fbpx

February 6, 2020 By: Natasha Bright, ACSS Reporter

Last November a group of former US government officials and academics sat down for a wargaming exercise entitled “Digital Currency Wars: A National Security Crisis Simulation” hosted by the Harvard Kennedy School and Belfer Center for Science and International Affairs in Cambridge, Massachusetts.

The exercise which features a new Chinese central bank digital currency and North Korean sanctions evasion highlighted two important points –sanctions are an important tool in safeguarding the US against threats and adversaries will continue to seek out ways to avoid them. This includes finding ways to “bypass the Society for Worldwide Interbank Financial Telecommunications (SWIFT), the global interbank messaging system that is instrumental in U.S. sanctions and monitoring of illicit financial flows.”

The simulation is based on this scenario: Its November 19, 2021, andChina has just rolled out a digital yuan. Bad actors hacked into the international payment network SWIFT and stole 3 billion dollars to push countries toward the new digital yuan, and North Korea was able to use China’s central bank digital currency to evade sanctions and buy the materials to build and test nuclear weapons. The participants, having taken on the role of National Security Council members, are discussing the new threats at an imaginary meeting.

Nations explore alternatives

As the US increases its reliance on sanctions to exert pressure on adversaries, a common criticism is that the overuse of coercive economic tools is driving these nations to find alternatives to the U.S.-led financial system.

In fact, the 2019 US-China Economic and Security Review Commission Report to Congress expressed this same concern. Specifically, the report calls out China’s Cross-Border International Payments System (CIPS) and states that although the system is “nowhere close to rivaling SWIFT,” the transactions using CIPS have grown substantially (an 80 percent year-on-year increase to $3.77 trillion for 2018) and has the potential to help others bypass sanctions. “CIPS has been attractive for banks in countries targeted by U.S. sanctions, such as Russia and Turkey, which have sought to reduce their reliance on the U.S. dollar,” the report says.

Russia also developed a financial messaging system, the System for Transfer of Financial Messages (SPFS), in 2014 in response to the threat of removal from the SWIFT network. In November, Russia and China announced that they would be linking their two systems and that India may also join.

In addition, following the BRICS summit in November, the participating nations announced that they are in discussion to develop a shared payment network.  BRICS stands for Brazil, Russia, India, China and South Africa.

A Reuters article quotes Kirill Dmitriev, the head of the Russian Direct Investment Fund (RDIF), as saying, “An efficient BRICS payment system can encourage payments in national currencies and ensure sustainable payments and investments among our countries, which make up over 20% of the global inflow of foreign direct investment.”

According to the official, US dollars payments between the BRICS countries has decreased. In Russia, foreign trade transactions have fallen to a low of 50%, while those made in the Russian ruble rose from 3% to 14%.

Dave Dekkers, managing partner of Dekkers Services & Solutions, points out, however, that it is a misperception that alternative payment systems are only there to avoid sanctions. “A factor could be that there are better or more efficient ways to exchange financial messages between countries or financial institutions; for example, based on blockchain technology and/or instant clearing technologies,” he explains.

SWIFTand sanctions enforcement

The Society for Interbank Financial Telecommunication (SWIFT) network facilitates more than 30 million transactions daily.  The US Congressional Research Service describes SWIFT as, “neither a bank nor a clearing and settlement institution” that “provides the standards enabling member banks to exchange financial information needed to make payments.” While SWIFT is integral to the US ability to enforce sanctions around the globe (As of 2017, the system served over 200 countries and over 11,000 financial and corporate entities), it is not controlled by the US.It is owned and managed by shareholders and based out of Brussels.

“SWIFT is the international financial message services for the global financial system and as such they play a key role in many aspects of enforcement, just like for example the banks do,” says Dekkers. With more than 15 years of international experience helping large financial institutions with compliance, he understands the importance of SWIFT’s role.

He explains that the organization makes adjustments to message types to allow for more originating and beneficiary information, which helps to track down potential sanctions evaders. They also have groups that work directly with financial institutions to fine-tune their automated transaction screening and list filtering tools.

Cybersecurityweaknesses

During the Digital Currency Wars exercise, hackers target the SWIFT system and steal 3 billion from international banks with the ultimate goal of driving financial institutions away from SWIFT and to the digital yuan. The event brief explains that the purpose of this was to explore the vulnerabilities of SWIFT. “Recent cyberattacks, like the theft of $81 million by North Koreans from the Central Bank of  Bangladesh, have highlighted the importance of security on SWIFT end-points,” it says. The participants agreed that a policy goal should be to strengthen the SWIFT network and protect it against security breaches and cyber threats.

Having come to the same conclusion, SWIFT has already applied many further improvements to their own security and their customers, according to Dekkers.  He says that the “Bangladesh” case and the potential breach of some SWIFT service centers taught SWIFT that they need to look further than their own security to keep the SWIFT financial message system more secure. “SWIFT is working constantly to not only keep their network safe, but also the connecting part of the network of their customers,” he says.“They have created special audits and services to assist their customers with this.”