Wirecard HQ

From follow the money towards infrastructural geopolitics: How financial technologies enable (changing) security regimes

This article was published on

Carola Westermeier discusses the key arguments from her new Review of International Studies (RIS) article. If you'd like to know more you can read the full article - From follow the money towards infrastructural geopolitics: How financial technologies enable (changing) security regimes.

Two recent scandals provide deep insight into the current regime of financial surveillance, most notably its deficiencies. The first scandal emerged in the wake of a German police unit’s inability to enact systems of traceability and the resulting lack of action against financial fraud. The second incident, known as the ‘Wirecard scandal’, was a case of fraud involving billions of euros that was hidden in plain sight for years due to a series of regulatory failures and accounting tricks. Wirecard, a payment processor and financial services provider, was listed in the DAX stock index, consisting of thirty major German companies including Adidas, Siemens, and Volkswagen. From that position it abruptly went into insolvency in June 2020. How are these two scandals connected?

Current and emerging security regimes are enacted via financial technologies. Using the concept of traceability my RIS article discusses the differences between the current regime of ‘follow the money’ and an emerging regime of infrastructural control that aims to secure financial transactions amidst geopolitical tensions. The current system of financial surveillance seeks to capture ‘flows’ of money for security purposes and reflects the necessity to adjust the security regime to the demands of expanding global financial capital movements. The established regime of financial security detects suspicious transactions by relying on categorisations, such as names, and risk assessments, based, for example, on countries or nationalities. These practices are adjusted to the desired free movement of capital in which money is sent from one bank account or custodian to another, crossing countries, financial actors and intermediaries and infrastructures. The two scandals allow insights into how this regime of financial security is thwarted. Understanding how traceability is enacted within the current system also allows us to capture the changes that occur with new digital currencies.

Two decades after the war on terror intensified the use of financial systems for security purposes, we observe a shift from the question of how security is practised based on risk assessments and categorisations to how financial infrastructures have themselves become (national) security projects amid growing geopolitical tensions. As several states look for different modes of securing financial transactions, the emergence of central bank digital currencies (CBDC) entail the possibility of a more fractured financial system and altered forms of transaction monitoring amid growing geopolitical tensions. In order to sustain these claims, the article uses an infrastructural perspective to describe the implications of traceability within the current model and the shifts that digital currencies entail, thus bringing international politics to the fore.

New digital currencies have the potential to shift the regime of financial surveillance from the monitoring of financial flows and flagging of (potentially) illicit transactions towards the storage of financial data in (de)centralised ledgers that update rather than capture financial flows. While the current regime of financial surveillance seeks to maintain the free flow of money through financial infrastructures and various actors and intermediaries, digital currencies store money as data on a set type of ledger(s), namely a blockchain or other permissioned ledgers. Hence, what we understand as money does not ‘flow’ from one place to another, but is rather updated where it is stored. Digital currencies entail underlying data infrastructures that have traceability as an intrinsic feature.

This research builds on the finance/security nexus that emphasises the use of money as a tool for security and the regimes of traceability that underlie the security management of financial flows. It connects that research to more recent contributions that highlight the importance of the political economy of infrastructures with regard to geopolitical tensions. We need to take money’s infrastructures into account to explain how money is used in differing security regimes. The traces left behind by money as it ‘flows’ through the international financial system are produced not by the money itself, but by infrastructures of circulation and storage, such as bank or credit card accounts and networks. It thus matters whether money circulates as cash, via credit cards or as digital money. Each of these material underpinnings conveys different sorts of information – or in the case of cash, no information – that is possibly shared with payment processors and other financial actors when a transaction is sent using their services.

The regime of ‘follow the money’

The central assumption of financial surveillance holds that money trails actually reveal activities outside the financial realm, which is quite remarkable considering that money is actually one of the most unlikely objects to make traceable. Financial ‘events’, such as payments, transactions, and withdrawals produce traces, meaning that concrete actions are captured as data such as payment timestamps or identifiers indicating a transaction’s sender or receiver or the medium of payment (credit card or payment application). Financial surveillance is perceived to be most effective when activities of targeted persons are nearly entirely captured within financial records, in the sense that the events that are outside the financial system are (presumably) captured by financial activities.

The task of making money trails traceable to fight financial crime encompasses many actors and professions within both public and private realms.  Traceability relies on the close cooperation of private actors such as banks with public sector security authorities. Around the world, financial intelligence units (FIUs) play a central role in a country’s anti-money laundering (AML) and counterterrorism financing (CTF) operations. FIUs are a significant link between the global and national levels of financial governance, as they make individual suspicious transactions detectable by storing and/or possibly forwarding them to national and international security authorities.

The scandal around the German FIU’s inability to enact systems of traceability and the resulting lack of action against financial fraud provides insight into how traceably needs to be enacted. Suspicious transactions are sent from banks to authorities (the FIU) using the software goAML. However, that was not the case in Germany 2017 when the fax machine has in heavy usage and more than 40,000 reports were handled manually. While banks were already using software that fed their data directly into the goAML template, the German FIU itself was simply not allowed to use it. Thus, until August 2017, the only possibility for banks and other authorities who were obliged to file their cases to the FIU was to use a fax machine. This meant that banks’ anti-money laundering officers had to print out the STRs which they had typed into the goAML template, and then send them to the FIU via fax. When the reports reached the FIU, the data had to be typed into the goAML system manually, mostly by student assistants. Given the high numbers of STRs submitted, these tasks took time and were prone to errors. Even once goAML was finally in use at the FIU, banks still had to report their cases using both goAML and the fax machine, at least until February 2018. Traceability is thus far from being a given within the current financial architecture in Germany or elsewhere.

The second incident, known as the ‘Wirecard scandal’, was a case of fraud involving billions of euros that was hidden in plain sight for years due to a series of regulatory failures and accounting tricks. To understand Wirecard’s (initial success) story, one needs to take into account the growing importance of payments as a fast-growing sector in finance, profiting from the rise of e-commerce and cashless payments. Recent revelations however show that Wirecard’s success story also relied on their ability to obscure the nature of transactions. They used their position as a payment technology provider to mislead traceability systems. Since transactions that carry payments are sorted into hundreds of categories, ranging from bakeries to gambling, Wirecard simply placed high-risk payments into low-risk categories. The Wirecard affair thus reveals how traceability can be thwarted by the materiality that sought to enhance it. Traceability relies on the infrastructure of transactions, their digital storage, and technologies of circulation. By manipulating and covering up the traces of data that money leaves when it circulates through their channels, Wirecard obscured the trail.

Securing transactions infrastructurally: Central Bank Digital Currencies

Central Bank Digital Currencies shifts the focus from the established regime of financial security that seeks to secure ‘money on the move’ towards a description of an emerging security regime that adjusts to growing geopolitical tensions and entails the securitisation of financial infrastructures themselves. Digital currencies that rely on new financial infrastructures entail the possibility of enabling a regime of financial surveillance that does not primarily adhere to demands to keep financial globalisation moving. Instead, digital currencies that are currently being promoted by central banks around the world provide the infrastructural means to enhance a more fractured financial order in which money does not move across intermediaries and layers, but is instead stored in databases and updated. With fully digital money, the value of money is inextricability linked to the database that saves the transactions. As described above, with conventional bank accounts banks hold the digital records of their costumers’ transactions. Making money traceable herein means to track money through (several) bank’s records. In contrast, digital currencies rely on (de)centralised ledger(s) in which all transactions are stored, transactions are readily decipherable.

Digital currencies thus decrease the need to ‘follow the money’ and instead put financial infrastructures themselves at the core of security efforts. Central banks around the world have pursued the question of whether they should issue a digital currency and, if so, what form this should take. While the concrete architecture of most CBDCs still has to be decided, the broader implications of this traceability infrastructure are already becoming evident. CBDCs and cryptocurrencies such as Bitcoin both rely on one or several ledger(s) that records all transactions of the digital currency. Control over a (centralised) ledger of a digital currency would provide central banks with unknown powers. A report published by the influential Bank for International Settlements explains that the shift from money as a ‘social convention’ to ‘money as memory’ comes with the ‘idea of a complete digital ledger’ and a monetary system that is built around it. The inextricable link of money with its infrastructure has wide-ranging implications for the governance of money ‘when it is used in exchange as the record-keeping device of society’ (ibid.). The question whether a central bank digital currency (CBDC) can have cash-like features in the sense that there may still be transactions that leave no traces is answered straightforwardly: as a (fully) digital form of payment, CBDCs are ‘generally traceable as they leave digital footprints that enable a transaction to be followed’ (ibid.) Anonymity thus needs to be enacted.

As financial security practices and infrastructures enhanced by the demand to follow the money enabled the post-9/11 security regime to be broadened and deepened, central bank digital currencies similarly entail the possibility to enhance security demands that are currently evolving. CBDCs combine the role of ‘money as data’ and the use of transactional data for security and possibly economic purposes with the increasing relevance of financial infrastructures in geopolitical struggles. In the context of geostrategic control over domestic payment infrastructure gains importance so as to lower exposure to international sanctions. Here CBDCs provide an alternative to the established financial system in which intermediaries, such as SWIFT, and US-based financial networks, such as VISA and Mastercard, have the capacity to halt international transactions. With CBDCs, cross-border payments will need to take new forms to enable interoperability. Cross-border payment infrastructures may be provided by international actors such as SWIFT, but other options are multi-CBDC platforms, which are currently explored.

While CBDCs present a culmination of the current security regime that seeks to enhance money’s traceability, they also have the potential to alter the international architecture of financial surveillance and the concomitant geopolitical security practices. It is thus unsurprising that CBDCs are motivated by security considerations.  The European Central Bank develops the Digital Euro in response to the dominance of non-European actors in the European payments systems ‘with the goal of safeguarding ‚strategic autonomy‘. CBDCs are thus perceived as a crucial means to respond to perceived threats to the established international financial order, making the infrastructure itself subject to security efforts.

Want to know more? You can read Carola's full article at DOI: https://doi.org/10.1017/S0260210522000493

This particular article is open access, however BISA members receive access to RIS (and to our other journal European Journal of International Security) as a benefit of membership. To gain access, log in to your BISA account and scroll down to the 'Membership benefits' section. If you're not yet a member join today.

Photo by Leo Molatore licensed under the Creative Commons Attribution 2.0 via Wikimedia Commons