Data Collection Challenges

Stephen DeAngelis

January 18, 2007

The 2004 Intelligence Reform Act authorized a Cross-Border Electronic Funds Transfer Program as part of America’s war on terrorism. A Washington Post article that discusses a report just issued by the Department of Treasury notes how difficult setting up a massive data collection program can be [“Vast Data Collection Plan Faces Big Delay,” by Ellen Nakashima, 17 January 2007]. Treasury had hoped to start the program by the end of this year but now reports that it will be delayed until at least 2010.

“The Treasury Department concluded that the program was technologically feasible and has value, but said it needs to determine whether the counterterrorism benefit outweighs banks’ costs of compliance and to address privacy concerns.”

Conducting cost/benefit analysis is always wise; but when issues like terrorism and privacy are concerned, subjective factors (like emotions) often play as big a role as objective factors (like compliance costs). Bankers oppose the program because they feel it is burdensome and intrusive. According to the article:

“Unlike another Treasury program, which uses administrative powers that bypass traditional banking privacy protections to tap into the vast global database of transactions maintained by the Brussels-based Society for Worldwide Interbank Financial Telecommunication, the cross-border plan is the result of legislation sought by Treasury and would require congressional oversight.”

Banks and money services, Nakashima reports, are already required by law to keep records on all wire transfers of $3,000 or more. “The proposed program would mandate that each of those transactions — if they cross the U.S. border — be reported to the Treasury Department’s Financial Crimes Enforcement Network (FinCEN).” She continues:

“The type of data captured would include the names and addresses of senders, the amount and dates of the transfers, the names and addresses of the beneficiaries and their financial institutions. Treasury officials said in interviews and in the report to Congress that the data would give analysts more information to ferret out illicit activity as they try to detect links between suspects. FinCEN said that Australia and Canada had used similar data effectively. Australia has used it to catch tax evaders and predict the movement of drugs into and out of the country. But those countries deal with much smaller numbers of transactions. Treasury receives more than 16 million currency transaction records and suspicious activity reports a year from banks and other financial institutions, which help officials track money launderers and terrorist activity. Bankers say the additional reporting requirement would be a tremendous burden. ‘We’re talking about a volume of transactions that dwarfs anything that has been done in the name of [financial regulatory reporting] up to now,’ said Richard R. Riese, director of the American Bankers Association Center for Regulatory Compliance.”

Such a massive data collection effort, if it occurs, would demand automated rule sets to help keep compliance and data mining costs affordable. The Treasury Department has proposed a “first in” and “last out” rule that would require only the first institution to receive a cross-border fund transfer or the last institution that actually makes a cross-border transaction to file reports. The number of reports would still be massive, but technically the challenge is not insurmountable. Dealing with privacy issues is another challenge being raised both in America and Europe.

“In an October interview, Robert W. Werner, who then was director of FinCEN, said most of the data collected would be ‘commercial oriented’ transactions and ‘irrelevant’ to FinCEN’s mission to detect and prevent illicit activity. ‘The key is to have a system that allows you to be able to pull the relevant data without people worrying that irrelevant data is being browsed and used inappropriately,’ he said. FinCEN would also need to develop the technical capability to store and analyze the information, the study noted. FinCEN is considering setting up a ‘federated data warehouse’ to store the data, which would be held separately from other financial records data. Officials said there would be strict rules to ensure that the data is not shared inappropriately, including audit trails to check for improper access. The program would be developed through a public rulemaking process over an extended period, officials said. ‘We know there will be costs. We believe there is value. How do those two play out?’ said Eric Kringel, senior policy adviser at FinCEN. He said that as a regulatory body, FinCEN ‘would not want to proceed’ without determining if the benefit is worth the cost. FinCEN has proposed taking a year to conduct a $1.1 million cost benefit analysis. Implementation would cost $32.6 million and take 3 1/2 years, officials said.”

If the cost/benefit analysis indicates that government should proceed, the kinds of supporting technologies that could address reporting, mining, correlating, and protecting data are all the kinds of issues that could be researched at the Institute for Advanced Technologies in Global Resilience (IATGR). It could be especially useful during the “rulemaking process” discussed in the article. With potential costs (both real and social) being so high, taking time to make the right decision appears to be a wise course.