The use of mobiles to make payments is clearly a boon to terrorists (or, at least, terrorists who have never heard of 500 euro notes) as Rachel Ehrenfeld, founder of the Terror Finance Blog has noted. She calls the hook-up between the GSMA and MasterCard a “terrorist dream”. David Nordell, another finance terror blogger, says, “Person-to-person transfers via mobile phones will be almost anonymous, and completely uncontrollable unless the regulators intervene and block these new services until ways are devised to track the flow of funds.”[From Digital Money Forum: The prepaid backlash]
A year ago, I expanded on this discussion in an article for the Journal of Internet Banking and Commerce. David Nordell was kind enough to read the whole article and recently provided a considered response. I asked him for his permission to excerpt part of it and he agreed, and I think it’s worth quoting a few passages in full. David says…
I’m afraid that you have reached entirely the wrong conclusions. For all that I agree that there is indeed an element of ‘security theatre’ in the regulatory regime for anti-money laundering and counter-terror finance there is also a great deal of genuine value in the at least some of the regulations, and they are not there just to oppress the general public. The amounts of money that are needed to actually carry out terrorist operations of the kind we saw in London in July 2005 or that planned against the airliners two years ago are small, in the order of a few thousand pounds, and therefore well within the range of a dozen e- or m-payments.
This is a point well taken. Suspicious Activity Reports (SARs) that focus on transactions above £10,000 will not, under any regime, actually catch any more than mildly unintelligent criminal, terrorists, corrupt politicians or child pornographers. According to the Serious Organised Crime Agency (SOCA) here in the UK, there were 228,834 SARs filed last year and of these 703 were referred on to the terrorist finance investigation. Naturally, the report can’t say how many of these 703 (0.3% of the SARs filed) were actually related to terrorist activity (although it does note that one of the terrorist SARs was filed by a charity and one by an estate agent, just to indicate the spread). So far as money laundering goes, and financial crime, I can’t find any figures that show whether the money spent on SARs is a good investment or not. In the Royal Society of Arts debate on white collar crime, one of the researchers put total fraud in the UK last year at about £60 billion so it doesn’t look as if SARs are making much of a dent in that, although hopefully they are deterring some major crimes. David continues…
No financial intelligence unit or police force that I know supports the idea of monitoring every possible financial transaction, whether through conventional banking or technology-enabled services; and all the professionals I know in this field understand perfectly well that the SAR regime, which is based on arbitrary reporting limits, will inevitably produce far more noise than signal. However, there is a lot of value in carrying out KYC checks, in e-money services just as much as in conventional banking: these can help to provide predictive intelligence about people who may be planning to carry out financial fraud, launder money from other criminal activity, or finance terrorist operations in planning.
I wasn’t not arguing that we should have no KYC checks, but what I was arguing for was a sensible floor below which KYC checks are not needed. I happened to be in a local branch of national financial services organisation a few weeks ago when, for dreary reasons, I had to get into a queue. The person in front of me in the queue was trying to send fifty pounds to a relative in Liverpool. The clerk told him that couldn’t, because he didn’t have a passport and a utility bill. The chap complained that he had been sending this birthday money every year for decades. The clerk was unmoved. So who benefits from this? I didn’t stop the 911 terrorists (who used credit cards in their own names) or the crotchbomber (who paid for one-way air ticket in cash) or the tube bombers (who were carrying identity documents). My argument was, and is, that we should decide where the balance should be in order to get the best result for society as a whole.
My suggestion is that we fix on 500 euros as the breakpoint. People should be allowed prepaid cards, prepaid accounts, money transfer accounts or whatever with no identification provided that the maximum balance is limited to 500 euros (it is currently 150 euros) and a maximum annual turnover over 10,000 euros (it is currently 2,500 euros). This will lower costs and ease accessibility — I might even go and get an O2 Money card — thus achieving a variety of goals including social inclusion and reduced transaction costs for the poor.
The problem, of course, is that the existing system makes it extremely difficult to cope with forged identity papers and stolen identities, which are used in the majority of cases of serious financial crime. I certainly agree with you that AML regulations do make access to the conventional financial system more difficult for people, such as recent immigrants, who don’t have the right papers to satisfy what are basically unintelligent regulatory requirements. I’ve actually witnessed an example of the stupidity of these requirements while waiting at a counter at Lloyds Bank – stupidity that the bank official himself didn’t agree with but left the prospective customer unable to open an account. Is there a better way? Yes, but I don’t agree that it should be based on just dropping KYC requirements, because this will just encourage the growth of fraud. On the contrary, I believe it should be based on making KYC more rigorous in order to exclude as many fake and stolen IDs as possible, and then as easy as possible to use in order to make the financial system inclusive.
This is a very different approach. I didn’t suggest dropping KYC requirements completely, to be fair, but I did suggest raising the requirements for the financial products that need KYC. Specifically, I suggested that there should be no KYC prepaid card or mobile money transfer accounts that have a maximum allowable balance of €500. But David’s approach suggests that pursuing the “identity is the new money” meme further might be
No-one wants to make it easier for criminals to get away, for terrorists to work unhindered. But the relationship, between cash, regulation and social inclusion is complex.
You can be sure that every time Congress passes some new law or the IRS implements some new regulation to “get tax cheats,” much of the real burden of these compliance costs will fall on those least able to afford it, while those intent on finding their way around it will do so.[From New underground economy – Washington Times]
This is such an interesting and important debate that we’re going to continue it with all of you at the Digital Money Forum in London on 10th-11th March 2010. David Nordell has kindly agreed to come to the Forum and give a talk the issues around criminal and terrorist use of e- and m-payments. The Forum will be limited to 100 people as usual, so if you would like to meet David and join the discussion and debate, run (don’t walk) over to http://www.digitalmoneyforum.com and book yourself one of the only 100 places.
These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]