The FinCEN Files reveals the role of global banks in industrial-scale money laundering – and the bloodshed and suffering that flow in its wake.

Drawing on a cache of secret financial intelligence reports, the global investigation reveals how banks’ profit motives overwhelm their legal obligations to stop dirty money — and how a broken U.S.-led enforcement system perpetuates business as usual.

A data analysis by the International Consortium of Investigative Journalists found banks routinely processed transactions without knowing the ultimate source or destination of the money, often to and from shell companies incorporated in secrecy jurisdictions in transactions with potential links to money laundering and corruption. The analysis also found lags from the time of a suspicious transaction to banks’ filing a report.

The leaked documents, known as the FinCEN Files, include more than 2,100 suspicious activity reports, or SARs, filed by banks and other financial firms with the U.S. Department of Treasury’s Financial Crimes Enforcement Network. The agency, known in shorthand as FinCEN, is an intelligence unit at the heart of the global system to fight money laundering.

The global collaboration explored more than $2 trillion transactions dated from 1999-2017 that had been flagged in the more than 2,100 reports by nearly 90 financial institutions. Most of the SARs in the FinCEN Files – 98% – were filed from 2011-2017. The FinCEN Files also contain transaction spreadsheets and FinCEN reports, bringing the total cache to about 2,600 documents.

The FinCEN Files represent less than 0.02% of the more than 12 million suspicious activity reports that financial institutions filed between 2011 and 2017.

According to BuzzFeed News, some of the records were gathered as part of U.S. congressional investigations into Russian interference in the 2016 U.S. presidential election;  others were gathered following requests to FinCEN from law enforcement agencies. BuzzFeed News obtained the records and shared them with ICIJ, and journalists from 108 news organizations in 88 countries,  to use as a basis of a 16-month investigation into money laundering and the role played by name-brand banks.

The data came with challenges

The suspicious activity reports in the FinCEN Files are a sprawling jumble of documents that reflect the private concerns of global bank money-laundering compliance officers. The SARs include a narrative along with attached spreadsheets of sometimes hundreds of lines of raw transaction data. The reports are of varying quality: some are highly detailed, describing transactions that banks say bear all the hallmarks of money laundering. Others are missing vital information, and reflect a lack of insight by banks themselves about the billions of dollars they are moving for high-risk clients and for other financial institutions. Some records are simply spreadsheets filled with party names, bank names, figures, and dates, that in the FinCEN Files came unattached to the narrative that would provide a reason for their inclusion.

For instance, in the FinCEN Files, compliance officers sometimes leave blank the space intended for the primary address. The address field for more than a fifth of the reports include at least one or more of the flagged subjects – both individuals and shell companies – with no street number, city, or even country, which are supposed to be designated with a two-character code. In some cases, the blank addresses are for customers in the bank’s own corporate network.

And when an address was included, more than half of the FinCEN Files SARs listed the wrong country code, ICIJ found. For example, on occasions an address in China would have Switzerland’s “CH” country code assigned to it.

A 2018 Treasury Department Inspector General report found “inconsistencies in how filers report certain critical data fields such as institution name or address.” The report’s review of 39 critical data fields in more than 1.75 million SARs and related documents filed from May 2013 – April 2014, found one or more “data quality errors”  including omitting addresses and other critical data fields left blank –  in 33.5% percent of the filings.”  The report also said there was “no mechanism in place” to ensure that errors in SAR were corrected.

In response, the agency’s management said it had made reforms that it believed “strike the proper balance of data quality with data urgency and usefulness.”

Mining the data and exploring the money flows was a project-within-a-project. ICIJ coordinated a massive global effort involving more than 85 journalists in 30 countries to extract data from the PDF files that contained the SAR narrative reports, as well as to gather more than 17,600 additional records, many via freedom of information requests.

ICIJ shared the records with partners on its bespoke sharing and research platform, Datashare, which is developed by ICIJ’s technical team.

ICIJ and its partners analyzed the data using statistical and textual analysis. ICIJ also built a bespoke fact-checking tool to process the extracted data and deployed machine learning to review more than 60,000 addresses that were part of the data. All addresses were later checked manually.

Most of the SAR narratives in the FinCEN Files cache didn’t include attached spreadsheets containing transaction-level data. But since the narratives often contained key details about money flows, ICIJ, BuzzFeed News and media partners explored the reports’ roughly 3 million words as part of the analysis.

Here are the findings.

Searching both numbers and text

ICIJ’s analysis found that in half of the reports, banks didn’t have information about one or more entities behind the transactions. In more than 680 reports in the FinCEN Files, financial institutions asked for more information about entities and on more than 160 occasions other banks didn’t respond. Some banks or branches in countries such as Switzerland cited local secrecy laws in their jurisdictions to deny the information.

An ICIJ analysis also found that banks in the FinCEN Files regularly processed transactions for companies registered in so-called secrecy jurisdictions and did so without knowing the ultimate owner of the account. In more than 620 of the reports, banks flagged the use of “high risk” jurisdictions at least once. Corporate account holders often provided addresses in the U.K., the U.S., Cyprus, Hong Kong, the United Arab Emirates, Russia and Switzerland. At least 20% of the reports contained a client with an address in one of the world’s top offshore financial havens, the British Virgin Islands.

Deutsche Bank’s 982 filings represented 62% of the total amount in suspicious transactions in the leak. The FinCEN Files also contain large numbers of files from Bank of New York Mellon, Standard Chartered, JP Morgan Chase, Barclays and HSBC.

ICIJ’s analysis revealed a median time lag of 166 days -almost half a year- from the time transactions took place and the time it was reported to FinCEN. Federal rules require financial institutions to report a suspicious transaction in most cases within 30 days after detecting it.

The analysis found some cases in which banks file reports in response to news reports, (including ICIJ’s 2016 Panama Papers investigation), or judicial legal filings involving customers long after the fact of the transactions.

ICIJ also found suspicious transactions tied to more than 20 companies and individuals flagged by the banks that were linked to corruption, fraud, embezzlement or sanctions evasion cases (and produced an interactive to present key details about these clients).

The analysis found that suspicion of money laundering operations was the most common reason given for filing a report in the FinCEN Files. Other reasons were suspicion of fraud, a FinCEN category called “financial instruments (monetary contracts),” and suspicion of so-called structuring, a series of transactions designed to avoid red flags.

A global effort to mine the data

After removing duplicates, standardizing bank names and other preliminary steps, ICIJ performed textual analysis to identify sentences in the narratives that could indicate the presence of a shell company or that a bank didn’t know the ultimate owner. ICIJ used the SQL and Python programming languages for the analysis.

ICIJ, BuzzFeed News and its partners tried more than one form of programming in an attempt to extract details from the more than 8,000 pages of narratives automatically (much was still done by hand). At first, ICIJ partner SVT used machine learning to screen the records and obtain a first set of transactional data. The variations in language and the complexity of the reports prevented the capture of some key details.

In the end, ICIJ and its partners launched a giant data-extraction effort: for more than a year, 85 journalists in 30 countries reviewed and extracted transaction information from assigned suspicious activity reports and manually entered it into Excel files, which were then uploaded to ICIJ’s communications platform, the Global iHub. The effort resulted in 55,000 records of structured data and included details on more than 200,000 transactions flagged by the banks in the SARs.

After the extraction was complete, ICIJ reviewed each extraction three times. The fact-checking alone took seven months. Using the Django web framework, ICIJ built its own fact-checking tool that highlighted the information extracted by each reporter, allowing colleagues to flag errors and track edits throughout the process.

ICIJ reviewed each extraction three times through a fact-checking tool ICIJ developed for the investigation. Image: ICIJ / FinCEN Files

ICIJ held extensive training sessions for partners on the use of ICIJ’s technologies for research and follow up review sessions to better understand the data. The project also made extensive use of ICIJ’s Global iHub and secure conference calls to coordinate the complex undertaking.

Through this massive effort, ICIJ was able to find details that would have otherwise remained hidden on more than $380.6 billion in the FinCEN Files, including, for instance, more than $9.3 billion in reported suspicious transactions involving the gold trading company Kaloti. More than a fourth of the total amount of suspicious transactions reviewed as part of the FinCEN Files investigation were related to gold.

This giant extraction effort helped track correspondent banks, global banks with access to the U.S. Federal Reserve, by their financial institution customers around the world. The analysis found that in the FinCEN Files jurisdictions as Latvia and Hong Kong were among the most common locations of local banks receiving or sending money via correspondent banks.

Public records

ICIJ also found huge discrepancies between the amount that so-called limited liability partnerships had filed in UK government financial statements and the amount bank compliance officers reported flowing through the same companies’ accounts. ICIJ found more than $4.5 billion appeared in the FinCEN Files as flowing through LLP accounts more than the LLPs report in their financial statements as revenue to Companies House, the registrar of companies in the United Kingdom long criticized for allowing corporations to register with secret owners.

ICIJ also used information from the Venezuelan Registry of Contractors and public records databases Sayari and Vendata to identify in the FinCEN Files more than $4.8 billion in reported suspicious transactions with links to Venezuela between 2009 and 2017. Nearly 70% of that amount listed a Venezuelan government entity, such as the Ministry of Finance, as a party to the transaction.

Connecting the dots

Finally, ICIJ used graph databases (Neo4J and Linkurious) to visualize and explore the FinCEN Files’ 400 spreadsheets containing data on 100,000 transactions. These were among the many tools to help piece together a nuanced picture of a broken system.

Global data collaboration contributors: Kenzi Abou-Sabe, Krishna Acharya, Rickard Andersson, Roman Anin, Agustin Armendariz, Peter Babutzky, Jeremie Baruch, Helena Bengtsson, Paolo Biondani, Jacob Borg, Lars Bové, Simon Bowers, Andrea Cardenas, Claire Caruana, Miriam Castillo, Daniela Castro, Sasha Chavkin, Mario Christodoulou, Kristof Clerix, Anthony Cormier, Jelena Cosic, Xavier Counasse, Gaby De Groot, Emilia Díaz-Struck, Lara Dihmis, Irina Dolinina, Philipp Eckstein, Marcus Engert, Jesus Escudero, Miguel Fiandor Gutierrez, Kaspar Fink, Mariel Fitz Patrick, Will Fitzgibbon, Azeen Ghorayshi, Kyra Gurney, Günter Hack, John Hansen, Richard Holmes, Karol Ilagan, Maia Jastreblansky, Karlijn Kuijpers, Ville Juutilainen, Karrie Kehoe, Jiyoon Kim, Minna Knus-Galán, Anouk Kootstra, Bernt Koschuh, Ulla Kramar-Schmid, Tomohiro Kubota, Andrew Lehren, Boyoung Lim, Lee Long Hui, Norihisa Makino, Alesya Marohovskaya, Stefan Melichar, Carmen Molina Acosta, Gretchen Morgenson, Michael Nikbakhsh, Toshihiro Okuyama, Marco Oved, Andras Petho, Scott Pham, Petra Pichler, Kit Ramgopal, Aidila Razak, Delphine Reuter, Michael Sallah, Yasuomi Sawa, Nina Selbo Torset, Karina Shedrofsky, Roman Shleynov, Olesya Shmagun, Emily Siegel, Jeremy Singer-Vine, Fredrik Stalnacke, Jan Strozyk, John Templon, Rory Tinman, Mago Torres, Yukiko Toyoda, Maxime Vaudano, Mika Velikovskiy, Tom Warren, Margot Williams, Amy Wilson-Chapman, Spencer Woodman, Shyamlal Yadav, Blanka Zoldi