Security Dialogue

Security Dialogue http://sdi.sagepub.com/

Towards a 'new' political anatomy of financial surveillance Security Dialogue 2011 42: 161 DOI: 10.1177/0967010611401472

The online version of this article can be found at: http://sdi.sagepub.com/content/42/2/161 Published by: http://www.sagepublications.com

On behalf of:

International Peace Research Institute, Oslo

Additional services and information for Security Dialogue can be found at: Email Alerts: http://sdi.sagepub.com/cgi/alerts Subscriptions: http://sdi.sagepub.com/subscriptions Reprints: http://www.sagepub.com/journalsReprints.nav Permissions: http://www.sagepub.com/journalsPermissions.nav

Downloaded from sdi.sagepub.com at Fondation Nationale on May 9, 2011

Special Issue on The Global Governance of Security and Finance

Towards a ‘new’ political anatomy of financial surveillance

Security Dialogue 42(2) 161–178 © The Author(s) 2011 Reprints and permission: sagepub. co.uk/journalsPermissions.nav DOI: 10.1177/0967010611401472 sdi.sagepub.com

Anthony Amicelle

Sciences Po Paris & Centre d’Etudes et de Recherches Internationales (CERI), France

Abstract This article examines dynamics of financial surveillance and risk-based regulation in the context of ongoing activities to combat money laundering and terrorist financing. Close analysis of the situation in the UK reveals entangled forms of co-regulation and ultimately co-production of surveillance that challenge ‘institutional boundaries’ of the state regarding policing and intelligence practices. It is argued that ongoing transformations in the anti-money laundering field reveal a dual movement that combines forms of indirect administration with a process of ‘neoliberal bureaucratization’.The article aims to show how current policies against ‘dirty money’ still paradoxically work on the basis of heterogeneous goals and misapprehensions between ‘professionals of security’ and ‘professionals of finance’.

Keywords terrorist financing, surveillance, European Union, United Kingdom, risk, neoliberalism, bureaucratization

Introduction Combating money laundering is not just a matter of fighting crime but of preserving the integrity of financial institutions and ultimately the financial system as a whole. (Sherman, 1993: 20)

From the ‘war on drugs’ to the ‘war on terror’, consensus on the usefulness of the so-called fight against ‘dirty money’ has been based on two distinct professional logics. The initial 1989 mandate of the Financial Action Task Force (FATF)1 aimed at providing ‘a decisive contribution to the fight against criminal activities and above all against drug trafficking, and to improve the soundness of the international financial system’ (see FATF, 1991). Since then, the FATF’s international recommendations have been extended to include other targeted issues (e.g. ‘serious offences’, terrorist financing and the financing of nuclear proliferation) in accordance with the political agendas of various FATF member-states. Nevertheless, current FATF and European Union measures do not simply refer to the suppression of criminal activities and political forms of violence.2

Corresponding author: Anthony Amicelle Email: [email protected]


162

Security Dialogue 42(2)

They continue to also refer to the protection of financial institutions and the financial system as a whole. Seen from this point of view, the foundations of existing anti-money laundering measures cannot be fully understood via an analysis that is limited to the level of national stances. Indeed, it should be noted that the historical development of the fight against ‘dirty money’ has reflected an implicit conjunction of interest between ‘professionals of security’ (e.g. ministries of the interior, police departments and intelligence services) and ‘professionals of finance’ (e.g. ministries of finance, banking supervisors and financial institutions). While professionals of security have been involved in the fight against money laundering as a way of tackling criminal organizations, professionals of finance have been focused on another objective, that of preserving the financial system and its actors. In other words, the aim of professionals of finance has been not so much to combat money laundering and crime as to prevent the use of the banking system for ‘illegitimate goals’. Accordingly, various ways of defining the ‘problem’ and the ‘solutions’ have coexisted, reflecting a range of different interests and different systems of perception. Consensus on the usefulness of anti-money laundering activities is based on this assemblage of professional logics, illustrating the ambivalent foundations of interventionist policies against ‘dirty money’. The fight against ‘dirty money’ aims at attacking criminals via the ‘sinews of war’ (i.e. money) but without threatening the existing economic order, since preservation of the latter is also a goal. Now, while these two goals are not necessarily antagonistic, they do exist on two different levels, and thus their juxtaposition can be a source of tensions and ambiguities between two professional worlds – that is, between professionals of security and professionals of finance. Accordingly, current practices of financial surveillance involve a range of different actors with different interests and know-how who now have to interact with each other. The progressive implementation of FATF recommendations has generated legally binding duties and compliance policies for ‘regulated institutions’ (mainly banks). These have to operate within normative constraints such as ‘Know Your Customer’ (KYC) rules and specified standards for reporting and record-keeping. They are obliged to verify the identities of their clients, to report ‘suspicious transactions’, to keep detailed records of their business relationships for a specified amount of time, and to respond to enquiries from competent authorities (mainly the national financial intelligence unit [FIU] of each individual member-state).3 Financial institutions and other regulated actors have become ‘traffic wardens’ that are required to assist in regulating the flow of financial traffic. The banks hence participate in state mechanisms of security to the extent that they have not only to maximize but also to filter financial mobility, paralleling in a fashion ‘the twin and apparently contradictory aims of the airport’ in relation to the mobility of people and goods (Lyon, 2007: 123; see also Salter, 2007).4 In this article, I set out to examine the ‘social productivity’ of current policies against ‘dirty money’ that paradoxically work on the basis of heterogeneous goals and the existence of a certain degree of misapprehension between professionals of security and professionals of finance. My primary aim is not to set out an analysis involving comprehensive and univocal formulations regarding the success or failure of current policies. Rather, it is to highlight the trajectory of the regulatory tone on financial crime to enable us to better understand current practices and their broad sociopolitical effects. I argue that ongoing transformations within the anti-money laundering field caused by the official advent of a ‘risk-based approach’ have led to a dual movement that combines forms of indirect administration with a process of ‘neoliberal bureaucratization’.5 This dual movement highlights entangled forms of co-regulation and ultimately co-production of financial surveillance that challenge the classical boundaries of state interventionism.


Amicelle: Financial surveillance

163

The article begins with an exploration of the process of normalization of anti-money laundering regulations towards a convergent language of risk that is based on a ‘neoliberal art of government’ and the use of an ‘as if’ logic in relation to the management of risk. Then, the article attempts to put into context the promotion of new kinds of relations between police and intelligence services on the one hand, and banking actors on the other. This second part finds that in practice professionals of finance subordinate the goal of preserving the financial system and of fighting crime to a more immediate concern with protecting the bank from the regulators and avoiding penal sanctions for not reporting a standard amount of suspicious cases. The increased sharing of (sensitive) information in the practice of financial surveillance is here conceptualized as a two-way flow. Ultimately, this part highlights inherent tensions in the articulation of diverse normativities around one pervasive and elusive word (i.e. ‘risk’) whereby the ambivalent relations between professionals of security and professionals of finance crystallize. Although it is perilous to try to indicate general trends from a single case, the article draws on the experiences of the United Kingdom to illustrate the diffusion of new modalities against ‘dirty money’ at the European level. Whereas the practices of individual European member-states are all slightly different, the influence of the so-called UK model at the level of the European Commission and the European Council justifies this particular spotlight. Thus, the focus on one particular model (i.e. that of the UK) does not consist solely in showing latent regularities, but also includes consideration of the practical elaboration of specific forms of organization and action (Lascoumes, 1994: 253). The content of the article is based on interviews conducted at the international, European and UK level (with representatives of the FATF, the European Commission, the European Council, the European Parliament, various trade associations, and UK administrative and financial institutions) as part of an ongoing doctoral research project.6

Managing financial mobility, processing uncertainty Political responses to the events of 11 September 2001 gave added impetus to existing anti-money laundering programmes, which were seen as relevant for efforts aimed at starving terrorists of funding despite the differences between money laundering and terrorist-financing activities (Levi, 2008; Clunan, 2007; Fitzgerald, 2004; Zagaris, 2003). The international focus on terrorist financing did not begin with the 2001 attacks, however, and can be traced back to at least the 1990s (Bantekas, 2003), and particularly to the United Nations’ (1999) International Convention for the Suppression of the Financing of Terrorism. Somewhat paradoxically, though, it seems to have been a general lack of interest in the French proposals for this Convention that led to its swift adoption after less than a year of negotiations (Thony, 2009). Moreover, the 1999 Convention was far from attaining the required 22 ratifications at the time of the 9/11 events, since just four countries had ratified the document at that time. In contrast, the adoption of Resolution 1373 two weeks after 9/11 and pressure from the USA and the G-7 had a tremendous impact on the financial aspects of the fight against terrorism, and counter-terrorism strategies have since transformed the configuration of financial monitoring policies. According to post-9/11 regulatory developments and official discourses, being able to follow a trail of financial transactions not only allows the confiscation of illicit money after a crime, but also represents a key proactive intelligence tool for preventing acts of political violence (Amoore & De Goede, 2005). The UK Treasury, for example, emphasizes the ‘key role’ played by financial information, which is not limited to ‘looking backwards’ after a terrorist attack, but also includes ‘looking sideways’ as well as ‘looking forward’ in order to identify ‘the warning signs of criminal


164


or terrorist activity in preparation’ (HM Treasury, 2007: 10). In other words the criminal police approach does not appear sufficient for security professionals to prevent erratic violence. Accordingly, their focus is on possible ‘warning signs’ that might enable action to be taken in relation to suspicious activities before a ‘catastrophe’ actually materializes. Within such an intelligence-led framework, traceability – involving a set of techniques that enable the methodical storage of information, making it possible to ‘follow the money’ – also means indefinite monitoring for detection of unknown associations regarding potential violent activity.7 This preventive and proactive move of financial surveillance has been accompanied by a regulatory and organizational shift away from a ‘rule-based approach’ and towards a ‘risk-based approach’, which in turn has been accompanied by the growth of a ‘risk industry’ within the financial sector. The prioritization of terrorist financing has had a twofold impact on the practices of the regulated actors that bear the responsibility for a major part of the implementation of the institutional framework against ‘dirty money’. On the one hand, the post-9/11 emphasis has radically extended the obligations of these financial ‘traffic wardens’. On the other hand, risk-based regulation has given regulated actors more room for manoeuvre in terms of how they execute their due diligence.

Co-translation of rules: Autonomy and responsibility Henry Rothstein and John Downer (2008: 6) remind us that ‘at its simplest, risk-based policymaking is the practice of targeting policy in proportion to potential threats to society, considering both their likelihood and consequences’. Regulated financial institutions have regularly criticized the costs and administrative burdens of the traditional regulatory approach towards anti-money laundering activities. They have mainly criticized the use of a ‘rule-based approach’ to compliance that would prescribe detailed, mechanical and systematic obligations without flexibility and cost– benefit analysis. Although banking-sector actors have not presented a unanimous stance on the issue, there has nevertheless been a general demand to move away from what O’Malley (2006: 414) calls ‘uniform practices in which every case is accorded the same degree of scrutiny’. Thus, regulated financial actors have been increasingly opposed to juridical-administrative constraints that would lead to the creation of a mountain of useless paper rather than successful crime detection. While the prioritization of terrorist-financing issues in the post-9/11 environment tended to impose broad new requirements, financial actors denounced the ‘one size fits all’ approach and its uniform bureaucratic practices as a waste of time and money. Various national regulators (mostly UK regulators) and international standard-setters, such as the FATF and the Basel Committee on Banking Supervision (BCBS),8 have responded to the regulatory-burden issue by proposing the adoption of a risk-based approach to financial surveillance. The Basel Committee formally presented such a proposal in October 2001 in its updated report on ‘Customer Due Diligence for Banks’ (BCBS, 2001). This paper already argues that efforts and resources need to be focused on the most ‘risky’ entities and that the burden of monitoring ‘“ordinary” retail clients’ should be reduced, as explained by Charles Freeland (2002), former deputy secretary general of BCBS. In other words, resources that are allocated to the fight against ‘dirty money’ should ‘follow the risk’. Customer-identification procedures and record-keeping/monitoring of account activities are still needed, but the level of due diligence should be tailored to the ‘risks’ involved. Thus, the novelty involved in the institutionalization of the risk-based approach consists in reconfiguration, complexification and overlapping, rather than suppression of previous modalities. Accordingly, the Basel Committee’s document on banking supervision (BCBS, 2001) has contributed to a reframing of the fight against financial crime as a risk-management process for banks. The International Association of Insurance Supervisors (IAIS) and the International Organization



165

of Securities Commissions (IOSCO) have also contributed to the diffusion of risk management within the area of financial crime (BCBS et al., 2003). For the first time, the revised version of the FATF’s ‘40 Recommendations’ document published in 2003 allows countries to determine the extent of customer due diligence measures on a risk-sensitive basis (FATF, 2003). Finally, during the UK’s presidency of the FATF, the intergovernmental body officially published its own ‘Guidance on the Risk-Based Approach to Combating Money Laundering and Terrorist Financing’ (FATF, 2007) and the European Union (2005) endorsed risk-based regulation with its ‘Third Money Laundering Directive’. As highlighted both by the 2007 FATF document and by interviews conducted in the UK with Treasury officials and representatives from the banking sector, the first set of FATF guidelines were prepared and drafted in close collaboration with banking-sector actors that included national, European and international trade associations, as well as individual institutions (Heng & McDonagh, 2009). Moreover, note should be made of the banking sector’s own propositions aimed at promoting a risk-based regulatory agenda at the transnational level, such as various statements by the Wolfsberg Group (2002, 2006).9 As transnational actors, the largest accountancy and professional services firms (i.e. the auditing industry) have represented another channel of diffusion and implementation regarding ‘risk-based best practices’ in relation to money laundering/terrorist financing (Favarel-Garrigues et al., 2010). This focus on risks (particularly operational, legal and reputational risk categories) has recast the ‘dirty money’ issue within the ‘lingua franca of business management and even of general public policy’ (Rothstein et al., 2006: 92). Henceforth, this conversion means that obligations related to the fight against ‘dirty money’ tend no longer to be perceived as external rigid security constraints. Instead, these obligations tend to be inscribed within integrated approaches that consider the whole risk-management strategy of regulated institutions. Given the above analysis of risk-based approaches, one might argue that the post-9/11 priority on terrorist financing has generated a normalization process of risk-based regulation rather than a new trend of financial re-regulation, as is often asserted or expected. The overused notion of ‘deregulation’ in the field of finance does not mean absence of rules, although the ambiguity of the notion might seem to suggest that capitalism has been without regulation since the start of the ‘neoliberal turn’ in the 1980s (Dardot & Laval, 2009; Jobert, 1994). Financial liberalization has not annihilated collective initiatives related to supervision as such. The deregulation of financial markets has been associated with the implementation of prudential policies (Basel I/II) as a specific mode of risk-based regulation.10 Here, my purpose is not to deny that the broad label of risk management conceals a heterogeneous group of practices. Rather, it is to underline heuristic continuities and the convergence of a common regulatory discourse. For instance, the growing significance of ‘operational risk’ (since the 1990s) has represented one privileged channel for including financial crime within the risk lingua franca of banks. The worldwide expansion of this key concept is often associated with the spectacular collapse of Barings Bank in 1995 and the image of the ‘rogue trader’ (Nicholas Leeson), as well as other ‘killer events’ (Power, 2005). While the 1988 Basel I accord was originally focused on credit risk,11 and later on market risk,12 the issue of operational risk has been an official hot topic for BCBS since the end of the 1990s and has been associated with the Basel II proposals (BCBS, 1998). Its large and evolving definition has encompassed a wide range of ‘risk objects’ and banking practices. It has enabled the introduction of related notions such as ‘legal risk’ and ‘reputational risk’. Thus, the emergence of a risk-based approach to terrorist financing also needs to be reinscribed within this general dynamic of mobilization of new categories under the umbrella of risk management.


166


Furthermore, one ideal of ‘monitored self-regulation’ has emerged from the prudential supervision, mainly with Basel II but even before.13 This has blurred the distinction between regulators and regulated actors in relation to risk-based regulation. It refers to an interactive process of ‘meta-regulation’ whereby supervisors/regulators tend to simply regulate ‘firms’ own internal self-regulation’ (Black, 2005: 8; see also Lordon, 2008). Compared to this developing trend, the previous regulatory tone of anti-money laundering standards appears as something of an exception in the world of financial regulation, insofar as regulators had imposed rigid measures rather than a simple methodology. Accordingly, the diffusion of best practices under the banner of risk management in the fight against ‘dirty money’ highlights the harmonization of financial regulatory discourse as a whole. In accordance with this statement of harmonization, the formation of the fight against terrorist financing does not differ from any public policy, insofar as this formation essentially constitutes a re-assemblage of pre-existing elements (i.e. anti-money laundering, targeted economic sanctions [lists] and prudential financial policies) within a single totality, rather than a creatio ex nihilo. Accordingly, criticism of the regulatory burden has emphasized self-enforced compliance rather than the ‘tick box’ or ‘one size fits all’ approach of prior anti-money laundering laws. Banks must develop a risk-based approach in order to assess their business relationships (FATF, 2007). This strategy of regulation tends to be based on a ‘co-regulation model’, increasingly involving association between hard laws (as high principles) from state authorities and norms of implementation (as practical guidelines) from banking actors. Such a process of hybridization can involve delegating the process of codifying norms to business actors. Within the context of the European Union, the example of the UK’s Joint Money Laundering Steering Group (JMLSG) is particularly striking. The JMLSG is an autonomous coalition of the leading UK trade associations in the financial sector. It is involved in codifying ‘good practices’ for the sector and provides practical assistance in interpreting UK money-laundering regulations that mainly implement EU rules and decisions. The JMLSG (2007) produced the official industry guidelines that were submitted to the Treasury department for formal ministerial approval. Therefore, social scientists cannot afford to ignore the crucial role of the JMLSG as a technical translator of legislation if they wish to understand the process of transposition of European Union measures. In the UK, the Treasury and the Financial Services Authority (FSA)14 prefer to act indirectly, setting out broad principles to be followed but delegating detailed implementation to the regulated sector itself. In other words, the FSA’s riskbased regulation primarily sets out procedural frameworks and procedural requirements rather than specific contents. This trend is not so developed in the other EU member-states, and is rather a general feature of the UK’s public policies (Faucher-King & Le Galès, 2010). Nevertheless, the European fight against money laundering/terrorist financing tends to be mostly implemented through forms of indirect administration – that is, through a form of ‘monitored self-regulation’ (Favarel-Garrigues et al., 2009: 10).15 Although these self-regulatory mechanisms might be viewed as forming another example of the ‘withdrawal of the state’, I would argue that they represent rather a particular kind of interventionism in which key concepts are autonomy and responsibility. This kind of indirect interventionism does not impose rigid measures but promotes techniques of self-regulation that provide autonomy while simultaneously delegating responsibility and ‘risks’ in relation to the translation and implementation of abstract rules. Such a process of ‘responsibilization’ forms part of a neoliberal approach to government that is less about ‘submission’ than about incentives for individual ‘initiatives’ and autonomous decisionmaking.16 Of course, these incentives for autonomy are not limited to collective bodies such as the JMLSG. They also concern each financial firm and its senior management. The JMLSG (2007: 11) guidance document allows some discretion in terms of how the



167

JMLSG’s guidelines are ‘tailored by firms to their particular business risk profile’. Even departures from the industry’s guidance document are potentially allowed, as long as senior management can properly explain and justify their need for flexibility to the FSA. Given the complex nature of this regulatory landscape and the government techniques outlined above, one of the fundamental implications of risk-based regulation regarding anti-money laundering is therefore the displacement of accountability from state authorities to ‘actors’ who are both autonomous in terms of how they carry out their assessment and management of risk and solely responsible for any failures they might make.

Risk industry, situations of uncertainty While traceability techniques are presented as the basic condition of capital mobility controls (Amicelle, forthcoming), the process of sorting financial flows now centres on a ‘differential risk assessment’ that is mostly the responsibility of financial institutions. The sorting of financial activities thus becomes a routine task for banks, which use filtering and profiling software to categorize clients and transactions, utilizing ‘blacklists’, data-mining techniques and specified risk criteria to automatically detect ‘unusual’ activities. Regulated institutions have therefore implemented internal systems that rely heavily on technological tools designed to carry out such sorting processes. The provision of technological solutions to combat financial crime did not begin with the focus on terrorist financing, but the expansion of this risk industry has been particularly spectacular since 2001. In this context, it is interesting to note that EU-supported security research has included projects such as GATE (Next Generation Anti-Terrorism Financing Methods), which aimed at developing ‘new adaptive multidisciplinary modelling techniques to detect criminal behaviour by flagging suspicious human behaviours for Anti-Money Laundering’.17 The ways in which such computer software functions resembles the earlier data-mining exercises that were developed by financial institutions for credit scoring and other types of customer-related assessment (Backhouse & Canhoto, 2007). The redeployment of commercial risk equipment in the surveillance technologies used in the fight against ‘dirty money’ has been massive. Many companies now sell ‘advanced data analysis solutions’ like GATE and are attempting to capitalize on the growing market opportunities of what Larner (2009: 51) calls the institutionalization of ‘terrorist risk as a global business practice’.18 These tools are designed to enable end-users to differentiate between what is ‘normal’ and what is ‘suspicious’ for each of its business relationships, with real-time payment screening, transaction monitoring and client screening. Such profiling software aims at analysing the specific characteristics of every single customer; supporting contextual and historical analysis; recognizing risk factors (country risk, product risk, etc.) and ‘known patterns’ of money laundering and terrorist financing (i.e. identifying ‘unusual activities’; see, for instance, the FATF’s official typologies); detecting predetermined risk scenarios that can be fine-tuned by end-users; and centralizing all red flags in a single decisionmaking unit regardless of where a particular financial transaction occurred. Through the adoption of such an approach, all operations can be examined in real time by a combination of matching techniques such as behavioural profiling, list analysis and comparison with peer groups. One of the big issues here involves the process of specifying the parameters of these tools and managing the risk categories that influence the decisions. The tasks of defining the criteria used in sorting processes and interpreting the outcomes of those processes mainly fall on financial institutions. Various studies have pointed out that profiling is not just a technical process but also a social one, in which the subjectivities of the analysts play an important role (Backhouse & Canhoto, 2008; Favarel-Garrigues et al., 2009). This socio-technical process can have a real impact upon the


168


individuals being profiled. This issue of subjectivity is especially problematic in relation to methods of terrorist fundraising that are difficult to detect owing to factors such as the relatively low value of the transactions involved or the use of ordinary financial operations to provide support for ‘terrorist groups’. Given the enormous difficulties involved in detection, it would probably be better to say that regulated actors have to manage ‘situations of uncertainty’ (Callon et al., 2001) rather than risks. In other words, the official risk-management discourse deals with efforts to manage ‘risk objects’ regardless of the extent of available information about probability – that is, the challenge is to make manageable ‘“tail” events at the limits of systematic knowledge’ (Power, 2007: 115).19 Here, the difference between ‘risk’ and ‘uncertainty’ is not at all about intrinsic properties and calculability. Instead, the distinction depends on modalities of treatment that make regulated actors accountable for organization, management and decisions on non-measured risks, and oblige them to justify the decisions they make. These modalities of organization and decidability convert uncertainties into risks to the extent that they paradoxically routinize organizational procedures to enable daily action on low-probability/high-impact phenomena. Let me be clear here, this does not mean that the framing of terrorist financing as risk makes it possible to measure the probability of terrorist activities and/or to prevent them more effectively. To apply Power’s formula for the present topic, the real issue is more simple: ‘organizations must be seen to act as if the management of risk is possible’ (Power, 2007: 6; emphasis in original). The risk-management issue at stake is mainly one of means rather than one of ends. The message communicated by market leaders in anti-financial crime technologies is simply the logic of ‘as if’ and the suggestion that regulated actors need to ‘equip themselves’ to be protected from regulators. Vendors use catchy slogans such as ‘it’s all about accountability’, ‘ensure that your anti-money laundering efforts satisfy regulators’, etc. Software providers emphasize the consequences of non-compliance for banks and their senior management (fines, penalties, prison, damaged reputation, decline of shareholder value, etc.). Indeed, the vast majority of the sanctions available to regulators deal not with actual cases of money laundering or terrorist financing but with cases of unjustified lack of appropriate procedures or unexplained decisions. Thus, risk management also aims at establishing auditable processes or, from a more cynical point of view, procedural alibis to avoid sanctions. Seen in this light, software providers also explicitly sell a ‘form of bureaucratic insurance’ (Hood et al., 2001: 179). Moreover, the FATF acknowledges that by definition the risk-based approach cannot be a policy of zero risk and that regulated actors cannot stop all ‘dirty money’, though they do have to build and show defensible compliance systems.20 Nevertheless, the uneasiness of regulated institutions and the managerial focus on technological extrapolations from data may lead to principles of action that discriminate against particular groups or individuals. As the FATF (2007: 16) guidance document also declares, an over-zealous effort to counter the risks could be damaging and counter-productive, placing unreasonable burdens on industry, and act against the interests of the public by limiting access to financial service for some segments of the population.

With reference to proactive logics, profiling techniques and practices of tracing financial flows are not problem-free (Amicelle & Favarel-Garrigues, 2009). Furthermore, there is growing recognition both of the inadequacy of anti-money laundering methods and tools for identifying terrorist funding and of the problems related to the applicability of risk-based approaches to terrorist financing (FATF, 2007). Although this sense of inadequacy is shared across the European level, the official discourse continues to argue that ‘the fight against the financing of terrorism is aimed at preventing attacks’, and that financial tools have to be proactively used to identify ‘terrorist networks’ and to develop



169

counter-terrorist intelligence (European Union, 2008: 4). The solution is then linked to new ‘public– private’ arrangements in the field of financial intelligence – that is, new forms of cooperation between professionals of security and professionals of finance to manage the ‘risk’ of terrorist financing.

Information sharing as a two-way flow:The partnership rhetoric in practice Proposals for a revised EU strategy on terrorist financing were presented in July 2008. These emphasize the need to understand the exchange of sensitive information as a two-way flow. In other words, while anti-money laundering regulations have been focused on increasing the flow of data from the financial sector to state agencies, the suggested strategy would aim to improve intelligence sharing in the other direction too. The authors of the proposals observe that money laundering and terrorist financing pursue different criminal purposes and the measures which have been successfully applied in the identification and prevention of money laundering might be less effective in the prevention of terrorist financing unless supplemented with additional information (European Union, 2008: 2).

The proposals officially take into account the work of the FATF, but it seems clear that suggestions related to the national level have also been strongly influenced by the UK strategy published in February 2007. This influence is particularly salient, but it should come as no surprise given that the UK’s Treasury department inspired and contributed heavily to the draft of the EU’s revised strategy.21 Accordingly, analysis of the so-called UK approach to tackling terrorist funds, which would involve a notable shift regarding information sharing, is particularly valuable.

Co-production of surveillance and intelligence Dialogue between state authorities and the regulated financial sector has been formalized in the United Kingdom since the creation of the Money Laundering Advisory Committee (MLAC) in 2002. MLAC was established to provide an official venue where industry, ministries, regulators and law enforcement would be able to discuss issues of financial crime. Nonetheless, the purpose of this Home Office/Treasury committee is not to discuss sensitive matters, as it deals with strategic approaches and general policy topics rather than operational activities. Other multi-agency forums and innovative relationships have been dedicated to targeting the ‘changing threat’ and work in a collaborative fashion to try to refine risk-management and prevention tools. Representatives of the UK’s financial intelligence unit (FIU), UK regulators and representatives of the financial services industry acknowledge that there are few hard and fast patterns in terrorist financing. They officially support the ‘strategic idea’ that ‘the risk-based approach therefore demands active management, with policy makers, firms and supervisors working closely together to identify and address key risks’ (HM Treasury, 2007: 43). This ‘active management’ approach has taken different forms since 2006, mainly involving collaboration with the Serious Organised Crime Agency (SOCA) and the National Terrorist Financial Investigation Unit (NTFIU). SOCA is defined as an intelligence-led law enforcement agency, and it became fully operational in April 2006. In relation to financial crime, SOCA took over the management of the UK FIU from the National Crime Intelligence Service (NCIS), which had previously been responsible for the UK’s suspicious activity reports (SARs)22 system. The period of transition was also related to the publication of the Sir Stephen Lander’s (2006) report on the SARs regime in March 2006. After the


170


London bombings of 7 July 2005, the Treasury and the Home Office asked Lander (chairman of SOCA) to carry out a review of the existing SARs regime. The creation of new ‘hybrid’ forums was a key element of the 24 recommendations set out in the subsequent report as ways to ‘address weaknesses in the system’. This resulted in the establishment of a ‘vetted group’ in October 2006 to enable the sharing of intelligence between security agencies and the regulated sector in relation to money laundering and terrorist financing.23 The main function of this ‘SARs vetted group’ is to create a ‘security-cleared environment’ in which information can be exchanged about sensitive cases or the confidential typologies used to produce ‘alerts’. The reporting sector is represented by representatives of the financial services industry and the money-laundering reporting officers (MLROs) of the top five UK banks.24 In addition, a small SOCA unit specifically charged with addressing issues related to terrorist financing also maintains a kind of vetted group as a forum for exchange of information on such issues. This group consists of officials from the Home Office, representatives from a few selected industry actors (such as Lloyds and Barclays from the banking sector, and Aviva and Prudential from the insurance sector), and representatives from law enforcement and the intelligence services. The National Terrorist Financial Investigation Unit constitutes the main interlocutor in relation to professionals of security within this closed working group. The NTFIU is the law enforcement agency responsible for the investigation of terrorist finance in Great Britain. Regulators such as the Financial Services Authority (FSA) are not normally involved in the activities of this forum insofar as they have no mandate for intelligence operational activities. The aim of the forum seems mostly to be the communication of information about current trends and details of confidential typologies used to refine risk profiles associated with businesses and customers. Nevertheless, professionals of security are also sometimes willing to share otherwise unavailable information on specific cases: As an example of some of the things that they do, when they had Operation Overt under way,25 when that investigation was under way they had some intelligence on a number of individuals and they put this information onto a CD-ROM and each who was in the vetted group was given a copy of it to run against our databases to see whether we had any of these people as customers and if so what sort of business whose held. So that sort of thing is now happening. It’s new and it is a small vetted group with individuals they know they can actually trust, so with few selected institutions which probably cover about 70% of the population as clients.26

Thus, members of the reporting sector would learn either directly from the provision of intelligence on specific individuals or indirectly through the communication of confidential typologies what should be regarded as ‘unusual’ activities for the purposes of defining the parameters of the computer software that carries out their sorting processes. The setting up of joint working groups and informal regular meetings highlights the reinforcement of the role of professionals of security as ‘risk communicators’, to use Ericson and Haggerty’s (1997) formulation. On the one hand, these risk communicators on terrorist financing are supposed to increasingly distribute knowledge to the risk managers of financial institutions in order to ‘optimize’ practices of financial surveillance and logics of prevention. On the other hand, the Home Office has launched projects in which financial risk managers provide technical assistance to law enforcement agencies. For instance, one project gave security clearance to ‘key individuals’ from financial institutions to work with the NTFIU. In response to concerns that law enforcement agencies may not always understand how the financial services industry operates, this initiative meant that selected MLROs could actually go in and to a certain extent actually advise law enforcement officers.27 Finally, other bilateral relationships combine risk communication and technical cooperation. They highlight how the practices of police/intelligence services and MLROs intersect with, and are



171

constituted by, each other. SOCA sends members of its FIU team to the larger banks – Barclays, Lloyds TSB and HSBC – to look at their data-mining activities and to find out what they are doing with their automated systems to get ‘better and smarter’ reporting. The continual bilateral visits are justified by UK authorities as a result of the fact that ‘the public sector’s data-mining tools are not as effective as the financial institutions’ ones; that’s why there have been more data-sharing with them to give certain directions, because they have better tools’.28 The ‘routinization’ of these forms of exchange leads to a degree of co-production of surveillance and intelligence. This ongoing process continues what R. T. Naylor (2004) has referred to as a ‘quiet revolution’ and illustrates the ‘complex new spaces of governing in which public and private authorities, knowledges and datasets cooperate closely, and sometimes become practically indistinguishable’ (Amoore and De Goede, 2008: 7). Nevertheless, although various actors are placed in a position of informational interdependency, the idea of a general symbiotic relationship – which recent UK initiatives might seem to depict – needs to be balanced, and the use of a rhetoric of partnership should be put into critical perspective.

Blurred notion, heterogeneous goals There has been considerable debate among professionals of security concerning the relevance and feasibility of various methodologies for sharing confidential information with business firms. Obviously, the degree of willingness to disclose intelligence varies depending on the specific conditions of exchange and the interlocutors involved. Suggestions of a two-way flow of information are only appropriate in relation to the largest companies. Some trade association representatives complain about the limited nature of the information-sharing of even the SARs vetted group. State authorities insist on the sensitivity of their information, insisting that the regulated actors who participate in the group guarantee that information provided through the meetings will not be widely distributed within their own organizations. Some regulated actors have refused to agree to this requirement and the potential sanctions for breach of confidentiality it entails. In addition, there remains the issue of lack of feedback.29 The meetings may also reveal to the reporting sector that security and law enforcement actors sometimes know little more than they do. The typologies that they share may not be particularly operational, generating criteria for making profiles that are too ‘ordinary’. In other words, the typologies recommended by security and law enforcement actors generate categorical niches that are not manageable because they create too many false positives when used in pattern-recognition software. Ultimately, security actors and MLROs do not necessarily share the same risk logics in relation to terrorist financing. Heads of compliance within banks are primarily concerned about the risks for the reputations of their institutions and possible penal sanctions in connection with their reporting responsibilities. Their risk-management strategies thus work to minimize these risks, and may shrink to an ‘empty form of defendable compliance’ (Power, 2004: 42; Ericson, 2006). That is to say that the priority for MLROs is to protect their banks from the regulators. Their responsibility does not consist in being able to point to results in the fight against financial crime but in demonstrating the implementation of bureaucratic procedures and costly risk-management systems. Although this dynamic has resulted in economic growth within the market for consulting services and sophisticated matching techniques, its effectiveness in the fight against ‘dirty money’ is more hypothetical. 30 Consequently, use of a common language centred around the word ‘risk’ does not mean that the so-called partners are talking about the same thing and conceive risk in the same ways. Different normativities interact around this multifaceted notion of risk, which mainly remains blurred.31 Indeed, professionals of finance first translate the risk of terrorist financing into ‘legal risk’ and


172


‘reputation risk’. However, this translation refers to ‘institutional risks’,32 and the concrete prevention of such risks may not always coincide with a real impact in the fight against ‘dirty money’ constructed as a ‘societal risk’ to be managed. Given that the regulated sector has a considerable degree of autonomy regarding decisionmaking within the risk-based approach, MLROs may prefer to submit defensive reports to the UK FIU – without substantiated suspicion – just to protect themselves and their institutions from their regulators in the name of the ‘risk averse’.33 The UK FIU has acknowledged this situation of ‘defensive reporting’ and the uselessness of many of the SARs it receives, yet the reports are almost invariably stored on its ELMER database. The storage of these reports is justified on the grounds that such information might be useful in the future for intelligence and investigative purposes. Thus, the collection and storage of data seems to be driven by a sort of ‘just in case’ scenario.34 It should be remembered that the FIU does not simply receive and disseminate the SARs: it also carries out proactive analysis of the existing stock of SARs to ‘identify interesting links’ through an increasing use of data-mining tools.35 In addition, one of its official priorities is to assemble an integrative electronic network for data analysis by cross-matching SARs with other state databases and other sources of information (SOCA, 2007, 2009). Ultimately, the process of co-production of surveillance and intelligence represents an issue of considerable importance to the extent that it challenges traditional understandings of the boundaries of the state regarding policing and intelligence practices.

Conclusion: Faire faire as neoliberal leitmotiv European and international promoters of current practices of financial surveillance insist on the prevalence of traceability (as a basic condition), the increasing centrality of ‘risk’ to regulation (as a condition of flexibility and adaptability), and projects of seamless cross-organizational information-sharing (as a condition of success). This triptych is leading to new kinds of ‘public– private’ dilution, fragmentation and rearticulation. This conclusion seeks to open debate on a specific and transversal process that gradually emerges from the developments presented in this article – that is, the process of neoliberal bureaucratization. The classical work of Max Weber (2003, 2004) outlined an ideal type of bureaucracy through its descriptions of the principles and rules of ‘bureaucratic’ administration. Weber showed that modern capitalism has been accompanied by a process of bureaucratization that has transcended public and private boundaries (see Chazel, 2000; Eisenstadt, 1959). Historically, bureaucracies have been extended not only within the institutions of state administration but also within capitalist firms. Of course, one of neoliberalism’s key themes has been its harsh criticism of bureaucracy and the latter’s so-called pathologies (the paper burden, the cost burden, inefficiency, inertia, etc.). Nevertheless, it would be a mistake to interpret the expression ‘neoliberal bureaucratization’ as an oxymoron. On the contrary, the application of this concept in relation to financial surveillance reveals once again the inconsistency of the theoretical opposition between neoliberal forms of government and bureaucratization. Their relationship is far from being a zero-sum game (Hibou, 2009). Security mechanisms against ‘dirty money’ form part of the implementation of a specific political anatomy36 under the banner of a neoliberal approach to government in which the leitmotiv is no longer faire or laisser faire, but rather faire faire (Feher, 2010). In accordance with the logic of ‘government at a distance’ (Rose and Miller, 1992), each regulated actor is to be active, responsible, self-regulated and able to decide on what he or she regards as appropriate measures. Thus, this process of delegation regarding the ‘good management’ of financial flows is associated with the provision of autonomy, which actually means – for regulated actors – an incentive to implement for themselves their own detailed rules. This development of techniques of self-regulation in the fight



173

against ‘dirty money’ generates another example in which the imperative of accountability becomes a key technique of governmentality as the ‘conduct of conducts’ that plays on autonomy rather than on coercion (Foucault, 2008; Hache, 2007). In other words, ‘responsibility is seen as resting primarily on firms to regulate themselves in such a way that the regulatory objectives are being met’ (Black, 2005: 26). Although flexible compliance and the risk-management framework have been promoted – and to a certain extent desired – as a way of countering the ‘bureaucratic burden’ of a uniform rule-based approach, the neoliberal shift of regulatory competence does not appear antibureaucratic. On the contrary, the sophisticated system of ‘conduct of conducts’ it advocates may lead to a particular bureaucratic drift. The accountability of the regulated institutions depends on the enforcement of risk-management systems that are based on technologies and procedures aiming at demonstrating conformity. Self-risk assessment and self-risk management have to be checkable to the extent that regulators primarily sanction breaches regarding procedures and actors’ inability to defend their own internal decisionmaking processes. Results count less than demonstrations of codes of conduct, which thus leads to ‘protocolization’.37 Seen from this point of view, techniques of traceability systematically store information to make it possible not only to ‘follow the money’, but also – for the regulator – to follow internal procedures and to scrutinize the decisionmaking processes of regulated institutions. Hence, traceability refers both to money trails and to audit trails. This development forms part of a ‘bureaucracy through norms’ (Hibou, 2009), reflecting both indirect state interventionism and the inflation of norms that are both specified by state and non-state actors and transposed by the latter within (individualized) juridical-bureaucratic principles of action. As a result, this development is not the end of bureaucratic rationalization but rather a dual process of bureaucratization and de-bureaucratization (Eisenstadt, 1959). The uniform ‘iron cage’ makes way for a myriad of customized ‘iron cages’. At the end of the day, the results in terms of combating terrorist financing remain hypothetical, or at least difficult to assess. One can assume the existence of ‘effective policies’ (i.e. concrete implementation of regulations), but that does not mean that they achieve their stated aims and it does not erase the multiple tensions between professionals of security and professionals of finance. Notes 1. The Financial Action Task Force (FATF) is an intergovernmental body whose purpose is the development and promotion of national and international policies to combat money laundering and terrorist financing. For further details, see http://www.fatf-gafi.org. 2. For EU measures, see European Union (2005). 3. A country’s financial intelligence unit ‘serves as a national centre for receiving, analysing and disseminating to the competent authorities suspicious transaction reports and other information regarding potential money laundering or terrorist financing’ (European Union, 2005). 4. This article is focused on banks, but the number of financial ‘traffic wardens’ has constantly grown for the last 20 years. For example, the current European anti-money laundering directive covers financial institutions, credit institutions, auditors, external accountants, tax advisors, notaries and other independent legal professionals, casinos, trusts, real-estate agents and other natural or legal persons trading in goods by way of business (European Union, 2005). 5. I borrow this expression and its Weberian theoretical framework from Béatrice Hibou’s work on the political economy of neoliberalism. I am, of course, grateful for her comments and hope she is not displeased at being associated with the argument presented in this article. For previous debates on this specific formula, see Hibou (2009). 6. The project is entitled ‘The European Union Within the Fight Against Terrorist Financing: Issues and Usages of a Dispositif of Financial Flows Management’. 7. For further discussion on financial traceability, see Amicelle (forthcoming).


174


8. The Basel Committee on Banking Supervision is a committee of banking supervisory authorities that was established by the governors of the central banks of the G-10 countries at the end of 1974; see http://www.bis.org/bcbs/. 9. The Wolfsberg Group is an ‘association of 11 global banks’ that was created in 2000 (Banco Santander, Bank of Tokyo-Mitsubishi-UFJ Ltd, Barclays, Citigroup, Credit Suisse, Deutsche Bank, Goldman Sachs, HSBC, JPMorgan Chase, Société Générale and UBS); see http://www.wolfsberg-principles.com/. 10. Dardot and Laval (2009) point out that the 2008 financial crisis was less about the absence of rules than the inadequacy of a certain kind of regulation. See Aglietta (2008) for a comprehensive analysis of prudential policies and the so-called Basel I and Basel II frameworks. 11. Credit risk refers to the risk of counterparty failure (risk of loss due to the non-payment of a line of credit). 12. The BCBS (1996: 1) has defined market risk as ‘the risk of losses in on- and off-balance-sheet positions arising from movements in market prices’. 13. Although Basel II was finally adopted in 2004 and implemented in 2006, Michael Power (2007: 106) recalls that ‘the major change occurred in 1996, when the Basel Committee rules were adapted to permit the in-house models for the purpose of reserving capital against market risk exposure. This was a big shift in policy style and strategy, from a command-and-control approach which prescribed conservative risk weights to assets to one with the flavour of “enforced self-regulations”’. 14. The FSA is the independent body that regulates the financial services industry in the UK; see http://www. fsa.gov.uk. 15. For further discussion of indirect administration, see Hibou (2004). 16. For further discussion of the neoliberal agenda and responsibility, see Foucault (2008); Lemke (2001); Hache (2007). 17. See http://www.exodus.gr/gate/. 18. These firms includes Norkom Technologies, Oracle Mantas, Fiserv, SAS, Actimize, Sword Fircosoft and Ace Software Solutions. 19. Backhouse & Canhoto (2007: 411) point out that ‘in AML [anti-money laundering] it is extremely difficult, if not impossible, empirically to verify the behaviour being modelled and to predict the evolving ML scheme, or if terrorists are the focus, where and how the next terror attack will occur. This is because when analysts model ML, they do not fully know the phenomenon being modelled’. 20. ‘Authorities should publicly recognize that the risk-based approach will not eradicate all elements of risk’ (FATF, 2007: 10). 21. Interviews with UK officials and officials of the Secretariat of the Council of the European Union, 2008. 22. A suspicious activity report (SAR) consists of a set of structured and unstructured pieces of information related to a reporter’s suspicions of money-laundering activity; see http://www.soca.gov.uk/. 23. ‘I [Stephen Lander] have established a group called the “SARs vetted group”. This is composed of individuals who are more concerned with operational activity. We are intending to share intelligence with that group in a way that has never been done before, thanks to the information gateways provided by the SOCA legislation.’ From a interview by Nick Kochan with Sir Stephen Lander and David Armond of SOCA; available at: http://kochan.co.uk/docs/printerfriendly_m-l/lander.html (accessed 6 January 2011). See also SOCA (2007); HM Treasury (2007). 24. An MLRO is a person designated by a company to fulfil obligations related to reporting suspected money laundering or terrorist financing, fulfilling client-identification requirements, keeping appropriate records, training staff and fulfilling internal reporting procedures, as specified within the Proceeds of Crime Act 2002 and the Money Laundering Regulations 2007 (the position is referred to as that of a ‘nominated officer’ under the latter Regulations). See http://www.fsa.gov.uk. 25. SOCA (2007: 19) notes that ‘Operation OVERT was the generic name for the long term operation which culminated in the arrest of 24 persons for suspected terrorist offences on 10 August 2006. The UKFIU provided operational support for the National Terrorist Finance Investigation Unit (NTFIU) and counterterrorism agencies’. 26. Interview with a UK MLRO, London, November 2008. 27. ‘We get security clearance to look at investigations and actually talk to them about how we felt that the industry has been used and how the products can be used by terrorists’ (interview with a UK MLRO, London, December 2008). Downloaded from sdi.sagepub.com at Fondation Nationale on May 9, 2011


175

28. Interview with UK officials, 2008. 29. Interviews with UK officials, London, January 2009; interviews with UK MLROs, London, October– December 2008; see also House of Lords European Union Committee (2009). 30. Many MLROs confirm this view and are critical of the software vendors. For instance: ‘The service providers now have too much influence. You’ve got Worldcheck, you’ve got Factiva. First thing they tell you: How many names they have on their lists, not the quality, not the effectiveness but how many names they have. How do you balance that for the universal banking? That’s the first thing. Because institutions are scared to say to the regulators this is what we can do or this is what we can’t do, we fall back on protecting ourselves by having the biggest lists. The second thing is about software matching: the more sophisticated the software matching becomes, the more rotation of names, the more screen matching you can do, the more false positives you get. And the software companies will sell it on their ability to be clever in terms of the number of names matching they can produce. Does that actually mean they are finding terrorists? I don’t think so, but that is what the regulator wants because the regulator doesn’t actually know what’s going on. The regulator doesn’t know what the risk is. They say, we want to see that you have the biggest list possible, that you can do the most number of names combination possible. That’s the way we defend ourselves’ (interview with a UK MLRO, London, November 2008). 31. FATF (2008: 2) acknowledges the imprecision regarding the word ‘risk’: ‘There are currently no standard definitions used internationally within the AML/CFT context for the terms risk, threat, and vulnerability.’ 32. ‘By institutional risks, we mean risks to organizations (state or non-state) regulating and managing societal risks, and/or risks to the legitimacy of their associated rules and methods’ (Rothstein et al., 2006: 92). Other authors use notions of ‘associated risk’ (Borraz, 2008) and ‘secondary risk’ (Power, 2007). 33. The notion of ‘risk averse’ was used by many MLROs during interviews. 34. I thank Julien Jeandesboz for this expression. 35. For instance, see the interview by Nick Kochan with Sir Stephen Lander and David Armond of SOCA (note 23 above). 36. To use Michel Foucault’s (1977: 138) words: ‘The “invention” of this new political anatomy must not be seen as a sudden discovery. It is rather a multiplicity of often minor processes, of different origin and scattered location, which overlap, repeat, or imitate one another according to their domain of application, converge and gradually produce the blue print of a general method.’ 37. ‘One is “protocolization”, or formalization of organizational operations, which is standard bureaucratic approach to minimizing blame and liability problems.... Protocolization also seems ambiguous for any distinction between first-order and second-order responses, since it could either be a symptom of an organization that has adopted new values or simply function as an official screen against prying outsiders, offering a procedural defence that established routines have been followed’ (Hood et al., 2001: 166–7).

References Aglietta M (2008) Macroéconomie financière [Financial Macroeconomics]. Paris: La Découverte. Amicelle A and Favarel-Garrigues G (2009) La lutte contre l’argent sale au prisme des libertés fondamentales: Quelles mobilisations? [The fight against dirty money from the perspective of fundamental freedoms: Which mobilizations?]. Cultures et Conflits 76(3): 15–42. Amicelle A (forthcoming) European security management of financial flows. In: Mörth U, Helgesson KS and Bergström M (eds) Transforming the Public Domain: Privatization, Securitization and Accountability in the Field of AML. Amoore L and De Goede M (2005) Governance, risk and dataveillance in the war on terror. Crime, Law & Social Change 43(2/3): 149–173. Amoore L and De Goede M (2008) Introduction: Governing by risk in the war on terror. In: Amoore L and De Goede M (eds) Risk and the War on Terror. New York: Routledge, 5–19. Backhouse J and Canhoto AI (2007). Profiling under conditions of ambiguity: An application in the financial services industry. Journal of Retailing and Consumer Services 14(6): 408–419.


176


Backhouse J and Canhoto AI (2008) General description of the process of behavioural profiling. In: Hildebrandt M and Gutwirth S (eds) Profiling the European Citizen: Cross-Disciplinary Perspectives. Amsterdam: Springer, 47–63. Bantekas I (2003) The international law of terrorist financing. The American Journal of International Law 97(2): 315–333. Basel Committee on Banking Supervision (BCBS) (1996) Overview of the amendment to the capital accord to incorporate market risks. Basel: BCBS. Available at: http://www.bis.org/publ/bcbs23.pdf (accessed 28 December 2010). Basel Committee on Banking Supervision (BCBS) (1998) Operational risk management. Basel: BCBS. Available at: http://www.bis.org/publ/bcbs42.pdf (accessed 28 December 2010). Basel Committee on Banking Supervision (BCBS) (2001) Customer due diligence for banks. Basel: BCBS. Available at: http://www.bis.org/publ/bcbs85.pdf (accessed 28 December 2010). Basel Committee on Banking Supervision, International Association of Insurance Supervisors and International Organization of Securities Commissions (BCBS, IAIS and IOSCO) (2003) The Joint Forum: Initiatives by the BCBS, IAIS and IOSCO to combat money laundering and the financing of terrorism. Basel: BCBS, IAIS and IOSCO. Available at: http://www.bis.org/publ/joint05.pdf (accessed 28 December 2010). Black J (2005) The emergence of risk-based regulation and the new public risk management in the United Kingdom. Public Law 3(3): 512–548. Borraz O (2008) Les politiques du risque [The Politics of Risk]. Paris: Presses de Sciences Po. Callon M, Lascoumes P and Barthe Y (2001) Agir dans un monde incertain. Essai sur la démocratie technique [Acting in an Uncertain World: An Essay on Technical Democracy]. Paris: Le Seuil. Chazel F (2000) Aux fondements de la sociologie [Foundations of Sociology]. Paris: PUF. Clunan A (2007) The fight against terrorist financing. Political Science Quaterly 121(4): 569–596. Dardot P and Laval C (2009) La nouvelle raison du monde. Essai sur la société néoliberale [The World’s New Rationality: An Essay on Neoliberal Society]. Paris: La Découverte. Eisenstadt SN (1959) Bureaucracy, bureaucratisation and debureaucratisation. Administrative Sciences Quarterly 4(4): 302–320. Ericson R (2006) Ten uncertainties of risk-management approaches to security. Canadian Journal of Criminology and Criminal Justice 48(3): 345–357. Ericson R and Haggerty K (1997) Policing the Risk Society. Toronto: University of Toronto Press. European Union (2005) Directive 2005/60/EC of the European Parliament and of the Council of 26 October 2005 on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing. Official Journal L 309. Brussels: European Union. European Union (2008) Revised strategy on terrorist financing. Note from Counter-Terrorism Coordinator to COREPER/Council. Brussels: European Union. Available at: http://register.consilium.europa.eu/pdf/ en/08/st11/st11778-re01.en08.pdf (accessed 28 December 2010). Faucher-King F and Le Galès P (2010) The New Labour Experiment: Change and Reform Under Blair and Brown. Stanford, CA: Stanford University Press. Favarel-Garrigues G, Godefroy T and Lascoumes P (2009) Les sentinelles de l’argent sale. Les banques aux prises avec l’anti-blanchiment [Sentinels of Dirty Money: The Banking Industry in the Fight Against Money Laundering]. Paris: La Découverte. Favarel-Garrigues G, Godefroy T and Lascoumes P (2010) Les porteurs discrets de la surveillance financière [The discreet bearers of financial surveillance]. Critique internationale 48(3): 77–95. Feher M (2010) ‘Retour vers le futur proche’ [Back to the Near Future]. Vacarme 51(1): 52–7. Financial Action Task Force (FATF) (1991) FATF report 1990–1991. Paris: FATF. Available at: http://www. fatf-gafi.org/dataoecd/20/18/33643115.pdf (accessed 28 December 2010).



177

Financial Action Task Force (FATF) (2003) FATF 40 Recommendations. Paris: FATF. Available at: http:// www.fatf-gafi.org/dataoecd/7/40/34849567.PDF (accessed 28 December 2010). Financial Action Task Force (FATF) (2007). Guidance on the risk-based approach to combating money laundering and terrorist financing: High level principles and procedures. Paris: FATF. Available at: http:// www.fatf-gafi.org/dataoecd/43/46/38960576.pdf (accessed 28 December 2010). Financial Action Task Force (FATF) (2008) Money laundering and terrorist financing risk assessment strategies. Paris: FATF. Available at: http://www.fatf-gafi.org/dataoecd/46/24/40978997.pdf (accessed 28 December 2010). Fitzgerald V (2004) Global financial information, compliance incentives and terrorist funding. European Journal of Economy 20(2): 387–401. Foucault M (1977) Discipline and Punish. New York: Random House. Foucault M (2008) The Birth of Biopolitics: Lectures at the College De France, 1978–79. New York: Palgrave Macmillan. Freeland C (2002) How can sound customer due diligence rules help prevent the misuse of financial institutions in the financing of terrorism? In: Pieth M (ed.) Financing Terrorism. Amsterdam: Kluwer Academic, 41–8. Hache E (2007) La responsabilité, une technique de gouvernementalité néolibérale [Responsibility, a technique of neoliberal governmentality]. Raisons Politiques 28(4): 49–65. Heng Y-K and McDonagh K (2009) Risk, Global Governance and Security: The Other War on Terror. New York: Routledge. Hibou B (ed.) (2004) Privatising the State. London: Hurst. Hibou B (2009) La bureaucratisation néolibérale [Neoliberal bureaucratization]. Presentation at the workshop on ‘néolibéralisme et bureaucratisation’ [Neoliberalism and bureaucratization], at the conference ‘La bureaucratisation du monde’ [World Bureaucratization], Deuxième rencontre européenne d’analyse des sociétés politiques, February 2009, Université Paris-1 Panthéon Sorbonne. Available at: http://www. fasopo.org/reasopo.htm#rencontres (accessed 28 December 2010). Hood C, Rothstein H and Baldwin R (2001) The Government of Risk: Understanding Risk Regulation Regimes. Oxford: Oxford University Press. House of Lords European Union Committee (2009) Nineteenth report: Money laundering and the financing of terrorism. Available at: http://www.publications.parliament.uk/pa/ld200809/ldselect/ldeucom/132/13202. htm (accessed 6 January 2011). HM Treasury (2007) The financial challenge to crime and terrorism. London: HM Treasury. Available at: http://www.hm-treasury.gov.uk/fin_sanctions_publications.htm (accessed 28 December 2010). Jobert B (ed.) (1994) Le tournant néo-libéral en Europe [The Neoliberal Turn in Europe]. Paris: L’Harmattan. Joint Money Laundering Steering Group (JMLSG) (2007) Prevention of money laundering/combating terrorist financing: Guidance for the UK financial sector Part 1. London: JMLSG. Available at: http:// www.jmlsg.org.uk/industry-guidance/article/revised-guidance (accessed 28 December 2010). Lander S (2006) Review of the suspicious activity reports regime (the SARs review). London: Serious Organised Crime Agency. Available at: http://www.soca.gov.uk/about-soca/the-uk-financial-intelligence-unit/ ukfiu-publications (accessed 28 December 2010). Larner W (2009) Spatial imaginaries: Economic globalization and the war on terror. In: Amoore L and De Goede M (eds) Risk and the War on Terror. New York: Routledge, 41–56. Lascoumes P (1994) L’éco-pouvoir. Environnements et politiques [Eco-Power: Environments and Politics]. Paris: La Découverte. Lemke T (2001) The birth of bio-politics: Michel Foucault’s lecture at the Collège de France on neo-liberal governmentality. Economy and Society 30(2): 190–207.


178


Levi M (2008) Lessons for countering terrorist financing from the war on serious and organized crime. In: Biersteker T and Eckert SE (eds) Countering the Financing of Terrorism. New York: Routledge, 209–233. Lordon F (2008) Jusqu’à quand? Pour en finir avec les crises financières [Until When? To End Financial Crisis]. Paris: Editions Raisons d’Agir. Lyon D (2007) Surveillance Studies: An Overview. Cambridge: Polity. Naylor RT (2004) Wages of Crime: Black Markets, Illegal Finance, and the Underworld Economy, rev. edn. New York: Cornell University Press. O’Malley P (2006) Risk, ethics, and airport security. Canadian Journal of Criminology and Criminal Justice 48(3): 413–421. Power M (2004) The Risk Management of Everything: Rethinking the Politics of Uncertainty. London: Demos. Power M (2005) The invention of operational risk. Review of International Political Economy 12(4): 577–599. Power M (2007) Organized Uncertainty: Designing a World of Risk Management. Oxford: Oxford University Press. Rose N and Miller P (1992) Political power beyond the state: Problematics of government. The British Journal of Sociology 43(2): 173–205. Rothstein H and Downer J (2008) Risk in Policy Making: Managing the Risks of Risk Governance. Report for the Department for Environment, Food and Rural Affairs. Available at: http://www.kcl.ac.uk/content/1/ c6/02/87/23/riskinpolicymakingfinalreportoctober2008.pdf (accessed 28 December 2010). Rothstein H, Huber M and Gaskell G (2006) A theory of risk colonization: The spiralling regulatory logics of societal and institutional risk. Economy and Society 35(1): 91–112. Salter M (2007) Governmentalities of an airport: Heterotopia and confession. International Political Sociology 1(1): 49–66. Serious Organised Crime Agency (SOCA) (2007) The suspicious activity reports regime annual report 2007. London: SOCA. Available at: http://www.soca.gov.uk/about-soca/the-uk-financial-intelligence-unit/ ukfiu-publications (accessed 28 December 2010). Serious Organised Crime Agency (SOCA) (2009) The suspicious activity reports regime annual report 2009. London: SOCA. Available at http://www.soca.gov.uk/about-soca/the-uk-financial-intelligence-unit/ ukfiu-publications (accessed 28 December 2010). Sherman T (1993) International efforts to combat money laundering: The role of the Financial Action Task Force. Hume Papers on Public Policy 1(2): 12–33. Thony J-F (2009) La lutte contre le financement du terrorisme [The fight against terrorist financing]. Défense nationale et sécurité collective 719(5): 137–143. Weber M (2003) Economie et Société [Economy and Society]. Paris: Agora. Weber M (2004) Parlement et gouvernement dans l’Allemagne réorganisée’ [Parliament and government in a reconstructed Germany]. In Œuvres politiques [Political Writing]. Paris: Albin Michel (307–455). Wolfsberg Group (2002) Wolfsberg statement on the suppression of the financing of terrorism. Available at: http://www.wolfsberg-principles.com/standards.html (accessed 28 December 2010). Wolfsberg Group (2006) Wolfsberg statement: Guidance on a risk based approach for managing money laundering risks. Available at: http://www.wolfsberg-principles.com/standards.html (accessed 28 December 2010). Zagaris B (2003) The merging of the counter-terrorism and anti-money laundering regimes. Law & Policy in International Business 34(1): 45–108. Anthony Amicelle is a doctoral candidate in political science at Sciences Po Paris and is affiliated with the Centre d’études et de recherches internationales (CERI-Sciences Po). He currently teaches international relations at Sciences Po Lille. His main research interests revolve around practices of financial surveillance and the security-conscious management of capital movements.


Security Dialogue

Security Dialogue

Suggest Documents