The Belgian National Bank and the country’s Finance Minister Didier Reynders knew of an agreement under which SWIFT, the company operating cross-border payments in the EU and elsewhere, forwarded data to the CIA.
Under the scheme, SWIFT granted the US intelligence agency access to data concerning millions of financial transactions involving six billion euro daily, in reaction to a request from US authorities. The programme, which was run by the CIA, allegedly led to the arrest of high-rank terrorists.
The New York Times, which revealed the practice, quotes Treasury Department Under Secretary Stuart Levey as saying that it “has provided us with a unique and powerful window into the operations of terrorist networks and is, without doubt, a legal and proper use of our authorities”.
In a first reaction, a Commission spokesman said that there was not a breach of EU law since “the data protection directive does not apply to data transfers for security purposes” and furthermore not transfers from a private entity to a state, only between states.
SWIFT’s activities are overseen by the Belgian National Bank, which in its turn is overseen by the Belgian Ministry of Finance. In a press release, the National Bank acknowledged that it knew of the transfers, but claims it could do nothing about them, its primary task being to oversee the soundness of financial transactions, not of data transfer. According to press reports, Belgian Finance Minister Didier Reynders was informed about the practice “informally” in April 2006, when it had been going on for about four and a half years.
SWIFT – an abbreviation for ‘Society for Worldwide Interbank Financial Telecommunication’ is a co-operative owned by the banking sector and based in Brussels. Bringing together 7,800 banks in 200 countries, it has become the standard operator handling international money transfers. Its eleven-character Bank Identifier Codes (BIC) have been approved as ISO 9362 by the International Organisation for Standardization. The BIC standard has been enhanced for payments between EU countries as part of the 2001 regulation on cross-border payments in euro.
EU official documents
- Parliament and Council:Regulation on cross-border payments in euro(28 December 2001) [FR] [FR] [DE]
- Parliament and Council:Data Protection Directive(95/46/EC; 24 October 1995) [FR] [FR] [DE]
- Parliament and Council:Directive on privacy and electronic communications [FR] [FR] [DE]
- European Court of Justice:Judgment on Passenger Name Records
Business & Industry
- Swift:Statement on compliance policy(23 June 2006)
- New York TimesBank Data Is Sifted by U.S. in Secret to Block Terror(22 June 2006)
- EuroNews:"An essential tool in the war on terror."(24 June 2006)
- San Francicso Chronicle:After Sept. 11, worldwide bank data was readily available(24 June 2006)
- ZDNet:Questions Answered in SWIFT Spying Case(24 June 2006)
- International Herald Tribune:Oversight on records defended(25 June 2006)
- OC Register:More secrets without oversight(26 June 2006)
- MarketWatch:U.S. obtained bank data in secret: reports(23 June 2006)
- Nouvel Observateur:Espionnage des transactions financières: la banque centrale de Belgique se dédouane(25 June 2006)
- Le Soir:Enquête sur l'espionnage américain(24 June 2006)
- Handelsblatt:Swift rückte Kontodaten freiwillig heraus(23 June 2006)
- Spiegel:US-Kontenspionage: Belgische Notenbank wusste von Überwachungsprogramm(25 June 2006)
- Financial Times DeutschlandUSA verteidigen Finanzspionage(26 June 2006)
- ORF:Die Datensammelwut der USA(26 June 2006)
- Vereinigte Wirtschaftsdienste:EU-Recht greift bei Finanzdatentransfer in die USA nicht(26 June 2006)