A Review of the Financial System Post 9/11

Background

Twenty-three years have passed since al-Qa‘ida terrorists flew commercial airliners into the World Trade Center in New York and the Pentagon and crashed an aircraft in rural Pennsylvania. The attacks took the lives of 2,977 people and injured thousands more.

The terrorists’ financial activities set off no red flags and did not appear suspicious to financial institutions.

Why?

According to the 9/11 Commission, the plot cost al-Qa‘ida between $400,000 to $500,000, of which approximately $300,000 passed through the hijackers’ bank accounts in the United States. While in the U.S., the hijackers spent money primarily for flight training, travel, and living expenses (such as housing, food, cars, and auto insurance).

The terrorists used U.S. and foreign financial institutions to hold, move, and access funds. They deposited money into U.S. accounts via wire transfers, travelers’ checks, and cash brought from overseas. They kept funds in foreign accounts, which they accessed through ATMs and credit card transactions in the United States.

In addition, the hijackers received funds from facilitators in Germany and the UAE or directly from al-Qa‘ida terrorist Khalid Sheikh Mohamed (KSM), which transited Pakistan before coming to the United States. The hijackers returned approximately $26,000 to a facilitator in the UAE days before the attack.

The hijackers were not experts on the use of the U.S. financial system, but nothing they did would have led banks to suspect criminal behavior, let alone a major terrorist plot, according to the 9/11 Commission report. James Freis, the Director of the Financial Crimes Enforcement Network (FinCEN) in 2008 also highlighted to an academic conference in Spain that the hijackers used bank accounts in their own names.

• The New York Times reported in mid-2002 that the hijackers took care not to raise suspicions by keeping many of their initial transactions below the $10,000 reporting threshold and avoiding transactions that involved large amounts of cash.
• Later in the operation, when the hijackers began to receive much larger amounts of money, their transactions did not result in any suspicious activity reporting, and because they received most of their money through wire transfers of funds directly into commercial bank accounts, they continued avoiding large cash deposits, thereby evading reporting requirements.
• Some of the hijackers also used fraudulent Social Security Numbers to open their accounts, but banks never checked those numbers, according to the New York Times report.

Terrorism financing was not a priority for either domestic or foreign intelligence collection before the attacks happened. As a result, intelligence reporting on the issue was episodic, insufficient, and often inaccurate, according to the 9/11 Commission report.

How has the financial system changed?

After the September 11^th terrorist attacks, the U.S. Treasury’s Office of Terrorism and Financial Intelligence was created and began to play a leading role in safeguarding the financial system against illicit use, including by terrorist groups, their supporters, and other malign actors. In addition, each U.S. government agency that had a counterterrorism mission had to establish methods to address terrorist financing, and the United States had to develop an effective mechanism for coordination, cooperation, and information sharing about terrorism financing, according to retired FBI Special Agent and terrorism financing expert Dennis Lormel.

The Financial Action Task Force (FATF)—the global AML/CFT watchdog—recognizing the importance of combating the financing of terrorism added nine special recommendations, which combined with the organization’s 40 original recommendations on money laundering created a basic framework for detecting and deterring terrorism financing.

The private sector also began to play a vital part in protecting the U.S. and global financial systems, according to Juan Zarate, former U.S. Treasury official and Deputy National Security Advisor for Combating Terrorism under President George W. Bush and author of Treasury’s War: The Unleashing of a New Era of Financial Warfare.

Zarate identifies three fundamental shifts in the United States that became critical to protecting the U.S. financial system from malign actors.

1. The U.S. sanctions and AML regimes and the systems intended to protect the financial system are now fundamentally viewed as a core part of national security and part of war on terror.
2. The United States now focuses not just on national security, but also on the integrity of the financial system as an objective in its own right.
3. Part of protecting the integrity of the financial system is preventing bad actors from accessing it, identifying rogue capital earlier, and extracting it. Protecting the financial system is no longer limited to finding a bad actor, building a case based on suspicious activity reporting, and helping law enforcement. Rather, current efforts center on preventing malign actors from entering the system in the first place.

How have banks’ roles evolved?

The financial system’s mechanisms to prevent abuses such as money laundering and terrorism financing did not fail in 2001. The hijackers and their financial facilitators simply used a series of relatively unremarkable transactions to maintain anonymity.

Hence, the changes that transformed the global financial system to protect it against abuse by terrorists and their facilitators, have put an increased burden on financial institutions to track not just suspicious transactions, but also high-risk clients, jurisdictions, and entities.

Protection of the integrity of the financial system invariably means that the onus is on financial institutions to know and understand their client base—a fundamental principle in ensuring that criminal actors do not gain access to the financial institution and the financial system.

• Do you know with whom you are doing business?
• Do you know who is using your bank?
• Do you have awareness and control of those risks?
• Do you understand your financial institution’s vulnerabilities?
• Are drug cartels, money launderers, or terrorist financiers using your bank to move money?

When asked about the “biggest change” for banks since the 9/11 attacks, Rick Small, a former Federal Reserve enforcement and investigations official and head of financial crimes compliance at Truist Bank, cited “increased scrutiny on our AML programs.”

Changes in Funding Mechanisms

Do crimes such as the illicit drug trade also fund terrorist groups and organizations?

No persuasive evidence existed at the time that al-Qa‘ida relied on the drug trade or other criminal proceeds as an important source of revenue, had any substantial involvement with conflict diamonds, or was financially sponsored by any foreign government, according to the 9/11 Commission. However, terrorist groups in subsequent years began to use at least some of these sources to raise funds.

• Reuters in 2010 reported that a clandestine fleet of aircraft flew large loads of cocaine and possibly weapons to a region in Africa where al-Qa‘ida linked groups were believed to be facilitating drug smuggling to Europe.
• A 2024 UN Office on Drugs and Crime (UNODC) report revealed that the drug trade generates some revenue for terrorist organizations, especially via a “wealth tax” imposed on drug traffickers in the Sahel.
• S. Attorney General Merrick Garland in 2024 noted that Iran uses the proceeds of its black-market oil sales to fund terrorist groups, such as the U.S.-designated Islamic Revolutionary Guard Corps, Hamas, Hizballah, and others. The Justice Department early that year “seized more than $108 million and 500,000 barrels of fuel that would otherwise have enabled Iran to further its destabilizing activities that threaten our national security.” The Justice Department also charged nine individuals for their roles in supporting Iran in violation of U.S. sanctions.

Like international criminal organizations, terrorist groups around the world also are using criminal activities to raise money, including drug and human trafficking, illicit trade of art and antiquities, extortion, kidnapping for ransom, fraud, and counterfeiting, according to Treasury’s National Terrorist Financing Risk Assessment. Therefore, financial institutions must also watch for warning signs of these activities and can use the tools and research they use to detect and deter the laundering of criminally derived funds to track transactions connected to terrorism financing.

However, legitimate funds can also fund terrorist activities and support terrorist organizations.

Donors and fundraisers have historically been a major source of funding for terrorist groups. According to the Financial Action Task Force (FATF) and the US State Department, despite heavy disruption of its fundraising activities in recent years, al-Qa‘ida and the Islamic State (ISIS) have continued to benefit from funds raised from sympathizers worldwide. Private fundraising networks increasingly rely on social media and crowdfunding to solicit donations and communicate with donors and recipient terrorist organizations.

In the United States, Treasury notes, terrorist activity most often associated with the Islamic State or al-Qa‘ida is foreign travel to conflict zones or attempts to send money to these groups or their affiliates. Funds used to support travel-related activity have primarily been generated from legitimate sources, and these individuals often use cash. In some instances, U.S.-based individuals have sought to fundraise extensively or solicited funds specifically for ISIS.

Therefore, more transparency and increased understanding of beneficial ownership, counterparty risks, jurisdictional risks, and correspondent networks is required from financial institutions, according to Zarate.

Who has access to your bank? Where does the access occur?

A bipartisan law, Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA PATRIOT Act), was enacted shortly after the terrorist attacks. The USA PATRIOT Act criminalized terrorist financing and required financial institutions to implement AML programs, including Customer Information Program (CIP), due diligence procedures, and information sharing requirements. AML/CFT regulations almost certainly will continue to evolve, and financial institutions, as well as other companies in various sectors must keep abreast of the changes.

The CIP rule applies to any customer who opens a new account with a financial institution. A bank’s CIP must include risk-based procedures for verifying the identity of each customer, and banks must develop procedures to account for all relevant risks. The specific minimum requirements in the CIP rule, such as the four basic types of information to be obtained from each customer—full name, address, date of birth, and identification number—should be supplemented by risk-based verification procedures, where appropriate, to ensure that the bank has a reasonable belief that it knows each customer’s identity.

CIP rules will most likely continue undergoing additional changes. In May 2024, the U.S. Securities and Exchange Commission (SEC) and FinCEN jointly proposed a rule to require the CIP rule to apply to registered investment advisers and exempt reporting advisers to require them to establish written CIP programs. FinCEN in February 2024 also proposed requiring advisers to maintain AML compliance programs.

In the UK, customer due diligence requires obtaining a customer’s name, photograph on an official document, confirming the customer’s identity, and residential address and date of birth. Customer due diligence is required when a business relationship is first established, when money laundering or terrorist financing is suspected, and when a financial institution has doubts about previous identity information.

The EU also imposes key obligations on financial institutions, including Customer Due Diligence, Enhanced Due Diligence when the risk of terrorism financing or money laundering is higher, and suspicious transaction reporting, among other requirements. EU member states are also required to establish centralized ultimate beneficial ownership registers to collect and maintain information on the beneficial owners of legal entities, trusts, and other legal arrangements. Most of the EU’s money laundering directives came into effect after the 9/11 attacks.

Illicit actors, including terrorists and their enablers, can exploit the privacy and confidentiality of some business entities, so verifying the grantors and beneficial owner(s) of potential clients and business partners is crucial because they may be created to shield the legal identity of the owner. The lack of ownership transparency; minimal or no recordkeeping requirements, financial disclosures, and supervision; and the range of permissible activities all increase illicit finance risk and should inform financial institutions’ risk appetite.

Regulators expect more of financial institutions 23 years after the terrorist attacks on September 11. The attacks galvanized the international community to set up a regulatory environment, tied to UN Security Council Resolution 1373, to require member nations to freeze the assets of terrorists and their supporters.

The onus is on financial institutions to know their customers and recognize the terrorist financing risks to which they are exposed. Compliance requirements are rapidly expanding, and evasion methodologies are becoming more complex. Financial institutions have a critical role to play in this ecosystem; more than ever they must know and understand their customer base to help stop terrorist organizations from accessing the global financial system.