The FINCEN Files Leakage - Security Boulevard

The FINCEN Files Leakage

This week began with the International Consortium of Investigative Journalists (ICIJ) providing a view and analysis into thousands of financial transactions contained within Suspicious Activity Reports (SARs) that were leaked from with the U.S. FinCEN (Financial Crimes Enforcement Network). The ICIJ effort was augmented by old-fashioned research and interviews conducted by a global team of investigative journalists. In the days prior to the global revelation of how illicit money moved around the world, FinCEN noted it was “aware that various media outlets intend to publish a series of articles based on unlawfully disclosed SARs, as well as other sensitive government documents, from several years ago.”

While FinCEN receives more than 2 million SARs in the last year, according to an article in BuzzFeed News, the analysis is based on just 2,100 SARs from 90 financial institutions involving more than $2 trillion.

How BuzzFeed News came into possession of the leaked files has not yet been revealed. It is highly probable that an insider within FinCEN leaked the data, their motivation to be determined. Therefore, it is worth noting that FinCEN employee Natalie Mayflower Sours Edwards was arrested and charged with leaking FinCEN documents in October 2018 to Buzzfeed. In January 2020, Edwards pleaded guilty and her sentencing is scheduled for Oct. 20.

The meat and potatoes of the revelations focus on which banks are filing SARs and which entities are having SARs filed on their movement of monies. As the ICIJ pointed out, “While the transactions do not necessarily establish any criminal misconduct or other wrongdoing, the data offers an unprecedented overview of how money – flagged as suspicious, and in some cases linked to corruption, fraud, sanctions evasion or other crimes – flows around the globe via networks of correspondent banks.”

Early analysis of the data revealed the efforts North Korea takes to launder its money as it goes about busting the sanctions imposed by the west. The Bank of New York Mellon filed multiple SARs concerning its handling of millions of dollars in transfers from a Chinese company owned by Ma XiaoHong via China, Singapore, Cambodia and elsewhere. The red flag? The obscure ownership of the identified ownership of companies whose names appeared on the SARs. In this case, Ma was prosecuted.

Germany’s Deutche Bank, according to DW, facilitated “half the $2 trillion of suspicious transactions made between 1999-2017 revealed in the FinCEN files.” The German media outlet points out that FinCEN controls not only the U.S. market but also the global payment traffic in U.S. dollars.

The common thread revealed by ICIJ and BuzzFeed News in their sharing of the FinCEN files is that the level of effort made by the U.S. Treasury was woefully inadequate and not up to the task. Furthermore, the banks viewed the filing of SARs as their get-out-of-jail-free card, as they could point to the SAR and say something along the lines of, “We told you they were suspicious.”

The top 10 banks from within the 2,100 files were:

  1. Deutsche Bank (982)
  2. Bank of New York Mellon (325)
  3. Standard Chartered (232)
  4. JPMorgan (107)
  5. Barclays (104)
  6. HSBC (73)
  7. Bank of America (35)
  8. China Investment Corporation (35)
  9. Wells Fargo (21)
  10. Citigroup (18)
  11. Societe Generale (11)

In their totality, these financial institutions cover only the tiniest of tips of the SAR iceberg.

One may draw the conclusion that if the bank filed the SAR, it had a suspicion the money it was touching was tainted.

FinCEN is understaffed and unable to handle the deluge of suspicious activities, having about 300 staff members to investigate more than 2 million SARs per year. In this vacuum of enforcement, banks will continue to move money to and from the same entities again and again. While the FinCEN files will take some time to fully investigate and sort out, even after the year-long effort of the consortium, financial institutions are no doubt undertaking a bit of introspective review as these independent investigations occur.

Featured eBook
The State of Cloud Native Security 2020

The State of Cloud Native Security 2020

The first annual State of Cloud Native Security report examines the practices, tools and technologies innovative companies are using to manage cloud environments and drive cloud native development. Based on a survey of 3,000 cloud architecture, InfoSec and DevOps professionals across five countries, the report surfaces insights from a proprietary set of well-analyzed data. This ... Read More
Palo Alto Networks

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

burgesschristopher has 137 posts and counting.See all posts by burgesschristopher