Wednesday, July 31, 2024

China is slowly joining the economic war against Russia

I recently shared a chart on Twitter showing Chinese exports of ball bearings to Russia. Here it is:


Having accelerated after Putin's invasion of Ukraine to a run-rate of around US$5-7 million per month in 2023, Chinese ball bearing exports to Russia have been ratcheted down to the $2-3 million level in 2024, about where they stood prior to the invasion.

What's going on here? As Russia's closest ally, shouldn't China be sending Putin all the ball bearings he  wants? Russian tanks are being destroyed every day and ball bearings are a crucial component for building replacements.

Before answering this question, we need a bit of background.

We can think of the economic response to Russia's illegal invasion of Ukraine as progressing in two stages. The first stage of the economic war involved a coalition of liberal democracies (U.S., the EU, Canada, Japan, Switzerland, South Korea, Norway, the UK, and more) reducing their own economic linkages to Russia. Europe drastically scaled down its imports of Russian natural gas. Imports of Russian crude oil into Japan and Germany were slashed to bare bone levels. Western corporations like Coke and John Deere decamped. And the U.S. made an effort to cut down on exports of military goods and so-called dual-use items, which have both commercial and military applications. Ball bearings fall into this category, since they are useful not only for civilian vehicles but also artillery and tanks.

The second stage of the economic war has only recently ramped up, and involves the coalition exerting its influence on non-coalition countries like Turkey, United Arab Emirates, China and India in order to get them to cut down on their economic linkages with Russia.

A key component of this next stage are the U.S. secondary sanctions that were introduced in December 2023 by the U.S. Treasury's Office of Foreign Assets Control ("OFAC"). I've written about them here, here and here

In short, if OFAC catches a foreign bank in Shanghai, Delhi, or Dubai facilitating transactions involving Russia's military-industrial complex, including dual-use goods, then that bank risks being cut off from the U.S. banking system. Because the U.S. banking system is so vital, foreign banks prefer to cease all offending Russian trade. This effectively stops Turkish or Chinese ball bearing manufacturers (as well as any other businesses that deals in dual-use goods) from dealing with Russian buyers, since these manufacturers are reliant on their local banks for cross-border payments.

Along with OFAC's introduction of secondary sanctions, there has also been a big step-up in U.S. export controls, which are overseen by a different agency, the U.S. Department of Commerce's Bureau of Industry and Security ("BIS"). The BIS maintains a list of U.S.-produced dual-use items. American and foreign entities are required to get a license from the BIS before exporting, reexporting, or importing certain items on its list.

In March 2024, the BIS broadened the criteria that triggers a licensing requirement. The criteria now includes any involvement of entities listed under fourteen different OFAC sanctions programs, the majority of which are linked to Russia and Ukraine. So for example, if a Hong Kong-based wholesaler intends to re-export a BIS-listed item to a country like Armenia, or transfer that item within Hong Kong, and they fail to realize that the recipient is an actor on one of OFAC's Russia-related sanctions list, then that Hong Kong wholesaler has now violated U.S. export controls. To prevent violations, intermediaries like our Hong Kong wholesale must sharpen their screening requirements.

These new rules, which have been described as a BIS "force multiplier" of OFAC's sanctions program, are intended to assert influence over a broad cross-section of dealers that specialize in indirectly re-exporting goods to Russia. These indirect routes often proceed through a labyrinth of pit-stops in jurisdictions like UAE, Hong Kong, and Kyrgyzstan.

Back to ball bearings. How is the second stage of the economic war progressing? The chart at the top of the page suggests the new measures may be working. Recall too that in February I wrote a post tracking what seemed to be some initial anecdotal indications of success. In the rest of this article I want to use another four or five months of data to provide a more complete picture of how China's interactions with Russia have being affected.

China is crucial to Russia because it has a become a key source of goods destined for the battlefield. According to a report from the KSE Institute, some 44% all Russian parts destined for the Ukraine battlefield were linked to producers in coalition nations, primarily the U.S. These include parts that have been branded by American stalwarts like Intel and Analog Devices. Mainland Chinese producers accounted for 47% of battlefield goods (see chart below). However, progressing further down the value chain to country of dispatch, around 56% of all battlefield partsincluding the U.S.-produced onesget to Russia by way of China, and another 22% via Hong Kong, a special administrative region of China. Together, almost 80% of Russia's battlefield parts are dispatched from these two Chinese sources.

Source: KSE Institute

In other words, not only is China producing its own battlefield goods destined for Russia, but it is also responsible for the final re-routing to Russia of most U.S. produced battlefield goods, at least in the period starting in January 2023 and ending that October.

The items that make up the battlefield goods cited by the KSE Institute are derived from the coalition's Common High Priority List, which includes 50 dual-use items that Russia seeks to procure for its weapons programs, one of which is ball bearings. For the rest of this article I will focus my analysis on the four most important goods on the Common High Priority list: Tier 1 items. Tier 1 items consist of microelectronic circuits (processors, memories, amplifiers, and other circuits) that the BIS says play a "critical role" in the production of advanced Russian precision-guided weapons systems. Russia lacks the ability to produce these items and is reliant on a limited number of global manufacturers, according to the BIS, which only amplifies their importance to Russia.

The chart below shows Chinese exports of Tier 1 items to Russia as reported by China's customs authority. Prior to Russia's invasion of Ukraine, these exports typically came in at around $5 million per month. Post-invasion, they rose to a range of $10 million to $34 million per month, suggesting significant military diversion. 


With the arrival of secondary sanctions in December, monthly Tier 1 exports have fallen below the pre-invasion watermark of $5 million.

The above customs data does not include Hong Kong, which along with mainland China has become a major Chinese source of Tier 1 exports to Russia. To provide a more complete picture, the chart below adds Hong Kong customs data to the mainland customs data. Running between $25-$60 million during most of the war, Tier 1 exports to Russia from the Chinese mainland and Hong Kong have collapsed to sub-$15 million levels this summer, lower than at any point in 2021.


That's quite a big plunge, and certainly suggests that the coalition measures are working with respect to China. Skeptical readers may suggest that China has stopped exporting Tier 1 items directly to Russia only to re-route them via third party nations. According to this theory, the $40-$50 million decline in monthly Chinese exports is being made up by a $40-50 million rise in Chinese exports to, say, Kazakhstan, which eventually make their way to Russia.

Below, I've plotted all Tier 1 exports from the Chinese mainland and Hong Kong to a group of Russian neighbours that includes Armenia, Azerbaijan, Belarus, Georgia, Kazakhstan, Kyrgyzstan, and Uzbekistan.


China's Tier 1 exports to Russia's neighbours rose after the invasion, suggesting significant diversion of exports to Russia, and in March 2024 hit $7 million, their second-highest level over the entire 2021-2024 period. However, over the last three months Tier 1 exports to Russia's neighbours have plunged below even pre-invasion levels.

So no, the theory that third-parties have replaced direct China-Russia trade is not borne out in  the data.

In sum, a variety of U.S. economic tools including secondary sanctions, bolstered export controls, and other types of moral suasion seem to be prying China out of the arms of Russia and into the coalition's effort to economically strangle the Russian war machine.

But there's more to be done. China's exports of high priority goods like circuits and ball bearings have fallen in 2024, but they haven't yet hit zero. That will require more pressure on the Chinese government as well as enforcement against Chinese and Hong Kong companies that violate sanctions and/or exchange controls, as well as against intermediaries in third-party nations like Kazakhstan. To further tighten the screws, the coalition will need to constantly broaden the range of economic activity between China and Russia that it deems off-limits. For now, the coalition says that it is perfectly fine for Chinese companies to export cars and vacuum cleaners to Russia, but there may be a time at which that permissiveness will have to change.

In fact, one of the coalition's biggest escalations in the sanctions war occurred in June, with the U.S. secondary sanctions program being extended to include Russian banks. (I wrote about this here.) In effect, Russian financial institutions are now off-limits for Chinese banks (and banks elsewhere, too), unless these Chinese banks want to lose their access to the U.S. banking system. This blacklisting of Russian banks will make it very difficult for Chinese exporters to continue doing business with their now-unbanked Russian counterparts, further eating into the trade relationship between the two nations.

The trade data in the above charts does not yet include the effects of the extension of sanctions to Russia's banks, but I suspect the effects will be significant.

Welcome to the economic war against Russia, China. We hope you continue to do your part. 

Thursday, July 25, 2024

Bitcoin as a tool of U.S. economic statecraft

Riot Platform's Rockdale, Texas facility, North America’s largest Bitcoin mining farm by developed capacity [source]

Can a network that has been marketed as being resistant to government power be harnessed by the U.S. administrative state in order to attain its foreign policy goals?

Sam Lyman, an executive at Riot Platforms, a bitcoin miner, opens the door to the topic by suggesting that bitcoin can become a tool of U.S. economic statecraft, and the way to do so is by having the U.S. government buy a strategic reserve of the stuff.

I agree that bitcoin can be used as a tool of U.S. economic statecraft, but disagree on how. There's absolutely no need for the U.S. government to buy any bitcoin in order to lever the Bitcoin network for foreign policy purposes. Buying bitcoins would only waste scarce resources, driving up the price to the benefit a select few speculators. No, the U.S. already has the means to lever the bitcoin network, and that's by leaning on the U.S. private sector's dominance of bitcoin mining, of which Lyman's own Riot Platforms is a big player (see photo at top).

The U.S. controls 38% of all bitcoin mining capacity, a big share of that being in Texas. Mining is a word people use in place of "maintaining the network." When a bitcoin transaction is made, miners are the folks who verify and process it, a number of miners often banding together to form pools for that purpose. Without miners, the bitcoin network ceases to function. 

How to lever the Texas bitcoin mining nexus for the purposes of statecraft? In short, the mining nexus must be brought on par with its bigger cousin, the New York banking nexus, which the U.S. government already harnesses to further its foreign policy goals.

Any American banker that deals with a foreign individual or entity that has been designated, or sanctioned, by the U.S. government risks a penalty, either monetary or jail time. Sanctioned individuals are generally folks living overseas who are deemed to be in conflict with the U.S. foreign policy interests. And so U.S. banks, the largest nexus of which is based in New York, try to avoid punishment by cutting sanctioned names off from their banking platforms, thereby exporting American foreign policy to the rest of the world.

By requiring Texas's bitcoin miners (or the pools of which they are members) to abide by the same standard as banks, don't deal with bitcoin users who are deemed detrimental to U.S. foreign policy goals or you will be punished, the Bitcoin network would likewise become a platform for extending American foreign policy goals to the rest of the world. This would oblige Texas miners to comb over sanctions list and offboard blacklisted individuals, just like bankers currently do. With 38% of the world's mining capability in Texas and a few other states, that's a sizable amount of U.S. influence.

But that's only the beginning. There are ways to further upgrade bitcoin's capability as a tool of sanctions-based statecraft. When the U.S. sanctions program was still in its infancy, the punishment for breaking U.S. sanctions was generally limited to Americans individuals and entities. Over the last decade or two the U.S. has been extending punishment extraterritorially to foreigners, by arguing that when a foreigner "causes" an unsuspecting U.S. entity to process sanctioned transactions, then the foreigner is themself criminally liable under U.S. law for sanctions evasion.

An example may help. A decade ago a large Turkish bank called Halkbank processed transactions for sanctioned Iranians. Nothing illegal about that. A Turkish bank isn't under U.S. jurisdiction, and thus it can deal with any customer the Turkish government allows it to, even one that has been blacklisted by the U.S. What got Halkbank in trouble with the Department of Justice is that the transactions it processed passed through, or transited, the bank's correspondent accounts in New York. The fact that it had "caused" its New York banker to provide financial services to sanctioned Iranians (see the language below) was enough for Halkbank to be criminally indicted in New York for sanctions evasion.


The crime of causing others to violate sanctions [source]


The same framework could be extended to Texas bitcoin miners.

For instance, if a Turkish crypto exchange were to send some bitcoins to a sanctioned Russian, and this transfer was processed by a Texas mining farm or pool, say Riot Platform's Rockdale facility, that would now give the U.S. government the hook it needs to charge the Turkish exchange with sanctions violation. By "causing" Riot to process a prohibited transaction, the Turkish exchange is itself criminally liable under U.S. law. To avoid that possibility, the Turkish exchange may choose to proactively adopt the U.S. government's sanctions list, thus acting as a vessel for conveying U.S. policy on Turkish soil.

The threat of punishing foreign actors for "causing" U.S. entities (whether those be miners or bankers) to process sanctioned transactions acts as a force-multiplier of U.S. foreign policy goals. Not only do U.S. financial institutions export policy, as was traditionally the case, but now foreign institutions are nudged into importing it, too.

To sum up, if folks like Lyman were genuinely serious about harnessing bitcoin as a tool of U.S. foreign policy, they'd be calling for the U.S. government to apply to miners the same sanctions standards that currently apply to regular financial entities like banks. That they aren't calling for this, and instead want the U.S. government to buy bitcoin, suggests they are motivated by a higher price for bitcoin and their own corporate profits, not actual statecraft. 

Thursday, July 11, 2024

Your finances are being snooped on. Here's how


We all have a pretty good idea that our finances are being snooped on, but most of us aren't quite able to articulate how. We know that we're being snooped on by two groups, corporations and the government. This post will focus on how the government surveils our transactions, because democratic governments generally (but certainly not always!) tell us ahead of time what information they will gather, and how the data will be used.

Governments snoop on law abiding citizens' financial data for good reasons  they are trying to trace the money in order to catch bad guys. The government has been given the power to collect this information without having to ask a judge for approval, say by requesting a search warrant. 

I think there is a degree of acceptance among citizens that some amount of warrantless financial snooping is okay, because it reduces crime. But as the intensity of surveillance increases it eventually reaches creepy territory, at which point most of us would prefer the brakes be applied.

Where is this line? I'm a committed comparativist. To get a good sense of how one is snooped on, and whether it has passed over the line to being creepy, one needs a reference point. So in this blog post, I'll compare how two groups of citizens  Americans and Canadians are being surveiled by their respective governments, so that both groups can better understand, by reference to each other, where they stand.

The first section focuses on the inflows of personal financial data from citizens to the government. The second section will focus on the outflows of data from the government to law enforcement.

***How citizens' personal financial data flows into the government***

Both the U.S and Canadian governments collect large amounts of financial data about their citizens. They do so by requiring banks and other financial institutions to record information about their customers and submit reports to the government about their customers' transactions when certain triggers have been met.

First, let's touch on the total amount of data being hoovered up. On this count, Canada far exceeds the U.S. In the 2022-23 reporting period, Canadian financial institutions submitted a total of 36 million reports to the government containing information about Canadians' financial transactions. That's almost one report per Canadian every year. 

Meanwhile, U.S. institutions sent 27.5 million reports to their government about Americans' financial dealings in 2023, a rate of around 0.1 report for every American, which is ten-times less intensive than in Canada. So based purely on the quantity of data collected, Canada seems to be closer to the "it's getting uncomfortable" level than the U.S. (See table below).

What accounts for this big difference in reporting intensity? In short, it's due entirely to cross-border wire transfers. In Canada, every electronic fund transfer leaving or arriving in Canada must be reported by banks to the government if it sums up to $10,000 or more. So if you've sent an $11,500 wire transfer from your Bank of Montreal account to your son or daughter who lives in London or Paris, congratulations, your name is in a Canadian government database. Or if you run a business and have received a $15,000 digital payment from a U.S. company for services rendered, your corporate data is sitting somewhere in an Ottawa government server.

If you're an American making a foreign wire transfer, your information will not get sent to a government database. The U.S. authorities do not require financial institutions to submit personal information on digital cross-border flows. (Mind you, they have been trying for some time to get the ability to collect this data.)

In the 2022-23 financial year, 27 million of these cross-border wire reports were submitted by Canadian banks, accounting for the lion's share of all 36 million reports submitted to the Canadian government that year.

Apart from cross-border transaction reporting, the nature of Canadian and U.S. eavesdropping is broadly similar.

Let's start with cash transaction reports, or CTRs. When a Canadian goes to their bank and deposits $10,000 or more in cash, the bank will generate a report that it sends to the Canadian government. U.S. banks report deposits and withdrawals of $10,000 in cash to the US government.

So if you're selling a used car and the buyer pays you $12,000 in banknotes, and you deposit that to your bank account, you're now in a government database, whether that be in Canada or the U.S.

Canadian banks generated 8 million CTRs in 2022-23 whereas U.S. banks generated 20.8 million in 2023. Pound for pound, Canadian banks submit more cash transaction reports to their government than U.S. banks, around 0.21 per Canadian compared to 0.06 per American. I'm not sure why. The threshold for reporting a cash transaction in Canada is lower in the U.S. (CAD$10,000 is worth around US$7,300) which may explain some of the difference? Dunno.

With CTRs and cross-border wire transfers, the invasiveness is kept relatively low thanks to the objective criteria that triggers a filing. Exceed the $10,000 threshold and at least you know ahead of time that your information is going to be recorded. A law-abiding citizen who is uncomfortable having their finances being collected by the government can choose to avoid sending cross-border payments or dealing in large amounts of cash. But this objectivity doesn't exist with the next type of report: those related to suspicious activities. 

On both sides of the border, financial institutions must submit reports about transactions deemed suspicious to their respective governments. If you've made a transaction that a bank deems to be suspicious, you'll never know that you've landed in a government database. That's because banks are prohibited from notifying their customers that their activity has been snitched on.  

The determination of what qualifies as suspicious involves a fair amount of subjectivity. Canada requires that financial institutions have a reasonable grounds to suspect that a transactions is linked to terrorism or money laundering before reporting it. That means that mere hunch won't cut it  a Canadian banker must be able to articulate a clear reason for suspicion. Mind you, there's no penalty for banks that fail to attach a specific reason to a report, so the reasonable grounds to suspect standard is often ignored. 

We know that many of these hunch-based reports end up in the government's database. Over the years the Office of the Privacy Commissioner of Canada has collected a list of reports that failed to reach the reasonable grounds to suspect standard, including one case in which some individuals were suspected simply because they had Middle Eastern passports:

From the Office of the Privacy Commissioner's 2017 audit of FINTRAC [source]

My reading of the U.S. requirements for reporting a suspicious transaction suggest a looser standard than in Canada. While U.S. bankers are encouraged to provide a specific red flag in their CTRs, the implementing regulations say they can still file a report if they merely "suspect" a transaction to be associated with money laundering or terrorism, which is a lower standard then the requirement to have a "reason to suspect."

In Canada, there is no size threshold for suspicious activity reporting: even a $50 payment can be reported by a bank. By contrast, the U.S. has set a $5,000 threshold before a suspicious action report must be filed. (When suspicious activity reports were first introduced to the U.S. in 1994, the government floated the idea of not including a threshold at all, as Canada would later do in 2001, but retreated because this would impose a "burden of reporting.")

This difference in thresholds suggests Canada should have a much higher intensity of suspicious transaction reporting than the U.S. Not so. Canadian banks generated 560,858 suspicious transaction reports in 2022-23, around 1.4 reports for every 100 Canadians. Compare this to the 4.6 million reports filed by U.S. banks in 2023, which also comes out to 1.4 reports per 100 Americans. So even though bankers in the U.S. are required to ignore small suspicious transactions below $5,000, they more than make up for it by reporting a larger proportion of transactions than Canadian bankers do. I can only guess why, but this may be due to the looser standard for suspicion, discussed above.

There are several other types of transactions that must be reported to the government, including large virtual currency reports in Canada and foreign bank and financial accounts reports (FBAR) in the U.S., but the volume of this sort of reporting isn't as significant as the other types already discussed, so I won't touch on them.

So to briefly sum up, pound for pound a Canadian is more likely to appear in their government's financial database than an American is. This is because Canadian financial institutions collect personal information linked to cross-border wire transfers the U.S. doesn't. The most privacy-invasive reports are suspicious ones. Compared to Canadian banks, U.S. banks are more trigger-happy when it comes to deeming a given transaction as suspicious, but the US$5,000 floor on reporting suspicious transactions somewhat mitigates this eagerness. 

Having dealt with what sorts of data flow in to the government, let's talk about what happens next with the data.    

***How personal financial data flows from the government to law enforcement***

The personal financial data accumulated by the two governments are managed by each nation's respective financial intelligent unit, or FIU. In Canada, this institution is known as the Financial Transactions and Reports Analysis Centre of Canada, or FINTRAC. In the U.S., the body that collects personal financial data is known as the Financial Crime Enforcement Network, or FinCEN.

It's here with the management of harvested financial data that the policies of the two countries really start to diverge.

To begin with, let's start with the length of time that data can be kept. In the U.S., FinCEN holds data indefinitely, so its database is forever growing. Canada allows FINTRAC to keep data for at least ten years and up to fifteen years, but after that FINTRAC must destroy any identifying information if it was not disclosed to law enforcement. Since most of FINTRAC's data is not disclosed, that means large amounts of data fall out of FINTRAC's database every year, and thus the amount of personal information collected grows at a slower rate than FinCEN's data hoard.

The differences between the two countries grows even wider when it comes to the question of who has access to citizens' financial data. In brief, U.S. law enforcement is granted broad access to the raw data whereas Canadian law enforcement's ability to see the data is strictly limited.

472 different U.S. law enforcement agencies at the Federal, state, and local levels have the ability to directly query FinCEN's database of CTRs, suspicious activity reports, and more. This amounts to around 14,000 law enforcement officers who can search through the personal financial data of American citizens. In 2023, these 14,000 users conducted 2.3 million searches using FinCEN's query tool.

FinCEN's data can also be downloaded in bulk form to the in-house servers of eleven different federal agencies, including the FBI, ICE, and the IRS. Bulk access (also known as Agency Integrated Access) means that the FBI, ICE, IRS, and eight other agencies don't need to use FinCEN's query tool. This bulk data can be access by another 35,000 agents. Alas, FinCEN doesn't track how many in-house searches were conducted by these agents in 2023, but I'd guess it's in the tens if not hundreds of millions.

By contrast, Canadian law enforcement agencies do not get direct access to FINTRAC's financial data trove. Instead, FINTRAC employs an internal force of a few hundred data analysts to parse the database for clues that suggest participation in money laundering or terrorist financing. Only when FINTRAC employees have attained a reasonable grounds to suspect that a pattern of transactions has crossed the line can they pass a report on to a Canadian law enforcement body, such as the RCMP or municipal police. This report is known as a financial intelligence disclosure and includes information like the name of the transactor, their address, telephone number, criminal record, and more.

FINTRAC submitted 2,085 of these disclosures to law enforcement in 2022-2023.

So to step back for a moment, tens of thousands of U.S. law enforcement officials conduct tens of millions of searches through Americans' personal financial data to get leads. In Canada, this same database can only be accessed a small number of FinCEN FINTRAC analysts, who selectively push a few thousand reports out to Canadian law enforcement each year. 

That's quite the contrast. Put differently, unlike their U.S. equivalents the RCMP, Sûreté du Québec, Ontario Police Police, and other policy agencies do not have the power to pull personal financial data willy-nilly from the government's database. This means far fewer eyeballs on Canadian financial records. As far as protecting the financial privacy of citizens, the Canadian access model does a better job. The U.S. access model is friendlier to law enforcement and stopping crime.

A disadvantage (or advantage, depending on your tolerance for being watched) of the American system is it allows the 11 agencies with bulk access to create "data cocktails"  personal financial data downloaded from FinCEN spiked with their own data sources  in order to better investigate suspects. For instance, according to a 2009 report from the Government Accountability Office, the FBI incorporates bulk FinCEN suspicious activity reports into its Investigative Data Warehouse along with 50 other data sets from different sources. The IRS's Reveal System, portrayed below, ingests FinCEN reports along with tax data to conduct more complex investigations.

The IRS's Reveal System, which ingests FinCEN CTRs along with other non-FinCEN data [source]

I don't know if the FBI and IRS data cocktails still exist, and in what form, but they certainly give a flavor of what sorts of broad access law enforcement can get to personal financial records in the U.S.

By contrast, Canadian law doesn't allow for U.S.-style data cocktails. An agency like the RCMP can't mix FINTRAC's store of personal financial data with their own bespoke data sources because the RCMP is prohibited from pulling raw CTRs, cross-border wire transfer reports, and suspicious transaction reports out of FINTRAC. Only FINTRAC gets to determine what information gets pushed out to the RCMP.

This firewall isn't accidental. As Horst Intscher, a former director of FINTRAC explains, a degree of privacy protection was purposefully built into FINTRAC's original design: "Because of the very broad range of information that the [Proceeds of Crime (Money Laundering) and Terrorist Financing Act] makes it possible for us to receive from reporting entities, it was determined at the original passage of the legislation that protections had to be built, so it would not be construed that there was a flow-through of massive amounts of personal information directed to law enforcement agencies."

In other words, FINTRAC was designed to prevent the likes of the RCMP from creating an FBI-style Investigative Data Warehouse. 

However, the wall imposed between Canadian law enforcement and FINTRAC does have a degree of porosity, enough to provide law enforcement with an indirect way for pulling data out of FINTRAC. If the RCMP is investigating a suspected money launderer, it can submit information about the suspect to FINTRAC in the form of a voluntary information record. For example, it might say that "Joe Blow and his sister-in-law Martha are the subjects of an investigation for drug trafficking and money laundering, and we just thought you should know that." This new data becomes part of FINTRAC's database, against which FINTRAC's agents will check all other data. If the agents spot a match, and it meets the bar for a "reasonable grounds for suspicion", then they must send the RCMP a disclosure containing the relevant personal financial information.  

In 2022-23 FINTRAC received 2,550 voluntary information records from Canada’s law enforcement and national security agencies (including from members of the public), a large number of these eventually boomeranging back to law enforcement in the form of a disclosure. How many? The head of FINTRAC once claimed that "65% to 70%" of FINTRAC's ultimate disclosures to law enforcement are triggered by voluntary information submitted by law enforcement, which hints at how porous the wall is.

----

That sums up my comparison of the inflows and outflows of personal financial data to the U.S. and Canadian governments. This is just a cursory analysis. There are all sorts of other vectors across which to compare the scope of the two nations' data collection efforts that I haven't explored. I've focused on the factors that I think are the most important.

Readers from other countries may be curious to find out about their own FIUs to determine where they stand relative to Canada and the U.S. If so, leave your findings in the comments. My Australian readers, for instance, may be interested to note that their government collects far more private information than the U.S. and Canada combined. AUSTRAC, the Australian FIU, collected 192 million transaction reports in 2023, an astonishing 7 reports per Australian!  This is because AUSTRAC receives information on all cross-border wires, with no lower threshold.

At the outset of this article I suggested that many of us would tolerate some loss of privacy in order to make it easier for the police to catch criminals. A few of us will accept a large loss. Others will not tolerate even the smallest infringement on privacy. An individual's line in the sand is very much a personal matter. I'm going to leave it to the reader to decide which country (if either) approaches the right balance. Is Canada too lax relative to the U.S.? Does the firewall we've erected between the cops and the trove of financial information give criminals free rein? Or does the U.S. not sufficiently respect privacy? Should the FBI and its sister agencies lose some of their unfettered access to Americans' personal financial data?