Written by For unusual reasons, we happened to pop into a Tesco superstore the day before I was off on my trip and on the way out I noticed the Tesco Currency Exchange. This jogged my memory so I said to the family “hold on, I’ll just nip and get some euros”. I presented my chip and PIN card to the cashier and asked for a hundred euros. The friendly lady clerk offered 120 euros for £105, a bargain was struck and I went to put my card in the terminal. At which point I was asked for ID. I couldn’t help but ask why, even though I knew perfectly well what the answer would be: “it’s the rules”. So I showed my driving licence. But she asked me to hand it over, so I took it out of my wallet and gave her both the chip and PIN card and the licence and then watched while she copied (by hand) my driving licence details on to her copy of the till receipt. What on Earth for?
If I’d gone to an ATM at Heathrow and drawn out a hundred euros, I wouldn’t have had to show my ID or fill out a form or whatever else. I’m genuinely baffled as to why the government should waste my time and Tesco’s money on the nonsense of ID “verification” (it wasn’t verified of course, since the clerk had no way of checking whether driving licence was mine – or even whether it was real at all) for a transaction this small. Does anyone have any theories about this? Is there something in the psychology of international money launderers that means that they are known to avoid ATMs and are therefore vulnerable to clever traps set for them at in-store exchanges? Is there a government policy against in-store currency exchanges?
At first I thought that international gangs of terrorist drug-dealing money-launderers might have targeted Tesco and that by sending out hundreds of smurfs to obtain €100 in each branch of Tesco in the United Kingdom, over a period of some months, they might amass a suitcase full of €500 notes to ship abroad in furtherance of their nefarious plans. But I think, on reflection, that it was a pointless and money-wasting irrelevance, because it turns out that the drug-dealing money-laundering terrorists will always find a cheaper and quicker mechanism for transferring funds across international borders.
One law enforcement official told The New York Times that Liberty Reserve (*), which allowed users to transfer large sums money without ever identifying themselves, was “really PayPal for criminals”.
[From Founders of ‘PayPal for criminals’ Liberty Reserve are charged with money laundering – Americas – World – The Independent]
So. It’s ridiculous to make me jump through hoops to get €100 at Tesco and it’s ridiculous that people can send arbitrarily large amounts of money anonymously. Hence there must be a balance somewhere. But what is the right balance? Since €500 is the largest denomination banknote printed by the European Central Bank (ECB) it is probably a good psychological breakpoint. If you want less than €500 in cash, whether in Tesco or at an ATM you should be able to use your ATM card to get it. If you want more than €500 in cash, then you should have to produce identity documents and have the details recorded. If you want more than €10,000 in cash… well, you can’t. Over €10,000 should be electronic-only.
By the way: if I were an international law enforcement officer, I might have been very tempted to take over Liberty Reserve rather than shut it down, because the ability to monitor criminal flows — irrespective of whether you know the “real” identity of the counterparties — might be rather valuable. Forcing the bad guys back into cash may not be the optimal law enforcement strategy. Instead of encouraging me to blow off Tesco and use the ATM in Nice instead, surely the forces of law and order should be looking at making it easier for me to get one of those prepaid Euro cards.
Finally, prepaid cards leave records. They allow transactions be traced. Most criminals want to be able to take their money and disappear off the radar, not leave tracks across several countries.
[From Scanning Prepaid Cards At The Border Won’t Stop Money Laundering – PaymentsJournal]
This is a critical point. As I’ve consistently argued across a spectrum of new cash-replacement technology options, and especially in the case of mobile payments, law enforcement agencies should be doing what they can, working in partnership with the central banks, to reduce the amount of cash in circulation and persuade criminals to switch away from cash. Erecting high KYC/AML barriers to low-value prepaid accounts, or to getting a miserable €100 from the in-store currency exchange, raises everyone’s cost, reinforces social exclusion, does not affect criminals in the slightest and has no law enforcement benefits. If anyone has some figures from a reputable source to demonstrate the contrary, I would be more than happy to link to them.
These are personal opinions and should not be misunderstood as representing the opinions of
Consult Hyperion or any of its clients or suppliers
Security theater as Bruce Schneier calls it.
But the TSA is employed to do “Security Theater/re” even if the way they so it may reflect a psychological response to not being a prefect at school. Tesco staff are not. Curious that no authoritative response has been offered, leaving us to speculate that perhaps the security camera only takes one picture a minute so a delaying mechanism is needed to ensure a good copy of Dave and the transaction? (And it has to be a not-smiling photo, so he needs to be made grumpy.)
You’re right in saying that enforcing AML/CTF regulations in all these cases of small transactions just makes life more difficult, transaction costs more expensive, and financial exclusion more difficult to overcome. And yes, it is to a great extent security theatre. However, security theatre does matter, for two reasons. One is that it tends to deter the less expert villains, who don’t understand the limitations (human and technological) of security measures and don’t know how to hack them: after all, not everyone is Bruce Schneier or even reads him. The other is that it tends to reassure the public. To take Mark’s example of the TSA: the number of real prospective terrorists they catch during their routine security checks (with or without full body scanners) is pretty infinitesimal; but the fact that they do these checks helps airline passengers to feel that they are safe, because if there is some would-be terrorist queuing up after check-in, the TSA security measures will catch him or her. As for the actual issue of AML/CTF compliance, the problem is, as usual, that the regulators, from FATF down, are always a couple of years behind the curve, so that they’re basically unaware of the real levels of risk, whether from ML, cyber fraud or whatever. And they don’t realy care, because they are responsible to their political masters, not to the public.