The “Big” Picture
Surrounding BSA/AML:
Issues of Concern
Presented by
Mary Meile, President
The Anti-Money Laundering
Assoc.
Different Era





A world of financial instability.
Weaknesses in our nation’s security
tracking systems.
Cyber security attacks.
American born extremists within our
nation seeking to perform Jihad, and
New terrorist strategies to bring
America down.
US DOJ HEADLINES




Pennsylvania Woman Indicted in Plot to
Recruit Violent Jihadist Fighters and to
Commit Murder Overseas
Two Charged with Terror Violations in
Connection with New York Subway Plot
Najibullah Zazi Pleads Guilty to Conspiracy
to Use Explosives Against Persons or
Property in U.S., Conspiracy to Murder
Abroad and Providing Material Support to
Al-Qaeda
Tahawwur Rana and David Headley
Indicted for Alleged Roles in India and
Denmark Terrorism Conspiracies
US DOJ HEADLINES




Umar Farouk Abdulmutallab Indicted for
Attempted Bombing of Flight 253 on
Christmas Day
Nigerian National Charged with Attempting
to Destroy Northwest Airlines Aircraft
Terrorism Defendants Sentenced in Atlanta
Chicagoan Charged with Conspiracy in
2008 Mumbai Attacks in Addition to
Foreign Terror Plot in Denmark
New Terrorist Strategy

Terrorism expert Bruce Hoffman, was
quoted as saying, “the attack on the CIA
base in Khost, Afghanistan, as well as the
al-Qaeda-backed attempt to blow up a
U.S. airliner on Christmas Day, show that
the international terrorist movement has
substantially changed its strategy
compared to attacks like Sept. 11 which
were designed to "deliver a knock-out
blow. Instead, Hoffman said, "al-Qaeda's
leadership has now adopted a 'death by a
thousand cuts' approach."
Hoffman Expert Warning

“Death by a thousand cuts” means
slow and subtle.
Hoffman Expert Warning

Hoffman warned that al-Qaeda is
trying to confound U.S. efforts to
connect dots of intelligence by:
overwhelming, distracting and
exhausting us. They seek to flood
our already information-overloaded
national intelligence systems with
myriad threats and background
noise. They hope we will overlook
key clues.
Can You Relate?

Many BSA and AML Officers are
overburdened and exhausted.
Hoffman Expert Warning

Hoffman states, “oddly enough for a
terrorist movement supposedly on its
last legs, al-Qaeda (December)
launched two separate attacks less
than a week apart -- one failed and
one successful -- triggering the most
extensive review of U.S. national
security policies since 2001.
Hoffman Expert Warning


al-Qaeda is covetously seeking
recruits from non-Muslim countries
who can be easily deployed for
attacks in the West.
Citizens of countries that participate
in the U.S. visa-waiver program are
especially prized because they can
move freely between Western
countries and blend easily into these
societies.
Hoffman Expert Warning

al-Qaeda is shrewdly opportunistic. It
constantly monitors our defenses in an
effort to identify new gaps and
opportunities that can be exploited. Its
operatives track our congressional
hearings, think-tank analyses and media
reports, all of which provide strategic
intelligence. By coupling this information
with surveillance efforts, the movement
has overcome many of the security
measures we have put in its path.
Hoffman Expert Warning


Hoffman states, “Remarkably, more
than eight years after Sept. 11, we
still don't fully understand our
dynamic and evolutionary enemy.
He explains how we need to break
the cycle of radicalization and
recruitment that sustains the
movement.
Expert Warning

Bruce Hoffman continues, “With our
military overcommitted in Iraq and
Afghanistan and our intelligence
community overstretched by
multiplying threats, a new approach
to counterterrorism is essential”.
New Threat Coming Of Age
March 9, 2010- Colleen R.
LaRose, aka "Fatima
LaRose," aka "Jihad Jane.”
Jihad Jane
New Threat Coming Of Age
1.
2.
3.
4.
Woman from suburban America
Agreed to carry out murder
overseas and to provide material
support to terrorists.
Appearance an asset- can travel
safely without notice or suspicionblends in.
Used Internet to establish
relationships and communicate
plans.
New Threat Coming Of Age




Charged with: Conspiracy to
provide material support to
terrorists.
Conspiracy to kill in a foreign
country
Making false statements to a
government official.
Attempted identity theft.
New Threat Coming Of Age


Her Story: Jihad Jane and 5 others
scattered across the globe recruited men
to wage violent jihad in South Asia and
Europe, and recruited women who had
passports and the ability to travel to and
around Europe in support of violent jihad.
Plans for martyring themselves, soliciting
funds for terrorists, soliciting passports
and avoiding travel restrictions (through
the collection of passports and through
marriage) in order to wage violent jihad.
New Threat Coming Of Age
Demonstrates the following:
 Emerging trend in homegrown
terrorism, virtual highway of internet
makes easy access, increase in
potential lone wolf operatives, and
terrorists are openly speaking about
their pleasure and interest in the
actions of such independent actors.
 We can not assume a terrorist based
on appearance.
Homegrown Jihadist
Najibullah Zazi



Zazi is a legal permanent resident of
the US from Afghanistan
Zazi is a resident of Aurora, Colorado
Zazi admitted, he and others agreed
to travel to Afghanistan to join the
Taliban and fight against United
States and allied forces
Najibullah Zazi


The Justice Department announced
that Najibullah Zazi pleaded guilty in
a "conspiracy to use weapons of
mass destruction in the United
States," in connection with al-Qaeda.
His main attack targeted the New
York subway system.
America is being penetrated by a
network that is producing the
Jihadists
Terrorist Identities Datamart
Environment (TIDE)


TIDE is the US Government’s (USG)
central repository of information on
international terrorist identities as
established by the Intelligence
Reform and Terrorism Prevention Act
of 2004.
Supports the USG’s various terrorist
screening systems or “watchlists”
and the US Intelligence Community’s
overall counterterrorism mission.
Terrorist Identities Datamart
Environment (TIDE)

Consolidated watchlist a critical
tool for homeland security,
supports screening processes to
detect and interdict known and
suspected terrorists at home and
abroad.
Terrorist Identities Datamart
Environment (TIDE)


As of January 2009, TIDE contained
more than 564,000 names, 500,000
separate “identities” because of the
use of aliases and name variants.
U.S. Persons (including both citizens
and legal permanent residents) make
up less than five percent of the
listings.
Terrorist Identities Datamart
Environment (TIDE)
Christmas Day Attack


On Dec. 25, 2009, Nigerian Umar
Farouk Abdulmutallab boarded
Northwest Flight 253 in Amsterdam
and attempted to detonate plastic
explosives he had hidden in his
clothing.
Father alerted authorities he was
concerned about involvement with
religious extremists.
Incident Report

The US had enough intelligence prior
to the failed attempt to destroy an
airliner bound for Detroit on
Christmas Day to indicate such a plot
was under way, and to disrupt it,
according to the administration
review of the incident report released
Jan. 7. The problem was that
intelligence in essence fell through
the cracks.
Incident Report



Not a failure to collect or share
intelligence.
Failure to connect, integrate, and
understand the intelligence we had.
Need to modify the existing policy
standards for inclusion on lists.
What Went Wrong?


"We didn't know they had progressed
to the point of actually launching
individuals here," said John Brennan,
the president's chief
counterterrorism adviser.
The government's counterterrorism
operations had been caught off
guard by the sophistication of an alQaida cell in Yemen, where officials
say the plot against the United
States originated.
LIST


Abdulmutallab's name was in TIDE
database but his name was not
added to the shorter lists of possibly
more dangerous suspects, such as
the no-fly list maintained by the
FBI’s Terrorist Screening Center.
That list includes about 3,400
names.
Future Plan of Action





In laying out directives in four areas, the
president spoke of “assigning clear lines of
responsibility.” Specifically, he underscored the
need to:
Act aggressively when leads arise.
Distribute intelligence reports more rapidly and
widely when threats become known.
Strengthen the analytical process to allow
security agencies to “connect the dots” of
possible threats.
Strengthen of the criteria used to add individuals
to terror watch lists, especially no-fly lists.
Cybersecurity
Cybersecurity Coordinator, Howard
Schmidt
Cybersecurity

President Obama has declared that
the “cyber threat is one of the most
serious economic and national
security challenges we face as a
nation” and that “America's economic
prosperity in the 21st century will
depend on cybersecurity.”
Cybersecurity
1.
2.
3.
4.
5.
6.
Cybercrime cost Americans more than $8 Billion
dollars for a 2 year period (2009 and 2008).
A growing threat that encompasses national
security and public safety.
Computer networks deliver our oil and gas, our
power and our water.
Public transportation
Air traffic control
Yet we know that cyber intruders have probed
our electrical grid and that in other countries
cyber attacks have plunged entire cities into
darkness.
Cybersecurity




Our Nation’s cybersecurity strategy is
twofold:
(1) improve our resilience to
cyber incidents and
(2) reduce the cyber threat.
President has established a plan of
action.
Cybersecurity


Federal agencies spend $6 billion a
year on cybersecurity to protect the
government's IT infrastructure and
$356 million on research, according
to the Office of Management and
Budget.
Despite that funding, a government
review of its cybersecurity efforts
last year concluded that they are not
adequate to prepare the country
against cyberattacks.
OPERATION PHISH PHRY-FBI
Major Cyber Fraud Takedown

The defendants in Operation Phish
Phry targeted U.S. banks and
victimized hundreds and possibly
thousands of account holders by
stealing their financial information
and using it to transfer about $1.5
million to bogus accounts they
controlled.
OPERATION PHISH PHRY-FBI
Major Cyber Fraud Takedown

The FBI claims that the phishers' modus
operandi was the following: hackers in
Egypt would gather personal information
and banking details from the victims and
pass them on to their U.S. comrades. The
latter would then use the stolen
credentials to access the accounts, steal
the money and send part of it to their
associates in Egypt.
OPERATION PHISH PHRY-FBI
Major Cyber Fraud Takedown

It took two years of investigating and
the involvement of Egypt authorities,
but the FBI has reached its goal: 100
people have been finally charged for
their participation in a multinational
phishing operation.
Albert Gonzalez (aka “Segvec”)
“TJX” CASE


September 11, 2009
Secret Service uncovered the theft
and sale of more than 40 million
credit and debit card numbers from
numerous U.S. retailers. The
potential losses associated with this
case total more than $21 billion.
“TJX” CASE


Mastermind behind the elaborate
fraud scheme- Miami, Florida,
pleaded guilty to 19 counts of
conspiracy, computer fraud, wire
fraud, access device fraud, and
aggravated identity theft.
Allegedly sold some of the credit and
debit card numbers, via the Internet,
to other criminals in the United
States and Eastern Europe.
“TJX” CASE


Briefly an informant to the Secret
Service before he allegedly returned
to commit even bolder crimes.
Threw himself a $75,000 birthday
party and at one point lamented he
had to count more than $340,000 by
hand because his money counter had
broken.
Barclays programmer jailed over
TJX hack

March 15, 2010: Humza Zaman
laundered between $600,000 and
$800,000 for Gonzalez, who is
awaiting sentencing after pleading
guilty to a string of cyber-attacks on
several firms, resulting in the theft of
tens of millions of payment card
details.
Penalties


Humza Zaman was sentenced to 46
months incarceration and three years
supervised release as well as given a
$75,000 fine by a court in Boston after
pleading guilty to one count of conspiracy
last April.
Gonzalez is facing a minimum 17-year
prison sentence after pleading guilty to a
string of attacks on several firms,
including TJX and Heartland Payment
Systems.
Co-Conspirator

In 2009, another of his coconspirators, former Morgan Stanley
software engineer Stephen Watt, was
sentenced to two years in prison for
developing the software used to
capture payment card data.
FinCEN-Regulatory
FinCEN Director Freis provides remarks
on
emerging issues:
1.
2.
Trade-based money laundering (TBML)
systems, such as the Black Market Peso
Exchange (to transfer value across
international borders in attempts to
disguise the illicit origins of the criminal
proceeds) are still prevalent.
Fraud
FinCEN-Regulatory

Basic schemes included
misrepresenting the price and
quantity of goods and services (overand under-invoicing), and invoicing
the same goods or services more
than once (double invoicing). The
illicit activity was hidden in part by
the enormous volume of
international trade transactions, an
estimated $15.7 trillion in global
FinCEN-Regulatory

According to the 2009 International
Narcotics Control Strategy Report, it
is estimated that the annual dollar
amount laundered through trade
ranges into the hundreds of billions.
Additionally, U.S. Immigration and
Customs Enforcement (ICE) reports
that their trade-based money
laundering case initiations have
increased by 348 percent since 2004.
FinCEN-Regulatory

FinCEN has seen inconsistent
identification of this activity in many
SAR filings determined to be related
to trade-based money laundering.
For example, the use of the term
“trade-based money laundering” or
“TBML” as a key phrase in the
narrative is sometimes missing.
FinCEN-Regulatory
FinCEN issued an advisory (FIN-2010
A001) on Feb 18, 2010 regarding SARs
and
Trade Based Money Laundering.
 The advisory includes potential
indicators of TBML, and
 Potential red flags for trade-based
money laundering or black market
peso exchange activities.
FinCEN-Regulatory

Red flags seen in conjunction with
shipments of high dollar merchandise
(such as electronics, auto parts and
precious metals and gems) to duty
free trade zones, such as in the
Colon Free Trade Zone in Panama,
could be an indication of a tradebased money laundering or black
market peso exchange activity.
FinCEN-Regulatory
SAR Filing:
FinCEN requests:
1. Check the appropriate box in the
Suspicious Activity Information section of
the SAR form and include the
abbreviation “TBML” or “BMPE” in the
narrative portion of all relevant SARs
filed.
2.
The narrative should include an
explanation of why the institution
suspects, or has reason to suspect, that
the customer is participating in this type
of activity.
FinCEN-Regulatory
FRAUD & AML
 Fraud and acts of money laundering are
interconnected as ML is often a product of
fraud.
 Customer and transactional information
used for AML purposes is often the same
customer and transactional information
needed for fraud investigations.
 FinCEN encourages 314b information
sharing as an effort to fight fraud.
Resources and Credits





Washington Post: Article by Bruce Hoffman, Al-Qaeda has a
new strategy. Obama needs one, too. January 10, 2010.
Prepared remarks of James H. Freis, Jr. Director, Financial
Crimes Enforcement NetworK. Florida International Bankers
Association 2010 AML Conference. Feb 8, 2010
John-Brennan-We-failed-on-Christmas-Day-terroristintelligence
http://www.csmonitor.com/USA/2010/0107/John-BrennanWe-failed-on-Christmas-Day-terrorist-intelligence
President Obama remarks from the National Security
Council
http://www.whitehouse.gov/administration/eop/nsc/cybers
ecurity.
President Barack Obama greets his new White House Cyber
Security Chief Howard A. Schmidt in the Cross Hall of the
White House. December 17, 2009. (Official White House
Photo by Lawrence Jackson)
http://www.whitehouse.gov/blog/2009/12/22/introducingnew-cybersecurity-coordinator
Resources and Credits



Colleen R. LaRose
(AFP/Getty Images) This undated
image obtained on March 9, 2010
courtesy of Fox News shows a photo
from a website authorities say was
maintained by terror suspect Colleen
R. LaRose.
http://www.mcall.com/photos/alljihad-jane-pictures031010,0,4301319.photogallery