Hong Kong: Identifying Terrorist Funds: Continuing Problems

International efforts to address the problem of Terrorist Financing have been predicated on the ability to identify known or suspected terrorists. Legislation enacted around the world in the aftermath of the September 11 attacks in the United States have imposed a responsibility on the financial community to screen their customer lists for names of known or suspected terrorist individuals and organisations.

In the early days, it appeared that considerable headway was being made in the effort to find and freeze terrorist assets, beginning with the publication of a list of names which set the pattern for what has since come to be understood as the responsibilities of the financial community in the war against Terrorist Financing.

In the United States, this ‘terrorist blacklist’ is produced by various bodies including the U.S. Treasury Office of Foreign Assets Control ("OFAC"), but it is through the directives of the United Nations that these names are relayed throughout the world. The whole concept of supplying the private sector with a list of named terrorist entities, however, is fraught with great practical problems.

The relatively simple task of trying to identify people by name can be enormously difficult. The current threat comes from individuals whose names were originally in Arabic. The western convention of a Mr Firstname Middlename Lastname is not the universal model, and different alphabets and romanisations further confuse the issue. Wong, Ong, Huang and Wang are different Western attempts to write the very same Chinese surname, just as Muhammad is Mohammed is Mohamed is Mohamet, but there is only one way to write it in Arabic, and Usama is Osama.

A bank operating in, say, Japanese is unlikely to record a customer by his name in the original Thai or Arabic script, but will make use of some local representation of that name, some ‘fuzzy logic’ is obviously required in the search process.

Some institutions might not actually want to attract the odium of identifying such an account anyway. Provided they do not have a customer whose name is an exact match; they might turn a blind eye (wilfully or otherwise) to a "Hosama Bin Leyden."

Other information, such as addresses and telephone numbers are similarly important. Even if the customer’s name was unrelated, would it not be relevant that his address was the same as one known to have been a known terrorist centre?

Throughout the era of the Cold War, the greatest counter-espionage challenge was not the Cultural Vice-Consul at the Embassy who everyone knew was a spy, but the ‘sleeper’ who had been infiltrated into the country illegally many years before. Al Qaeda is known to have infiltrated many of their trained terrorist operatives into Western countries, and we do not know how many hundreds or thousands might still be undetected, waiting for their day to strike.

Soon after the Sept 11 attacks, the ‘Mamoun Darkazanli Import-Export Company’ was identified and named as an al-Qaeda connected company in Hamburg, Germany. Banks may have searched their records to ensure they never facilitated any transactions involving that company, but without an address, they may well miss the account of another individual, who might similarly be connected to the al-Qaeda organisation, and who can be connected to them from having used that Hamburg address.

Is all the effort and emphasis being placed on these terrorist blacklists of any value whatsoever? What are they really worth? They do, at least, have some soporific value; allowing the banking world to say, and perhaps even feel that they are "doing their bit" to make the world a safer place. The reality, however, is that at the current level. they are probably of very little, if any, practical use at all.

Certainly, if al-Qaeda was funded entirely by Bin Laden himself through his personal current account, it might be relevant, but the his name on the EO 13224 list was purely for international consumption. He had been added to the OFAC blacklist in the United States after the bombings of the Embassies in East Africa in August 1998. Some estimates of bin Laden’s personal wealth suggest he inherited as much as US$300 Million, but even the US$100 Million amount actually frozen, however, has not disabled his organisation.

Apart from the possibility he might use a false identity or two, is it not conceivable that he might have a few dollars in a bank account in his wife's name. He certainly has enough to chose from; having at least four wives, one ex and a total of some twenty three children. Interestingly enough, US intelligence sources believe that one of his sons; Saad bin Laden, has an increasingly active in role in the management of al-Qaeda.

Neither Saad, nor any of bin Laden’s other children, nor any of his wives or other relatives, are on the OFAC or UN lists, and there are countless other examples of names that have never been blacklisted.

Labels, of course, are subjective. In the oft quoted phrase "One man’s Terrorist is another man’s Freedom Fighter", and one government’s view of what constitutes a terrorist organisation is not always shared, even by its allies.

How and why are some names deemed to be designated terrorist entities and others not?

In the Philippines, the New People’s Army has been engaged in armed resistance against government since the Marcos administration. The organisation was lead, since the early days, by Jose Maria Sison.

Whether it is a para-military group, a liberation movement or a terrorist organisation may depend on one’s political point of view, but the NPA has been a military force in the Philippines for thirty years. At its peak, the organisation was believed to have has 26,000 men under arms. Waging a guerrilla war, it represented the principal security threat to the country’s elected government.

Yet, as far as the banking world is concerned, the only name associated with the financing of that movement is Jose Maria Sison. On 29 August 2002, the US Treasury added his name to their list of known terrorist entities. Are we expected to believe that an insurrection that lasted thirty years is another ‘Lone Gunman’ case, or is his name on the list for political reasons that do not extend to anyone else associated with the movement?

How was the NPA financed? When money was sent to support the movement; was it kept in cash in a shoe box under the bed, or were there front companies with bank accounts involved in the process? If so, are none of these of law enforcement interest?

The problem is not with supplying information to the private sector; nor is it with the banks checking their customer databases for listed names. The problem is that they are not supplied with enough information. More importantly; a customer could still be involved in the financing of a terrorist group even though his name is not on a list.

Whether the goal to deprive terrorist organisations of funding or to identify and prosecute drug traffickers or other benefiting from the proceeds of crime, the governments’ problem is the same; the volume and the complex intricacies of financial transactions are such that law enforcement bodies cannot cope without the active co-operation of the private sector.

This trend has begun. It is not just the scale, but the nature of the threat that is the catalyst for further legal and business changes; the threat to the security of democratic countries having changed, the response must likewise change to address it.

Al Qaeda is not an organisation that can be compared to the Provisional IRA or any other ‘traditional terrorist’ movement. It is an organisation established and headed by a financier; thus suggesting there is more logic in an unconventional attack against its ability to finance acts of terrorism, rather than a conventional military attack against countries deemed to be supportive of their activities.

One of the unorthodox aspects of al-Qaeda’s funding has been the heinous abuse of charitable funds; raising a very serious jurisprudential question: if knowingly donating money for the purchase of arms and explosives is an offence; is there a material difference between supplying a terrorist movement with weapons or weapons training, and supplying the same movement with other supplies and equipment? To what extent should a donor be expected to know how those funds will be used?

This is not only a question for wealthy Saudis whose charitable donations end up funding terrorist movements; the largest single donor to the Palestinian Authority is the European Union, giving 10 Million Euros a month. Although this is ostensibly used for the salaries of Palestinian public sector employees, repeated reports that this money was being diverted into the personal accounts of corrupt Palestinian officials or used to finance attacks on Israeli civilians have resulted in an official investigation being initiated.

Should it be legal to provide non-military equipment to an organisation that exists to support the activities of another organisation that advocates the use of violence? Should it be permissible to provide boots, vehicles or flight training; on a promise that the boots will not be worn on terrorist operations and that the flight training is for purely civil purposes?

The question is a practical one for bankers; irrespective of whether or not it might technically be legal, is the revenue from that customer worth the potential liability when some of that non-military equipment turn out to have a dual purpose after all.

The terrorist threat, not unlike the drugs threat, is a global one. It represents a serious hazard to the security of large numbers of people. This cannot be compared to the long-established warfare model of invasion by a hostile army, so new means of countering this threat have to be evolved. Given the perverse ‘success’ of the financially sophisticated al-Qaeda, like the major drug trafficking syndicates; it is obvious that a large part of that response must be directed at the financial infrastructure level.

Unfortunately, given that such activity takes place on paper in the private sector, it is there that the defence is needed. It is not enough just to check a name against a list. No list of names will ever be exhaustive, nor will it ever be more than a tiny fraction of the financial institutions’ responsibilities. If the terrorist threat is to be diminished, at least at that level, the volume of information flowing from government law enforcement agencies to the private sector will have to increase exponentially; and likewise the amount of financial intelligence returned will also be dramatically more than would ever be envisaged at the present time.

Although it may not be politically expedient or popular to use the word ‘laxity’ or to describe current levels of Customer Due Diligence as ‘cursory’ – compared to the steps that may be needed in the future; we may well be living in the carefree "good old days."

A compliance programme based on prohibition and saying "No, no, no, don’t!" all the time will be a hindrance rather than a help to business, if we are to put up a credible line of defence, it will come from an atmosphere where the private sector is assiduous in its desire not to incur the burdens associated with criminal or terrorist elements.

If that is to happen, the most serious and insidious problems will be those that are, even now, already rooted. It will be the customer whose suspicious financial activities were not examined too closely who becomes a long-term problem. Like cancer, if not identified and removed at an early stage; the situation might develop and grow until even the surgery is life threatening.