The Obama administration wants to require U.S. banks to report all electronic money transfers into and out of the country, a dramatic expansion in efforts to counter terrorist financing and money laundering.
Officials say the information would help them spot the sort of transfers that helped finance the al-Qaeda hijackers who carried out the Sept. 11, 2001, attacks. They say the expanded financial data would allow anti-terrorist agencies to better understand normal money-flow patterns so they can spot abnormal activity.
Financial institutions are now required to report to the Treasury Department transactions in excess of $10,000 and others they deem suspicious. The new rule would require banks to disclose even the smallest transfers.
Treasury officials plan to post the proposed regulation on their Web site Monday and in the Federal Register this week. The public could comment before a final rule is published and the plan takes effect, which officials say will probably not be until 2012.
The proposal is a long-delayed response to the 2004 Intelligence Reform and Terrorism Prevention Act, which specified reforms to better organize the intelligence community and to avoid a repeat of the 20S01 attacks. The law required that the Treasury secretary issue regulations requiring financial institutions to report cross-border transfers if deemed necessary to combat terrorist financing.
"By establishing a centralized database, this regulatory plan will greatly assist law enforcement in detecting and ferreting out transnational organized crime, multinational drug cartels, terrorist financing and international tax evasion," said James H. Freis Jr., director of Treasury's Financial Crimes Enforcement Network (FinCEN).
But critics have called it part of a disturbing trend by government security agencies in the wake of the 2001 attacks to seek more access to personal data without adequately demonstrating its utility. Financial institutions say that they already feel burdened byanti-terrorism rules requiring them to provide data, and that they object to new ones.
"These new banking surveillance programs are testing the boundaries of privacy," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. "Many consumers both in the United States and outside are likely to object."
"This regulation is outrageous," said Peter Djinis, a lawyer who advises financial institutions on complying with financial rules and a former FinCEN executive assistant director for regulatory policy. "Consider me old-fashioned, but I believe you need to show some evidence of criminality before you are granted unfettered access to the private financial affairs of every individual and company that dares to conduct financial transactions overseas."
Djinis said he does not think the department has made a case that it could analyze such volumes of data effectively or needs so much raw data. "It's presumed that the information will be valuable in anti-terrorism activity," he said. "We're told, 'Trust us. Once we get the data, we'll determine what's legal or not.' "
John J. Byrne, formerly a longtime banking industry official and now executive vice president of the Association of Certified Anti-Money Laundering Specialists, said: "Just because it's easier to provide the data and to collect the data, it doesn't always mean it should be collected." If the government collects such information, he said, it "has the burden of explaining how it is being utilized."
Each year, financial institutions file with the Treasury Department about 1.3 million suspicious-activity reports and 14 million reports on transactions greater than $10,000.
Such reports have been "extremely valuable" in financial crime investigations, but the additional data would provide new opportunities, FinCEN spokesman Steve Hudak said. "Current investigations mainly look at individual trees," he said. "Using this data, FinCEN, and others, will be able to see the forest."
For instance, Hudak said, officials currently do not know how much money is wired to any one country every year.
"With this data, we'll be able to establish baseline numbers so we can then spot what's abnormal and suspicious," he said. "John Smith may use a bank to wire money abroad in amounts that don't raise suspicion. But he may be using 10 banks to wire significant funds to dozens of counties."
Also, he said, the data can be cross-referenced with suspicious-activity reports and other data to make it "easier to follow the money."
The department said that the Sept. 11 hijackers were wired about $130,000 from overseas to help finance the attacks, but that the transactions fell outside reporting requirements. No suspicious-activity reports were filed, officials said.
Having such data "would have really helped us a lot" in the post-attack investigation, said Dennis M. Lormel, a former FBI agent who ran the Terrorist Finance Operations Section set up after the 2001 attacks. "We would have linked the group of hijackers together quicker."
Under the plan, money-transfer businesses such as Western Union would report transactions of $1,000 or more. ATM and credit card transactions would not be reported.
Authorities plan to funnel the information - about 750 million transfers a year - into a database for use by law enforcement and regulatory agencies.
Information typically accompanying a wire transfer includes the name, address and account number of the sender and recipient - and with money-service businesses, an identifier such as a driver's license or passport number.
The proposal also calls for banks to provide annually the Social Security numbers for all wire-transfer senders and recipients.
Brian Lynch, who was until May 2009 head of the FBI's terrorist financing section, said the plan is "great news" and would provide "more granularity" into the movement of money in financing crime.
Before the plan can take effect, the Treasury secretary must certify that the database can securely hold large volumes of information, and that the technology exists to analyze it effectively.
The United States reached agreement this year with the European Union allowing European banks' financial-transaction data to continue to be shared for terrorist-finance tracking purposes, but with stricter controls to guard against abuse.
For instance, U.S. officials can request European data relevant to a specific terrorist investigation, but only if they substantiate the need. The records are held by a Brussels-based bank consortium, the Society for Worldwide Interbank Financial Telecommunication, or SWIFT.
But if the proposed rule goes into effect, transactions between European and U.S. banks would be captured regardless of whether there is a substantiated need.
Sophie in't Veld, a member of the European Parliament from the Netherlands, said lawmakers undertook "painstaking" negotiations to restrict the amount of financial data to which the United States would have access. "It seems they're getting it anyway," she said.
Hudak had no comment.