Company Caught In Trans-Atlantic Tussle Over Transfer Of Bank Data

Wednesday, March 21st 2007, 11:38 am

By: News On 6

LA HULPE, Belgium (AP) _ Few people had heard of SWIFT before news reports last June revealed that the U.S. government had secretly demanded access to records from the bank data transfer agency.

Nearly a year later, the Brussels-based company remains at the epicenter of a trans-Atlantic battle on privacy rights in the global hunt for terrorists.

The Society for Worldwide Interbank Financial Telecommunication's secret deal with Washington caused widespread outrage in the European Union and prompted lawmakers across the 27-nation bloc have to demand the company be brought into line with EU norms.

But SWIFT CEO Leonard H. Schrank dismisses the criticism, saying there were crucial security issues at stake.

``When you are dealing with terrorism investigations you don't exactly tell everybody about it,'' he said in an interview at the company's headquarters, located on the southern outskirts of Brussels.

SWIFT, a consortium set up by member banks, was founded in 1973 and operates one of the largest financial transfer systems in the world. It is responsible for the collection and relay of over 11 million financial transactions daily between 7,800 banks and other financial institutions in over 200 countries _ recording customer names, account numbers and other identifying information.

Secret U.S. Treasury subpoenas issued just after the Sept. 11, 2001 terrorist attacks forced SWIFT to open its database to U.S. anti-terror agents, but was found by Belgian and EU data privacy agencies to have violated EU law _ leaving the company in legal limbo between two contradictory sets of rules.

The United States has powers to issue legal orders to SWIFT because it conducts business on U.S. territory and must comply with U.S. law there. The base of one of SWIFT's two main transfer hubs is Virginia; the other is in The Netherlands.

The EU's data protection officers recently issued a statement saying they remain ``deeply concerned'' over the transfers and demanded that SWIFT comply with EU laws such as informing clients that their transfers are subject to scrutiny by U.S. authorities. Similar companies are cooperating with the U.S. but SWIFT is the largest.

The EU's data protection supervisor, Peter Hustinx, alleges that U.S. agents have secret, routine and ``massive access'' to SWIFT's banking data, and says the company still needs to do more to comply to European standards.

``SWIFT should continue to work very, very hard delivering compliance,'' he added, warning that if he is not happy with progress he could push for legal action, which could lead to fines.

Strict EU data privacy laws have already posed problems in the transfer of air passenger data from trans-Atlantic flights to the U.S., which also violated EU rules and laid bare European and American approaches on how best to fight terrorism.

Schrank is eager to get the entity to return to its quiet, almost anonymous existence.

``I want legal certainty for SWIFT and for the banks, I want everything to go away,'' Schrank said.

Schrank, who is set to retire after 15 years at the helm this year, and his Chief Financial Officer Francis Vanbever said their company is now doing what it can to meet EU demands it bring its operations into line with European data privacy rules.

However, the two continue to insist SWIFT has no choice but to comply with U.S. orders allowing U.S. treasury agents to search certain data for possible terror links. They said they negotiated with U.S. authorities to ensure the way that is done allows for the best possible security and safeguards to ensure privacy of client data.

``Basically we limited this exclusively to ongoing terrorism investigations and for no other purpose, not money laundering, no economic espionage, no tax evasion,'' said Shrank.

Vanbever said SWIFT employees work at a secret U.S. Treasury bureau in Virginia to ensure ``only a very tiny set of data'' linked to ongoing anti-terror probes is looked at. ``They can stop a query if they believe its not properly justified,'' he said.

The two SWIFT officials rejected criticism by the EU's Hustinx.

``Mr. Hustinx continues to speak about massive transfer of data and this misinterpretation is sometimes a bit frustrating,'' Vanbever said.

Hustinx said he welcomes progress made by SWIFT to establish changes in the way it informs clients of the deal with the U.S. But he ``remains deeply concerned'' over how it will verify how it is abiding by EU data privacy rules, notably how access by U.S. agents is limited and all safeguards are respected. He said the EU data privacy panel may request a visit to the Virginia site to see for themselves how the SWIFT deal with the U.S. works.

Schrank, however, urged the EU to update its data protection laws to fall in line with ``the real world,'' and urged Brussels and Washington to draft a trans-Atlantic pact to resolve the legal black hole on the transfer of financial records used in terror probes.

``Everyone can claim victory ... and SWIFT says, fine we will adapt to whatever you agree to and we will get back on to being anonymous,'' Schrank said. ``It's no fun to be on the receiving end.''