think in each case, we have to take the lessons
learned from the attack and figure out how much we are willing
to invade the privacy of consumers versus the potential for the
use of that same sort of material in a future attack.
Mr. Perlmutter. Thank you.
Mr. Chairman, I yield back.
Chairman Pearce. The gentleman's time has expired. And the
Chair now recognizes the Vice Chair of the subcommittee, Mr.
Pittenger, for 5 minutes.
Mr. Pittenger. Thank you, Mr. Chairman.
Mr. Reynolds, from your experience at FinCEN, how many SARs
report were filed each year?
Mr. Reynolds. It is very significant. I don't know the
current total. But I know that about 2 million SARs are filed
each year.
Mr. Pittenger. This is from financial institutions here in
the United States?
Mr. Reynolds. Yes, sir.
Mr. Pittenger. Can you say to what extent or range, from
your experience at Bank of America and at Barclays, how many
reports that you would have to file each year?
Mr. Reynolds. From Barclays, it is probably in the several
thousand. For Bank of America, it is well over 100,000 a year.
Mr. Pittenger. Yes, sir.
And from your testimony, what you have said, that the--if
you had the legal capacity to receive information from the
Federal Government in terms of particular IDs and individuals
that they are pursuing, that would then reduce, in vast amount,
the number of individuals that you are having to send reports
on and give oversight to; is that correct?
Mr. Reynolds. Yes, I would completely agree with that.
Mr. Pittenger. Yes, sir.
So let's look at sharing data between institutions and your
own and other institutions.
While there has been latitude there, is there a restriction
or an inhibition to do that reference to legal concerns? Is
there a need for a safe harbor for institutions to make sure
that they can do this? Is there a gray area there that we need
to clarify?
Mr. Reynolds. There is. Under current regulation, the way
it reads right now is that you have to have a suspicion of
money laundering or terrorism financing. So as one of my fellow
panelists pointed out, at that point, it really is too late
because--
Mr. Pittenger. It's very subjective in some respects.
Mr. Reynolds. It has already happened. It is much too late.
And I think the real benefit of the sharing, whether it is from
the government or whether it is under the safe harbor between
institutions, really comes where institutions can leverage the
power of the data analytics that they have now, and they can
look across the data. And I think, to your point, which I think
is exactly the correct one, is that it both allows us to target
those people who are suspicious, because you can see multiple
sides of the transaction, as opposed to just the side that
Barclays or just the side that Bank of America sees. You can
see all different sides of the transaction. So it allows you to
better target those individuals you really care about.
But likewise, by being able to see all sides of the
transaction, you actually are able to discount a great number
of these SARs that we would otherwise file just simply because
we lack information to discount the suspicion, which really is
the standard, that if you can't discount the suspicion, you
have to file.
And so in many cases, I think we file where, if we knew a
little more, we probably wouldn't have to.
Mr. Pittenger. Yes, sir. I think it is well said.
It is so important for us right now to pull back and take a
full view of how--of assessing this and come up with a
different basis for how we can pursue these individuals. And I
think all of us who cherish our privacies and civil liberties,
we would respect the type of engagement that you have proposed
today.
Mr. Reynolds. Thank you.
Mr. Pittenger. Thank you.
Mr. Hughes, I would like to ask you, with reference to
those who provide material support to lone-wolf terrorists, are
we doing enough to punish them, or are there any gaps that law
enforcement or Congress could address?
Mr. Hughes. In regards to material support, I don't believe
so, because the material support clause is actually quite
elastic and broad-based. So unlike other countries, if you are
driving to the airport to go jump on a plane to go to Syria,
you can get arrested for the drive. And so the material support
clause, right or wrong, gives law enforcement a large latitude
to do that.
We have also seen law enforcement be pretty creative in the
way they do arrests for individuals they may be concerned about
that doesn't rise to a level. A good case is in California, 2
young men got arrested for 26 charges of bank fraud. They were
clearly ISIS supporters through and through. But there wasn't
enough to rise to a material support of the case. So I think
you are seeing that law enforcement, in many ways, aren't
allowing the system to light up in the way they used to,
because they are concerned about these lone-wolf attacks. The
gentleman who stabbed 10 people in Minnesota, right? And so
they are not letting people talk to other people. And they are
closing in earlier on, and so they are more willing to use
forward-leaning prosecutions.
Mr. Pittenger. Thank you.
Thirty seconds, Mr. Levitt. To what extent are foreign
governments involved, in your opinion, in helping fund bad
actors affiliated with or otherwise associated known terrorist
organizations?
Mr. Levitt. State sponsorship is still a very major
problem. It is a separate problem from the lone-wolf or lone
offender problems. To the contrary, we have lots of good
partners around the world. As you heard before, the Barclays
case involves the U.K., where people are trying to work
together with us to deal with foreign terrorist travelers in
particular. But there still are plenty of countries out there,
the Irans of the world, et cetera, that pose significant
problems. But I would argue that is a separate problem.
Mr. Pittenger. Is Qatar a concern to you?
Mr. Levitt. I had the opportunity to testify on Qatar
recently. And, yes, Qatar is a concern. It is also not the only
concern in the region. Some of the issues that have been raised
about Qatar are very substantive, and some of them are not. So
it is a complicated issue. It doesn't fit into a black-or-
white, but there is more that Qatar could do as there is more
that others in the region could do.
Mr. Pittenger. Thank you.
Chairman Pearce. The gentleman's times has expired. The
Chair now recognizes the ranking member of the full Financial
Services Committee, the gentlelady from California, Ms. Waters,
for 5 minutes.
Ms. Waters. Thank you very much, Mr. Chairman.
In the years since 9/11, our Nation has witnessed its share
of attacks by homegrown violent extremists inspired by foreign
terrorist organizations. This includes the San Bernardino
shooters who tragically took the lives of 14 and wounded 21
others, as well as the Pulse nightclub shooter who callously
took the lives of 49 and wounded another 53 innocent victims.
However, as the recent events in Charlottesville, which
took the life of Heather Heyer and two VA State troopers, have
reminded us, extremists radicalized by foreign terrorist groups
are not the only terrorists with the capacity and the will to
target and kill American citizens. Indeed, domestic terrorist
attacks have become more frequent in recent years.
I just took a look at what has happened since 1992: Ruby
Ridge standoff, three killed, two wounded; Oklahoma City
bombing, 168 killed, over 680 wounded; 2009, United States
Holocaust Memorial Museum shooting, one killed, one wounded;
2012, Wisconsin sheikh temple shooting, killed six, wounded
four; 2013 Los Angeles International Airport shooting, attack
on TSA, officer killed, one wounded; 6/2015 Planned Parenthood
shooting, killed three, wounded nine; 2017, Portland train
attack, killed two, wounded one; Charlottesville, car ram
attack, killed 3, wounded 19; and I am worried about these
domestic attacks.
As a matter of fact, I was forced to focus on it a little
bit more yesterday at my office in Los Angeles. One of the
people opening the mail opened an envelope, and a bunch of
powder fell out with a note about me dying and killing Hillary
Clinton, and on and on and on.
This is getting more frequent. And I know that we have
privacy concerns and information sharing and all of that. But I
am wondering, what can we do to get a handle, a fix on these
lone killers? And not simply just throw our hands up and say we
can't really do anything because of privacy concerns. And I am
wondering, particularly at our financial institutions and
banks, et cetera, if questionnaires that do not invade privacy,
but simply ask questions about what the intentions are for the
use of certain money under certain circumstances, and those
people can say whatever they want to, and they can respond in
whatever way they want to. But if resources are used to go out
and commit killings, et cetera, they will have lied on the
questionnaire. And perhaps that can trigger some kind of action
to begin to prevent this kind of domestic terrorism. I think we
should focus a lot on domestic terrorism also.
So I would like to ask again, given all that you have said
about how difficult it is and the privacy concerns, do you have
any thoughts about what we can do to begin to deal with the KKK
and the white nationalists, the extremists, the alt right, they
are on the internet, they are Breitbart. If you look at
YouTube, you see how much they want to kill me and others. What
can we do?
Anybody?
Mr. Hughes. I think there are a couple of things back
there.
First is, I absolutely agree it is not an either/or
proposition. You should be worried about the Omar Mateens, the
Orlando shooters of the world as much as you are the James
Fields and the Dylann Roofs of the world. And I am concerned,
when we look at these issues, that we tend to bifurcate it and
make it into buckets. There are different programs that we
could address on these things.
Domestic extremists tend to use criminal activities in
order to fund their attacks in a way that jihadists don't. So
they are usually more likely to pop on the radar on these
things. There are a number of different organizations that are
doing interventions and spaces on far right and domestic
extremism groups like Life After Hate in Chicago.
Ms. Waters. Thank you very much. I am going to have to
interrupt. I have to yield to Mr. Gottheimer. He has to go, so
I will yield to him.
Mr. Gottheimer. Thank you very much.
I want to recognize the program on extremism for bringing
light to the recent report that a senior ISIS official used
eBay and PayPal to funnel a terrorist in the United States.
Today, I am writing to FinCEN to urge them to take
additional steps to curb money laundering and suspicious
financial transactions online. As technology advances and lone-
wolf terrorists continue to innovate, how can Federal
enforcement efforts keep pace to crack down illicit use of new
transaction methods? And I am open to anyone responding.
Mr. Levitt. I will just say in brief, because no one else
was lighting up, that that is actually a success case. I mean,
that gentleman was stopped. That means of transfer, as
sophisticated as it was, was identified. I would not cite that
as a case of, oh, my God, we need to do more. I would cite that
as a case of, they are trying to get sophisticated. We are
pretty sophisticated, too. We were on top of that. We thwarted
that case.
But your overall point is absolutely on target. And that is
the whole purpose of this hearing, I think, to figure out how
we can fine-tune our tools in those cases which are the
exception to prove the rule, which is to say that they truly
are lone wolves, where they are using their own money or they
are taking out a loan legitimately, or doing some type of crime
that might not come on our radar. These are the cases that are
really different.
For the vast majority of other things, we have pretty good
systems in place. They can be fine-tuned in various ways to
facilitate better sharing within the financial community
between government and financial services. We have been talking
a lot about government providing information to banks. That is
very important. We also need to talk about the information that
banks see so they can provide usable SARs to investigators.
But what is different here is, what do we do about those
cases where someone is taking $50, a knife out of the drawer,
$2,000. And the answer is, we are going to have to couple this
toolkit with a whole bunch of others, including old-school
HUMINT and basic investigations, because this is not going to
solve all our problems. There will be cases where finance is
not going to be the biggest part of our toolkit.
Mr. Gottheimer. Thank you.
Chairman Pearce. The gentlelady's time has expired. The
Chair now recognizes Mr. Rothfus for 5 minutes.
Mr. Rothfus. Thank you, Mr. Chairman.
Dr. Levitt, I want to start with you. Mr. Reynolds had
talked about a case where law enforcement came to Barclays, I
think with an IP address, and so that the investigation was
able to go forward on that basis.
Can you think of any information not currently available to
law enforcement that might allow authorities to identify lone
wolves if financial institutions started gathering that
information? Again, in the case that Mr. Reynolds cited, it was
the law enforcement that came with the IP address to the
financial institutions. But can you think of other information
a financial institution might be gathering that would help in a
detection?
Mr. Levitt. In advance of this hearing, I gave this a lot
of thought. And the simple answer is, I don't yet have a great
answer. Because most of the activity, as you have heard my
fellow panelists say, that we are talking about in a true lone-
wolf situation, is going to look completely innocent with the
exception of someone who engages in crime or misfiles or lies
on a loan application where we might find out about them for
other purposes. But someone who just takes out money from their
bank accounts, or gets a job for a couple of months or asks mom
or dad or a sister or whomever for funds, that is going to be
very, very hard to track.
The only thing I can think of is this: We need to take a
close look at the very granular, detailed information that we
collect, the type of thing that makes the analysts really
excited, right? The email address, the phone number, the
driver's license number, and more recently, the IP address. Are
there other types of things that we could be collecting that
would actually be useful, not collecting for collection's sake?
I think a lot of people were surprised about how incredibly
powerful the IP address could be as a tool, and especially at a
time when people might be lone wolves, but will still say
something on social media.
Mr. Rothfus. Mr. Moreno, you identified a number of types
of financial services that the lone wolves utilize. I think you
mentioned the pre-paid cards and other things. Is there a
favored type of financial services that lone wolves use?
Mr. Moreno. Sir, I don't know if there is any one favored
method, but there is certainly a buffet of options that are now
at the disposal of folks, that weren't there even 5 years ago.
And I think really the point is, if people think they can move
money, solicit money, raise money, in a more anonymous fashion,
then they will try to do so.
Mr. Rothfus. Would it not lose some anonymity, though? The
case you cited, I think we could take the payment card
information and send it via text. I guess if you have a throw-
away phone, you can maintain anonymity there. But it would put
some fingerprints on it, wouldn't it?
Mr. Moreno. It would, sir, yes. But I think there are
additional steps. So, for example, for pre-paid cards, we can
put limits on how and what can be purchased with those types of
pre-paid cards. People can buy packs of 4 or 8 or 12 of them
and put together a few hundred dollars. Or if we said that you
can only use those types of cards in certain retail storefront
locations and not online, or if you could not aggregate them
and buy expensive items, or if you needed the physical card,
and perhaps a chip with it. I think there are some reforms we
can do to sort of plug those gaps. And I think we can look at
those types of plugging actions in all varieties of these new
kinds of emerging ways of payment. But I think really the key
is to shine light on who is using this, both as a deterrent, so
people don't think they can get away with these sorts of
transactions anonymously, but also as a way to prevent and
prosecute after the fact.
Mr. Rothfus. Mr. Reynolds, we talked a little bit about
that suspicious standard in 314(b). Can you give some examples
of activities that might be detected by earlier information
sharing if not for that standard in there?
Mr. Reynolds. Sure. Let me give an example that we have
seen in other cases. I saw this when I was on the government
side, but I think it would be equally applicable to terrorist
financing. You may have a person who, for instance, would have
a bank account at bank A, and there is money going in and out
of the account, nothing terribly suspicious. So if you just
look at that, if a person who works at sort of a mid-level job,
the pay coming in looks commensurate with the job, so there is
no reason to look at that account again. If I then told you
that in addition to having an account at bank A, this person
had an account at bank B, C, D, E, and F, and we saw money
coming into all of those accounts as well, suddenly that person
is incredibly suspicious. But this is exactly the sort of
information that you could not share currently.
Mr. Rothfus. Would there be a limiting principle, though,
for a financial institution as it does this kind of information
sharing, if it is not a suspicion standard?
Mr. Reynolds. So, again, I think in the law, the definition
of ``suspicious,'' obviously, is very technical in the law. And
what I would argue is certainly to the extent that you don't
have a need to look at a customer, then I don't think you
should be looking at that customer. And certainly, in my
experience, that has been the rule that everyone lives by. What
I would say is that I think that there are some opportunities.
If you are using larger data sets, you don't actually have
people looking at that data. So the data itself is sitting
there. But it is not something that people are going through.
No one is looking at it. No one is saying, oh, I saw that Mr.
Reynolds likes to buy comic books, and he has spent $500. There
is no one actually looking at that. What it is, instead, is it
is algorithms that are running across the data. And one of your
algorithms may be, for instance, to look for an individual who
has these certain financial parameters and has five or more
accounts across institutions.
Now, there may be a very good reason that person does and
it could be quickly discounted by an analyst. But I would
suggest that is the sort of thing that you would want an actual
human being to then look at and determine, okay, this looks out
of character for this person. This is not what we would expect
for this particular customer. So let's look a little closer and
understand, why do they not look like everyone else? And I
think that is the fundamental point that we are talking about,
is that thread, whether it is provided by the government or
provided by big data, that thread to pull on.
Chairman Pearce. The gentleman's time has expired.
The Chair will now recognize Mr. Lynch for 5 minutes.
Mr. Lynch. Thank you, Mr. Chairman. And I thank the ranking
member. I want to thank the witnesses for your help as well.
Some of you are frequent flyers to this subcommittee. So I
really appreciate it.
With respect to lone-wolf and individual-actor events, I
worry that we are not using the right tools. There is that old
saying that when the only tool on your tool belt is a hammer,
everything starts to look like a nail. And so we have a fairly
robust financial services community that is highly regulated.
We have the USA PATRIOT Act. So we have those tools that we can
use to try to track organizations and how they are funding
terrorism.
I am not so sure that is applicable with individual actors,
though. I can say that the cases that I have been most familiar
with, the Marathon bombings and a couple of other so-called
lone-wolf attacks that have come before the committee. It was
really behavioral abnormalities that really presented
themselves. And in looking back, those were the things that
sort of--would have raised the red flags, not--well, there was
one case where the gentleman purchased a large knife. But even
that was fairly--in retrospect, it looked serious. But when it
happened, it probably wasn't.
Mr. Hughes, you appeared before the subcommittee when we
talked about deradicalization. And some of those approaches,
better communications with our folks in the Muslim community,
mosques. We had a couple of cases where the imams said that an
individual was acting out and was a security concern even
within the mosque. Those type of reporting events are probably,
in my mind, more applicable to the individual cases than trying
to look at somebody's bank account and figure out what they are
doing there. Are you of the mind that doing this, from a
financial standpoint, is the best way to get at these
individual actors and so-called lone-wolf terrorists? Anybody?
Mr. Hughes. Let me jump in, and then maybe my colleagues
can join in, too. I tend to believe that the financial reviews
are probably going to be later on in the investigation. And so
the case that you had mentioned, the young man in Massachusetts
with the large knife, he was also talking to Junaid Hussain in
Raqqa. So that is your red flag. And the issue becomes that he
hadn't crossed the legal threshold. So there was a full
investigation, but not enough to arrest. And so there is not a
safety net to kind of veer these folks towards disengagement,
deradicalization, the stuff Mr. Moreno talked about. There is
no ability for the mosque in Boston to send those two folks
somewhere else. And until we figure that out, that is actually
the gaping hole. If you talk to the FBI, they are saying, ``We
don't have enough men and women to sit and run 8-hour shifts
outside of a kid's house until they turn 18.''
Mr. Lynch. Right.
Mr. Hughes. So I need to have different tools. Because I
really want to focus on the guy that I am really worried about
in Indiana, but I can't, because I know this guy in Boston is
also concerning. So we have to provide some non-law-enforcement
off-ramps to both law enforcement but also communities to build
those partnerships. And you are absolutely right. In about 60
to 70 percent of the cases, depending on how you look at the
studies, there is a bystander effect. People see something
concerning but don't know what to do with it. And so they are
watching this train wreck happen in slow motion. And we as a
Federal Government, and we as community partners, have not
provided any kind of tools and responsibilities for folks to
deal with this.
Mr. Lynch. Anybody else? Mr. Levitt? Dr. Levitt, I'm sorry.
Mr. Levitt. That is fine. The only one who cares about the
``Doctor'' is my mother and--well, maybe she is watching. Thank
you.
Mr. Lynch. Well, that is important then.
Mr. Levitt. From Massachusetts, she cares.
Mr. Lynch. There you go.
Mr. Levitt. Look, the first thing to say is that these are
not mutually exclusive. The question isn't, do we do financial
lines of inquiry or do we work with communities to try and off-
ramp people who can be off-ramped, and do other things for
people who can't, but work with communities who are there on
the ground and have that--of course, we do all these different
things. And in different cases, different tools will be
applicable. I think what we are going to find is that in the
case of lone or--because this bystander effect may be a little
bit more known--wolves, what we are going to find is that
financial information or intelligence is not going to be the
panacea, but it will be a piece. It will plug a hole of
something. It will help make a link. It will help contribute to
a link chart. And while we would love for all of this to be as
preemptive as possible, sometimes it won't be.
Mr. Lynch. Right.
Mr. Levitt. But the financial piece will almost always be
really important in the post-blast of what happened. So if you
look back--I was the government's expert witness in the Boston
Marathon case. There is a financial piece there too. And that
is always very important. So it is not a question of either-or.
It is just leveraging all of them, and that is why I keep
saying there is going to be a financial role in this, and there
is more we can do. But at the end of the day, the true lone
offender, whether from a foreign ideology or domestic ideology,
and those are both terrorists who need to be dealt with, we
have to use our entire tool kit. And money is not always going
to be the strongest tool for some guy who is just taking a
couple hundred dollars out of his or her bank account.
Chairman Pearce. The gentleman's time has expired.
Mr. Lynch. Thank you. And I yield back. I thank the
chairman.
Chairman Pearce. The Chair will now recognize the gentleman
from Colorado, Mr. Tipton, for 5 minutes.
Mr. Tipton. Thank you, Mr. Chairman. It's a complex issue,
when we are talking about trying to be able to track anything
from somebody who wants to be able to buy a knife to someone
who wants to buy ammonium nitrate, how to be able to draw those
together, a $50 purchase versus a $1,500 purchase, to be able
to navigate that and to be able to identify them.
Mr. Levitt, when you were making your opening statement,
said something that I thought was interesting, that the private
sector has a lot of information if we give them greater
insight. And I think you were just alluding to some of that.
But what greater insight can we give to the private sector?
What are going to be the triggers to be able to notify
authorities of what to look for? And to a degree, something
that we haven't hit an awful lot on, how do we still protect
some of those privacy concerns?
Mr. Levitt. The government is constantly looking at other
information that is not available to the public and identifying
trends. Some of those trends could be very useful; some of them
will be less useful. Sometimes the government won't know what
trend is useful until it speaks to the private sector, the
people who are experts in banking and finance, and sees that
they can add something to the conversation and demonstrate
that, well, it is significant in this type of activity, but not
in the other. If we are not having a really ongoing, regular,
and robust public/private dialogue where the government is
saying, here are things we are really looking at, we are really
interested in, and the private sector is saying, okay, great,
here is what we need more from you to be able to give you more
effective SARs, then we are missing an opportunity.
I do think the U.K., as some of my fellow panelists have
pointed out, has a new and interesting model. It may not be
perfect for us. But the National Crime Agency oversees this
effort to have an ongoing discussion and dialogue. Part of that
would have to be, as I think it was Mr. Reynolds who said,
combined with an effort to enable banks to talk to one another
and convince them that it is in their interests as well. But I
do think we need to push in that direction. Because at the end
of the day, we are not talking about $1,500. We are talking
about $50 or $4 or no dollars if you are taking something out
of the kitchen drawer.
Mr. Tipton. Thank you.
And you bring up an important point. Mr. Reynolds, maybe if
you would speak on this a little bit more? You had stated that
Barclays has maybe several thousand SARs reports, I think, and
Bank of America may have a couple of hundred thousand. In terms
of that communication between our financial institutions, is
this proprietary? Is it something that is inhibiting that sort
of conversation from going on? And, also, would you maybe speak
a little bit to knowing your customer in terms of maybe not
making that SAR simply because you know what that customer's
business is like?
Mr. Reynolds. Absolutely. This actually is one of the
restrictions that we labor under right now is institutions
can't discuss SARs amongst themselves. So, for instance, if
Barclays were to file a SAR on company A, and Bank of America
had that same customer, we are actually not allowed, under
domestic law, to discuss with Bank of America the fact that we
filed a SAR, which is somewhat ironic, because probably the
single strongest factor to suggest that a customer may be
suspicious is the fact that you filed a SAR. And that is
actually the one thing you can't talk to your peer institutions
about. So it becomes a very, very delicate discussion where not
only can you not mention a SAR, but you can't discuss anything
that would give an indication that you filed or did not file a
SAR as to that customer. So these discussions are incredibly
technical and very difficult to have, which makes it
increasingly difficult, I think, to share, even when you are
jointly working on a case. Under current guidance, you can't--
for instance, let's say you have been working with Bank of
America under 314(b) on a case, I can't say to Bank of America,
I really think this is suspicious, I am going to file a SAR.
That would be illegal. So that becomes very, very challenging
to share information about that.
In terms of Know Your Customer (KYC), I think you are
absolutely right. My view is that the bank which owns that
customer really has the best opportunity to know what that
customer looks like, what they should be doing, what they
shouldn't be doing, and what looks suspicious. And so if I am
able to speak to another institution who owns that customer and
has the KYC for that customer, they can very often explain to
me very quickly why what looks suspicious to me is actually not
suspicious at all. And so then I am not wasting government time
by filing a SAR, and I am not wasting quality analyst
investigator time further investigating that case.
But, likewise, by getting KYC information from another
institution, I can better understand that customer and I may
actually determine that something that looks ordinary otherwise
may actually be suspicious. So I absolutely agree with that.
But I think that the sharing of KYC information, to the extent
we can under Safe Harbor, is a very effective way to understand
those customers better and determine whether their behavior is
suspicious or not.
Chairman Pearce. The gentleman's time has expired.
Mr. Tipton. Thank you, Mr. Chairman. I yield back.
Chairman Pearce. The Chair now recognizes Mrs. Maloney for
5 minutes.
Mrs. Maloney. I thank the chairman for recognizing me, and
I thank the chairman and the ranking member for holding this
hearing on so-called lone-wolf terrorist attacks. It is
particularly important to me since I have had some in my
district, and, in fact, one about 6 months ago in the Chelsea
area where a homemade bomb went off. It didn't kill anyone, but
it injured many.
So, my question is on terrorism financing. It appears,
according to press reports and other reports I have read, that
terrorists are moving away from the financial system because of
the oversight of the banks, of the know-your-customer
requirements, and are going to bitcoins. There have been
several published reports that criminals used bitcoins to
finance the sale or purchase of sex trafficking victims and
other illegal activities, and drugs, and guns, and other areas.
What is the penalty for using bitcoins in our financial
system to finance criminal activity? Is there a sanction? Is
there a fee? Is there a penalty that is placed on someone who
uses bitcoins for dangerous purposes?
And, actually, Mr. Perlmutter, and Mr. Chairman, we should
look at bitcoins. Because they are escalating forward in our
economy as a way of financing crime, really terrible crimes.
But, what is the penalty for using bitcoins? What is your
knowledge of bitcoins and financing crimes?
Mr. Reynolds. I can start on that. From the penalty
perspective, ma'am, the penalty would be no different for using
bitcoins as for using any other form of currency. So whether it
is cash, wires, checks, pre-paid cards, or bitcoin, the
penalties will all be the same. Bitcoin is considered currency
under U.S. law. So if you laundered money or funded terrorism
with bitcoin, the same penalties would be applicable as if you
did it with U.S. dollars. I think the challenge is that bitcoin
obviously presents a greater ability to remain anonymous,
which, obviously, a wire transfer, a traditional wire transfer,
would not. So I think that is the key difference between the
two. But in terms of penalties, they would be the same.
Mrs. Maloney. Talking about being anonymous, in the
district that I represent, many criminals don't use the banking
system, they just purchase real estate because there are no
questions asked. They have $100 million, or $100,000, or
whatever, and they go buy a piece of real estate, no questions
asked. You sell it, and you have your money to do whatever you
want.
And a number of us have worked on legislation to bring an
accounting for what we call beneficial ownership, that people
should have to reveal the true beneficial ownership. What is
your feeling on that? Would that be a source of combating
terrorism financing?
Mr. Reynolds. I will start again. I am a strong supporter
of the legislation. So I would strongly encourage passing it. I
think it would be tremendously helpful, both to law
enforcement--looking from my law enforcement background, I know
it would have been tremendously useful to have it when I was a
prosecutor--and from a financial institution's perspective. It
would also be incredibly valuable for the work that we do.
Mrs. Maloney. And the The Committee on Foreign Investment
in the United States (CFIUS) bill which looks at foreign
investment from the lens of whether or not it is a threat to
our national security, how do you feel that law is operating?
Do you think it needs to be strengthened? It is a tool to
combat terrorism, and financing, and financial terrorism in
other areas, the CFIUS bill?
Mr. Levitt. I haven't thought about that question for this
hearing because it seems to me it is a slightly different
issue. I think of CFIUS--and I worked in CFIUS at one point in
government. It is incredibly important. But traditionally,
actually, it is something different than terrorism. There are
sometimes terrorism pieces to it. But, overall, it is about
larger issues. And certainly, in terms of the lone offender and
the small scale, I don't know of any case that has come
anywhere the size of something that would be real estate
purchases or FIS. That is a much larger, broader terror finance
question.
Mrs. Maloney. And do you think you could just look at the
transactions in a lone wolf, in a bank, and suspect, this lone
wolf didn't--a pressure cooker, where he put everything in
there and created a pressure cooker bomb. But purchasing these
items would not set off any red lights. And so how can we get
more red lights that would help us track these lone wolves?
Mr. Hughes. There are some programs. The FBI runs
InfraGard, which works with private companies to essentially
set up trip wires to alert folks. So, a good case, Najibullah
Zazi buys a bunch of materials in Denver to build a bomb, and
the local beauty salon, calls the FBI and says, I am a little
worried about this guy. And so to the extent we can kind of
build up those relationships and get that type of public/
private partnership going a little bit more, I think it would
be useful.
Mrs. Maloney. Thank you. My time is up.
Chairman Pearce. The gentlelady's time has expired.
The Chair now recognizes the gentleman from Texas, Mr.
Williams, for 5 minutes.
Mr. Williams. Thank you, Mr. Chairman. And I thank all of
you for your testimony today. We appreciate it greatly.
I will get right into the questioning.
Dr. Levitt, terrorist financing has shifted dramatically
over the years, due in large part to the increased use of
social media that we talked about. In your opinion, where do
you think the future of terrorist financing lies? And what
measures can we take to combat it?
Mr. Levitt. So, in my experience, terror financing is a non
static issue. It is constantly changing. It is changing based
on the actions we take to combat it and to restrict the
environment in which illicit actors can finance their behaviors
and also based on what opportunities present themselves. And
that means it is not always moving in one direction. When the
terror finance tracking program was exposed several years ago,
we saw that--we worried that maybe some terrorists would stop
using the formal banking sector. They still did. But they also
went back old school and they used cash couriers.
If you look at the U.N. Security Council's latest report on
the Islamic State, they, too, have member states reporting that
today, as the Islamic State is on its back heels, it is
increasingly using cash couriers. And so, we have to constantly
assess and reassess, figure out which tools are going to be
most effective. I think that is part of the conversation that
could then be had, or be better had, between the public and
private sectors, not just what is the latest, sexiest thing,
but where on that spectrum are things right now at any given
time.
Mr. Williams. Good.
Mr. Reynolds, from your experience in both the public and
now the private sector, can you explain how the government can
fully investigate and exploit these terrorist networks while
ensuring that the American citizen's right to privacy is
protected?
Mr. Reynolds. Yes. I think the key to that, again, is to
the extent that we coordinate between the public and the
private sector, the way that I always viewed it in the
government is that the public sector tends to have a very good
horizontal view. But they don't always have very good
tremendous depth on any particular customer, or certainly to
their finances, whereas financial institutions have very good
depth. So they have very good vertical, but they lack the
horizontal that the public sector has. I think that if, in a
very targeted way, you can bring together the threats that the
public sector has identified, and bring those to the private
sector, the private sector can then work to expand out those
networks and tell the public sector what it doesn't know.
There were certainly cases that I was involved with over
time where we may have thought we had the ring leader of a
particular--whether it be terrorism financing or whether it be
money laundering. But we thought we had the ring leader. We
brought that to a financial institution who then came back to
us and said, actually, you have a mid-level person, here is
this whole other level to the organization that you didn't know
about, but we were able to determine that they are all
connected because, for example, they used the same device ID,
which meant they used the same iPad or the same computer to
access bank accounts.
So I think that is just one example of where, if you
combine those two pieces of information, I think it both
focuses the efforts so, again, we are not sort of trolling
among millions of customers looking for bad people. We are
really focused on the individuals and the information that we
know credibly has some link to potentially bad activity, and it
will allow us to then, hopefully, move resources away from this
sort of lower value intelligence activities and really focus
them on the higher value, which I think, in my view at least,
enhances privacy.
Mr. Williams. Good. Thank you.
Mr. Moreno, can you explain how law enforcement and
intelligence agencies share information? And do you believe
that the government is proficient in this task or are there
specific areas of improvement that you would recommend? If so,
what would they be?
Mr. Moreno. Sir, I am normally not a person to say, throw
money at a problem and that will fix it. But, as a former
prosecutor, I can tell you that I think we have fantastic
techniques. We have fantastic people. We have great statutes.
However, additional resources in these areas would always be
welcomed.
So, for example, the SAR review process, I can say from my
experience that financial institutions do a great job at
investing in technology and issuing SARs. But there are not
always enough folks to review them. So when they are reviewed,
it could be months afterwards. So in terms of thorough review
of SARs and rapid response to the suspicions that are arisen,
we can always use more people. Joint terrorism task forces are
a great way to integrate Federal, State and local law
enforcement to share information. But they are also often
short-staffed. So in this area, this is a place where I would
say we have a lot of the right tools already. What we sometimes
lack is the resources to implement them.
Mr. Williams. Mr. Reynolds, quickly, we have a small amount
of time here, is there another country that is surpassing the
United States in their ability to target and neutralize
terrorist financing?
Mr. Reynolds. I would not say surpassing, but I think the
U.K. is equivalent to it. And I think the U.K. has some very
exciting now programs and pilots that they are implementing
that I would suggest the U.S. should look strongly at
implementing as well.
Chairman Pearce. The gentleman's time has expired.
Mr. Williams. Thank you, again. I yield my time back.
Chairman Pearce. And the Chair now recognizes the gentleman
from Minnesota, Mr. Emmer, for 5 minutes.
Mr. Emmer. Thank you, Mr. Chairman.
Chairman Pearce. And just be advised we have votes coming
up. We are going to try to get all the questions in before the
votes.
Mr. Emmer. And thanks to the panel for being here today.
Mr. Moreno, and I am probably going to be too general, but
as we talk about what ways we can address the changing threat
landscape, if a terrorist can cause mass destruction casualties
with just a few thousand dollars, I think you would agree that
we can't just lower the currency transaction report
requirement. What, in addition--and maybe you have covered this
several times today--but can you succinctly give me what, in
addition to that, could we do to--is it the algorithms that we
heard earlier that Mr. Reynolds was talking about? How are we
going to get ahold of this thing?
Mr. Moreno. Yes, sir. I don't think that changing the
limits upward or downward is an easy fix. I think, if anything,
you might get more reports but not necessarily better reports.
I think we can downscale what we do, I think, to try to better
focus on transactions that are suspicious even if they are at
the four-figure, or possibly even three-figure level.
Mr. Emmer. And, again, putting in algorithms that identify
specific characteristics of a transaction?
Mr. Moreno. Yes, sir. There is always going to be a manual
review process. But that should be coupled and in parallel with
new technologies, algorithms, artificial intelligence, to flag
these transactions. And I know that banks are already investing
in those technologies. But I think we can always do more to
encourage that.
Mr. Emmer. And, Mr. Reynolds, I wanted to go next to how
can we leverage technology, specifically following up on what
Mr. Moreno referred to, be it artificial analysis, the data
analytics, which you have talked about quite a bit, or
something else to make these suspicious activity reports more
valuable? And I see that--and I should have thought about this
before the hearing when I was preparing. But when Mr. Moreno
said we have to have the bodies to review them too, we forget
that is a huge piece on the back end of it. But just how can we
leverage this technology even better?
Mr. Reynolds. I am a huge believer in the big data and
technology. But I agree with you that it really has to be a
combination of human effort and technology. Technology will
only get you so far. I think the first step is to really use
technology to look for outliers. Because, ultimately, a lot of
these folks are trying to look like everyone else. That is sort
of the point of what they are trying to do. But, fundamentally,
they aren't like everyone else. And so there are, at times,
telltale signs.
Now, it may be that we can't tell the difference without
the law enforcement information. In some cases, we can. And so
I think what we need to do is leverage as much as we can, big
data, to hold together and to recognize that when the BSA
system was formed 40 years ago now, we were paper, no cell
phones, no internet. Now we are high-speed wire transactions,
internet, and paper money is, in many ways, not king anymore.
So I think recognizing that and leveraging the data abilities
we have is key. But then I agree with you. Then I think what we
need to do is try to take those precious resources we have,
which are the human resources, and I think really focus them on
the most important national security issues. I think right now
we are sort of spread across the whole waterfront. In my view,
I think what would be better is to really focus them on the
most serious threats and not spread them against what I would
consider to be the less serious threat.
Mr. Emmer. And I was going to move on to something else.
But what would you define as the most serious threats?
Mr. Reynolds. I think when we are--I would expect, in many
cases, law enforcement would ultimately provide that to us, and
they would tell the institutions what are the most serious
threats. But I think, from my perspective, looking at things
like terrorism, human trafficking, serious money laundering,
serious fraud, cyber activities, those would be the areas where
I would most like to focus resources. And I think if we did
that, I think that we would provide more valuable intelligence
on these national security issues.
Mr. Emmer. That is helpful. When you said it, I was
thinking in terms of size and scope as opposed to the actual--
what the issue was.
Mr. Levitt, I want to go back to the private sector. Can
you talk some more about how we can get more people in the
private sector to first recognize that what they are looking at
is not normal? I think they do. I typically see things that are
out of the ordinary. But we still, I think, are hesitant to
raise the red flag and call authorities and say, there is
something you need to look at here. Are there some other things
we should be doing to try and encourage people in the private
sector to notice or be observant of things out of the ordinary
and report them?
Mr. Levitt. I guess I challenge the premise. I think the
banks are actually quite good at this, and they are quite eager
to be good. If anything, there has been over-reporting of SARs
to be overly cautious. I think the biggest issue is that if you
have--in the truest lone wolf, you will not have outliers. You
will not have telltale signs. There will be nothing to look at
unless law enforcement, for some other investigative angle,
happens to know that there is something going on. And then the
bank can say, well, wait a minute, this guy is only taking out
$100 every 2 weeks, but he has never done that before. And
suddenly $100 is the issue, not--
Mr. Emmer. I see my time has run out. But I would point
out, I am thinking more of this testimony earlier. And I
thought it was you talking about mental health issues, they
exhibit things beforehand, typically, and we have to figure out
a way to observe that and report it. This is what we had
reported in the St. Cloud stabbing. There were mental health
concerns before this incident. And I see my time has expired.
Chairman Pearce. The gentleman's time has expired.
The Chair now recognizes the gentleman from Ohio, Mr.
Davidson, for 5 minutes.
Mr. Davidson. Thank you, Mr. Chairman. And thank you to our
guests. I really appreciate your testimony. And thanks for your
expertise.
Mr. Reynolds, you work in the private sector for a
financial institution. And I am just curious. Barclays is
publicly traded, right? I haven't personally looked at the
annual report closely enough to know, but how much do you
actually spend on reporting for suspicious activity? Just how
much of that annual budget goes to this?
Mr. Reynolds. Honestly, I don't know the exact figure. I
know that it is fairly substantial in terms of staff. But I
couldn't give you an exact figure. I apologize.
Mr. Davidson. Okay. That is all right. And I guess my
question is, given that it is a substantial figure, it is not
an insignificant figure that is down in the footnotes as
rounded out, but it may be summed up in the other operating
costs somewhere, how much revenue does this generate for
Barclays?
Mr. Reynolds. Zero.
Mr. Davidson. Zero.
Okay. So my question is, when we listen to these part B
discussions about, frankly, some of the financial institutions,
anxious to start collaborating with one another and sharing
information across each other, for a portion of their bank that
derives zero revenue for the bank, why is it that banks are so
ready to engage in law enforcement activity that generates
nothing of value for the company? I really appreciate that you
want to help with national security. I guess my question is,
why?
Mr. Reynolds. I think it is fairly simple: I think the bank
wants to do the right thing. I think that certainly the bank
does not want to bank terrorists. It doesn't want to bank money
launderers. It doesn't want to bank human traffickers. And so,
certainly, regardless of law enforcement impact, the bank
wouldn't want these individuals in their bank anyway. So I
think the bank would spend money and dedicate resources to make
sure that we don't have those sorts of customers. I think there
is an attendant law enforcement benefit as well. But I think
certainly just from wanting to be a good corporate citizen and
doing the right thing, the bank doesn't want to bank these
people.
Mr. Davidson. Okay. So, defensively. Fundamentally, you
have something to gain because your bank would have a bad
reputation if you became known as the destination for human
trafficking financing, for example. So there is a defensive
interest in it for the banks. I guess when you look at it, you
say, all right, Know Your Customer, know these activities, and
you go beyond, maybe open this up to Dr. Levitt, Mr. Moreno, we
have spent a fair bit of time on privacy. And I guess my
question is, we are down to the point where we are talking
about tracking knife purchases and using big data. It is
already bad enough that you can't fly with a knife, certain
size knives, you go, okay. Nail clippers, maybe. We got past
some of that. Things like this.
At some point, does owning a knife need to be on a
suspicious report? If I bought a set of knives for the kitchen,
do we need to investigate all those? I guess, you see how far
down we are into the dialogue. And you have private sector
folks who are going to spend more and more, add two or three
floors to the building to focus on this, not to mention all the
resources we devote to doing this, and in the balance is
privacy for people. How do we make sure that we can do--well,
we can always do more, but in this case this happened. I guess,
how--when the Federal Government operated the Post Office, as
we do still today, and there weren't tons of rivals, the
government actually still had possession of the data. And they
sent it from point A to point B, and without a warrant, they
didn't open it up. Lots of things could have been in the mail.
But, officially, we didn't search every package. As far as I
know, FedEx doesn't open every package that gets sent. Yet, if
it is financial data, fundamentally you don't have anywhere
near the same safeguards. So, I guess, how do we get that
balance right?
Mr. Levitt. I guess I would just say, in a nutshell, that
you ultimately do have, pretty much, that same protection. We
are not looking at every transaction. We couldn't look at every
transaction. Even if we wanted to, and we don't, no one is
looking at every knife purchase. The whole point is to be
focusing only on those cases where, through a variety of
different investigative tools, whether it is financial, or the
community coming forward, or intelligence, or whatever it is
that there is reason to believe to have suspicion that
something is off. And we have clear requirements for what hits
that threshold. And as Mr. Hughes talked about, sometimes we
can't hit the threshold on terrorism, and so we do something
else. You don't want to overreact and say, now people are using
knives, so knives are the big problem. They are not. But you
also want to recognize that because a knife is inexpensive, you
can't just assume that the kind of things you had put in place
to notice something just under a $10,000 threshold is going to
catch this.
Chairman Pearce. The gentleman's time has expired.
Mr. Davidson. My time has expired, so I yield back.
Chairman Pearce. The gentleman's time has expired.
I now recognize the gentleman from Arkansas, Mr. Hill.
Mr. Hill. I thank the chairman and I thank the ranking
member. This is an important hearing. Thanks for having it.
Little Rock had its own situation with a lone wolf back in June
of 2009 when a dry cleaner's worker from Memphis who was
opening up a new location in Little Rock had become
radicalized, and at 10 o'clock in the morning he went up and
shot, at point-blank range, two Army recruiters there, killing
one of them, Andy Long, and wounding my friend, Private Quinton
Ezeagwula. It was a tragic deal. So I appreciate having this
hearing. And my predecessor, Tim Griffin, and I worked hard for
Quinton and Andy to earn the Purple Heart for that tragedy.
I was just reading a book during August, ``In the Skin of a
Jihadist,'' which is a book about radicalization in France and
just how few dollars are used in this arena. So I am very
sensitive to this issue of a lone wolf. And having seen it in
reality in Arkansas, and then reading about just how modest the
financing is in this arena, and just how prevalent it has
become in Europe. So for banks of all sizes, Mr. Reynolds, I am
just curious, if there is off-the-shelf software for their
operation, instead of the kind of expense that Barclays or Bank
of America would have to go to, that integrates data to make
filing a SAR a more sophisticated activity, rather than just
the bank transaction that goes across the counter or through
the wire room, where a bank of any size can note disposable
cell phone purchases, and tickets purchased to certain
countries on the credit card, if, in fact, they are a credit
card issuer.
Tell me how a bank could really enhance their SAR filing
from the obvious. Because that is one of the things. We file
SARs in banks just based on things that we observe. We don't
actually go hunting for SARs. Perhaps Barclays does. So talk to
me, the difference, but seeing something that is suspicious,
and then I have a staff who is hunting through all my customers
looking for something that is suspicious.
Mr. Reynolds. Sure. There are really two ways to attack the
problem. Some institutions just employ one, and some
institutions employ both. To your point about commercially
available solutions, there are a great number of commercially
available solutions that can range from solutions for very,
very small banks. So it is a solution that is tailored for a
small community bank that will look for various red flag
indicators, and will ultimately push those to the relevant AML
officer. Very often, a small community bank, there isn't hordes
of people. There is an AML officer, and that is the person
who--
Mr. Hill. Who does many jobs.
Mr. Reynolds. --wears many, many hats, and who works very
hard in those institutions. That software is incredibly useful
to them because it does help them identify some of those
transactions.
Mr. Hill. Does it bring in non-bank data, though? Does it
integrate non-bank data at all?
Mr. Reynolds. So for some of the smaller solutions, it
typically would not. There are other commercially available
solutions that will, for instance, bring in negative news on
customers. So if there is publicly available news on your
customers, it will bring that in. There are some solutions that
will go out and look on the web to see if there is derogatory
information about customers you may have that will bring that
in as well.
The second set of solutions that you typically have for
institutions are what I refer to as sort of advanced analytics,
a lot of different great companies that are doing some
fantastic work in this area. And what those solutions are is to
your point of institutions proactively looking for risks within
the institution. So that is where, again, they are not looking
at individual customers, per se, until they find something. But
what they are doing is looking across the data to look for
outliers to look for things that just don't make sense for
their customer set. And then they focus analysts in on that
particular issue. Most large institutions, in my experience, do
both. Because given their data sets, just having sort of a
standard platform that is looking for red flags is good, and
that is what is required. But most banks invest above and
beyond what is required and do the proactive analytics as well.
Smaller institutions, I think, probably stick to the former.
But, again, because they are smaller, I don't know that
proactive analytics for a smaller institution would be quite as
useful.
Mr. Hill. Quickly, you were talking about Know Your
Customer, sharing that information, you do acknowledge that
banks can call another bank and say: Are you satisfied with
your Know-Your-Customer information about customer X? That is
permitted under the law, isn't it?
Mr. Reynolds. Absolutely. That is permitted under Section
314(b).
Mr. Hill. Thank you very much.
Chairman Pearce. The gentleman's time has expired.
I would like to thank each one of our witnesses for your
testimony today. You have been very gracious with your time and
your answers.
The Chair notes that some Members may have additional
questions for this panel, which they may wish to submit in
writing. Without objection, the hearing record will remain open
for 5 legislative days for Members to submit written questions
to these witnesses and to place their responses in the record.
Also, without objection, Members will have 5 legislative days
to submit extraneous materials to the Chair for inclusion in
the record. This hearing is adjourned.
[Whereupon, at 3:54 p.m., the hearing was adjourned.]
A P P E N D I X
September 6, 2017
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]