Terrorist groups are not a financial island
Christine Duhaime, B.A., J.D., Certified Financial Crime Specialist
Christine Duhaime is a Canadian lawyer, writer and frequent speaker on financial crime (including counter terrorist financing) and financial technology and innovation issues.
Updated October 18, 2014
When it comes to terrorist financing, the statement “no man is an island” is fitting except that in this case, it may be more accurate to say that ”no terrorist organization is a financial island”.
The financing of terrorism presently involves the use of our banks and the larger global financial system. Money and value goes in and out of Syria and Iraq for and from the Islamic State (“ISIS” or “ISIL” in the US) and their leaders, most of it attached in some way to accounts at financial institutions.
As a result, it may be easier both to detect and stop the flow of funding to IS if we are willing to invest in the technology and manpower to do so.
Here is a synopsis of what we know about terrorist financing involving the Islamic State and what financial institutions, governments and private enterprise actors can do to mitigate the risks of terrorist financing and the attendant threats to international security.
There are generally three significant baskets of terrorist financing taking place in respect of IS that engage external states and their financial institutions.
The first is the sale of crude oil from Iraq and Syria from oil fields acquired by the IS, sometimes referred to as terrorist oil; the second is funding from individuals in developed countries to IS directly and indirectly; and the third is self-funded activities such as ransom payments from the kidnapping of foreigners, taxes imposed on businesses, Christians and financial transactions in captured territories, stolen currency and gold from banks and the sale of looted goods.
According to experts, IS has over $2 billion in cash in the coffers and as well as an unknown amount in banks.
How IS initially was funded is another story but according to the US Treasury, a lot of it was from private donations from people in Qatar and Kuwait, in particular from charities. In 2013, Qatari authorities apparently only filed one suspicious transaction for the whole country yet some of its richest individuals paid million of dollars in cash and via wire to IS. A fundraiser known as Tariq Al Tunisi is alleged to have arranged for IS to receive $2 million from Qatar in one transaction alone, which flowed through the financial system unimpeded.
Another fundraiser from Qatar, Abd al-Rahman bin Umayr al-Nuaymi is alleged to have sent more than $1 million per month to an al-Qaeda group that morphed into the Islamic State. Al-Nuaymi was an advisor to the Qatari government and was placed on the US sanctions list in December 2013 and only recently placed on the UK list.
1. Terrorist oil sales
The bulk of the terrorist financing to IS is generated by terrorist oil sales, hence the impetus to destroy oil and gas infrastructure controlled by IS because it will remove the most significant source of revenues necessary for their operations.
It is not possible to traffic in terrorist oil without the involvement of, and support from, western financial institutions whether unwittingly or not.
According to US intelligence and Hisham Alhashimi, an IS expert in Iraq, ISIS earns approximately $150 million per month from the sale of crude oil sold on the black market in Turkey or Kurdistan, mostly Turkey. This activity engages terrorist financing involving western financial institutions because both the vendors (IS) and the purchasers must use the modern banking system to effect the transactions equaling $150 million per month. Note that there are multiple daily sales transactions, that together, equal $150 million, ergo thousands of terrorist financial transactions going through banks.
Banking the ISIS
Breaking it down, the first point of contact would appear to be local banks operating in Istanbul who bank the IS, although likely under beneficial ownership structures or their accounts would be shut down. I’m surmising these bank accounts were set up years ago and as time went on, IS entities became the bank’s VIP customers as more and more wealth was deposited. As the IS and their agents likely determined, the best way to avoid bank detection for suspicious activities is to become a bank VIP and move to private banking under a beneficial ownership structure. Although private banking clients are more high risk for financial crime, many banks treat such customers preferentially in terms of identity, transaction monitoring and anti-money laundering reporting. IS is sufficiently sophisticated to issue corporate annual reports highlighting their financing activities; there can be no question they have corporate vehicles through which they launder proceeds of crime (specifically, from numerous terrorist acts).
Banking ISIS leaders
What about IS leaders? Historically speaking, state leaders who acquire power undemocratically have taken enormous pains to acquire great wealth and to preserve it by removing funds from domestic areas of conflict to overseas safe tax havens for future use by them or their families, usually their children. The reason we have a politically exposed person (“PEP“) reporting regime is to prevent this from happening. The best way to preserve wealth in a war-torn conflict area is to move it to a more stable economy or a tax haven where beneficial ownership disclosure is protected.
We can expect, therefore, that the IS elite have moved or will move, vast sums of money to other jurisdictions in the world through close family members (PEPs). The money and its ownership will be more difficult to tie to IS leadership because, inter alia, it originates from a state over which they have effective control and in which they can create an endless number of new identities and passports to use for travel and to open and use foreign bank accounts.
We have already started to see IS officials moving into Turkey with vast sums of money, renting or buying luxury homes in Istanbul and Ankara with cash. The next step will be the purchase of luxury vehicles and sending their children to elite schools in the UK with terrorist funds. According to news reports, IS has opened up its first consulate office in Ankara to issue official visas for defectors from other countries to enter Syria to fight for the IS. They have also opened several businesses in Ankara and Istanbul.
All of these activities, from purchasing houses, cars, consulates, and offices requires the constant use of bank accounts and banking relationships in Turkey. The IS move into Turkey to set up businesses is likely being done to establish bank relationships through commercial activities so that IS can access financial institutions in Europe, an activity that is difficult from Syria or Iraq with significant sanctions in place. Unfortunately, some banks have no qualms about servicing terrorists.
Banking oil sales agents
The banks banking the agents and purchasers of terrorist oil are likely foreign banks in Istanbul. The reason why this is likely the case is because the entities and persons, particularly agents, purchasing terrorist oil have a pressing desire to move the proceeds of crime from the sale of the oil overseas to protect it, and hence protect their wealth. They need a bank with a good network of international correspondent banking relationships to ensure that can happen quickly and efficiently, with wealth management ties to tax havens. These bank accounts are likely also structured in ways in which beneficial ownership is obscured.
Foreign banks, particularly in Dubai, Amsterdam, Paris, Vienna and London, should exercise extra due diligence to ensure that they do not violate sanctions and counter-terrorist laws by banking persons and entities dealing with terrorist funds. Entities or persons who have an unusual or extraordinary amount of cash dealings connected to conduit countries such as Kurdistan, Lebanon, Jordan or Turkey are a banking concern for terrorist financing. Sanctions and counter-terrorist financing laws globally also capture the indirect facilitation of banking or financial services for terrorist activities so financial institutions, including wealth managers in tax havens, all along the oil transactional chain of finance are exposed for providing services for these transactions.
Some theorists have hypothesized that hawalas and cash couriers are being used for payments of terrorist oil. Hawalas and money mules are prevalent in many IS transactions but not for terrorist oil transactions – there is too much money in terms of volume and its too impractical.
2. Christian taxes; kidnapping and ransom
The second way in which IS is financed is by self-funding methods such as taxes Christians must pay to remain alive and ransom payments from foreign governments for kidnapped foreigners. According to experts, IS earns $10 million per month in ransom payments and, unlike terrorist oil payments, ransom payments are made in US cash using external foreign banks. Under this method, agents bring the cash into Iraq, Syria or a conduit state in exchange for the prisoner. IS agents bring the cash back to headquarters but the agents liaising for the foreign governments bank their commissions in foreign banks, only in this case, they are likely using foreign banks in Europe which have ties to tax havens through wealth management firms or bank branches.
The IS has other internal funding methods such as taxes imposed on people in acquired territories and transactional fees for people to remove funds from their bank accounts that engage the local economy and do not likely flow through the modern banking system.
For example, they have set up sex slavery businesses in most towns and cities in which they occupy using primarily teenage girls that they refer to as the so-called “spoils of war” to work in such businesses. They also sell captured women and children (those that are Christian or Yazidi women) in the local marketplace. According to human rights agencies, there are websites in which captives are priced and listed for sale.
Then there are the Christian taxes, which are taxes Christians must pay in occupied towns as a “tolerance” fee if they do not convert, or are not first killed. The Christian tax is paid for the privilege of life. If a Christian cannot pay or refuses to, they are killed.
There are also bank fees to pay to IS. They have taken over banks in towns in which they occupy and in order to withdraw funds, account holders must go through a 3-person committee to prove they are the account holder and are not Christians, Yazidis, Shiite Muslims or members of the government. This group of prohibited persons has forfeited money held in their accounts to the IS. If a person is not within the prohibited group, in order to withdraw funds, a commission has to be paid to the IS.
As for Christians and Yazidi workers, the IS has already confiscated their salaries and about 5% is being deducted from everyone else’s salary by the IS.
The IS taxation system on people, businesses and services should not be underestimated as a significant source of growing revenue. Not surprisingly, banks under the control of the IS are being used for tax collection purposes for the IS, including the Raqqa Credit Bank which now apparently collects municipal taxes for the IS circumventing the government payment system.
Finally, the IS also traffics antiquities from Syria to western collectors. Payments for antiquities sales all involve foreign banks and are a form of terrorist financing that is obviously prohibited.
While initially, the self-funding methods (such as the sale of young teenagers into slavery) may not go through our traditional banking methods, those funds end up in the hands of the IS elite, whose close advisors and family members are branching out to Turkey and Lebanon (perhaps other places as well) to set up businesses and buy houses, all with terrorist funds which requires banking relationships (see below).
3. Payments from foreign countries
In Iraq, the advance force of IS, called the House of Islam, is dominated by foreigners, including several hundred Europeans, Australians, Canadians and Americans. They land in places like Turkey then cross over to Syria and join ISIS where they are put at the front lines to fight. They leave places like Germany, the UK, Canada and the US with debit cards, value added cards and credit cards linked to bank accounts in their home countries. Those cards are used when defectors arrive overseas. Their friends and families are then called upon to fund their activities by loading up bank accounts so that funds can be withdrawn in the Middle East. One preferred method of terrorist financing in the credit and charge card world is to over-pay, or pre-pay charge cards in one country so that there is a large credit balance on the account that can be used in another jurisdiction by a supplementary card holder.
Before stored value cards were invented, this was a preferred way of sanctions avoidance in places like Iran where family members could be financially supported through pre-paid credit card payments. Because funds cannot be sent among certain sanctioned countries, credit cards are used to buy goods and services instead as a way to transfer value undetected by the financial system. Financial institutions, money services businesses and other remittance services are unwittingly used to finance terrorism by facilitating payments and funds transfers for use in terrorist hot spots.
All financial institutions can know with the push of a computer button, the extent to which their customers are undertaking financial transactions in hot spots. Credit and debit card issuers also know in real time when their products are used and precisely where by virtue of the card magnetic strips that generate an electronic message to the issuer through the merchant’s POS machine or ATM machine.
Several Tweet accounts of IS members have joked about how the US has tried to harm IS financially and noted that there are still ATM machines all around from which they readily withdraw cash from overseas.
4. Payments in the west
In addition to funding terrorist attacks on critical infrastructure and to individuals, terrorist financing will be used to support home-grown terrorist group attacks in places like Canada, France, Germany, Australia and the US. Terrorist financing supports the violent aspects of terrorism but it also supports the non-violent activities such as paying a group’s operations in western countries (e.g., travel, training, rent, social media activities, and credit card expenses).
Terrorist financing in this area involves payments from the exterior to lone wolf-types persons or larger groups and it also involves internal payments or funding (domestic) whereby persons fund a lone wolf or another group’s activities in furtherance of terrorist activities that are domestic. The numbers are significantly lower than other types of terrorist financing but are just as significant because an attack to domestic critical infrastructure unfortunately requires much less in the way of an economic investment by terrorists. Domestic monitoring by financial institutions and money services businesses in the west is critical to detecting and preventing domestic terrorist financing.
Stopping the financing of terrorism
Financial institutions, and other financial service vehicles that assist terrorist financing, even unwittingly, negatively impact the integrity of the global financial system and threaten international security.
Banks risk reputational damage to their organization and may harm NGOs that provide humanitarian and other aid to hotspots for engaging in terrorist financing. Obviously, as well, they are exposed to litigation claims for terrorist financing, sanctions avoidance and regulatory action for doing so, both institutionally and for their directors and officers individually.
The government role is to provide greater and better education on terrorist financing to financial institutions and the population generally. Its role also should involve greater regulatory scrutiny over financial institutions for compliance with terrorist financing.
In order to protect the financial system from being used for the financing of terrorism and minimize the risks to international security, there are six key areas with which banks should be careful in addition to those that arise from the foregoing:
- Funds involving the use of conduit countries to fund terrorism such as Turkey, Lebanon, Jordan and UAE and sanctioned areas.
- Use of the banking system by IS, its agents, terrorist oil purchasers and others to move funds to and from terrorist organizations and in many cases to tax havens through wealth management companies using beneficial ownership structures.
- Co-mingling funds such as sending multiple wires in a bundle to hide the actual sender or recipient of the funds.
- Sending funds to known hotspots using remittance services and banks, between individuals in home jurisdictions and the hot spots, mostly from western states to conduit countries.
- Online payment systems and stored value cards, particularly in conjunction with social media wherein the IS allegedly uses Twitter and WhatsApp to solicit requests for payments by PayPal and other online payment methods. Likely, such accounts are held in the names of multiple individuals in order to avoid detection.
- According to AUSTRAC, digital payment systems which are new, such as digital (or virtual) currencies such as Bitcoin, pose an emerging risk of terrorist financing which may increase as they grow in popularity, particularly given that they are by design, anonymous.
Domestic red flags
Terrorist financing involves raising the funds, transferring them and then using the funds. Different private enterprise participants have different roles to play in each of those aspects. The difficulty in this area is drawing a link between the activities and terrorist financing.
Some indicators that may raise a red flag domestically for financial institutions in the west include:
- Wiring funds to high risk jurisdictions in close geographical proximity to IS (conduit countries such as Turkey, Lebabon);
- Use of debit cards in high risk jurisdictions, particularly in cases where the client is in the west but the card is being used in the Middle East;
- Multiple beneficiaries in a wire being sent from one sender to the Middle East;
- Multiple low-value transfers domestically and internally without any reason or obvious connection;
- Sudden activity in an account that is inconsistent with customer profile; and
- Multiple parties using the same telephone number or address to conduct wire transfers.
If we want to stop terrorist financing, we have to make a greater effort to require that financial institutions of all types, including money services businesses, quit providing banking services to terrorist organizations and their sympathizers wherever they may be in the world, including in the west.
We ultimately want terrorist organizations to be a financial island.