💾 Archived View for spam.works › mirrors › textfiles › politics › money_laundering_2.txt captured on 2023-06-16 at 20:02:40.
View Raw
More Information
-=-=-=-=-=-=-
From: Orlin Grabbe <kalliste@delphi.com>
Newsgroups: alt.2600
Subject: money laundering & digital cash
Date: Fri, 12 May 95 00:21:58 -0500
Message-ID: <Ro98LwW.kalliste@delphi.com>
[This is part II of The End of Ordinary
Money. Part I was previously posted on
the Internet, and will appear around
June 1 in the July issue of Liberty,
Box 1181, Port Townsend, WA 98368.]
- *****************************************
- Copyright 1995 J. Orlin Grabbe, 1280 *
- Terminal Way #3, Reno, NV 89502. All *
- rights reserved. Internet address *
- <kalliste@delphi.com> *
- *****************************************
THE END OF ORDINARY MONEY
Part II: Money Laundering, Electronic Cash,
and Cryptological Anonymity
by J. Orlin Grabbe
It was bright lights and balmy action. Thomas
Constantine, the head of the U.S. Drug Enforcement
Administration (DEA), claimed we've entered a "new world
order of law enforcement" [1]. He meant the cooperation of
British, Italian, and Spanish authorities in setting up a fake
bank in Anguilla, in the Caribbean. It was a sting to trap
money launderers.
Like all pirate organizations, the group calculated
success by the amount of booty seized. And this cleverly
code-named "Operation Dinero" added $52 million, nine
tons of cocaine, and a number of paintings (including works
by Reynolds, Reuben, and Picasso) to official coffers. There
were also 88 arrests. In many ways it was a great scam in
classic DEA style: government officials got to keep the
goods, while taxpayers got to pay for the incarceration of up
to 88 people.
The British Foreign Office--those wacky guys who,
you will recall, conveniently released a barrage of
information about Nazis in Argentina at the outbreak of the
Falklands (Malvinas) war, and who also helped coordinate
Operation Dinero--have since made a propaganda video
about this official foray into fraudulent banking. Among
others it stars Tony Baldry, junior minister.
Be prepared for more of the same. The nine tons of
coke should enable the British Foreign Office and the nosy
DEA to burn the midnight oil for months to come, planning
other booty-gathering raids and video thrillers. After all, the
FATF report of 1990 encouraged international banking
stings like this one. But it isn't just the pseudo-bankers you
should worry about.
The Banker as Snitch: the Brave New World
of Law Enforcement
One of the precepts of the Church of the Subgenius
is: *You will pay to know what you really think* [2]. But in
the world of money-laundering, you will pay your thankless
banker to turn you in to the government. In 1993 a Federal
judge in Providence, Rhode Island, issued the longest
sentence ever given for a non-violent legal offense: he
sentenced a man to 600 years in prison for money
laundering. The individual was fingered by his Rhode Island
bankers, who then cooperated with federal agents in building
a case against him, even while the same bankers received
fees for banking services.
American Express was recently fined $7 million for
failing to detect money laundering, and agreed to forfeit to
the U.S. Justice Department another $7 million. As part of
the settlement, the bank will spend a further $3 million in
employee education, teaching them recommended
procedures for spying on customer transactions.
In a book about banker Edmond Safra [3], author
Bryan Burrough notes: "To truly defeat money launderers,
banks must know not only their own customers--by no
means an easy task--but their customers' customers, and in
many cases their customers' customers' customers." (p. x).
And then, as part of an argument clearing Safra's Republic
National Bank of money laundering charges, Burrough
recounts how he visited the office of the Financial Crimes
Enforcement Network (FinCEN) and talked with one of its
top officials. The official said that, on the contrary, Republic
had made "some solid suggestions about new ways the
government could track dirty money" (p. xii).
Most have still not gotten the message that their
banker is a spy. They are still stuck in yesterday's world,
where legislation like the Right to Financial Privacy Act of
1978 allowed banks, on the one hand, to monitor their own
records and inform the government when there were
suspicious transactions in an account. On the other hand, the
bank was prohibited from identifying either the account
number or the account's owner. But the Privacy Act was
effectively gutted by the Annunzio-Wylie Anti-Money
Laundering Act of 1992, which gives protection from civil
liability to any financial institution, director, officer or
employee who makes a suspicious transaction report under
any federal, state or local law. The latter Act essentially
implies banks can reveal to the government any information
they want to about their customers, without fear of
prosecution. [4]
Money Laundering--What Is It, Anyway?
There's a specter haunting the international financial
markets: the specter of crime by nomenclature, by
theological semantics. To be sure, the faceless piece of
transaction information that makes money "money"--a useful
medium of exchange, whereby we exchange everything for
it, and avoid the direct bartering of wheelbarrows for
oranges--has been under attack before. The 60s brought us
"euro"-dollars, and the 70s "petro"-dollars. Now we have
"narco"-dollars, "terror"-dollars, and (who knows?) maybe
"kiddie-porn"-dollars. For some of the data bits stored in
banks' computers comprise "clean" money and others "dirty"
money, the latter legalistically smitten with original sin.
As Yoga Berra might say, it's digital voodoo, all over
again.
Since the governmental powers that be can't do much
about drug-dealing or terrorism--if only because they
themselves are the chief drug dealers and the chief terrorists-
-they have transferred these and other (often alleged) sins to
the money supply. And since every dollar is a potential
"narco" dollar or "terror" dollar, they must track each one as
best they can [5]. The fact that monetary monitoring has
done nothing to diminish either drug-dealing or terrorism is
treated of no importance, because it's all part of a larger
game. All the players can easily see that this same financial
tracking yields political side benefits in the form of social
control and government revenue enhancement.
Anyone who has studied the evolution of money-
laundering statutes in the U.S. and elsewhere will realize that
the "crime" of money laundering boils down to a single,
basic prohibited act: *Doing something and not telling the
government about it*. But since the real Big-Brotherly
motive is a Thing That Cannot Be Named, the laws are
bogged down in prolix circumlocution, forming a hodge-
podge of lawyerly fingers inserted here and there into the
financial channels of the monetary system.
U.S. legislation includes the Bank Secrecy Act of
1970, the Comprehensive Crime Control Act of 1984, the
Money Laundering Control Act of 1986, the Anti-Drug
Abuse Act of 1988, the Annunzio-Wylie Anti-Money
Laundering Act of 1992, and the Money Laundering
Suppression Act of 1994. International efforts include the
UN Convention Against Illicit Traffic in Narcotic Drugs and
Psychotropic Substances of 1988; the Basle Committee on
Banking Regulations and Supervisory Practices Statement of
Principles of December 1988; the Financial Action Task
Force (FATF) Report of April, 1990 (with its forty
recommendations for action); the Council of Europe
Convention on Laundering, Search, Seizure and Confiscation
of Proceeds of Crime of September 8, 1990; the sixty-one
recommendations of the Caribbean Drug Money Laundering
Conference of June, 1990; the agreement on EC legislation
by the European Community's Ministers for Economy and
Finance of December 17, 1990; the Organization of
American States Model Regulations on Crimes Related to
Laundering of Property and Proceeds Related to Drug
Trafficking of March 1992; and a tangled bouillabaisse of
Mutual Legal Assistance Treaties (MLATs).
"Most economically motivated criminals always have
wanted to appear legitimate," says attorney Kirk Munroe.
"What is new is the criminalization of money laundering.
The process itself now is a crime separate from the crime that
produced the money" [6].
Money laundering is said to be the "process by which
one conceals the *existence*, illegal source, or illegal
application of income, and then disguises that income to
make it appear legitimate" (emphasis added) [7]. Notice the
word "existence." The sentence could be construed to mean
that simply disguising the existence of income is money
laundering. But whatever money laundering is, in practice
U.S. law purports to detect it through the mandatory
reporting of cash transactions greater than or equal to a
threshold amount of US$10,000. For countries in Europe
the figure ranges from ECU 7,200 to 16,000.
In the U.S., Section 5313 of the Banking Secrecy Act
(BSA) requires a Currency Transaction Report (CTR) of
cash deposits or transactions of $10,000 and above, which is
IRS Form 4789, and a Currency Transaction Report by
Casinos (CTRC), which is IRS Form 8362. Section 5316 of
BSA also requires a Currency or Monetary Instrument
Report (CMIR) for transport of $10,000 or more of currency
in or out of the U.S. This is Customs Form 4790. Section
5314(a) of BSA requires reporting of foreign bank or
financial accounts whose value exceeds $10,000 at any time
during the preceding year. This is called a Foreign Bank
Account Report (FBAR) and is Treasury form TDR 90-22-1.
Section 60501 of the IRS Code requires the reporting of
business transactions involving more than $10,000 cash.
These are reported on IRS Form 8300.
Suppose you're an arms dealer in trouble and need a
criminal lawyer. You've violated those pesky ITAR
restrictions because you carried a copy of PGP on your
portable computer when you drove over to Matamoros from
Brownsville for the day, and you forgot to fill out those
customs forms, and that girl you met said she just *had* to
set up a secure channel to her cousin who works in Washington,
D.C., as an undocumented maid for a potential Cabinet
nominee . . . The lawyer charges a modest $200 an hour, so
the first month you pay him $7,000 in cash. The next month
you pay him $4,000 in cash. Under current U.S. law, the
lawyer is required to report complete information about you,
including the $11,000 total cash payment, on IRS Form
8300, and ship it off to the IRS Computing Center in Detroit,
Michigan, within fifteen days of receiving the second
payment (which put the total above the reporting threshold).
Never mind if either you or your lawyer thinks filing such a
form violates attorney-client privilege, the Sixth Amendment
right to counsel, or the Fifth Amendment right to be free
from self-incrimination. For if the report is not made, and
the IRS finds out about it and penalizes and/or prosecutes
your lawyer, the courts will most probably back up the IRS.
[8]
The scope and arrogance of the money-laundering
statutes knows no bounds. The Kerry Amendment to the
Anti-Drug Abuse Act of 1988 demands that *foreign nations
must also* require financial institutions to report deposits of
US$10,000 or greater, and to make this information available
to US law enforcement. Otherwise the President is directed
to impose sanctions against non-cooperative countries. [9]
Having extended the concept of evil to a vaguely
defined practice called "money laundering," and having put
in a detection system to help trace it, the laws have
proceeded to make evasion of the monitoring system evil
also. This tertiary evil may be found in the practice of
"smurfing" or "structuring," which is basically any method of
spreading cash among accounts or across time to avoid the
$10,000 reporting threshold. Structuring is defined in a 1991
amendment to the Bank Secrecy Act thusly: "Structure
(structuring). . . . a person structures a transaction if that
person, acting alone, or in conjunction with, or on behalf of
other persons, conducts or attempts to conduct one or more
transactions in currency in any amount, at one or more
financial institutions, on one or more days in any manner, for
the purpose of evading the reporting requirements . . . 'In any
manner' includes, but is not limited to, the breaking down of
a single sum of currency exceeding $10,000 into smaller
sums, including sums at or below $10,000, or the conduct of
a transaction or series of transactions, including transactions
at or below $10,000. The transaction or transactions need
not exceed the $10,000 reporting threshold at any single
financial institution on any single day in order to constitute
structuring within the meaning of this definition" [10].
And what does the government do with the
information it collects? When your lawyer's Form 8300
reaches the IRS Computing Center in Detroit, it will be
entered into the Treasury Financial Data Base (TFDB).
Similarly, if you cross a U.S. border with more than $10,000
cash, you will fill out Customs Form 4790. This form will
be sent off to customs' San Diego Data Center, and it too will
eventually show up in TFDB. These and other forms will
now be available on-line in the Treasury Enforcement
Communications System (TECS II). The TFDB data will
also be processed through the FinCEN Artificial Intelligence
(AI) System, which is trained to identify suspicious
transaction patterns.
So when you deal in cash, expect to give a note to the
government, a crumb to the friendly FinCEN AI. But AI has
a voracious appetite, so the reporting doesn't stop with cash.
The heart of any modern monetary system is the digital
transfer of electronic money through the telecommunication
links among bank computers. Internationally, banks are
connected by a computer messaging system operated by the
Society for Worldwide Interbank Financial
Telecommunication (SWIFT). Domestically, banks within a
country use equivalents of the U.S. clearing systems operated
by the Federal Reserve (Fedwire) and the Clearing House
Interbank Payments System (CHIPS). A Federal Reserve
Policy Statement of December 23, 1992 asks financial
institutions to include (if possible) complete information on
the sender and recipient of large payment orders sent through
Fedwire, CHIPS and SWIFT. "Historically, law enforcement
efforts to curtail money laundering activities have focused on
the identification and documentation of currency-based
transactions; however, recent investigations have focused on
the use of funds transfer systems," the statement notes.
The focus on funds transfer brings in the resources of
the U.S. National Security Agency (NSA). The NSA has
been monitoring civilian communications ever since it
installed IBM computers at Menwith Hill in the U.K. in the
early 60s to keep track of international telex messages. NSA
tentacles are now ensconced not only in transatlantic
communications, but also in Pacific satellite transmissions,
the regional Bell System offices, the SWIFT messaging
system, the CHIPS clearing computers in Manhattan, and
Fedwire. In addition, a satellite surveillance system picks up
high frequency transmissions of specially constructed
computer chips which are activated by certain types of
transactions-oriented financial software. U.S. agencies are
not alone in financial monitoring. As a trivial additional
example, the Council of Europe has recommended Interpol
be given access to SWIFT to assist in money-laundering
detection [11].
PROMIS Land
When they hear the term "money laundering," many
automatically think of Miami, London, Hong Kong, or
Panama City. How about Arkansas? According to what
Money Laundering Bulletin calls The Greatest Story Never
Told, an "archive of more than 2000 documents . . . allege
that western Arkansas was a centre of international drug
smuggling in the early 1980s--perhaps even the headquarters
of the biggest drug trafficking operation of all time" [12].
Perhaps that is why it was in Arkansas that modifications
were made to the stolen PROMIS software system to enable
it to spy on banking transactions. For where there are drugs,
there must be money laundering, or so one can suppose.
Curiously, however, some of the same set of characters were
apparently involved on all sides: in drug running, money
laundering, and also in the theft and modification of the
PROMIS system. (I will leave it to someone with more
money, guns, and lawyers than I have to bring that part of the
story to light, and will not pursue it further here.)
The PROMIS software was created by the
Washington, D.C.-based software company Inslaw for a
single purpose: to track people. It was initially designed for
the use of federal prosecutors. Want to know who the judge
was on a particular case? Ask PROMIS. Now want to know
all the similar cases that same judge has heard? Ask
PROMIS again. How about all the accused money launderers
a particular attorney has defended? And so on. But after the
Justice Department acquired the PROMIS software by
"trickery, deceit, and fraud," and installed it in most of its
regional offices, the system was modified and sold to
foreign intelligence organizations, then modified again and
sold to banks.
To see the relationship among these different uses,
apparently diverse as they may appear, consider the
following items of information about Joe Blowup who lives
in Sacramento:
Item 1: Monday, June 3.
Master Charge record of
payment by Joe Blowup for
lunch at the Cliff House in San
Francisco.
Item 2: Wednesday, June 5.
Motor vehicle records
show an automobile registered
to Joe Blowup is involved in a
minor accident in Barstow.
Item 3: Saturday, June 8.
Check for $3,000 made out
to Pierre "C-4" Plastique is
deposited in Pierre's account in
Glendale Federal Savings, and
clears against Joe Blowup's
First Interstate account in
Sacramento on Tuesday, June 11.
Who might be interested in this computer-sorted
chronology?
Firstly, anyone wanting to track Joe Blowup's
movements. He was in San Francisco on Monday and in
Barstow on Wednesday. The sequence also generates
obvious questions for further investigation. Did he meet
Jacque in Barstow and give him the check there, or did he
drive on to Los Angeles? What is the check payment for?
And who did Joe Blowup have lunch with in San Francisco?
In order to generate relevant questions like these, federal
agents, spies, and other detectives all want a copy of this neat
software.
Secondly, banks and other financial institutions.
Notice that, in fact, most of the information is financial.
That's because financial institutions keep carefully detailed
transaction records, and over the years they've become
increasingly sophisticated in doing so. There is nothing
nefarious in this per se. If I go to a bank to get a loan, the
bank has a right to make an evaluation as to whether I will
repay it. They are principally concerned with 1) ability to
pay, and 2) willingness to pay--and to make this evaluation,
they rely on current and historical information. In the
example here, none of the items is of interest to banks,
unless that accident in Barstow created a financial liability
which would affect Joe Blowup's ability to repay other loans.
But if the (modified) PROMIS software organizes banking
transactions in a nice way, then banks want a copy of it also.
Thirdly, tax authorities. Do Joe Blowup's financial
records indicate a pattern of rather more income than he has
been reporting? Or, in the case of doubt (and this is the fun
part), is there a record of assets the IRS can seize in the
meantime? The IRS wants a copy of the software so they
can better understand Joe Blowup's--and your--spending
patterns, even though present IRS files already put private
credit bureaus like TRW and Equifax to shame.
In the decade of the 1980s, intelligence organizations
around the world salivated over the ability of the PROMIS
software to track terrorists, spies, political opponents, and
attractive models. Aside from distribution to almost all the
U.S. three-letter agencies, PROMIS was sold to intelligence
organizations in Canada, Israel, Singapore, Iraq, Egypt,
and Jordan among others. In addition, the DEA, through its
proprietary company, Eurame Trading Company Ltd. in
Nicosia, Cyprus, is said to have sold PROMIS to drug
warrior agencies in Cyprus, Pakistan, Syria, Kuwait, and
Turkey. PROMIS was also converted for use by the British
Navy in connection with its nuclear submarine intelligence
data base. [13]
But there was more to these sales than the simple
desire of the cronies of Ed Meese and Hillary Clinton to
make a fast buck, important as the latter motive may be. The
sale was itself an intelligence operation. As former Attorney
General Elliot Richardson noted, "One important motive for
the theft of Enhanced PROMIS may have been to use it as a
means of penetrating the intelligence and law enforcement
agencies of other governments. The first step in this scheme
was the sale to the foreign government of a computer into
which had been inserted a microchip capable of transmitting
to a U.S. surveillance system the electronic signals emitted
by the computer when in use. Enhanced PROMIS has
capabilities that make it ideally suited to tracking the
activities of a spy network. Several INSLAW informants
formerly affiliated with United States and Israeli intelligence
agencies claim that both the United States and Israel have
relied on 'cutout' companies to provide ongoing support for
the PROMIS software" [14]. Of course, what can be done
with foreign intelligence computers can also be done with
banking computers, and at least one of these "cutout
companies" is a major provider of banking software. [15]
The Gathering Storm
All of these efforts--the legal reporting mechanisms,
the spying by bankers, and the supplementary activities of
organizations like FinCEN, NSA and Interpol--fly in the face
of a contrary technological and social development:
- anonymous digital cash made possible by advances in
cryptology*.
The principal opponents of any contemplated system
of encrypted digital cash are the money-laundering laws and
the Leviathan that feeds off them. The edicts against money-
laundering represent a broader attempt to make all financial
transactions transparent, while the aim of anonymous digital
cash is to keep financial activities private. People-monitoring
systems such as those utilizing PROMIS track individuals by
the electronic trails they leave throughout the financial
system. But anonymous digital cash is specifically designed
to make such tracks virtually invisible.
Money laundering, Barry A. K. Rider frankly offers
as a definition, "amounts to a process which obscures the
origin of money and its source" [16]. On that basis, the
pursuit of anonymity in financial transactions *is* money
laundering.
At the beginning of the 90s, money laundering was
an offense in only four states of the (then) twelve members
of the European Union. Now all twelve have a law making it
a crime. In a scramble to justify continued large budgets,
intelligence organizations have hopped on the anti-money-
laundering bandwagon. The U.K. intelligence service MI5,
in an attempt "to justify its existence after reviewing its
future in the light of a probable reduction in counter-terrorist
operations in Northern Ireland," has been "pressing for a
change in the law which would see it involved in countering
drug-trafficking, money laundering, computer hacking,
nuclear proliferation and animal rights groups--a far cry, say
police, from its original remit to 'protect national security' "
[17]. Even accountants are getting in on the act. The
Institute of Chartered Accountants in Australia has issued "a
set of guidelines on money laundering, including a
recommendation that client confidentiality take second place
to public interest if an accountant suspects laundering is
occurring" [18].
So the coming battle over financial footprints is
inevitable, and perhaps inevitably bloody. But in the end it
is the money-laundering regulations that will have to go.
Firstly, advances in the technology of anonymity are putting
financial privacy within the reach of everyone. Secondly,
there is a growing awareness that the existing laundering
statutes have little or no effect on terrorism or drug dealing,
but instead are related to an upswing in government-
sponsored harassment of targeted political groups.
Electronic Finance 101
Many of the basic features of electronic cash--
variously referred to as "ecash", "digital cash", "digital
money", and so on--may sound novel to those unfamiliar
with the financial markets. But much of the financial system
is already on an electronic basis, and has been so for years.
To see why, consider the foreign exchange market
[19]. This is a largely interbank market for trading the
currency of one country for the currency of another: dollars
for pounds, dollars for yen, and so on. But if I, as an
interbank trader, sell U.S. dollars for British pounds, what
are the actual logistics of the transfer? Consider the problems
that would be imposed by a cash-based market. The standard
transaction size in the foreign exchange market is an amount
of currency equivalent to US $1 million. A US $20 bill
weighs about 1 gram. So, if transacted in cash, the
$1,000,000 (50,000 bills) would weight approximately 50
kilograms or 110 pounds. Imagine the cost involved in such
a transaction if in order to sell dollars for pounds I had to fill
up a suitcase with $20 bills, lug the 110-pound suitcase to a
Manhattan taxi, take a long ride to Kennedy Airport, fill out
a CMIR form and check my baggage, arrive at Heathrow
seven hours later, retrieve my baggage, go through customs,
and catch a cab to the appropriate British bank in central
London. Once there I would pick up the equivalent in
pounds sterling and reverse the whole process.
There's a problem with this scenario: *transactions
costs*. Anyone trying to change dollars into pounds will go
to some other bank where he doesn't have to pay for my
plane tickets and cab fares, not to mention my courier salary
and that lunch I had at the Savoy before I headed back to
New York.
(In the present markets for cocaine and heroin it is
hard to reduce transactions costs, because the weight of the
drugs is less than the weight of the cash proceeds. In the
early 80s, cash bills were actually loaded into suitcases and
moved around. To save time and money, however, the cash
wasn't counted. After a spot check of bills for denomination
and authenticity, the suitcases were simply *weighed* to
determined the total value. This measurement was accurate
to within a few dollars--close enough. But foreign exchange
trading isn't illegal and doesn't, and can't, happen this way.)
To see how international money transfers really
work, consider the case of a Greek immigrant, who has
opened a restaurant in Boston, has made a little money, and
wants to send some cash to the folks back home. In earlier
days he probably would have gone down to the Western
Union office and handed the attendant cash to "wire" to his
mother in Athens. The Western Union office in Boston
would put the cash in its safe, or perhaps deposit it in a
Boston bank, and would meanwhile send a message to the
Athens office: "Give so-and-so X dollars" (or, more likely,
"Y drachmas"). That is, the cash received was not the same
as the cash sent. All that was sent was a message. But no
one cared, because cash itself is *fungible*: the dollar that
is taken out is interchangeable with, but not the same as, the
dollar that was put in. The bills are also not *registered*:
no particular name is associated with any particular serial
number.
In this example, bills were put into the safe at one end
of the transaction, and different bills were taken out at the
other. Consider now a slight modification to this scenario:
Eurobond trading. Eurobonds are generally placed in the
depository systems operated by Euroclear in Brussels or
Cedel in Luxembourg. Once bonds are in the vault, they
generally stay there, because of transactions costs. If a trader
in Frankfurt sells a GM eurobond with a coupon of 7 1/8
percent and maturing in 2012 to a trader in London, they
both send messages to Euroclear. Euroclear compares the
two set of instructions, checks the cash balance of the
London trader, then switches the computer label of
ownership of the bond to the London trader, and the
ownership of the requisite cash to the Frankfurt trader.
Again, however, the bonds are not registered, and are
fungible within the parameters of a particular issue. There
may be several thousand GM eurobonds with a coupon of 7
1/8 percent and maturing in 2012, and the London trader
owns one of them, but his ownership is not attached to a
particular bond serial number. [20]
This is pretty much the way the foreign exchange
market works. If a New York bank deals dollars for
deutschemarks with a London bank, they send each other
confirmations through SWIFT. Then the New York bank
will turn over a dollar deposit in New York to the London
bank, while the London bank will turn over a deutschemark
deposit in Frankfurt to the New York bank. The Frankfurt
bank simply switches the name of the owner of the
deutschemarks from the London bank to the New York bank.
The New York bank now owns X-number of fungible,
unregistered (but completely traceable) deutschemarks at the
Frankfurt bank.
"I remember my shock when I learned that the fastest
way for two banks in Hong Kong to settle a dollar
transaction was to wire the money from Hong Kong to New
York and back again," said Manhattan assistant district
attorney John Moscow [21]. He was shocked because he
didn't understand how the process works. The "wired"
dollars were sitting in New York all along as numbers in a
bank computer, originally labeled as owned by the first Hong
Kong bank. After the transaction is completed, they are still
in the same place, but labeled as owned by the second Hong
Kong bank. There is nothing mysterious about this at all.
Now let's modify the basic scenario again: Yankee
bond trading. Yankee bonds are dollar-denominated bonds
issued by non-U.S. citizens in the U.S. bond market. Yankee
bonds are registered. If you buy a bond, your name is
attached to a particular bond with a particular serial number.
If someone steals the bond, he will not be able to receive
interest or principal, because his name is not attached to the
bond serial number. So when Yankee bonds are traded, the
seller's name is removed from the serial number of the bond
being sold, and the buyer's name is attached.
To this point we have talked about things that
potentially exist in physical form. I can take a bond out of
the vault, or I can cash in my electronic deutschemarks for
printed bills. The final modification to these various
scenarios is to get rid of the physical paper entirely. Such
purely electronic creatures already exist: U.S. Treasury bills-
-short-term debt instruments issued by the U.S. government.
You buy, for example, a $10,000 T-bill at a discount, and it
pays $10,000 at maturity. But you don't see printed T-bill
certificates, because there aren't any. T-bills are electronic
entries in the books of the Federal Reserve System. You can
trade your T-bill to someone else by having the Fed change
the name of the owner, but you can't stuff one in your pocket.
You can "wire" your T-bill from one bank to another,
because the "wire" is just a message that tells the Federal
Reserve bank to switch the name of the owner from one
commercial bank to another.
Smart and Not-So-Smart Cards
In the previous section we saw that most of the
financial system is already on an electronic basis. And we
understand that "wiring" money doesn't at all correspond to
the mental image of stuffing bills down an electrical wire or
phone line. To bring this story closer to home, let's consider
how most of us use a computer and a modem on a daily basis
to make financial transactions. Even if we don't own a
computer. Or a modem. Let's talk about smart and dumb
cards--ATM cards, credit cards, phone cards, and much
more.
Some "smart cards" have microprocessors and are
actually smart (and relatively expensive). They are really
computers, but missing a keyboard, video screen, and power
supply. Others, such as *laser optical* cards and *magnetic
stripe* cards, are chipless and only semi-smart.
Laser optical cards are popular in Japan, and can hold
up to 4 megabytes of data--enough for your tax and medical
files and extensive genealogical information besides. The
cards are a sandwich, usually a highly reflective layer on top
of a nonreflective layer. A laser beam is used to punch holes
through the reflective layer, exposing the nonreflective layer
underneath. The presence or absence of holes represents bits
of information. A much weaker laser beam is then used to
read the card data. You can later mark a file of information
as deleted, or turn it into gibberish, but you can't reuse the
area on the card.
Magnetic stripe cards, popular everywhere, doesn't
hold much information. An ATM card is one example. Data
is recorded on the magnetic stripe on the back of the card
similar to the way an audio tape is recorded. There are three
tracks--the first of which is reserved for airline ticketing [22].
This track holds up to 79 alphanumeric characters including
your name and personal account number (PAN). The ATM
doesn't actually use the first track for transactions, but it may
read off your name, as when it says, "Thank you, Joe
Blowup, for allowing me to serve you." The second track
contains up to 40 numerical digits, of which the first 19 are
reserved for your PAN, which is followed by the expiration
date. The third track will hold 107 numerical digits, starting
again with your PAN, and perhaps information related to
your PIN (personal identification number, or "secret
password"), along with other information, all of which
potentially gets rewritten every time the track is used.
The ATM machine into which you insert your card is
itself a computer. The ATM typically has both hard and
floppy drives, a PC mother-board which contains the
microprocessor, and a power supply--as well as drawers for
deposits, cash, and swallowed cards. If the ATM is "on-line"
(i.e. one that is connected to a distant central bank computer,
which makes all the real decisions), then it also has a modem
to communicate over phone lines with the central computer.
When you make a request for cash, the ATM machine
compares your password to the one you entered. If they are
the same, it then takes your request and your PAN, encrypts
(hopefully) the information, and sends it on to the central
computer. The central computer decrypts the message, looks
at your account information, and sends an encrypted message
back to the ATM, telling it to dispense money, refuse the
transaction, or eat your card.
In between the ATM and the authorizing bank is
usually a controller, which services several ATMs. The
controller monitors the transaction, and routes the message
to the correct authorization processor (bank computer).
Some transactions, for example, will involve banks in
different ATM networks, and the transaction will have to be
transferred to a different network for approval. The
controller would also generally monitor the status of the
different physical devices in the ATM--to see that they are
operating properly and that the ATM is not being
burglarized.
Consider some of the security problems in this
framework. The first duty of the local ATM is to verify
you've entered the correct PIN. A typical way of doing this is
to recreate your PIN from your card information and then to
compare it to the one you entered.
Here is a general example of how PINs are created
(there are many variations). The bank first chooses a secret
16-digit "PIN key" (PKEY). This key will be stored in the
ATM's hardware. The PKEY is then used as a DES-
encryption key to encrypt 16-digits of your account number,
which the ATM reads off your card. The result of the
encryption is a 16-digit hexadecimal (base 16) number.
Hexadecimal numbers uses the digits 0 to 9 and also the
letters A to F (the latter standing for the decimal numbers 10
to 15). Next a table is used to turn the 16-digit hexadecimal
number back into a 16-digit decimal number [23]. The first
four numbers of the resulting 16-digit number are the
"natural PIN". (If you are allowed to choose your own PIN,
a four digit "offset" number is created, and stored on the
third track of your ATM card. This offset will be added to
the natural PIN before it is compared to the one you entered
at the ATM keyboard.)
Since this comparison between the natural and
entered PIN is done locally in the ATM hardware, the
customer's PIN is not transmitted over phone lines. This
makes the process relatively more secure, assuming no one
knows the PKEY. But if an evil programmer knows the
PKEY, he can create a valid PIN from any customer's
account number. (Customer account numbers can be found
by the hundreds on discarded transaction slips in the trash
bin.) He can easily and quickly loot the ATM of its cash
contents.
The security problems worsen when the ATM gets a
"foreign" card. A foreign card is essentially any card from
any bank other than the one that runs the ATM. The local
ATM does not know the PKEYs of these other banks, so the
PIN which is entered at the ATM must be passed on to a
bank that can authorize the transaction. In this process, the
account number and PIN will be encrypted with a
communication key (COMKEY), and then passed from the
ATM to the ATM controller. Next the account number and
PIN will be decrypted at the controller, and then re-encrypted
with a network key (NETKEY) and sent on to the proper
bank.
Foreign PINs give the evil programmer three
additional possibilities for defeating security. The first way
is to get hold of the COMKEY. He then taps the line
between the ATM and the controller, and siphons off
account number/PIN pairs. A second possibility is to get
access to the controller, because the account number/PIN
pairs may be temporarily in the clear between encryptions.
The third possibility is to obtain the NETKEY, and tap the
line between the controller and the foreign network. [24]
The COMKEY and NETKEY are generally
transmitted over phone lines, so the chances of acquiring
them are pretty good. These two encryption keys are
themselves usually transmitted in an encrypted form, *but the
keys used to encrypt them are sometimes sent in the clear*.
Thus while banks are generally somewhat careful with their
own customers, they are often quite helpful in giving rip-off
artists access to the customers of other banks. The evil
programmer simply reads off the encryption keys, uses them
to decrypt the COMKEY and NETKEY, which are in turn
used to decrypt account numbers and PINs.
The way to solve these security problems is to use
smart cards and public key cryptography. Banks can transmit
their public keys in the open without worrying about evil
wire-tapping programmers. Customer messages encrypted
with a bank's public key can only be decrypted with the
bank's private (secret) key. Digital cash issued by the bank
can be signed with the bank's private key, and anyone will be
able to check that the cash is authentic by using the bank's
public key. In addition, the bank will not be able to
repudiate cash signed in this way, because only the bank had
access to its own secret key. Communications between ATM
machines and bank computers can also take place with
randomly-generated encryption keys that can be determined
by each of the two parties, but which cannot be discovered
by someone who listens in on both sides of the traffic. [25]
Are Smart Cards the Mark of the Beast?
Besides optical and magnetic stripe cards, there are
two types of "chip" cards. Chip cards are basically any cards
with electronic circuits embedded in the plastic. One type of
chip card, called a memory (or "wired logic") card, doesn't
have a microprocessor and isn't any smarter than the cards
we discussed previously. Prepaid phone cards are of this
type. They may have about 1K of memory, and can execute
a set of instructions, but can't be reprogrammed.
Then there are the truly smart cards that have a
microprocessor and several kilobytes of rewritable memory.
Smart cards allow for greatly increased security, since access
to their data is controlled by the internal microprocessor.
And there can be built-in encryption algorithms. This
versatility has made smart cards controversial.
The negative reputation arises from certain cases
where smart cards were imposed by force, as well as from
smart-card storage of biometric data. The use of smart cards
became a prerequisite for Marines to receive paychecks at
Parris Island, S.C. Finger-print based smart-card ID systems
were implemented by the Los Angeles Department of Public
Social Services and the U.S. Immigration and Naturalization
Service. The "Childhood Immunization" bill, introduced by
Sen. Ted Kennedy (D-MA), would have tracked vaccination
of all children under six years of age, together with at least
one parent, across geographical areas through smart cards
Access control at the U.S. Department of Energy Hanford
Site requires smart card badges which store the cardholder's
hand geometry. Security access through retinal scan patterns
stored in smart card memory have been tested at the Sandia
National Laboratory.
Visa recently announced plans for creating an
"electronic purse." The purse would be a reloadable spending
card. You would charge the card up at an ATM machine,
where it would suck some cash value out of your account,
and store it in memory. You would then use the card instead
of cash to make small purchases. Visa is attracted by the
estimate that consumer cash transactions in the U.S. are
about five times the size of bank-assisted transactions (those
that use checks, credit cards, and debit cards). Visa has been
joined in this endeavor by a consortium that includes
VeriFone, the leading supplier of point-of-sale transaction
systems, and Gemplus, the leading manufacturer of smart
cards.
There may be increased security in the use of an
electronic purse, but it is not clear how replenishing one's
card balance at an ATM is any more convenient for the user
than getting cash at an ATM. Since Visa is not advertising
the privacy aspects of electronic purse payments, one must
assume this feature was omitted in the planning. Hence a
cynic could conclude that the "electronic purse" is little more
than a Rube Goldberg device which, by substituting for cash,
will create a better set of PROMIS-type transaction records.
These and other examples suggest possible uses of
smart cards for more general surveillance and social control.
The truly paranoid envision the use of a single smart card for
every financial transaction, medical visit, and telephone call.
This information would be sent directly to a common
PROMIS-like data base, which would constitute a record of
all your activities. In addition, "your card could be
programmed to transmit its identification code whenever you
use it. So you (or your card, anyway) could be instantly
located anywhere on earth via the satellite-based Global
Positioning System" [26].
But smart cards don't have to be used this way.
Recall that mainframe computers once appeared destined to
turn the average citizen into Organization Man, a creature to
be folded, spindled and mutilated in lieu of IBM's punched
cards. The advent of the personal computer, however,
showed the same technology could be a tool of individual
freedom and creativity.
There is nothing intrinsically evil in storing a great
deal of information about ourselves, our finances, and our
current and future plans. That is, after all, exactly why some
of us carry around portable computers. But in this case the
use of the computer is voluntary, and we ourselves control
both access to, and the content of, the information. The same
principle applies to smart cards. It is smart cards more than
any other aspect of banking technology, I believe, that will
allow for financial privacy through cryptology, for
anonymous and secure digital cash transactions. It's simply a
matter of taking control of the technology and using it to
enhance personal freedom.
Electronic Cash the Way It Ought To Be
Suppose we had it our way. Suppose we sat down to
create digital cash that had all the right properties. What
would these be? Think of the attractive properties of
currency--physical cash. [27]
1) Physical cash is a portable medium of exchange.
You carry it in your pocket to give to people when you make
purchases. The digital equivalent of this process could be
provided by smart cards, which would have the mobility of
physical cash and even improve on it. The weight of
$1,000,000 in digital money is the same as the weight of $1.
2) You would want the ability to make digital cash
payments off-line, just like you can with physical cash. A
communication link between every store you shop at and
your bank's authorization computer shouldn't be required.
Moreover, if digital cash is to have all the desirable qualities
of physical cash, you should be able to transfer digital cash
directly to another smart-card-carrying individual. Smart
cards that could connect directly to other smart cards would
be ideal in this respect, and would represent an improvement
over physical cash. Even if everyone observed two smart
cards communicating, they would have no way of knowing
whether the transaction involved $5 or $50,000. There
would be no need to slide money under the table.
3) Digital cash should be independent of physical
location--available everywhere and capable of being
transferred through computer and other telecommunication
channels. So we want a smart card that can jack into the
communication nodes of the global information network.
One should be able to pop into a phone booth to make or
receive payments.
4) Got change for a dollar for the quarter slots in the
pool table? Just as we "make change" or divide physical
currency into subunits, so should electronic cash be divisible.
Is this a problem? Hmm. Electronic calculators can perform
an operation know as division, and so can third-graders. So
smart cards ought to be able to handle this also, even if it
presents a few difficulties for theoretical cryptology.
5) To be secure against crooks and rip-off artists,
digital cash should be designed in such a way that it can't be
forged or reused. We wouldn't want people spending the
same money twice, or acting as their own mini-Federal
Reserve Systems and creating money from nothing. This
cryptological problem is different between on-line and off-
line cash systems. In on-line systems the bank simply checks
whether a piece of cash has been spent before.
Proposed off-line systems rely on a framework
developed by David Chaum. Chaum has been the preeminent
cryptological researcher in the field of digital cash [28]. In
his framework for off-line systems, one can double-spend the
same piece of digital cash only by losing one's anonymity.
This has considerable value, because the bank or the person
defrauded, knowing the identity of the devious double-
spender, can send out a collection agent.
But I consider this way of enforcing the "no double-
spending" rule a serious flaw in Chaum's framework.
Catching thieves and rip-off artists is not the comparative
advantage of either banks or the average citizen. (Banks are
usually only good at providing transactions services, and
charging interest and fees.) Would you really want to see,
say, The First Subterranean Bank of Anonymous Digital
Cash merge with the Wackenhut Corporation? Luckily,
however, there are alternative approaches that will prevent
double-spending from ever taking place [29].
6) The most important requirement for individual
freedom and privacy is that digital cash transactions should
be untraceable, yet at the same time enable you to prove
unequivocally whether you made a particular payment.
Untraceable transactions would make impossible a PROMIS-
type data sorting of all your financial activities. In Joe
Blowup's financial chronology, discussed previously, you
wouldn't be able to connect Joe Blowup's name to any of his
purchases. Similarly, no one would know about the money
you wired to Lichtenstein, your purchase of Scientology e-
meters and the banned works of Maimonides, or your
frequent visits to the Mustang Ranch. Privacy-protected off-
line cash systems can be made nearly as efficient as similar
systems that don't offer privacy.
Parallel Money Systems
To set up a digital cash service meeting these
requirements, you would need to buy the rights to use patents
held by David Chaum and RSA, or equivalent rights, and
then set up a bank to issue accounts and smart cards in a
legal jurisdiction where the service won't run foul of the local
banking and money-laundering laws. Of course, in many
other countries the money-laundering statutes will be quickly
amended in an attempt to apply the same reporting
requirements to anonymous digital cash transactions as
currently apply to currency transactions. Such laws will
probably generate little compliance. [30] Since the
transactions in question are unconditionally untraceable,
there won't be any evidence of wrong-doing.
The system of anonymous digital cash will arise as a
parallel system to the existing one of ordinary money.
Therefore there will be a record of the initial entry into the
anonymous system. For example, you might write a $10,000
check drawn on Citibank to The First Subterranean Bank of
Anonymous Digital Cash. This check will be recorded, but
no subsequent transactions will be traceable, unless you
make transfers back out into the ordinary banking world.
Over time, as more people begin to use the anonymous cash
system, some wages will be paid in anonymous digital cash.
This will enable all income transactions, as well as
expenditures, to take place entirely outside the ordinary
monetary system.
Since the anonymous cash system will exist parallel
to the existing system, a floating exchange rate will be
created by market transactions between ordinary money and
anonymous money. Think, by analogy, of a currency board.
Such a board issues domestic currency through the purchase
of foreign "hard" currencies. In the same way, anonymous
digital cash will be issued through the purchase of ordinary
cash or bank deposits. That is, when you make a deposit at
The First Subterranean Bank of Anonymous Digital Cash,
First Subterranean will issue you an anonymous digital cash
account, and will in turn acquire ownership of the ordinary
money. The exchange ratio will not necessarily be one-for-
one. Anonymous digital cash that does not meet some of the
ease-of-use requirements listed previously may exchange for
less than 1 ordinary dollar. On the other hand, digital cash
that meets all those requirements will trade at a premium,
because anonymous digital cash has enhanced privacy
aspects. Money launderers, for example, currently get about
20 percent of the value of money that is made anonymous.
That represents an exchange rate of 1.25 "dirty" dollars for
one "clean" dollar. The market will similarly determine the
exchange ratio between ordinary and anonymous digital
money.
In the 1960s various tax and regulatory burdens, and
political risk considerations, gave rise to a new international
money market, the eurodollar market, which was created
specifically to get around these regulatory and political road-
blocks [31]. When a junior staff member of the Council of
Economic Advisors named Hendrik Houthakker discovered
the eurodollar market's existence, he thought it was an
important development, and recommended that some
discussion of it be included in the annual Economic Report of
the President. "No, we don't want to draw attention to it," he
was told. When Houthakker himself later became a member
of the Council under Nixon, he made sure the Report
included a discussion of the euromarkets. But it was only
much later, in the mid-70s, that the Report said, in a burst of
honesty: "The emergence and growth of the Eurodollar
market may be viewed as a classic example of free market
forces at work, overcoming obstacles created by regulations,
and responding to market incentives to accommodate various
needs" [32].
In a similar way it will be said in some future Report,
that "the emergence and growth of anonymous digital cash
may be viewed as a classic example of free market forces at
work, overcoming obstacles created by surveillance
technologies and money-laundering regulations, and
responding to market incentives to accommodate the public's
need for financial privacy."
[Part III: The Technology of Anonymous Digital Cash]
[Don't inquire about this article for a few months. If you
don't want to see any mathematics, don't inquire at all.]
Footnotes
[1] Quoted in Money Laundering Bulletin, January 1995, p.
3.
[2] Some may view this as a trade secret of the Church of the
Subgenius, so let me cite two sources of publicly available
information. Firstly, I heard it in a sermon by David Meyer,
Pope of All New York, at the Kennel Club in Philadelphia in
the fall of 1985. Secondly, it is similarly proclaimed in
Subgenius Recruitment Tape #16, which may be rented from
Kim's Video in the East Village of Manhattan.
[3] Bryan Burrough, Vendetta: American Express and the
Smearing of Edmond Safra, HarperCollins, New York, 1992.
[4] Sec. 1517 (c) states: "Any financial institution that
makes a disclosure of any possible violation of law or
regulation or a disclosure pursuant to this subsection or any
other authority, and any director, officer, employee, or agent
of such institution, shall not be liable to any person under
any law or regulation of the United States or any
constitution, law, or regulation of any State or political
subdivision thereof, for such disclosure or for any failure to
notify the person involved in the transaction or any other
person of such disclosure."
[5] "A completely cashless economy *where all transactions
were registered* would create enormous problems for the
money launderers" (emphasis added), Report of the
Financial Action Task Force on Money Laundering, Paris,
February 7, 1990.
[6] Kirk W. Munroe, "Money Laundering: the Latest
Darling of the Prosecutor's Nursery," law firm of Richey,
Munroe & Rodriguez, P.A., Miami, FL, 1994.
[7] President's Commission on Organized Crime, The Cash
Connection: Organized Crime, Financial Institutions, and
Money Laundering, U.S. Government Printing Office,
October 1984. This definition is certainly more coherent
than Michael Sindona's circular statement that "laundering
money is to switch the black money or dirty money . . . to
clean money."
The U.S. definition of money laundering is found in 18
U.S.C. 1956, which was enacted in 1986, and strengthened
in 1988, 1990, and 1992. It sets out three categories of
offenses: transaction offenses, transportation offenses, and
"sting" offenses.
Transaction Offenses: It is a money laundering transaction
crime for any person to conduct, or to attempt to conduct, a
financial transaction which, in fact, involves the proceeds of
specified unlawful activity, knowing that the property
involved in the transaction represents the proceeds of some
crime, and, while engaging in the transaction, with either a)
the intent to promote the carrying on of the specified
unlawful activity, or b) the intent to commit certain tax
crimes, or with the knowledge that the transaction is
designed at least in part a) to conceal or disguise the nature,
location, source, ownership, or control of the proceeds, or b)
to avoid a cash reporting requirement.
Transportation Offenses: It is a money laundering
transportation crime for any person to transport, transmit or
transfer, or to attempt to transport, transmit or transfer, a
monetary instrument or funds into or out of the U.S., and,
while engaging in the act, with either a) the intent to promote
the carrying on of specified unlawful activity, or b) the
knowledge the monetary instrument or funds represent the
proceeds of some crime, and the knowledge that the
transportation, etc., is designed, at least in part, (i) to conceal
or disguise the nature, location, source, ownership, or control
of the proceeds, or (ii) to avoid a cash reporting requirement.
"Sting" Offenses: It is a money laundering crime for any
person to conduct, or to attempt to conduct, a financial
transaction which involves property represented to be the
proceeds of specified unlawful activity, or property used to
conduct or to facilitate specified unlawful activity, said
representation being made by a law enforcement officer or
by another person at the direction of, or with the approval of,
a federal officer authorized to investigate or to prosecute
'1956 crimes, and, while engaging in the transaction, with
the intent to a) promote the carrying on of specified unlawful
activity, or b) conceal or disguise the nature, location, source,
ownership, or control of the property believed to be the
proceeds of specified unlawful activity, or c) avoid a cash
reporting requirement.
[8] See Samuel J. Rabin, Jr., "A Survey of the Statute and
Case Law Pertaining to 26 U.S.C. 60501 (Forms 8300)," in
Money Laundering, Asset Forfeiture and International
Financial Crimes, by Fletcher N. Baldwin, Jr., and Robert J.
Munro, 3 vols., Oceana Publications, New York, 1994.
[9] Section 4702 of P.L. 100-690.
[10] 31 C.F.R. 103.11(p) (1991).
[11] "The means should, in fact, include access by Interpol
to the telecommunications system SWIFT . . .," Draft
Explanatory Report on the Convention on Laundering,
Search, Seizure and Confiscation of the Proceeds from
Crime," September 8, 1990.
[12] Money Laundering Bulletin, March 1995, p. 3.
[13] U.S. Congress, Committee on the Judiciary, The Inslaw
Affair, House Report 102-857, September 10, 1992.
[14] Memorandum to Judge Nicholas Bua from Elliot
Richardson, p. 34. The NSA, naturally, is not
acknowledging the existence of such a chip, much less
providing technical information. But in order to avoid
detection of the chip's transmission signal by the
organization being spied upon, the chip would be designed
so its broadcast would be masked by the general--or some
characteristic--electronic noise of the computer. This could
imply a low-probability-of-interception digital spread
spectrum (SS) communication system with a broad
bandwidth, perhaps in the range of 1 to 10 gigahertz. As a
related example of this technique, a "low level wideband SS
signal, can easily be hidden within the same spectrum as a
high power television signal where each signal appears to be
noise to the other" ("Spread Spectrum Techniques," in Geoff
Lewis, Newnes Communications Technology Handbook,
Oxford, 1994). The broadcast power requirements of such a
chip would not be large, but rather similar to a walkie-
talkie's. The information broadcast by the chip could then
either be monitored locally and re-transmitted to satellite, or
transmitted directly to a geosynchronous signals-collection
satellite such as Magnum. The Magnum and other U.S. spy
satellites are operated by the Air Force on behalf of the
National Reconnaissance Office, while NSA does the signal
processing. (I am grateful to John Pike, Director of Space
Policy & CyberStrategy Projects, Federation of American
Scientists, for advice on the information in this footnote. He
is not responsible for any errors or the specific content of any
statement.)
[15] I have in mind an NSA operation. But after Part I of
The End of Ordinary Money was circulated, the CIA
approached my own former company (which sells banking
software) and proposed that it provide cover for their agents
to enter foreign banks. The CIA also separately offered to
pay $100,000 for the customer list of a particular bank
among the Swiss big four.
[16] Barry A. K. Rider, "Fei Ch'ien Laundries--the Pursuit of
Flying Money," in Money Laundering, Asset Forfeiture and
International Financial Crimes.
[17] Money Laundering Bulletin, April 1995, p. 2.
[18] Ibid, p. 4.
[19] Details of the foreign exchange, eurocurrency, and
eurobond markets are covered at length in J. Orlin Grabbe,
International Financial Markets, 3rd edition, Simon &
Schuster, New York, 1995.
[20] Eurobonds are bearer bonds. So if you have the bond in
your pocket, you own it, in the same way you own the dollar
in your pocket. The same goes for interest coupons--they are
to be paid to bearer. Most eurobond-issuing companies pay
interest to Euroclear, which distributes the payments to the
owners of the bonds stored in its depository vaults. But the
companies are afraid that if the bonds are stolen, they will
have to pay the same coupons again. Hence they insist
coupons be clipped and destroyed as they are paid. When I
visited Morgan Guaranty (which operates Euroclear) in
Brussels in 1982, there were 20 employees whose full-time
job was clipping coupons.
[21] John W. Moscow, "The Collapse of BCCI," in Money
Laundering, Asset Forfeiture and International Financial
Crimes.
[22] Details of the card size, layout, coding, and recording
are laid out in ISO standards 7810 to 7813. The first track is
sometimes called the International Air Transport Association
(IATA) track, the second the American Bankers Association
(ABA) track, and the third the Mutual Institutions National
Transfer System (MINTS) track.
[23] This may be as simple as assigning the numbers 0 to 5
to the letters A to F. If this assignment is made, the
probability is three-fourths that a digit in the resulting
decimal number is one of 0 to 5, while there is only one-
fourth probability that a digit is 6 to 9.
[24] Computer logs are often kept for each part of a
transaction. So the evil programmer doesn't have to tap lines
if he can get hold of the logs instead.
[25] Public key encryption is implemented in the Datakey
smart card of the National Institute of Standards and
Technology. This card uses the Hitachi H8/310 processor.
Atmel and Phillips chips also include public-key encryption
hardware, and allow algorithms to be implemented by the
card's application designer. Smart and other chip card
standards are laid out in ISO 7816. (More on smart cards can
be found in Jose Luis Zoreda and Jose Manuel Oton, Smart
Cards, Artech House, Boston, 1994.) The recent ANSI X9F
standards include those for using public key systems to
secure financial transactions. The communication link would
involve two-way authentication using Diffie-Hellman key
exchange.
[26] Clark Matthews, "Tomorrow's 'Smart Cards': Technical
Marvels That Give Government Fearful Power," reprinted
from The Spotlight, undated.
[27] Some of the following points were broached in a
different way by T. Okamoto and K. Ohta, "Universal
Electronic Cash," Advances in Cryptology--Crypto 91,
Springer-Verlag, Berlin, 1992.
[28] See David Chaum, "Achieving Electronic Privacy,"
Scientific American, August 1992, pp. 96-101; "Blind
Signatures for Untraceable Payments," Advances in
Cryptology-- Crypto 82, D. Chaum, R.L. Rivest, & A.T.
Sherman (Eds.), Plenum, pp. 199-203; "Online Cash
Checks," Advances in Cryptology--Eurocrypt 89, J.J.
Quisquater & J. Vandewalle (Eds.), Springer-Verlag, pp.
288-293; "Efficient Offline Electronic Checks," with B. den
Boer, E. van Heyst, S. Mjxlsnes, & A. Steenbeek, Advances
in Cryptology--Eurocrypt 89, J.-J. Quisquater & J.
Vandewalle (Eds.), Springer-Verlag, pp. 294-301;
"Cryptographically Strong Undeniable Signatures,
Unconditionally Secure for the Signer" with E. van Heijst &
B. Pfitzmann, Advances in Cryptology--Crypto 91, J.
Feigenbaum (Ed.), Springer-Verlag, pp. 470-484; "Numbers
Can Be a Better Form of Cash than Paper," Smart Card
2000, D. Chaum (Ed.), North Holland, 1991, pp. 151-156;
"Privacy Protected Payments: Unconditional Payer and/or
Payee Untraceability," Smart Card 2000, D. Chaum & I.
Schaumuller-Bichl (Eds.), North Holland, 1989, pp. 69-93;
"Security Without Identification: Transaction Systems to
Make Big Brother Obsolete," Communications of the ACM,
vol. 28 no. 10, October 1985, pp. 1030-1044; "Smart Cash:
A Practical Electronic Payment System," J. Bos & D.
Chaum, CWI-Report CS-R9035, August 1990; "Untraceable
Electronic Cash," with A. Fiat, & M. Naor, Advances in
Cryptology--Crypto '88, S. Goldwasser (Ed.), Springer-
Verlag, pp. 319-327.
[29] "[P]rior restraint of double-spending can be achieved by
using a tamper-resistant computing device that is capable of
merely performing a signature scheme of the Fiat-Shamir
type (of one's own choice), such as the Schnorr signature
scheme" (Stefan Brands, "Highly Efficient Electronic Cash
Systems," March 17, 1994.)
[30] I highly recommend Henry David Thoreau's essay Civil
Disobedience.
..
[31] These included the interest ceilings set by the Federal
Reserve's Regulation Q, Kennedy's Interest Equalization
Tax, and the Foreign Credit Restraint Program. See
International Financial Markets, Chapter 1.
[32] Economic Report of the President, 1975.
- **********************************************************
- Copyright 1995 J. Orlin Grabbe, 1280 Terminal Way #3, *
- Reno, NV 89502. Internet address: kalliste@delphi.com *
- **********************************************************