Hijackers Mohamed Atta and Abdulaziz al-Omari passing through security checkpoint at Portland International Jetport on the morning of September 11, 2001.
If terrorists entered the U.S. today to conduct a 9/11-scale attack and used the same money-movement methods employed by the hijackers in 2001, it is “possible, but not probable” that their financial activities would bring them to the attention of intelligence and law-enforcement officials.
That’s the assessment of Dennis M. Lormel, who led the FBI’s Terrorist Financing Operations Section in the aftermath of the 9/11 attacks. “It’s possible because there would be transactions, and there’s always the possibility of detection when a transaction trail is there. But with the transaction monitoring that banks do now, they probably would not catch it because the filters would not be set in a way that would raise alarms. In order to do that, you need to have a more pro-active approach,” Lormel told this blog in a recent interview.
Working for implementation of just such a pro-active approach has been the focus of Lormel’s efforts in the 12 years since Sept. 11, 2001. On that day, he was the agent in charge of the FBI’s Financial Crimes Program. Immediately after 9/11, Lormel was given responsibility for forming and overseeing the government’s FBI-led, multi-agency Financial Review Group, which within days of the attacks had identified the funding stream that had facilitated the hijackers’ activities. Since retiring from government service in 2003, Lormel has led DML Associates, a Landsdowne, VA-based firm that provides training and consulting to financial-services companies and other clients on issues such as fraud prevention and detection, anti-money laundering efforts, enhanced due diligence, and forensic accounting. He also has testified before several congressional committees on measures to disrupt terrorist financing, and has written and spoken widely on trends in the ways terrorist and criminal organizations obtain and move money.
“Overall, we’ve come a long way since 9/11. No agency had any methodology in place at that time to effectively monitor terrorist financing, and the government can commend itself on what has been done to date. There’s still much more that can and should be done, however,” Lormel says.
A sufficiently pro-active approach, he adds, would include greater government-financial industry coordination to monitor the financial activity of selected people traveling to or from countries known to be home to terrorist groups, including the subjects’ financial transactions with other people. “Only two of the 19 hijackers were known beforehand to be al-Qaeda members. Had we run the names of those two through the system, we might have seen financial links to the others that then would have enabled us to pursue other connections. We could have moved from bank activity to credit and debit card data to IP addresses and cell phone records before the attack,” notes Lormel.
The value of tracing such connections, as well as the challenges law-enforcement agencies face in the absence of such steps, is made clear in two key paragraphs from the Final Report of the National Commission on Terrorist Attacks on the United States, popularly known as the 9/11 Commission.
Noting that al-Qaeda was able to plan and conduct the 9/11 attack for somewhere between $400,000 and $500,000, the Commission reported that, “The muscle hijackers [those terrorists charged with controlling passengers in the cabin while their counterparts flew the planes, and who for the most part arrived in the U.S. after the pilots] supplied an infusion of cash and traveler’s checks purchased in the UAE and Saudi Arabia. Several hijackers are known to have purchased a total of nearly $50,000 in traveler’s checks that were used in the United States. Moreover, substantial deposits into operatives’ U.S. bank accounts immediately followed the entry of other muscle hijackers, indicating that those newcomers brought money with them as well. In addition, muscle hijacker Banihammad came to the United States after opening bank accounts in the UAE into which were deposited the equivalent of approximately $30,000 on June 25, 2001. After his June 27 arrival in the United States, Banihammad made Visa and ATM withdrawals from his UAE accounts.
“The hijackers made extensive use of banks in the United States, choosing both branches of major international banks and smaller regional banks. All of the hijackers opened accounts in their own name, and used passports and other identification documents that appeared valid on their face. Contrary to numerous published reports, there is no evidence the hijackers ever used false Social Security numbers to open any bank accounts. While the hijackers were not experts on the use of the U.S. financial system, nothing they did would have led the banks to suspect criminal behavior, let alone a terrorist plot to commit mass murder.” (Chapter 5, The 9/11 Commission Report).
Given the innocuous, commonly employed methods the hijackers used to move funds into the U.S., Lormel says it is critical to overlay travel patterns and other information with financial data in order for investigators to bring the outlines of a potential threat into sharper focus. “If we were to be attacked today 9/11-style, the most likely player would be al-Qaeda in the Arabian Peninsula,” Lormel says, referring to the Yemen-based group responsible for the so-called underwear bombing attempt on a flight from Yemen to Detroit on Christmas Day 2010 and an attempt earlier that year to detonate a bomb in a UPS parcel on a flight from Yemen to the U.S. “If I were responsible for transaction monitoring today, I would be monitoring transactions in and out of Yemen, and when a flag would go up, there would be follow up” in terms of the subject’s financial transactions, communications, and other activities,” the retired FBI agent notes.
While the 9/11 Commission gave government agencies a grade of A- for their efforts to disrupt terrorist financing in the years following the attacks on the World Trade Center and Pentagon, Lormel would apply a slightly tougher standard, saying that he thinks the progress to date merits “somewhere between an A- and a B.”
Lormel says that positive developments in the years since 9/11 include:
- improved communication and coordination between government agencies;
- adoption of legislation (particularly the USA PATRIOT Act and its Sections 314A and 314B) that empowers law-enforcement agencies to obtain financial information from banks regarding potential terrorist or money laundering activities;
- greater awareness in the financial-services industry of the importance of monitoring for potentially illicit activity and filing a Suspicious Activity Report (SAR) in response to such concerns;
- the substantial effectiveness of the financial and monetary sanctions imposed upon Iran; and,
- technological and operational advances that allow law-enforcement and intelligence agencies to track a suspect’s financial transactions almost in real-time fashion.
Additionally, Lormel notes that there have been some highly effective public-private partnerships to combat the financing of illicit activity, with a JPMorgan Chase-Homeland Security Investigations initiative focused on human smugglers and traffickers serving as a notable example.
Conversely, the former federal agent sees more work being needed in areas including:
- further aligning the mindsets and approaches of financial-service industry executives who focus on regulatory and compliance concerns when filing SARs and law-enforcement officials who are interested in the potential associated criminal activity;
- intelligence and law-enforcement agencies doing more to develop specific case studies and typologies of illicit finance patterns and – to the extent appropriate – sharing that knowledge with financial-services industry personnel;
- moving more aggressively against informal and/or illegal money remitters, such as hawala networks, who generally operate outside the formal banking system but who also use that system to transmit funds in a way that disguises the actual provider and recipient; and,
- a better understanding and more-effective response to the trend of increased cooperation between terrorist groups and criminal enterprises (the subject of an upcoming blog post).
Additionally, Lormel sees the need for a framework that would support faster and freer information exchange between law enforcement and the financial-services industry. Testifying before the House Subcommittee on Counterterrorism and Intelligence in May 2012, Lormel told lawmakers, “The government must develop a means to legally provide security clearances to select personnel in financial institutions in order to share limited intelligence information that could be scrubbed against bank monitoring systems to identify account or transactional information associated with terrorists.”
In an interview last week, he added that, “The Department of Defense has a system of security clearances in place for its contractor firms. Obviously, in the wake of the Snowden affair, the structure of that program is being revisited. But a properly constructed equivalent program in the banking and overall financial-services area would go far toward sharing information in a timely fashion. “
Reiterating a point he made in an August 2013 whitepaper, Lormel notes, “Funding is both the lifeblood of a terrorist organization and one of its most significant vulnerabilities. The better we understand the flow of funds, the better the quality of the intelligence we receive, and the more innovative we are, the more likely we will be able to disrupt or prevent the flow of funds needed to support terrorist activities.”