From: Ken Williams <jkwilli2@unity.ncsu.edu>
To: cypherpunks@toad.com
Message Hash: 11d962e47ffedecb4a7d9ab81404e7f25bcaed6d7254a7087b797f6c063c1ca0
Message ID: <Pine.SOL.4.05.9811250823220.19063-100000@c00985-224wi.eos.ncsu.edu>
Reply To: N/A
UTC Datetime: 1998-11-25 14:28:35 UTC
Raw Date: Wed, 25 Nov 1998 22:28:35 +0800
From: Ken Williams <jkwilli2@unity.ncsu.edu>
Date: Wed, 25 Nov 1998 22:28:35 +0800
To: cypherpunks@toad.com
Subject: [ISN] Feds Want Banks to Spy on All Customers...Even You! (fwd)
Message-ID: <Pine.SOL.4.05.9811250823220.19063-100000@c00985-224wi.eos.ncsu.edu>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
Good thing I keep all my money in a steel case buried somewhere
along the Appalachian trail. No bank accounts, no credit cards.
Ken Williams
Packet Storm Security http://www.Genocide2600.com/~tattooman/
E.H.A.P. Head of Operations http://www.ehap.org/ ehap@ehap.org
NC State CS Dept http://www.csc.ncsu.edu/ jkwilli2@unity.ncsu.edu
PGP DSS/DH/RSA Keys http://www4.ncsu.edu/~jkwilli2/pgpkey/
_____________________________________________________________
Get Your Private, Free, Encrypted Email at http://www.nsa.gov
- ---------- Forwarded message ----------
Date: Wed, 25 Nov 1998 00:56:41 -0700 (MST)
From: mea culpa <jericho@dimensional.com>
To: InfoSec News <isn@repsec.com>
Subject: [ISN] Feds Want Banks to Spy on All Customers...Even You!
>From: ISPI Clips 6.51
>From: WorldNetDaily, November 23, 1998
Big Brother Banks? FDIC has snooping plans
http://www.worldnetdaily.com/bluesky_exnews/19981123_xex_big_brother_.shtml
David M. Bresnahan, David@talkusa.com
Contributing Editor, WorldNetDaily
Are you a potential criminal? Are you a threat to banks, airlines, a
potential spy, or perhaps an IRS tax protester? The government would like
to know and they are about to force banks to be their detectives.
The federal government wants banks to investigate you. Soon your banker
will know more about you than anyone else in town. Banks must not only
determine your correct identity, they must also know how you make your
money, and how you spend it. Once you establish a pattern of deposits and
withdrawals, banks must inform federal agencies when you deviate.
Bank customers may soon find themselves explaining to the FBI, Internal
Revenue Service, and the Drug Enforcement Agency why they made a $15,000
deposit to their bank account. According to current Federal Deposit
Insurance Corporation plans, banks will soon establish "profiles" of their
customers and report deviations from those profiles.
If you sell a car, for example, and place the proceeds in your account
while you shop for a new one, a red flag may go off in the bank computer.
Such a situation puts law abiding citizens in a situation where they must
prove they are innocent, says Scott McDonald of the watchdog group Fight
the Fingerprint.
An uproar from grass roots Americans is the only thing that will stop the
current plans for the FDIC "Know Your Customer" program, according to
McDonald. His organization has led the charge against the national ID,
medical ID, and computerized information about private aspects of people's
lives.
A recent announcement by the FDIC provides for citizen comment prior to
implementation of their new banking regulations. The deadline for comments
is Dec. 27, 1998.
"The FDIC is proposing to issue a regulation requiring insured nonmember
banks to develop and maintain 'Know Your Customer' programs," according to
a recent FDIC information package sent to Congress to provide notice of
proposed rulemaking, and to banks for comment.
"As proposed," the 29-page FDIC document begins, "the regulation would
require each nonmember bank to develop a program designed to determine the
identity of its customers; determine its customers' source of funds;
determine the normal and expected transactions of its customers; monitor
account activity for transactions that are inconsistent with those normal
and expected transactions; and report anytransactions of its customers
that are determined to be suspicious, in accordance with the FDIC's
existing suspicious activity reporting regulation. By requiring insured
nonmember banks to determine the identity of their customers, as well as
to obtain knowledge regarding the legitimate activities of their
customers, the proposed regulation will reduce the likelihood that insured
nonmember banks will become unwitting participants in illicit activities
conducted or attempted by their customers. It will also level the playing
field between institutions that already have adopted formal 'Know Your
Customer' programs and those that have not."
Many banks across the country have already begun to implement such
programs, according to the FDIC. A quick search of the Internet found many
stories in press accounts of problems reported at such banks. There have
been a number of stories dealing with banks requiring fingerprints to open
accounts and to cash checks. There are several lawsuits presently underway
testing the right of banks to make that requirement.
McDonald has been fighting that issue, along with fingerprints on driver's
licenses for some time. He pointed out the many errors found on credit
reports and suggested that banks will soon make similar errors when they
begin creating profiles of their customers.
The FDIC is selling the planned regulations by pointing out the need for
prevention of financial and other crime.
"By identifying and, when appropriate, reporting such transactions in
accordance with existing suspicious activity reporting requirements,
financial institutions are protecting their integrity and are assisting
the efforts of the financial institution regulatory agencies and law
enforcement authorities to combat illicit activities at such
institutions," says the FDIC.
The proposed regulation is, according to FDIC spokesperson Carol A.
Mesheske, authorized by current law. It comes from the statutory authority
granted the FDIC under section 8(s)(1) of the Federal Deposit Insurance
Act (12 U.S.C. 18189s)(1), as amended by section 259(a)(2) of the Crime
Control Act of 1990 (Pub. L. 101-647).
The FDIC claims that the law requires them to develop regulations to
require banks to "establish and maintain internal procedures reasonably
designed to ensure and monitor compliance with the Bank Secrecy Act.
Effective 'Know Your Customer' programs serve to facilitate compliance
with the Bank Secrecy Act."
The proposed regulations will mandate that all banks insured by the FDIC
must maintain an intelligence gathering department that screens out
customers and keeps an eye on existing customers. Before you decide to
move your money to a credit union, you should know that the FDIC is not
the only federal organization making such plans.
"Each of the other Federal bank supervisory agencies is proposing to adopt
substantially identical regulations covering state member and national
banks, federally-chartered branches and agencies of foreign banks, savings
associations, and credit unions. There also have been discussions with the
Federal regulators of non-bank financial institutions, such as
broker-dealers, concerning the need to propose similar rules governing the
activities of these non-bank institutions," reports FDIC attorney Karn L.
Main in the proposal.
The purposes for the regulation are to protect the reputation of the
banks, to facilitate compliance with the law, to improve safe and sound
banking practices, and to protect banks from being used by criminals as a
vehicle for illegal activities.
Current customers will be subjected to the new regulation in the same way
new customers will be scrutinized. The FDIC does not wish to permit any
loop hole which would leave any bank customer unidentified or
unsupervised.
Each bank will create profiles. The first profile will determine the
amount of risk a potential customer might present by opening an account.
The system of profiling potential customers will be different from one
bank to the next, since the FDIC does not provide a uniform program. The
purpose of the profile is to identify potential customers who might use a
bank account for funds obtained through criminal activity.
The next profile will be one that is used by automated computers to
determine when suspicious activity is taking place in an account. When
activity in the account does not fit the profile, banks will notify
federal authorities so they can investigate.
Banks are expected to identify their customers, determine normal and
expected transactions, monitor account transactions, and determine if a
particular transaction should be reported.
The FDIC has sent copies of the proposal to all banks and is asking for
input. The questions asked by the FDIC in the proposal do not
Return to November 1998
Return to “Ken Williams <jkwilli2@unity.ncsu.edu>”