A new ‘No Fly’ List
The Treasury Department essentially has a 1,000-page financial no-fly list.
I am old enough to remember Richard Nixon’s famous ‘Enemies List” and later watched the Federal Government’s ‘No Fly List’ which grew in response to the 9/11 attacks in 2001 from 16 people deemed “no transport” because they “presented a specific known or suspected threat to aviation” to more than 103, 440 today. And because so many “False Positives” started to occur – when a passenger who is not on the No Fly List has a name that matches or is similar to a name on the list – denying these passengers from boarding a flight unless they can convince the airline that they are not that person. In an effort to reduce the number of False Positives, DHS announced on April 28, 2008 that each airline would be permitted to create a system to verify and store a passenger’s date of birth, to clear up watch list misidentifications.
False Positive passengers will not be allowed to board a flight unless they can differentiate themselves from the actual person on the list, usually by presenting ID showing their middle name or date of birth. In some cases, False Positive passengers have been denied boarding or have missed flights because they could not easily prove that they were not the person on the No Fly List. But what if you don’t know that your name is on the list? And if it is, how do you get your name off this list, if indeed it is a False Positive? And what do you do if you are on another list that you have never heard about?
I say all of this because I recently read a story in the Huffington Post by Ben Walsh –Your Financial Life Could Be Ruined If Your Name Is On This Massive Government List – about another government list that I had never heard of. Take the case of Muhammed Ali Khan tried to do one of the most boring, responsible things an American taxpayer can do: set up a government-guaranteed retirement savings account. He was rejected because the Treasury Department thought he might be a terrorist. But he isn’t. He’s a software consultant from Fullerton, California. But he shares a first name (with a different spelling), last name and middle initial with a financier of a Pakistani terror group.
That man, Mohammad Naushad Alam Khan, is on the Treasury Department’s Specially Designated Nationals and Blocked Persons List (SDN). The 1,026-page catalog lists people and organizations that U.S. citizens and residents are barred from doing business with because of their ties to terror cells, drug cartels or rogue states. The SDN is essentially a financial no-fly list that cuts people off from U.S. banks ― and, as a result, the global financial system. The SDN has more than doubled in length in the last five years.
Khan later found out that his credit reports from Experian and TransUnion had also been flagged as a potential match. Luckily the trouble that caused him, was relatively minor ― after he got over the shock of seeing a terrorism flag on his credit report, he spent a few hours navigating customer service lines with the Treasury Department and the two credit bureaus. He got his retirement account set up and his credit reports cleared after providing some personal information to show that he was not the man who had financially supported the 2008 Mumbai attacks.
Some other people wrongly believed to be on the SDN ― either because they share a name with someone who is or because their name partially matches an alias used by someone on the list (and international criminals often have a lot of aliases) ― are hurt far worse than Khan. As a result they can have their airline ticket purchases rejected or hotel reservations declined. Their bank accounts can be frozen. Loans to buy a home or a car can be declined. Wire transfers can be seized and held for up to a year while the freeze is litigated, which can destroy small businesses, block real estate transactions or delay inheritances.
Such delays impose “a tremendous burden,” said Peter Djinis, a former anti-money laundering regulator at the Treasury Department. “It can become a business disadvantage to people whose name just happens to be similar to that of someone actually on the list,” he said. “This is a real problem.”
“Bank accounts can be frozen. Loans to buy a home or a car can be declined. Wire transfers can be seized and held for up to a year.”
The Treasury Department’s Office of Foreign Assets Control, or OFAC, maintains the SDN list. The catalog was created in 1940, but the department massively increased its efforts to block terrorist financing after the Sept. 11, 2001, attacks. OFAC is a relatively small office compared to other parts the law enforcement and national security apparatus, although the Treasury Department claims that OFAC has enough staff and that its size is appropriate relative to U.S. sanctions programs. However, OFAC is especially small relative to its mission of blocking thousands of people from the U.S. financial system. This means day-to-day enforcement is largely left up to the private sector.
A Treasury Department spokesman said that OFAC manages individuals and entities on its list in coordination with relevant U.S. government agencies, and has processes in place to ensure that designations are applied appropriately, and to assist and provide due process to anyone who believes they should be removed. And due to a backlog a whole industry has popped up around this, producing what is known as interdiction software ― programs that banks use to see if a customer’s name matches one on the blocked list. This software produces a staggering volume of hits and leads to lots of false positives, like Khan’s.
Banks tend to be conservative in their risk management, and cast as wide a net as possible to try to stop anything improper. This is because sanctions are enforced under the legal standard of strict liability, meaning any transaction with anybody on the list is illegal, regardless of intention. Fines are steep, too: either $284,000 per violation, or twice the value of the transaction ― whichever is higher. Companies that peddle interdiction software turn banks’ worries into a selling point. Yet the software’s results often don’t live up to its promises, and financial institutions are struggling to deal with the mountains of data the software produces. The Treasury Department declined to comment on interdiction software.
Realize that that big banks, credit card companies and payment processors at most, only have between 200 and 500 employees to sift through hits and gather information to try to clear false positives from the OFAC list. When a potential client’s name matches one on the list, the financial institution staffers then have to call OFAC to figure out if the person really is on the SDN or if they are dealing with a false positive. The SDN doesn’t provide much in the way of specifics ― a name, a few aliases, a nationality and sometimes a date of birth. Financial institutions complain that they would like more identifying information about the people on the SDN so they could vet their customers more quickly.
But the government is often hamstrung because it has limited personal information about the people on the list, often because the SDN targets are concealing as much about their lives as possible. The Treasury Department says that it compiles and releases as much identifying information about the people on the list as it can in order to reduce the number of false positives. The department declined to release data on the number of transactions or transfers halted due to false positives.
“It can become a business disadvantage to people whose name just happens to be similar to that of someone actually on the list.”
Peter Djinis, a former anti-money laundering regulator at the Treasury Department
False hits ― people like Khan ― are “a bigger problem, not a smaller problem,” explained Djinis, the former regulator. And clearing up false hits is a labor-intensive process. The safe, simple option for the financial institution is often to just stop doing business with a customer whose name gets flagged.
The complex nature of financial transactions makes this process even more difficult for customers with names that are likely to get wrongly flagged. For instance, a simple money transfer abroad might involve two retail banks and an intermediary bank to facilitate. The transfer can be held up if software run by any of the three banks flags any party involved.
Some financial institutions have tried to fix this by buying more software to help sort through the results ― which is great for the software providers, and could help the people the system has wrongly flagged. “We are going to make so, so much money selling them stuff to fix this,” the software executive said. The application of the SDN list has become “guilt by association,” said Shereef Akeel, a civil rights lawyer in Michigan who has worked on the issue. The Treasury spokesman said the department wasn’t worried that enforcing the list raised any civil rights issue.
The vast number of false positives, Akeel said, “actually compromises our national security … because everyone is busy looking at all these other names, they don’t have enough time to really catch the bad guys.” Instead, Akeel said, the burden falls on people like Khan, who have to try to prove that they are not someone else. Although Khan succeeded in setting up his retirement fund, but there’s no way for him to proactively tell every U.S. financial institution that he isn’t Mohammad Naushad Alam Khan.
In response to 9/11 we have allowed the government to extend the reach of Big Brother broad surveillance far beyond the levels permitted by the US Constitution and the Bill of Rights. And because so many of the programs overlap and interrelate among one another without a central server and intense backbone monitoring false positives will continue if not increase. So if you find yourself in a similar position of Muhammad Ali Khan there are ways to cure the problem that you can do yourself.