Yesterday the FinCEN-leaks have been made public by the same group of journalists that was responsible for Panama Papers. It has been silent to long, it seems. One of the most interesting aspects of the leaks is that journalists publish illegally obtained information from the Financial Crimes Enforcement Network (FinCEN). After hacking private companies, hackers now have obtained a large quantity of data from a governmental authority.

Hacking the government
FinCEN is a U.S. governmental authority that has as its mission to:

safeguard the financial system from illicit use, combat money laundering and its related crimes including terrorism, and promote national security through the strategic use of financial authorities and the collection, analysis, and dissemination of financial intelligence

Is is quite extraordinary to steal from a governmental agency, as it may thwart judicial activities and harm people included in the files. The International Consortium of Investigative Journalists (ICIJ) and their media partners are publishing the data. ICIJ does not explain why it is obstructing governments. Journalists writing on the leaks are not talking about this aspect either. Their stories are about the delicious information they found on globally working banks and exciting criminals, offering the journalists opportunities for bashing banks again.

FinCEN on 1 September published a statement on the leaks:

Statement by FinCEN Regarding Unlawfully Disclosed Suspicious Activity Reports

Immediate Release
September 01, 2020

The Financial Crimes Enforcement Network (FinCEN) is aware that various media outlets intend to publish a series of articles based on unlawfully disclosed Suspicious Activity Reports (SARs), as well as other sensitive government documents, from several years ago. As FinCEN has stated previously, the unauthorized disclosure of SARs is a crime that can impact the national security of the United States, compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports. FinCEN has referred this matter to the U.S. Department of Justice and the U.S. Department of the Treasury’s Office of Inspector General.

According to the ICIJ the data were obtained from BuzzFeed News and transfered to them. ICIJ writes:

The documents were shared by BuzzFeed News with ICIJ and 108 media partners in 88 countries and include information on more than $2 trillion in transactions dated from 1999-2017 that had been flagged by the banks as suspicious.

Transparency
The FinCEN leaks show that transparency now is exacted from both governments and private parties. No parliamentary process is necessary, here rules the law of the jungle. Those with the best hacking capabilities will obtain data and decide which part of the data is made public. And they will probably sell the information also to dark parties.

Private parties, like hackers, are in the position to ignore legislation when obtaining information, in that they have a better position than enforcement authorities. The journalists only provide the results to the public (without giving account on the selection they made and on the accurateness). This gives journalists a comfortable position.

End of democracy and rule of law?
This hacking of governments has interesting consequences. Is this the beginning of the end of democracy and rule of law? Will the role of investigation of crime be taken over by journalists and will trial by the media become the new normal?

Will anti-money laundering data brokers profit from this and will the journalistic activities result in a surveillance society in which every citizen will scrutinize its fellow-citizens?

I think this will happen, as fraud is everywhere; the great marketing machine of ICIJ and its friends will march further, only showing interest in sensational crime stories and ignoring the difficulties of private and governmental crime detection and prevention.

More information:

FinCEN

Statement on the leaks: Statement by FinCEN Regarding Unlawfully Disclosed Suspicious Activity Reports, 1 September 2020.

ICIJ

ICIJ calls itself a U.S.-based nonprofit and has world wide media-partners, including Het Financieele Dagblad and Trouw (the Netherlands); De Tijd, Knack, MO*, Le Soir (Belgium); and NDR, WDR and Süddeutsche Zeitung (Germany).

On their site the annual accounts are supposed to be found here but when I tried to look at the 2019-accounts I got the message:

This XML file does not appear to have any style information associated with it. The document tree is shown below.

<Error>

<Code>PermanentRedirect</Code>

<Message>The bucket you are attempting to access must be addressed using the specified endpoint. Please send all future requests to this endpoint.</Message>

<Endpoint>www-s3-1.icij.org.s3.amazonaws.com</Endpoint>

<Bucket>www-s3-1.icij.org</Bucket>

<RequestId>0C0F7D051304D404</RequestId>

<HostId>YSHfICNBo02mX5k9tlBeva1eNwHQpBNlN78xgGapkSGctOmp+zDA61q90UycEv/gmwNoJ4gox6c=</HostId>

</Error>

No idea what to do with that. I am interested in a detailed specification on their donors and the contribution of each of them. They publish a list of donors, that include the famous Adessium Foundation (NL), the Nationale Postcode Loterij (NL), Soros’ Open Society Foundations and several American donors.

Under corporate documents I see no articles of association. The only refer to the legal regime (501(c)(3) non-profit organization in Washington, D.C.).

Some articles from others than journalists

• According to Shadow Banker ICIJ is receiving large funds from the Soros foundation (The Open Society Foundation).  He is worried about politicization of financial intelligence and criticizes the Panama Paper database, that is “marked by some glaring omissions“. Article: Buzzfeed Set to Report on 36 SARs Linked to Rogue Russian Crypto Exchange BTC-e, Hopefully Doesn’t Steele-Job it, Shadowbanker, 17 September 2020.
• U.S. FinCEN leaks to have ‘chilling effect’ on fight against financial crime, say AML experts, ThomsonReuters, 18 September 2020.
• Comments on the FinCEN statement: In cryptic statement, FinCEN warns of leak, theft tied to SAR database, but whether a drip or a deluge, answer coming soon, ACFCS, 4 September 2020.
• Two Multinational Banks Ensnared in Panama Papers-Style Leak of FinCEN Data, as U.S. Election Draws Near, Shadowbanker, September 2020.

Journalists proudly writing on the FinCEN burglary

Members of the FinCEN-leaks group:

• ICIJ brags on the FinCEN page: “An ICIJ investigation reveals the role of global banks in industrial-scale money laundering — and the bloodshed and suffering that flow in its wake“. At their site transaction data can be downloaded.
• FinCEN Files: All you need to know about the documents leak, BBC (UK).
• The FinCEN Files, OCCRP.
• Was sind die FinCEN-Files? BuzzFeed Germany, 20 September 2020.
• Twee Nederlandse bedrijven spil in het wegsluizen van miljarden uit Rusland, Trouw (the Netherlands), 20 September 2020.
• FinCEN Files: 2.000 milliards d’argent «sale» ont parcouru la planète grâce aux banques, Le Soir (Belgium) 20 September 2020.
• FinCEN-Files, SZ (Germany).

Other journalists repeating the ICIJ-articles:

• FinCEN Files-Datenleak: Wie die Geldwäsche-Bekämpfung versagt | tagesschau.de
• Leaked Treasury documents reveal how dirty money moves through global banking system, Axios
• FinCEN Files: Wenn die Aufsicht versagt, DW
• FinCEN Files: Zweifelhafter Spitzenreiter Deutsche Bank
• ING bankierde voor een Russisch witwasnetwerk, De Groene (the Netherlands) 20 September 2020
• Versteckte Milliarden in FinCEN-Files, ORF (Austria), 20 September 2020.

Other sources

• The Dutch Anti-Money Laundering Centre (AMLC) on LinkedIn enthusiastically reported the Dutch part of the FinCEN leaks. They did not answer my question on leaking of Dutch police and FIU-NL information. Someone else commented that the FinCEN burglary is illegal and obstructs justice.

Addition 22 September 2020
On LinkedIn there are two reactions, the first by a tax advisor and the second by someone of the government.

Addition 2 October 2020
Stealing of confindential governmental information not only takes place in the U.S. In an article of ICIJ member Het Financieele Dagblad, KPMG zette justitie op spoor corruptie-onderzoek scheeps-bouwer Royal IHC , the journalists are citing from confidential information from prosecution sources.

MONEYVAL is not critical on the FinCEN burglary either, according to an ACAMS article. The authorities are using the AML-marketing for their political aims.

#FinCEN files zijn het resultaat van een inbraak bij de overheid door hackers die de rechtsstaat ondergraven, toegejuicht door @_investico https://t.co/TXcbGgjAQy

— Ellen Timmer (@Ellen_Timmer) September 28, 2020

Read this thread on FinCEN files and the history of AML:

A thread on FINCEN files and why I think we can throw the whole money laundering laws/cult in the garbage can.

This has to do with types of law.
1- contract law between entities (to civil courts)
2- administrative law (fin supervision, gov. court)
3- penal law (to jail).

/1

— Simon Lelieveldt (@finhstamsterdam) September 26, 2020

Addition 30 December 2020
It is amazing that in the media there is no one pointing out that every citizen is endangered by criminals hacking governments and obtaining private information, that can be misused by criminals. It looks as if the cybersecurity and confidentiality of the private information of citizens in the world is less important than catching a few criminals.

The press is using the FinCEN Leaks for bashing financial institutions, like in this Belgian article, De FinCEN Files: gelekte rapporten onthullen hoe banken tekortschieten om witwassen te voorkomen (Knack). The same happens in more recent articles, like this one. It shows that the leaking of private information is accepted by Belgian newspaper De Tijd. There are many more articles like that.