Page 1       TOP OF DOC


Tuesday, May 18, 2004
U.S. House of Representatives,
Subcommittee on Oversight and Investigations,
Committee on Financial Services,
Washington, D.C.
    The subcommittee met, pursuant to call, at 10:07 a.m., in Room 2128, Rayburn House Office Building, Hon. Sue Kelly [chairwoman of the subcommittee] presiding.
    Present: Representatives Kelly, Hensarling, Garrett, Gutierrez, Inslee, Moore, Maloney, and Matheson. Also present was Representative Royce.
    Chairwoman KELLY. [Presiding.] This hearing of the Subcommittee on Oversight and Investigations will come to order.
    An effective money laundering system relies on a collaborative effort from the public and private sectors. This effort has received additional scrutiny recently due to problems at Riggs Bank, an instance where the public-private collaboration stumbled badly in protecting the public's best interest. It is evident that the public and private sectors must continue to improve the way that suspicious activity is detected, reported and analyzed.
    Today we examine ways to improve the oversight and utilization of transaction information by regulatory and law enforcement agencies so the failures at Riggs are the last of their kind in our country.
    The current enforcement structure we have put in place to enforce our anti-money laundering laws disperses various levels of responsibility through a convoluted group of Treasury bureaus and independent agencies. It resembles somewhat a bowl of spaghetti. While these agencies have been focused on efforts to oversee the safety and soundness of our financial institutions for decades, they must embrace new responsibilities which acknowledge that money laundering is no longer a second-tier issue for financial regulators.
 Page 2       PREV PAGE       TOP OF DOC
    Of particular interest to this subcommittee are proposals to simplify the governmental structure so that regulation and compliance for these laws are better unified, perhaps even under the auspices of a single entity.
    Given the vulnerabilities exposed by the Riggs case, I am inclined to believe that the current structure is a relic of a foregone era and that substantive organizational reforms are necessary. At a bare minimum, Congress should begin now an active and thorough assessment of proposals aimed at strengthening our enforcement regime. This subcommittee intends to do just that in the coming weeks and months, and therefore I look forward to testimony from some of our witnesses as to how we might significantly improve the effectiveness of our system without creating yet another layer of bureaucracy.
    Our financial regulators must place a strong emphasis on compliance through rigorous oversight, taking swift and forceful action for non-compliance when necessary. This oversight includes working with the private sector to develop accurate risk assessments that enable examiners to focus on specific institutions, because resources need to be concentrated appropriately.
    The continued leadership of the administration and the Treasury Department is essential to improving financial oversight. Earlier this year, President Bush signaled his commitment to the war against terror by proposing a 14 percent increase in funding for the Financial Crimes Enforcement Network. FinCEN plays a key role in efforts to stop financial crimes by working with the financial community and supporting local, State and Federal law enforcement and intelligence agencies.
    The administration has also announced the creation of the Office of Terrorism and Financial Intelligence—the acronym for that they are using is TFI, Terrorism and Financial Intelligence—within the Department of the Treasury to unify, under one structure, the functions of several offices. I applaud the administration for its efforts to streamline and centralize our anti-money laundering efforts. There must be greater communication between FinCEN, law enforcement, banking regulators and financial institutions, and I believe this office was an important step toward improving this coordination.
 Page 3       PREV PAGE       TOP OF DOC
    Now we must work to bring the next steps into focus. As evidenced by the failures of Riggs Bank and its regulator, the OCC, it is time to explore further reforms that improve the overall structure of our anti-money laundering efforts. It is unacceptable that a Washington, D.C.-based bank with the largest embassy banking clientele allowed tens of millions of dollars to pass unnoticed and unreported through accounts belonging to Saudi Arabian government officials. This activity continued even after a consent order was put in place last year. The mechanisms we put in place to detect and report suspicious activity failed, and they failed repeatedly. We no longer live in a world where such failures can be tolerated.
    I thank the witnesses for appearing here today. You are on the front line of these efforts, and I look forward to hearing your views on how we can continue improving financial oversight.
    I turn now to our ranking member, Mr. Gutierrez.
    [The prepared statement of Hon. Sue W. Kelly can be found on page 32 in the appendix.]
    Mr. GUTIERREZ. Good morning, Madam Chairman, and thank you very much for calling this hearing today. It is important, especially given recent events, that we closely examine our anti-money laundering efforts and whether they are sufficient. I welcome the witnesses here today and look forward to their testimony.
    I understand that many financial institutions are truly committed to this effort, and I welcome their suggestions for improving compliance. However, I am concerned about the commitment of the relevant regulators to this effort, because criminals will always seek out the weakest link in the chain and will exploit any lapses in supervision.
    After September 11, the passage of the PATRIOT Act, bank regulators were given more tools to combat terrorist financing, building on the foundation of existing anti-money laundering efforts. I am truly troubled by the Riggs situation. It represents not merely a failure of one institution's internal controls but a fundamental flaw in its regulation. It is my understanding that the flaws in Riggs' systems were long-standing and systematic, dating back well before the PATRIOT Act.
 Page 4       PREV PAGE       TOP OF DOC
    The consent order of last week is something that should have happened 2 years ago, if not earlier. I don't understand why the OCC was not more vigilant on this front and why it took them so long to take these actions. September 11 was a wake-up call for the industry and should have been for regulators as well. Our safety depends on banks and bank regulators to be on the forefront, on the front lines and prevent terrorists from using international financial systems to fund their activities.
    I understand that the regulators take the risk-based approach to examining books under their purview, and I can't imagine why Riggs' book of embassy business would not have placed them in a category demanding extra scrutiny.
    I am very concerned that the regulator has not made this responsibility a higher priority or that their resources may be spread too thin to fulfill their obligations. I have previously expressed concern about the OCC's attempt to broaden their portfolio into areas that Congress has not authorized without commensurately increasing their operational budget. In fact, the Financial Services Committee is on record in agreement with me on this point.
    This recent incident with Riggs makes me even more concerned about the OCC's operations, and I really believe they should be testifying here today. Chairwoman Kelly, I know you share my concerns here, and I hope we can work together to get the OCC to testify before our subcommittee regarding this issue. I want to know if they have actively looked at every major bank that could have potential terrorist financing issues and what steps they have taken to aggressively control these issues.
    One final point: The OCC issued its findings late last Thursday, and Friday a Maryland woman called her congressman and she was very concerned about her account at Riggs Bank. She was referred to the Banking Committee staff, and she said she wanted to talk to the regulators. My staff supplied the phone number for the OCC's Customer Assistance Group, but, unfortunately, they don't operate on Fridays. They only work 4 days a week. They only talk to consumers 4 days a week and then only from 9 o'clock to 4 o'clock.
 Page 5       PREV PAGE       TOP OF DOC
    So that woman had to wait from Thursday until Monday before she could possibly reach someone at the OCC. I think this agency is not concerned about consumers, and I have doubts about their commitment to anti-money laundering efforts.
    Thank you, again, Chairman Kelly, for calling this hearing and for your leadership on this vital issue.
    Chairwoman KELLY. Thank you, Mr. Gutierrez, and it is my intention, as you know, to continue discussing with the various agencies who have this responsibility what we can do to make sure there are no more failures of this type.
    Mr. Royce?
    Mr. ROYCE. Let me begin by thanking the Chair for calling this hearing today, and I am very grateful for your interest and leadership on this topic.
    I think we are very fortunate to have with us this morning two of the countries foremost experts on terrorism, and I think it is unfortunate that both Mr. Aufhauser and Mr. Emerson have for so long been right on their predictions about our long fight against terrorism.
    In both cases, they have warned us that what we are in for is a long struggle against a movement, not an organization but a movement, and it is a movement of a very extreme arm of the Wahabi Sect that is determined to ruin our way of life.
    From the perspective of a member of this committee and of the International Relations Committee, I could not agree more with the assessments that they have made. We cannot win the war on terror unless the global community works to cut off the flow of funds that terrorists use and that terrorists receive. Certain terrorist acts do not require vast amounts of funding; however, the costs of indoctrination, the costs of recruitment and sustainability for their operations are quite high. If these rogue terror groups have no financial support, it is very difficult for them to continue to operate effectively.
 Page 6       PREV PAGE       TOP OF DOC
    In my view, the question we need to ask as members of the committee is how can the Financial Services Committee play a lead role in the fight on terror? We have the world's best safety and soundness financial regulators. As a part of their job, these regulators are also tasked to enforce the Bank Secrecy Act and certain provisions of the PATRIOT Act. This committee needs to emphasize the importance of that role to these regulatory agencies.
    I think we may need to create a new structure and we may need statutory changes whereby each safety and soundness regulator would have a designated group that works hand in hand with the newly created Office of Terrorism and Financial Intelligence in the Treasury Department.
    The Bank Secrecy Act and the PATRIOT Act give our examiners a number of tools to fight terror finance. This committee should lead Congress down the path of creating an environment where financial intelligence is gathered and then is shared and analyzed and used appropriately and effectively.
    As Mr. Aufhauser argued in his testimony that he is going to present to us, ''Much of the information that is submitted to the government under the Bank Secrecy Act is merely lodged like a book like a library shelf without a card catalog,'' in his words.
    In the absence of an express and pointed request from law enforcement, he says, ''the information remains unexploited. Surely we ought to have an artificial intelligence program that red flags patterns and concerns for investigation without specific targeted inquiry.'' He is absolutely correct. Not only do we need to utilize the PATRIOT Act, but we need to use it to data mine and to uncover terrorist activity.
    And, again, I thank Chairwoman Kelly for her leadership on this subject, and I very much look forward to hearing the testimony of our witnesses this morning.
    Chairwoman KELLY. Thank you very much, Mr. Royce.
    Ms. Maloney?
 Page 7       PREV PAGE       TOP OF DOC
    Mrs. MALONEY. In the interest of time, I am just going to place my comments in the record and wait for the testimony. Thank you.
    Chairwoman KELLY. Thank you.
    Mr. Hensarling, you have no statement?
    Mr. Matheson?
    Mr. Moore?
    Mr. Garrett? Oh, all right.
    We now turn to our panel of witnesses. Thank you. It is a pleasure to welcome back to the committee Mr. David Aufhauser, the former general counsel of the Treasury Department who is currently with the law firm, Williams & Connolly. While at the Treasury Department, Mr. Aufhauser was the Chair of the U.S. Government Coordinating Committee on Terrorism Financing and a leader in implementing the USA PATRIOT Act. Through his work, he has helped shape our war against terror.
    I am also very pleased to introduce Mr. John J. Byrne, the director of the Center for Regulatory Compliance for the American Bankers Association. Mr. Byrne has over 20 years of experience in regulatory and educational efforts on money laundering, asset forfeiture, computer security, privacy and other general electronic banking and compliance issues. He was the first private sector recipient of FinCEN's Director's Medal for Exceptional Service.
    In addition, the subcommittee welcomes Mr. Joseph—let me make sure I am pronouncing it, Cachey? Cachey—representing Western Union. Mr. Cachey is responsible for administering compliance with the requirements of the Bank Secrecy Act. Regulations of the Office of Foreign Assets Control and related anti-money laundering and anti-terrorist financing laws in 196 countries in which the Western Union conducts its business.
    Our next witness is James Richards, a senior anti-money laundering executive at Bank of America. Mr. Richards was formerly a supervisor of the Narcotics Forfeiture Group as the Massachusetts district attorney. He is also a Canadian barrister and later served as the BSA compliance and financial intelligence director with Fleet Financial.
 Page 8       PREV PAGE       TOP OF DOC
    Finally, the subcommittee will hear from Steven Emerson, the executive director of the Investigative Project, a well-known expert on international terrorism and terrorist financing. Mr. Emerson has shared his very important insights with this subcommittee on a number of occasions in recent years. His expertise is based on daily contact with sources in government and key financial institutions as well as his participation in major terrorist financing cases.
    I thank all of our witnesses for your appearance here today and for your testimony. Without objection, your written statements will be made part of the record. You will each be recognized for a 5-minute summary of your testimony. I don't know if anyone needs this, but I am going to remind you that there is a box on the end of each table. The green light means you have 5 minutes for your testimony, the yellow light means there is one minute remaining, and the red light means that we would like you to summarize your testimony. If you haven't gotten to the end, please summarize and let us move on to the next witness. Thank you very much.
    And let us begin with you, Mr. Aufhauser. Thank you very much for being here.
    Mr. AUFHAUSER. Thank you. It is an honor to be here. When I was at a Treasury I had a big staff and so I would get my testimony in early. I apologize that I got it into you about 7 minutes ago.
    Chairwoman KELLY. Don't worry about that Mr. Aufhauser. It is valuable one way or another, so we accept it.
    Mr. AUFHAUSER. For that reason, I am actually going to refer to much of it, but I think I can do it in 5 minutes. It was written knowing how this committee operates.
 Page 9       PREV PAGE       TOP OF DOC
    Probably one of the most vexing issues that this committee faces is the unprecedented nature of the threat of terrorism. The DNA of war has changed and changed inalterably. Confirming the asymmetry power of our military, no force is going to confront the United States on a conventional battlefield, at least currently, with a uniformed army under a recognized flag of state. Nor is there, importantly, a finite list of strategic targets to bunker with concrete and steel. Rather, the highest of profile targets are said to be soft, open to the most outrage and the most unspeakable scenes of mayhem. It is a school bus, it is a marketplace, it is a monument, it is a place of worship, indeed, it is this hall of Congress.
    The greatest infamy, of course, in this uncommon war is the premium placed on the death of innocent people. Bullets and boots on the ground will not alone protect us. This is shadow warfare and it requires a rethink of how do you defend a nation. Every element of national power must be brought to bear, even the finance ministry of the United States, as anomalous as that may sound to folks.
    With so many targets that defy military purpose and, therefore, escape common measures of detection, the three most critical factors that emerge as you talk about forging a new national power defense are, one, the need for enhanced intelligence, two, the leveraging effect of disrupting the logistical lines that constitute the purchase for stealth, and the need for a genuine partnership between business and government.
    The funding of terror, the financing of terror, the money of terror is the one common denominator in all three theorems. First, as Congressman Royce pointed out, it is virtually the only intelligence that has true integrity in this war. The rest is a product of deceit or treachery or bribery or betrayal and sometimes torture. But the record, the financial records that you discover don't lie. They are diaries, they are confessions of which can save a populace, as was the case from a mass poisoning of ricin in the London subway system.
    Indeed, when we read about the capture of Hambali several months ago, what was trumpeted was of course what we can learn from his interrogation. What was not trumpeted, and probably was more important than anything we are learning from his interrogation, is what was in his PC and what the PC contained in terms of his financial dealings.
 Page 10       PREV PAGE       TOP OF DOC
    Second, the ambition of a terrorist cell is defined by its resources, much like the ambitions of a business or a government. Moreover, the only link in the chain of terror that is subject to deterrence is the would-be banker who otherwise enjoys his anonymity and his affluence and his family's prominence. If he can be deterred—that is to be distinguished from the man who puts a bomb, straps a bomb on himself and walks into a marketplace, he is implacable, he is beyond redemption—but the banker who enjoys his anonymity, he can be stopped if he fears discovery and the loss of his freedom. If we can cut him short, we can cut the designs of terrorism short.
    Third, no one is better suited to help police our financial borders than the financial services community and most of the folks on this panel. Indeed, the infinite number of ways that money can be spirited around the globe with the intention of killing people drives the need for more gatekeepers than this government has. That is in part the genius and in part the burden of Title III of the PATRIOT Act. To be sure, it is was and is at best a proxy for getting at a lethal challenge that we have never encountered before. I think, as I say later, it is very hard to judge the character of money. And in fact, when you talk to professionals to my left, it is characterized as a cliquesodic adventuresome idea.
    And maybe it oughtn't be tried in a time of peace but we are at war, and if we don't try it, we abdicating the single most promising way to stop violence attributed to terror. Changing people's hearts and minds is a generational challenge. Stopping the logistical lines that fuels the terror, which is to say the money, is what we can do and what we should do and what our resources should be devoted to doing.
    Now, there were great successes, as my testimony suggests, from the existence of the scrutiny at our financial borders, and my time is running fast. There are six specific suggestions I set forth in my testimony for continuing oversight by this committee. The most promising, I think, is the 314 safe harbor that has been established for discussions between one financial institution and another to do their own kind of scrutiny.
 Page 11       PREV PAGE       TOP OF DOC
    For whatever reasons, and perhaps the professionals to my left will tell us, I don't think that has borne the fruit it can bear. There are a host of other recommendations that I make—do I have—well, I had more time than I thought.
    Chairwoman KELLY. Mr. Aufhauser, just go ahead and summarize. We are here to hear your testimony.
    Mr. AUFHAUSER. Well, let me refer to this because it is constructive. I mentioned 314 and the dialogue that we ought to encourage between financial institutions to talk about suspicious activity. Similarly, the government has an obligation to share reciprocal information with the financial institutions. That has been devilishly difficult because to do so has a procedural hurdle, which is the secure transmission of very sensitive data, and a substantive hurdle, which is you don't want to jeopardize ongoing investigations.
    A lot of people are thinking about that. No one has found the panacea. Perhaps this committee can help, help examine that, so that the dialogue from government to financial institutions is complete and seamless and that we can be allied in guarding our financial borders.
    We have yet to develop a topology for terrorist financing. I think it is because it is very difficult, but with all the intellectual caliber of the Silicon Valley and the financial community, I am convinced we can do it and that we have to have a war-like cabinet to make it happen.
    Finally, very significantly, a lot of foreign countries have followed our lead in the adoption of anti-money laundering legislation, but it is at the wholesale level, as the finance minister of Pakistan said to me, ''David, we need to take it retail, and we don't have the capability of taking it retail.'' So this committee should explore and urge a significant uptick in capacity-building, particularly in transitional economies about how to enforce and how to train people to enforce effectively anti-money laundering legislation and to combat terrorist financing.
 Page 12       PREV PAGE       TOP OF DOC
    I have more but I don't want to intrude on other people's time.
    [The prepared statement of David D. Aufhauser can be found on page 34 in the appendix.]
    Chairwoman KELLY. Mr. Aufhauser, thank you. I know you have more. All of your testimony will be in the record, and if we have time, I hope that the questions will bring out any testimony that you may be unable to give at this moment. But if not, I will probably go back and ask everyone to summarize again because this is a very important topic.
    We move to you, Mr. Byrne.
    Mr. BYRNE. Madam Chairman and members of the subcommittee, the ABA appreciates this opportunity to represent the committed men and women in the banking industry that work daily wit the USA PATRIOT Act on all of the laws covering the anti-money laundering obligations. When we last appeared before your subcommittee in March of 2003, ABA outlined a series of recommendations regarding needed areas of improvement to USA PATRIOT Act oversight.
    We are pleased to report that a number of areas of concern have been addressed, and our partners in the government continue to work closely with the industry on needed improvements. We ask, however, that the regulatory agencies and law enforcement address several of the remaining 2003 recommendations.
    In addition, ABA has two more recommendations. First, there needs to be a dramatic change in routine cash reporting under the Bank Secrecy Act so that there can be intelligent and efficient use of resources by both the government and the private sector in the continuing challenge of preventing our financial system from being used by criminals. Next, with the increased attention being placed on risk-based compliance, the industry needs clear and concise guidance on suspicious activity reporting obligations.
 Page 13       PREV PAGE       TOP OF DOC
    Last year, we repeated our frustration that the Treasury Department had never fulfilled the 1994 statutory mandate to publish an annual staff commentary on Bank Secrecy Act regulations. As we stated at the time, ''This indifference to congressional direction has contributed to industry confusion, examination conflicts and inconsistent interpretation of Bank Secrecy Act obligations.''
    We are pleased to report that FinCEN director, William Fox, has expressed his commitment to improved guidance through the use of advisories and commentary. We reiterate our promise to work with FinCEN and the appropriate agencies to achieve this overdue goal.
    While we repeat our 2003 call that Congress ask the regulatory agencies to report on efforts in coordinating Bank Secrecy Act exams, we have seen a commitment to consistency in the past several months. For example, not only has FinCEN Director Fox expressed public support for uniform assessments, but he has also directed the Bank Secrecy Act Advisory Group to form a Subcommittee on Exam Issues. This subcommittee, co-Chaired by the ABA and the Federal Reserve Board, will review existing guidance and offer appropriate recommendations. We would be happy to report to this committee on our findings.
    With the increased entities required to file suspicious activity reports, as well as the heightened scrutiny by regulators on SAR policies and programs, it is essential for the regulatory agencies, law enforcement and FinCEN to assist SAR filers with issues as they arise. This need is particularly obvious in the area of terrorist financing. As you heard from Mr. Aufhauser, this crime is difficult, if not impossible, to discern as it often appears as a normal transaction.
    We have learned from many government experts that the financing of terrorist activities often can occur in fairly low dollar amounts and with basic financial products. Guidance in this area is essential if there is to be effective and accurate industry reporting. The bottom line is that terrorist financing can only be deterred with government intelligence shared with the financial services industry.
 Page 14       PREV PAGE       TOP OF DOC
    Recently, several financial institutions have contacted ABA about examiner criticisms received in reviews of their Suspicious Activity Report programs due, in large part, to the number of SARs that the institution has filed. These financial institutions expressed the concern, which we share, that the number of SARs filed meets a minimum threshold or that institutions are not filing the same number of SARs as peer institutions. The concern expressed is that there be new requirements in the form of a quota for determining the adequacy of SAR programs consisting, in large measure, of counting the number of SARs filed and, in some instances, comparing the number of SARs filed between peer institutions. Obviously, this would be a significant and alarming development in the examination and review process.
    Moreover, regulatory scrutiny of SAR filings, and the recent civil penalty assessed against Riggs Bank for SAR deficiencies, has and will cause many institutions to file SARs as a purely defensive tactic to stave off unwarranted criticism or second guessing of an institution's suspicious activity determinations. Obviously, if that continues, the legitimacy of the information in the SAR database will be called into question.
    In terms of routine cash reporting, a February analysis by FinCEN shows that over half the CTRs filed would be eliminated if the current $10,000 threshold were raised $20,000 for businesses. The current dollar amount was created 35 years ago. While $10,000 is still a large amount of cash for individuals and probably should not be raised, reports on routine businesses simply clog the system.
    Those who would argue that a change in CTR reports will lessen the banks' focus on cash transactions need to be reminded that the industry will still have reporting infrastructures in place, be required to file SARs on suspicious transactions and would retain the mandate to report individual CTRs over $10,000. We believe now is the time to adjust a process that is in sorely need of repair.
    The ABA has been in the forefront of industry efforts to develop a strong public-private partnership in the areas of money laundering and now terrorist financing. This partnership has achieved much success but we know more can be accomplished. We commend the Treasury Department, the banking agencies and FinCEN for their recent efforts to ensure a workable and efficient process. We will continue our support for those efforts.
 Page 15       PREV PAGE       TOP OF DOC
    Thank you for this opportunity, and we will be happy to answer any questions.
    [The prepared statement of John J. Byrne can be found on page 40 in the appendix.]
    Chairwoman KELLY. We thank you for your testimony, Mr. Byrne.
    Mr. Cachey?
    Mr. CACHEY. Thank you, Madam Chairman and committee members. Western Union is a global leader in money transfer, and you are correct, we do business in 195 countries and territories around the world through 185,000 global locations. Internationally, over 70 percent of these locations are banks or national post office systems. Domestically, in the United States, we have over 45,000 locations which were made up of grocery store chains, convenience stores and check cashers, among other businesses. The important thing to note is that these are local businesses serving local communities' needs.
    I just want to highlight three or four areas of my submitted testimony today in my opening comments. First, it is important for the committee to realize that from an anti-money laundering compliance standpoint, this is still a fairly new game to money services businesses. SAR reporting became a requirement for our industry at the beginning of 2002, and the Section 352 PATRIOT Act compliance programs went into effect the summer of 2002. So we are only 2 years in the process of educating an industry and getting an industry up to speed as to the responsibilities and how to do this right.
    Our goal in working with our agents in the U.S. is twofold: First, education, and, second, to make it cost effective. From an educational standpoint, we have provided agents with turnkey compliance guidelines to get them up to speed as to something as simple as what does a compliance officer do? What do policies and procedures for anti-money laundering compliance program typically look like? What is employee education on these issues, and how do you document that? And then of course the internal reviews that need to occur.
 Page 16       PREV PAGE       TOP OF DOC
    We also provide our agents with ongoing regional training, topic-specific workshops and one-on-one training if they request it. And then we are currently and constantly enhancing these tools so that our agents are getting new information, information in a variety of languages, information that will allow them to build their programs and monitor their activities so they can fulfill the suspicious activity reporting requirement. We continue these efforts today and believe that the regulatory community should continue this effort in the same way.
    Education is key. As a compliance officer, I tell my business clients, internal clients all the time that to start at ground zero and work your way to a full-fledged, mature compliance program takes 3 to 5 years. We have been scrambling to get it done in two to three ways, and I think we are well on our way, but we need to keep this in mind as we move forward.
    Secondly, and a number of panel members have mentioned this, the regulations call for a risk-based approach, and we appreciate that. Industry and regulators should focus resources where the highest risk is actually located. In Western Union, for example, we treat different categories of our agents differently. We break agents down to national accounts, networks and independents, or what we commonly refer to in the industry as mom-and-pops.
    A national account is typically a publicly traded corporation. They have internal legal departments, internal audit departments, typically you can start at the top, express what needs to be done for your particular service, and that could get pushed through to an organization in a very efficient manner. It takes less work to get a national account to do what needs to be done than any other account because they want to do it the right way.
    Networks typically are regional. They also have internal infrastructures, if you will, but they typically need more help on the legal aspect: ''What is BSA compliance, what is AML compliance, can you help us build our program?'' But, again, once that program is built, they have good mechanisms and infrastructures in place to roll those programs out.
 Page 17       PREV PAGE       TOP OF DOC
    And then probably the greatest challenge is the mom-and-pops because they don't have access to lawyers readily, you don't want to make them hire a lawyer or a consultant to have to go figure out what the BSA is and how to build a program. They don't have a need for intense infrastructure within their business, and so you really need to walk them hand in hand through the process.
    Western Union views this as a risk-based approach because each organization poses different levels of risk in getting programs rolled out, and we believe that FinCEN and the IRS should take the same approach in applying their resources, both for education and then also the IRS' examination process.
    Finally, I would just like to say a word on terrorist financing. As we have all indicated, today's terrorist cells strive to weave themselves into the fabric of our society to camouflage a financial legitimacy. Typically, they enter whatever jurisdiction they are entering into legally, they get valid government IDs, they get bank accounts, they get credit cards, they get debit cards, and, as we all know, we need a surprisingly small amount of money to do what they are striving to do. If a name gets put a public list, like the OFAC list, we will make sure that that person doesn't receive or send any transactions.
    But the key is better non-public information, non-public intelligence from the government to let us know what should we be looking for? What are the government intelligence agencies seeing, what patterns are they seeing, what activities they are seeing so that we can look for that in our back room and identify that type of activity which is most useful to law enforcement.
    Thank you very much for this opportunity, and I will be happy to answer any of your questions.
    [The prepared statement of Joseph Cachey III can be found on page 50 in the appendix.]
 Page 18       PREV PAGE       TOP OF DOC
    Chairwoman KELLY. Thank you, Mr. Cachey. I was interested that you pointed out in your testimony that the terrorists can use rather discrete amounts of money in various ways, and I think that is an important piece of your testimony. I thank you for pointing that out.
    Mr. Richards?
    Mr. RICHARDS. Thank you, Madam Chairman, Ranking Member Gutierrez, members of the subcommittee. As pointed out, I am the senior vice president and the global anti-money laundering operations executive for Bank of America. I held a similar position at FleetBoston Financial prior to the merger.
    In both rolls, I have or had responsibility for the bank's operational aspects of preventing, detecting and reporting potential money laundering or terrorist financing. I stress, Madam Chairman, the operational aspects or operational perspective, as I bring to this subcommittee the perspective of someone who sees the Bank Secrecy Act and USA PATRIOT Act, the regulations and regulatory expectations and guidance firsthand and in operation.
    From a purely operational point of view, money laundering and terrorist financing are two, very, very different problems. Traditional money laundering prevention is a transaction-focused internally sourced issue where transactions lead to relational links. Terrorist financing prevention is very different. It is a relationship-focused, externally sourced issue where relational links lead to transactions.
    Take a typical money laundering case. We are required to detect and report potential structuring. Customers have come into the bank and structure cash transactions so as to avoid the large cash reporting requirements. Looking solely at those large cash transactions is a pretty basic exercise and can lead to potentially suspicious activity but building a tool and having a program that enables you to take every customer who opens up an account without a taxpayer identification number, with an opening deposit of less than $100, who structures cash deposits in the United States and withdraws money through ATM machines in high-risk countries. Now, that is interesting and frankly is not that difficult to do.
 Page 19       PREV PAGE       TOP OF DOC
    Compare that typical money laundering case with a typical terrorist financing case. Almost every one of them starts with some sort of request from the government, whether it is a grand jury subpoena or a Section 314(a) information-sharing request. Let's say the request is for Bin Laden Enterprises, 123 Main Street. That would be a very typical 314(a) request. First, we have to scrub our various customer and transactional systems to determine if we have a match on that name.
    Let us assume we don't have that customer at that address but we have Khalid Sheikh Mohamed and KSM Enterprises at the same address. We would have to then review our transactional systems, and we would find that KSM Enterprises sent wires to another entity called AQ Recruiting. We would use a surface web search engine, such as Google, to find more information on Khalid Sheikh Mohamed, KSM Enterprises and AQ Recruiting. Very often, even more important than what we find is what we do not find. Legitimate businesses generally cannot hide from the Internet.
    We would also use what we call the invisible web resources such as Search Systems to find that Khalid Mohamed was an officer of both KSM and AQ, and there were six others that were officers of both. We may also find that those six were officers of six other companies. We then go back into our systems and perhaps find another 15 customers and 6 addresses that appear linked to all the people either transactionally or relationally. We would run those addresses and telephone numbers, and we would add more entities.
    If one of our targets had a web site, let's say one of them is a charitable organization, we would then be able to go into the historical web and look at all of their web sites back as far as 1996. What we would have is something that was sourced by the government: even though it was not a match under 314(a), we would now have a case that involved at least 15 people, 10 companies transacting between themselves where the public information doesn't match their activity. And if the totality of the relationships and transactions led to a standard of suspiciousness, we then have a very effective and very good Suspicious Activity Report to file.
 Page 20       PREV PAGE       TOP OF DOC
    The success of the financial sector's anti-money laundering and terrorist financing prevention efforts is entirely dependent on two things: First, cooperation between and coordination by all of the parties involved: the law enforcement and intelligence communities, the regulatory community, the private sector, our trade associations, such as the ABA, and others; and, second, creative, committed professionals dedicated to this task.
    In my experience, Madam Chairman, the American financial sector has both.
    Thank you for this opportunity to testify on this very important topic. Bank of America remains committed to meeting its obligations of protecting, preventing, reporting and indeed mitigating the effects of money laundering and terrorist financing and recognizes and applauds the efforts of its private sector colleagues and public sector partners in these efforts. Thank you.
    [The prepared statement of James Richards can be found on page 72 in the appendix.]
    Chairwoman KELLY. Thank you, Mr. Richards.
    Mr. Emerson?
    Mr. EMERSON. Madam Chairman, members of the committee, I want to thank you for inviting me, and I also want to commend your for assembling a phenomenal panel this morning—the best panel I have seen on money laundering and counterterrorism issues. I also want to let you know, Madam Chairwoman, that I am very appreciative of the incredible leadership you have played the last 2.5 years since September 11 in terms of bringing to the attention of the American public, Congress, the media and other institutions the role that needs to be played by the private sector and government in fighting the scourge of terrorism.
    I also want to express my appreciation to Congressman Royce who I have had the privilege of working with very closely following September 11 when Congressman Royce invited me to join his squatter's movement in various members' offices until they agreed to approve and support the PATRIOT Act. And I understand and appreciate very much what it takes to pass legislation in this great body.
 Page 21       PREV PAGE       TOP OF DOC
    I also want to let you know that I am very appreciative of my staff, Jon Levin and Dana Lessman, of the Investigative Project for their help in preparing this testimony.
    One of the issues that we obviously would be looking at today in much greater detail, and are looking at, is the Riggs case. The question is does Riggs represent an exception or does it represent a pattern? Its failure to obey the order and file SARs, a suspicious activity report, in deference to the client's desire, principally that of the government of Saudi Arabia for secrecy, is the most single, serious breach every in the first line in U.S. history of financial controls against terrorism.
    The bank officials who participated in these willful violations should be held personally responsible, and there are many questions that need to be answered. Whether clients are assured of a quid pro quo? How long did it continue to operate? To what activities have drawn funds from diplomatic accounts from Saudi Arabia at the Riggs branches? And considering the long-term problems with Riggs, why didn't the OCC consider it a high-risk institution?
    I urge this committee to conduct a thorough and comprehensive review of the reports prepared by financial regulators and to work closely with law enforcement and financial oversight institutions to see exactly what went wrong in the Riggs case.
    And although the Riggs case represents the failure of the financial sector in oversight, there are cases and examples that represent the courageous successes of institutions in helping to track and interdict possible terrorist operations. In this category, although he is very humble, my co-panelist, Jim Richards, I must tell you, has played a singular role in helping and actually leading the government in identifying terrorists in the United States and helping to stop operations because of his recognition of actual activities in financial reporting that led the government to identify and issue law enforcement sanctions against possible terrorists.
    Also, David Aufhauser has continued to play a leadership role in the war of terrorism financing. His vision and leadership is thoroughly needed as we move forward.
 Page 22       PREV PAGE       TOP OF DOC
    In one instance where I can discuss, and it has been publicly cited in previous reports, a major financial institution cut ties with a terrorist-linked bank after being advised to do so. In the year 2000 and 2001, Citigroup was participating in joint ventures with the al-Aqsa Bank, which has ties to Hamas. When informed by the Israeli government of those ties, Citicorp contacted the U.S. Treasury for guidance and subsequently terminated its relationship with al-Aqsa Bank.
    So what is the true relationship and paradigm here? Is it Citigroup taking the initiative with the Treasury Department or is it Riggs Bank's failure to comply with the government mandates? Al Qaida and other terrorist groups have found huge crevices and holes in the financial structures of Western nations, exploiting not just their freedom of regulation but also the freedom of religion and freedom of thought, the freedom of expression to basically promote religious extremism under the guise of financial transactions.
    That is something that necessarily financial regulators will not always be advised of or even be aware of, and in this case the concept advanced by Congressman Royce for a much needed financial intelligence ability, the creation of which is equivalent of having a CIA at Treasury that could recognize patterns, activities from those who established accounts to those who are the recipient, is absolutely critically needed for the first time in the war against terrorism.
    Al Qaida itself has established its own banking system outside of European and U.S. law. Al-Taqwa Bank, for example, was created by the Muslim brotherhood in 1988 to move and safeguard large quantities of cash for terrorist causes. It was designated a terrorist entity by U.S. authorities in 2001. In January 2002, the Treasury deputy general counsel wrote to a Swiss prosecutor notifying that as of October 2000 Al-Taqwa seemed to be providing a clandestine line of credit for a close associate of Bin Laden. Reportedly, the Justice Department might now be close to bringing indictments.
 Page 23       PREV PAGE       TOP OF DOC
    The questions that you face in the future, and as you have faced in the last 2.5 years, is to what extent we can enlist and ensure that the private sector participates aggressively in the interdiction and recognitions of the dangers.
    One very good statistic that I will tragically leave you with is the ratio of what the costs were to the damage of September 11. The costs of carrying out September 11 to the terrorists was about $500,000, largely in transfers of less than $5,000. The cost to the U.S. economy was $500,000 billion. That is a ratio, I don't need to do the match of a million to one. If we had spent a little bit more money ahead of time and invested it paying the price that we should have paid, we might have been able to prevent this incredible tragedy.
    Thank you, Madam Chairwoman.
    [The prepared statement of Steven Emerson can be found on page 61 in the appendix.]
    Chairwoman KELLY. Thank you, Mr. Emerson.
    Mr. Aufhauser, there was a discussion in the April 20 Summit Banking Committee hearing about your suggestion of a separate examination and compliance force within the Treasury. In that hearing, there was some resistance from one of the witnesses, a head of one of the regulatory agencies. His resistance was based, first, on the idea that regulators should be given more time to prove that they can perform at the level that we expect in a post-September 11 environment. He went on to suggest that implementing new structural reforms would take time that we do not have.
    I am very interested in your thoughts on these concerns. I think most of us would agree that we are in a new security environment for the long haul, but we should probably make sure that we have in place now a regulatory and compliance structure that will be capable of serving us all at a high level of effectiveness over a long period of time.
    If we don't act now, aren't we just deferring legal reforms to a later date? And if, as suggested, I think we give the current regulators some time and we still don't reach the performance levels that we expect, then do we face the possibility of being in similar circumstances a couple of years down the road, having gained nothing during the way?
 Page 24       PREV PAGE       TOP OF DOC
    The Riggs Bank failed to report, the OCC failed to detect, this was something that I am wondering if it wouldn't happen again if we don't act now to do something. And I would be interested in what you have to say about that.
    Mr. AUFHAUSER. Well, I can't divine whether if we had changed the structure, Riggs would have been discovered earlier, but what informed my testimony earlier, and I still endorse it, is two concerns. One is for uniformity. Two is without discounting in any way the professionalism of the folks at the OCC and the Federal Reserve, their larger mandate is safety and soundness when they take look at financial institutions.
    AML issues and terrorist financial issues, which is a subset of AML in my judgment, are at risk. I am not saying it happens necessarily but are at risk of becoming stepchildren to the examinations. And in the best of all possible worlds, to quote, Penglas, I do believe it would be better to have one uniform compliance office that was enforcing the BSA regulations.
    The second thing that informs that judgment is that the Treasury Department has relied on OCC and the Federal Reserve and indeed the SEC on delegating the authority and responsibility for examining compliance, because they are already heavily involved in the regulation of their industry actors. But the PATRIOT Act extended AML requirements to a whole host of industry sectors that do not have any coverage by any Federal regulator, whether it is casinos or whether it is insurers or whether it is car dealers and jewelry stores, and hedge funds, by way of example, also.
    So there is a complete community of interest out there, which under 352 of the PATRIOT Act is responsible for complying and establishing AML programs, yet no one is policing them—no one, no one.
    Chairwoman KELLY. That is really serious, and I think that it is something that we have got to—that is one of the reasons why we are having this hearing. I think it is very important that we move on with it.
 Page 25       PREV PAGE       TOP OF DOC
    I would like to ask both you and Mr. Emerson, should the new Undersecretary at the Office of the Treasury—that office is designated to coordinate anti-terrorist financial efforts. Should that office have the enforcement authority or should they just have intelligence capability and let the enforcement authority go to another agency?
    And I would like to start with you, Mr. Aufhauser and move to you, Mr. Emerson.
    Mr. AUFHAUSER. That is a hard question. That is a hard question because I haven't thought about it. I have always married the two interests, and I think it wildly inefficient not to have both. I do agree with what Steve said, and I am sure he will say more, we need a professional first-class, best-in-class financial intelligence unit in the U.S. government.
    We have extraordinarily people populating various agencies of the government that pursue that interest. There is no one FIU right now, and there is no one woman or man charged with not only directing the resource application, directing the analysis but also holding people accountable. So that is a very important part of your question which is that there ought to be a very strong intelligence FIU unit.
    What you do with that next in terms of enforcement, you used the word, ''enforcement.'' It may not be enforcement. It may be other endeavors that you undertake, diplomatic or otherwise, to make sure that you are frustrating somebody's attempt to penetrate our financial borders to kill people.
    I do think the person who possesses the best knowledge of the intelligence and who is charged with responsibility for establishing a strategy ought to be charged also with the responsibility for executing.
    In the past, during my tenure, a lot of that was done by committee at the NSC, and although I think we did a really credible job, I do think the NSC is the wrong place to have an operational organization. It sets policy; it doesn't execute.
 Page 26       PREV PAGE       TOP OF DOC
    Chairwoman KELLY. Mr. Emerson?
    Mr. EMERSON. I think you rightfully point out that the problem exists today. I remember reading the hearings, I think, last week or the week before, various officials in the Treasury as well as ICS where the number of three-and four-letter acronyms, I was dizzy by the time I read the third testimony. I think there were 19 I read and it was sort of like a Reuben Goldberg machine, and obviously there really wasn't some type of coordinating mechanism but there was a stovepipe relationship.
    And I think your question goes to the heart of what is now being faced at the FBI, which is to the extent to which there needs to be a separate intelligence branch broken out of the FBI for enforcement; that is let the enforcement people do the enforcement and let the intelligence people specialize the intelligence.
    As much as I theoretically would like to endorse the notion of a combined enforcement and intelligence position, my feeling is that the intelligence people need to be thoroughly instructed, mandated and only focused on intelligence gathering. They have to live and breath it all the time. They have to work on an equal playing field, perhaps even in a higher playing field in terms of being able to mandate sanctions or enforcement, but there has to be a cadre.
    As Congressman Royce has pointed out, the financial intelligence that needs to be created is only going to come from people. You can have the best software in the world, the best link analysis—I know that in our office we use Analyst Notebook, it is wonderful but in the end it is garbage in, garbage out—and it is only on the ability of people like Jim Richards to look at transactions in the actual account to say, ''You know, there is something suspicious.''
    Last night I was reading over the actual transactions in the Sami Al-Hussayen case, that is the IANA prosecution that is being carried out in Idaho right now. And what was interesting to me I was looking over an 80-page matrix of financial transactions from his bank account over the last 2 years, and I was trying to figure out if I was a bank officer or a teller, could I have detected a pattern here of suspicious activity merely by looking at it.
 Page 27       PREV PAGE       TOP OF DOC
    If I look at the numbers, no, even though there are large numbers sometimes of $10,000, $15,000, $20,000 transfers within days of one another. But in terms of who was making the deposits and withdrawals in terms of either the Saudi cultural offices or Saudi government, this would have triggered something automatically, and it would have taken somebody who was read on to this and sensitized to this issue.
    So I think to be comprehensive about it, a new undersecretary should be vested with everybody who reports to him on intelligence matters and I think actually have a position that oversees issues of enforcement.
    Chairwoman KELLY. That is very interesting.
    Mr. Richards and Mr. Cachey, I will start with you, Mr. Richards, but, Mr. Cachey, I want to go to you too. Can you identify any particular case in which your companies worked with law enforcement to stop the flow of funds to a terrorist group or an activity of some sort?
    Mr. RICHARDS. Madam Chairman, off the top of my head, I can think at least two particular cases: One prior to September 11 and one after September 11. In both cases, we identified what we thought was suspicious activity. Again, we are not required to detect money laundering or terrorist financing, we are required to detect and report suspicious activity. We did that.
    In both cases, we felt it was significant enough that we immediately contacted law enforcement, which we are entitled and indeed perhaps required to do if it is an ongoing, serious matter. And in this case, it was the Boston U.S. Attorney's Office, and they immediately contacted us and sought the underlying records that were the basis of our suspicious activity reports. Subsequent news events confirmed that what we had reported was indeed tied to potential terrorist financing.
    Chairwoman KELLY. Mr. Cachey?
 Page 28       PREV PAGE       TOP OF DOC
    Mr. CACHEY. I think the important thing that I took away from Mr. Richards' comments was he discovered that they had done something wonderful through a news report, and I think that is the challenge we have. When we see suspected activity that we think is terrorist related, we report it directly to certain agencies within the government along with FinCEN, particularly Operation Green Quest when that was in effect and now Homeland Security.
    But we don't get the type of feedback from law enforcement that we would like to get to say that SAR you filed or that phone call you made led to this activity. Because if you don't read about it in the newspaper, you really don't get any feedback, so we do have processes in place, both through our Compliance Department and our Security Department with several fellow agencies that we report suspected activity to, but feedback is hard to get, particularly if there is an ongoing investigation, which you can understand.
    Chairwoman KELLY. Thank you both very much.
    Mr. Gutierrez?
    Mr. GUTIERREZ. Than you very much. I would like to thank all of the witnesses. It seems to me from listening to all the panelists that there are a couple of things that maybe we can improve on.
    I kept hearing the phrase, ''educating people,'' starting with you, Mr. Aufhauser, and others about who do we need to educate on our financial industries and how could we go about doing it better in terms of watching for suspicious activity and getting to it. Do we call them all in for—I mean they call us all in for meetings and I get educated on ethics rules and my staff does, and we get constantly—I know the doctors—good doctors will continuously get reeducated after. What do we need to do so that we can better do this?
    Mr. AUFHAUSER. If I said the financial community needs to be educated, I only said half of what I intended to say. So does the government. I mean it really is a two-way street, and without the reciprocity, the exchange of the knowledge universe that each has, it is a fruitless endeavor.
 Page 29       PREV PAGE       TOP OF DOC
    I think what we have to educate each other on is getting smarter, ironically. My brief experience in my private life for the last 3 months has been there is actually overreporting of SARs, in part, simply out of a cautionary note by financial institutions and, in part, because with the exception of perhaps Jim Richards who seems to be very long on the tooth on what to look for, a lot of the new actors who are subject to SAR reporting don't exactly know what to be looking for.
    Jim is exactly right, they don't file a SAR because they know it is terrorism and you don't file a SAR because you know it is a crime. You file a SAR because there is a suspicion, something to the character.
    Mr. GUTIERREZ. I gathered that from your comments and from what Mr. Richards said. So is there a way of taking Bank of America and the kinds of things that we have heard here today and ensuring that other institutions do more?
    Mr. AUFHAUSER. I don't know if it is that institutions need to do more. I just think we need to be smarter about what we are looking for, and that requires what used to my office talking more to private industry.
    Mr. GUTIERREZ. How do we——
    Mr. AUFHAUSER. What we didn't have the genius, Congressman, and I didn't have the genius for is how do you do that without jeopardizing something incredibly sensitive? And I mean it in terms of broadcasting the information, sort of these 314 requests that go out and say, ''Hey, this guy, Aufhauser, is suspicious. Do you have anything on him?'' The most important dialogue I ever had with people like Jim or Joseph—and, by the way, there are stories one could tell about Western Union being terrific ally of the U.S. government in the war on terror which has nothing to do with capture but has everything to do with helping us abroad.
    I think what we—you know, I have actually lost my train of thought there. What we need to be—the most productive thing I ever did was a specific targeted request for information because of a very sensitive piece of information. And I went to somebody I trusted in that institution. There was an element, a bond of personal trust. If we can figure out how to multiply that so that we can do more broadcasting of sensitive information, we will be more effective.
 Page 30       PREV PAGE       TOP OF DOC
    One last very soft observation: This is not about just capturing bad guys, it is about them fearing capture. And I have read plenty of intelligence, actually overheard intercepts where bad guys abroad said, ''We can't use the U.S. financial banking system; they will catch us.''
    Mr. GUTIERREZ. And I guess what I have heard is maybe we are going to need to look into this a little further. And anybody who has any other comments on what we can do to better educate our folks and who we need to educate within that system that certainly, I think, would be helpful from your perspective. And, as you say, obviously we both need to educate each other. We need to do a better job on our side.
    I have limited of time so I just want to—can we ask the other—thank you.
    Mr. Byrne and Mr. Cachey, please.
    Mr. BYRNE. Congressman Gutierrez, I want to make a couple of points about education. I don't want the committee leaving today thinking that there hasn't been for a good number of years a whole host of programs on big picture education, certainly, not just the laws and regulations but examples of money laundering cases once they are closed and the typologies that we share with bankers on what to look for going forward in the areas of money laundering and fraud and those sorts of crimes. So that goes on on a regular basis, and many of us participate in those sorts of programs.
    I was at a program a couple of weeks ago on the west coast in which law enforcement, bank regulators and bankers met for 3 days and worked on terrorist financing and PATRIOT Act issues in which, for example, the IRS Criminal Division or the FBI would do a presentation on how a particular line of SAR reporting turned into a conviction, what to look for—while we don't have enough of these, what to look for in terms of terrorist financing going forward or money laundering.
 Page 31       PREV PAGE       TOP OF DOC
    Law enforcement does a very good job of doing training and programs. We in the industry need to be part of those as much as we can. We are not talking about investigations as they are pending, we are talking about once they are closed and we get some information going forward. So a lot of that has been occurring for the longest time that I have been at the ABA.
    Mr. GUTIERREZ. I understand that. I mean I wish I had—I could take excerpts of what you have all said and either I am taking things out of context but I kind of heard here that we could do better.
    Mr. BYRNE. Absolutely.
    Mr. GUTIERREZ. So I don't want anybody to be defensive about what we are already doing well but what we can do better, and I kind of heard that we could do better from almost everybody, from Mr. Aufhauser all the way to Mr. Emerson. So from left to right, I heard we could do better.
    So that is all I want to know is what we could do better. I understand that the institutions have done well and especially since we called this hearing because of what happened at the Riggs institution. So, obviously, Riggs would not be in the situation it is in today and Mr. Aufhauser said that the OCC and the Federal Reserve, which I agree with him, have safety and soundness as their basic mission. And they are expanding, the OCC is expanding its purview of what it decides it wants to do as a regulatory institution.
    So, obviously, we could do better, and we want to be able to command those resources, and I think that is what this hearing is all about is to look at Riggs and how we move forward.
    One last question, if I could, Madam Chair, and that is to the Bank of America and Mr. Richards. It seems to me you have harnessed common resources of the Internet and Excel to develop the systems to detect and prevent money laundering. What kind of compliance guidance have you gotten from your regulator regarding anti-money laundering efforts?
 Page 32       PREV PAGE       TOP OF DOC
    Was the system developed within your own institution or with the help from the government? Are you working together with us to develop the system at Bank of America or just by yourself in the private? How closely does your regulator monitor those activities? And how often do you hear back from the regulator after seeking—you file a SARs report, send them your report?: How often do you hear back from them, the regulators? That was a big question.
    Mr. RICHARDS. I think it was perhaps four questions. I will try to answer them all.
    Our program was developed at the former FleetBoston Financial. It was developed starting in January of 1999, and I often joked that it was two guys and two laptops, but that is exactly what it was.
    What we did was try to build a—rather than build an anti-money laundering program, we tried to build a data management program. Our belief was that we needed to marshal all of the data and information that we had in the bank, and once we were able to marshal it, we could then look at it in a creative way for any purpose, whether it was money laundering or terrorist financing or marketing—any purpose.
    As we developed that program our primary Federal regulators, which are the Federal Reserve and the OCC, monitored our development of that program literally on a continual basis. We met with them through our compliance partners in the bank on a quarterly basis, and they were very, very intrigued by it, not only because it was developed at a very low cost and used tools that people had on their desktops but hadn't before been using for anti-money laundering, but they were intrigued by the fact that it was a program that seemed to work reasonably well in a large institution but was applicable to the very, very smallest institutions.
    And so the feedback we got was very, very positive. They were very, very interested in it, and indeed they have had me down to the FFIEC on I believe now four occasions to talk to the Federal bank examiners from all five agencies and tell them how we developed the program. And I know that John Byrne, the ABA, has directed other banks to speak with us, to see what we did and how we did it, and we have been sharing what we have done with every bank that is interested, which is a number of them. And I know that Western Union has also shown a great interest, and we have worked very closely with them as well.
 Page 33       PREV PAGE       TOP OF DOC
    So I think I have answered at least some of your questions. But, particularly, the OCC I think has been very, very interested in what we have done and how we have done it. And we are working very, very closely with them.
    Mr. EMERSON. Mr. Gutierrez, if I could just add one thing here, because I think you have raised a very good point, and Mr. Aufhauser also raised the issue of sensitivity and information. Before September 11, the debate was always secrecy versus shared. After September 11, we realized that more people in the JTTFs and in law enforcement need to get intelligence, and the risks of having that information leak out was outweighed by the issue of having other people basically in line and aware of the threat and the information.
    I think we should consider the possibility of certain bank institutions in need of certain thresholds to having designated officers that would be read on to certain classified information that they would be privy to information that is not made available just to the general public but made available to certain classified security programs, which they would be able to then use to help discern patterns in the larger context for transactions.
    And, of course, there is always the risk of operational secrecy and leakage, but I think that would far outweigh the problems that would ensue if we didn't do that. So maybe that is something to consider to ensure that there is this financial intelligence of a nature that goes just beyond what the public stores documents, which, unfortunately, most of the time does not give a bank officer enough information to determine whether the transaction is sinister or not.
    Mr. GUTIERREZ. Thank you. Thank you all for your service.
    Mr. CACHEY. Madam Chairman, could I address that——
    Chairwoman KELLY. Yes, by all means.
    Mr. CACHEY.—just briefly? First, on the question of education, I think it is important from a money services businesses standpoint to realized that a number of the types of businesses that Mr. Aufhauser mentioned before, the money transmitters, the pawnbrokers, the car dealerships, everybody that has become part of the PATRIOT Act family, if you will, are typically licensed and regulated at the State level.
 Page 34       PREV PAGE       TOP OF DOC
    So I think there needs to be greater cooperation between States that are licensing all these separate entities and the Federal Government and figuring out who is actually a money service business and should be having a program in place and reporting out on suspicious activity, and then coordinating those efforts between the Federal Government and the States.
    Because right now you could have an IRS representative walk into your company and tell you X and then a State banking examiner from one of 47 different States come in and tell you why Z or A or B. And it is difficult, number one, to build consistent programs nationwide, but it is also difficult for the smaller MSBs to say who is correct here and what is the right thing for me to do because what we have discovered is we have worked through our agent basis.
    Ninety-nine point nine, nine, nine percent of these business want to do the right thing, but they need somebody to tell them what is the right thing.
    Mr. GUTIERREZ. You know something, I agree with you totally, and, unfortunately, we get results at the State level. Because when I try to reign in Western Union and Money Gram on the exchange rate, we could do nothing here in the Congress of the United States, but we could do things at the local level so that your exchange rate at Western Union is comparable to Mr. Byrne's Association of Bankers exchange rate. So I think we will have a difference of opinion on that.
    Thank you very much.
    Chairwoman KELLY. Mr. Hensarling?
    Mr. HENSARLING. Thank you, Madam Chair.
    Mr. Aufhauser, in your testimony, I believe you mentioned some anecdotal evidence of some intelligence intercepts where some of the bad guys were saying, ''We have to steer away from the U.S. financial services system. It is not going to work for us.'' So I take that as very good news. As a former student of economics, I typically think in terms of cost and benefits. So the anecdotal evidence is persuasive but as a society what are we getting for all of these suspicious activity reports and the currency transaction reports? How do we measure success here?
 Page 35       PREV PAGE       TOP OF DOC
    Mr. AUFHAUSER. If you want to put a calculus on this, I have read studies that have suggested that the adverse consequence, that is the cost, of the World Trade Center is in the trillions of dollars. It wasn't just the loss of 3,000 lives, it wasn't just the disintegration of the buildings, it wasn't just the closing of our financial markets, but it was a market cap loss of an astonishing historic amount of money and the now daily tax, as I say in my testimony, that we all pay for enhanced security at virtually every door you pass through in America today. And that cost to me is almost incalculable and immeasurable, but it is certainly large.
    So I measure that against—that is to say another calamity. If I measure the cost of another calamity, what it will do to our markets, our capital markets, what it will do to even more tightening of what our freedoms are and more security cops and more machines and more taxes on the airline tickets and less freedoms, it strikes me that the cost and the burdens of a SAR compliance program are diminimus.
    In addition, if you take it on a microeconomic level, every institution that is at risk of losing its good name, which is the principal asset any company has today because one errant transaction goes through there which is the cause of massive death, I think if you talk to many institutions, many of which are my clients, nothing is a higher priority than protecting their good name. And they don't measure it in dollars and cents.
    Mr. HENSARLING. Mr. Emerson, part of your testimony, if I understood you properly, you said that most, if not all, of the financing of September 11 took place in financial transfers of approximately $5,000 increments. Did I understand you correctly on that point?
    Mr. EMERSON. Yes. Most of them took—I think there were a couple of increments—not that all of this has come out or that I am privy to all of the transactions, but many of the transfers took place from banks, institutions in the Middle East, UAE, and transfers to corresponding accounts in the United States of $5,000 or less and then ATM transfers withdrawals of $300 or less by some of the September 11 hijackers.
 Page 36       PREV PAGE       TOP OF DOC
    Mr. HENSARLING. So right now if we have a $10,000 level on our currency transaction reports, in all probability those transactions would not be discovered in the system. Is that a fair assessment?
    Mr. EMERSON. A $10,000 threshold would not have covered those $5,000 transfers, that is correct.
    Mr. HENSARLING. Mr. Byrne, a question for you on the cost side of the equation. I was here last week participating in a hearing dealing with the regulatory burden on community banks. I represent the 5th Congressional District of Texas, which is kind of urban, suburban and rural, and we heard from a number of community bankers. For example, a banker in the city of Athens, Texas, a city roughly the size of 13,000. He was complaining about—and he wants to do his part as an American—the question of who reads all these reports, and is it doing good, and is it really worth the amount of money that I am having to put into the system in order to generate all these reports? Can you just very briefly tell us a little about your impression of the costs?
    Mr. BYRNE. Well, first, I would just like to say in terms of the September 11 hijackers, those transfers that were mentioned were not necessarily cash transactions. So the CTR threshold issue really isn't relevant to whether we would or would not have caught those, because ATM withdrawals are not reportable today. You would have to have a suspicious reporting regime and looking at particular individuals.
    But in terms of your question, I don't want to hang it on cost. I want to talk about policy, because, clearly, the small community bank does wonder about 13 million currency reports, the lion's share of those on Wal-Mart and JC Penny, what happens with those? And I would argue that even an IRS agent will tell you, ''Not much.'' Suspicious activity reports, those are more subjective, and certainly more goes into those reports, and I would argue that those are valuable, especially when we get the additional guidance.
 Page 37       PREV PAGE       TOP OF DOC
    So I think you have to look at the risk of a particular community bank and what type of response that institution has to have to make a determination whether they should have the same infrastructure as Jim Richards has at Bank of America. But the bottom line is we think you should focus more on suspicious reporting versus cash reporting, and that will help the small bank and the large bank if we make some dramatic changes there.
    Mr. HENSARLING. Madam Chairman, I see I am out of time. Would I be able to ask one more question?
    Chairwoman KELLY. Yes, please.
    Mr. HENSARLING. Thank you, Madam Chair.
    Mr. Richards, I believe in your testimony you stated that money laundering or terrorist financing is not a problem but a symptom of a problem. Could you elaborate and explain that statement?
    Mr. RICHARDS. Yes. We believe that within the context of the total issue of operating risk, that the act of filing a suspicious activity report is not the end of your duty but indeed you take the suspicious activity reports and then you go back and look at the commonalities between them to determine whether the money laundering that you have reported or suspicious activity you are reported is caused by issues relating to account opening, failure to collect the proper identification, it might be a branch training issue where you have to train the people in the branch environment, something like that.
    So that rather than looking at the end game being the filing of a suspicious activity report, you look at it as just the beginning of trying to see if there is an underlying operational issue in the bank. If you address the underlying operational issue, you may resolve the suspicious activity that is occurring in your bank. So, again, if you look at it as not a problem but a symptom, you can then drill down and see what the real underlying operational problem may be.
 Page 38       PREV PAGE       TOP OF DOC
    Mr. HENSARLING. Thank you.
    And thank you, Madam Chair, for your indulgence.
    Chairwoman KELLY. Thank you. We have been called for a vote.
    Mr. Garrett, I am going to call on you, but I know Mr. Royce has very specific questions he would like to ask. So I will call on your Mr. Garrett, and then we will go—Mr. Royce, I know you have very specific questions you would like to ask, and with the indulgence of this panel, I would like to let Mr. Garrett go, we will then take a brief break and go to our vote, because it is apparently only one vote. We should be able to do that quickly and——
    Mr. ROYCE. Could I inquire if we have 15 minutes, there might be time for Mr. Garrett and myself. He could go first and then I could follow up.
    Chairwoman KELLY. Let's see what we can do.
    Mr. ROYCE. Thank you, Madam Chair.
    Chairwoman KELLY. Mr. Garrett?
    Mr. GARRETT. Thank you, and I will keep it brief. There was an article in the American Banker publication with regard to the hearings that we had just a week ago and also the hearings that the Senate had, and I wasn't following the Senate hearings but they were, and they said they saw a difference between the two panels. The House panel was raising some questions such as Jeff Seer, that I asked as well, with regard to some of the reporting requirements that maybe there is too much. Whereas the Senate hearings were sort of going in the opposite direction saying that failure of compliance is endemic, I think was the caption in the article, on behalf of the industry.
    And nothing that I have heard so far or either one of the hearings indicates to me that there is an endemic problem as far as the industry is concerned. I am a little bit more concerned as to what we can do as far as the regulatory side of the equation. Mr. Gutierrez raised the point but we agree that a lot has been done already, some more, from your recommendations, can be done, and so I am just going to go along those lines very quickly.
 Page 39       PREV PAGE       TOP OF DOC
    Mr. Byrne, you raised the question, I would make a comment about the frustrations we have had over the time with the Department of the Treasury's failure to comply way after a 1994 mandate to publish an annual staff summary on the commentary on the Bank Secrecy Act. I don't know whether there are any repercussions on the Treasury Department for failure to comply. I don't know whether there are repercussions that had it been the other way around on the industry failing to comply with the Treasury Department, I have a feeling there probably would be.
    Where are we now exactly on that? What is the explanation—because we don't have somebody here from them to ask—what is the explanation that we have had that we had a 10-year hiatus and failure to comply with congressional intent, as far as you are aware?
    Mr. BYRNE. It is not clear that there is a proper answer to why there has been delay, but the good news, I believe, is that with the appointment of Mr. Fox at FinCEN, one of the first things that he said he would do is put together that long awaited commentary so that the industry could have the interpretations in one place so that both the regulators and the industry would have some place to go for some of those questions that are very difficult to discern for the local banker out in—you pick a place.
    So from our perspective, we are trying to point out it has been there, it has been delayed, but we see some major progress, and we certainly have offered to work with them to communicate the final commentary or guidance when it comes out.
    There have been some advisories, Mr. Garrett, in the past couple of years to give us some particular advice on certain issues, but it has not been enough. So we are very hopeful that Mr. Fox will come through with his commitment, and we are going to work with him and help him do that.
    Mr. GARRETT. I am amazed, I guess, in a positive sense, by Mr. Emerson's testimony that last night or the last couple of nights you have been studying an 80-page matrix of these reports. There is nothing else that you would rather be doing at night than reading over these reports.
 Page 40       PREV PAGE       TOP OF DOC
    Mr. EMERSON. It is the life I live or the fact that this is the only thing that keeps me awake. And I would be happy to provide you a copy if you would like to see it.
    Mr. GARRETT. Maybe your executive summary. I applaud that you do that, and I applaud that the industry has done that. I guess it is the overarching question as to where the dividing line comes as far as what the industry's responsibility is in these areas, and the suggestion has been made even as far as allowing some additional information, as far as security measures being woven over to the industry and how far we can go for that certainly for the large institutions and how far we can go for that as far as the smaller institutions as well. Can you comment as to how much of this burden can we actually place on the industry and where it should be laid best for the government?
    Mr. EMERSON. Congressman, you raise an excellent question, and I don't know that I have the answer here, in part, because we haven't traversed this avenue before and in part because what has been done in the past hasn't really worked.
    And I was speaking to a senior government official last night and I was asking him, ''How can you expect a bank teller to make a determination that somebody is making a deposit and therefore triggering some type of—should trigger an investigation and report it?'' And he says, ''You are right, you can't really expect a bank teller to do that.'' On the other hand, the ability for someone like Mr. Richards or others who sort of have an inside intuitive nature because of their previous experience as prosecutors and the fact that they have good connections with law enforcement gives them an ability to discern patterns that ordinarily wouldn't accrue to somebody.
    Now, you can't buy that off the shelf. It comes from hiring the right people, investing in the right people and making sure that the industry understands that people like Mr. Richards play a critical role in saving their institutions as opposed to sort of being a tolerated necessity that they have to endure as opposed to somebody that really should be brought in fully vested with as much financial resources as they can provide to give them that ability.
 Page 41       PREV PAGE       TOP OF DOC
    And, again, you raise an excellent question about what that dividing line is, and, unfortunately, it is impossible to discern it ahead of time.
    Mr. GARRETT. And I thank all the members of the panel, and I am going to take this home and digest what you have said today. Thank you.
    Chairwoman KELLY. Thanks, Mr. Garrett.
    Mr. Royce?
    Mr. ROYCE. Yes. I would like to go to Mr. Aufhauser and in my opening statement I talked about the need for better computer-aided efforts that would be used against terror finance, and right now the Financial Crimes Enforcement Network at Treasury has to depend on the IRS for its computer back office. No one I know thinks that the IRS is all that good with computers, and my question is would FinCEN be better at its job if it owned and operated its own computer systems?
    Mr. AUFHAUSER. I actually don't think it is a question of hardware. It is almost irrelevant where the data is stored or the sophistication of the machine. I think it is the software. I think it is the need to have a dynamic technology platform that exploits the information as it rolls in. It answers both the question of trying to divine, as difficult as it is, whether something is afoot, and it also in the longer run answers the question about whether these forms that get filed have utility and how to smarten both of those up; that is, the regulatory community and the regulator in terms of under what circumstances forms should be filed.
    Going back to Mr. Garrett's question, it is, in part, burden, but it is also a genuine opportunity for each complying institution to participate in trying to know their customers and know the nature of the transaction that is ferreting through their institutions, because the risk to their reputation and their franchise is so great.
    Mr. ROYCE. If Congress passed legislation that would create one key financial intelligence unit that would be housed in Treasury, that had appropriate powers, that had stature, not something in NSC but something really is given stature in Treasury, could that legislation be effective in solving the problem that we are talking about in terms of not only computer-aided efforts but the wider aspect of how you pull all the information together under one brain, under one controlling system that is able to analyze all of this?
 Page 42       PREV PAGE       TOP OF DOC
    Mr. AUFHAUSER. I am mindful of George Tenet's testimony before the 9-11 Commission when he said, ''If you think establishing one single director of intelligence in this town is a smart idea, you don't know this town.'' You know, it is not the be all and end all but it is a necessary first step that is necessary but not sufficient.
    I think it would be very important. There were literally times when I was told I was in charge of a theater of the war, and I responded, ''I don't have troops.'' It would be better to have troops.
    Mr. ROYCE. So that is a role that Congress, frankly, could solve. If we go, Mr. Aufhauser, to Mr. Emerson's testimony, one of the things he said in his printed testimony is permanent renewal of a strong and effective PATRIOT Act is fundamental to maintaining maximum pressure on the terrorisms advanced financial apparatus and machinations. And I would ask if you agree with that assessments?
    Mr. AUFHAUSER. Yes. I am going to be parochial about this. With respect to Title 3 of the PATRIOT Act, absolutely. With respect to the broader content of the PATRIOT Act in terms of breaking down the wall, that is the ability of intelligence and law enforcement to talk to each other, and then Title 3, which breaks down the wall further of the ability of the government to talk to the financial community, it is absolutely essential.
    If there is any lesson out of Madrid, if there is a lesson in the finance area out of Madrid, it is that every template that we have been looking at in the past for the financing of global terrorism, which is cross-border trafficking, is now actually betrayed. Because the financing from Madrid was local and pedestrian crime, as I said in my testimony. We need to marry cops with intelligence officials, with banks to stop the terror.
    Mr. ROYCE. You mentioned the Hashish trade, you mentioned illegal immigration and how localities or whatever you would call them, they got information—they got funding through handling illegal immigrants that came across the border, and there was a third source of funding?
 Page 43       PREV PAGE       TOP OF DOC
    Mr. AUFHAUSER. Forged identity papers.
    Mr. ROYCE. Oh, and the forged identity papers, again, used in immigration.
    Mr. AUFHAUSER. What I call common crime.
    Mr. ROYCE. Out of that they put the resources together that allowed them to organize and carry out that crime.
    Mr. AUFHAUSER. They used it to purchase the explosives and to plan and to execute.
    Mr. ROYCE. I would just close by asking Mr. Emerson if there is any other role for Congress here that you see besides what you have advanced in this paper that you would like to articulate, and then I guess we would better go and run and make that vote, Madam Chair.
    Chairwoman KELLY. Yes. Unfortunately, because of the vote, I had expected to allow the panel some extra time to sum up anything that they had wanted to include in their testimony. I would ask you to do that in writing, please, because we haven't the time. So the Chair notes that some members may have additional questions for this panel which they may wish to submit in writing. So without objection, the hearing record will remain open for 30 days for the members to submit written questions to these witnesses and to place their responses in the record.
    I am very grateful to all of you. You have been a wonderful, intelligent, very helpful panel. Thank you so much for sharing time with us today. This hearing is adjourned.
    [Whereupon, at 11:41 a.m., the subcommittee was adjourned.]