Profile picture
😐 @LuluLemew
, 75 tweets, 11 min read Read on Twitter
US Treasury Department officials used a Gmail back channel with the Russian government as the Kremlin sought sensitive financial information on its enemies in America and across the globe, according to documents reviewed by BuzzFeed News.… via @a_cormier_
Russia requested sensitive docs on Dirk, Edward & Daniel Ziff, billionaire investors who’d run afoul of the Kremlin. That request was made wks before Veselnitskaya showed up at Trump Tower offering top campaign aides “dirt” on Clinton — including her supposed conned to Ziff bros.
Russia’s financial crimes agency, whose 2nd-in-command is former KGB & schoolmate of Putin, also asked the Americans for docs on execs from 2 prominent Jewish groups:
Anti-Defamation League & National Council of Jewish Women, as well as Kremlin opponents living in London & Kiev.
Docs show:
same time requests were being made, Treasury off’ls used their govt email accts to send msgs back and forth with a network of private Hotmail & Gmail accts set up by the Russians, rather than communicating through secure network used to exchange info w other countries.
Analysts at an elite agency within Treasury first warned supervisors in 2016 Russia was “manipulating the system” to conduct “fishing expeditions” & raised fears that Treasury’s internal systems could be compromised by viruses in emails from the unofficial Russian accounts.
But staff continued using the Gmail back channel into 2017, despite repeated internal warnings that Russia could be trawling for sensitive financial records — including Social Security and bank account numbers — to spy on, endanger, or recruit targets in the West.
Treasury refused to say why its officials were communicating w unofficial Gmail accts at the same time Russia was sending suspicious requests, or to say whether it eventually turned over any docs in response. Nor would officials answer any other specific questions about it.
Russia’s attempts to extract information about Western targets triggered alarms inside FinCEN, a powerful unit of the Treasury Department with exclusive access to the most comprehensive and sophisticated financial database in the world.
Officials at FinCEN said they reported the back channel to Treasury’s counterterrorism unit & security office+requested an investigation. They said it was a breach of protocol +it exposed the Treasury to potential hackers because the Russian messages contained attachments
“If the attachment had a virus it could infiltrate the server,” a senior FinCEN official told BuzzFeed News. This source said insiders have been concerned that their internal records could have been corrupted.
The FinCEN officials reported the incidents in July/Aug 2016 &claim that there was no substantive investigation of the matter. These sources said that other senior officials continued to use the back channel even after they were told to stop by the Treasury’s office for security.
They suspected that the Russian agency making the requests, called Rosfinmonitoring, set up by Putin in 2001 to combat money laundering and terrorist financing, was closely tied to Russia’s espionage apparatus.
“They are passing information that may have interest to the Russians for other reasons,” a FinCEN official wrote to colleagues in March 2017. “One has to wonder what the heck is going on here.” This official filed for whistleblower protection and quit last year.
“If you are a Russian government entity and you are communicating with Americans, you have an FSB officer sitting right next to you and that officer is probably sending the email.”
In emails reviewed by BuzzFeed News, FinCEN insiders expressed shock that staff in another Treasury office had agreed to communicate with the Russians outside of normal, secure channels.
FinCEN uses an encrypted portal called the Egmont Secure Web to exchange information with more than 160 other countries, including Russia, and to keep sensitive financial data out of the wrong hands
A former US intelligence official who served in Russia for many years told BuzzFeed News that the use of unsecure accounts is a major red flag for espionage activity.
“Rosfinmonitoring is under the command and control of the FSB,” the former intelligence officer said. “If you are a Russian government entity & you are communicating with Americans, you have an FSB officer sitting right next to you and that officer is probably sending the email.”
It began in late 2015, when a unit of the Treasury Dept called the Office of Terrorist Financing and Financial Crimes entered into an agreement, named the ISIL Project, that called for Russia&US to share info on $ institutions in the Middle East suspected of supporting ISIS.
A senior FinCEN intelligence analyst said, Russia’s subsequent actions suggest that was just a cover. “What we were seeing w Russia was the fruition of a long-term strategy to ...compromise Treasury by cultivating civil servants. That’s why we sounded the alarm and reported it.”
It was not the only time that concerns about serious counterintelligence threats were raised at the elite financial intelligence unit during the past two years.
Six sources told BuzzFeed News that at least two FinCEN analysts were reported to Treasury’s inspector general over suspicions that they might have been working against the interests of the US.
One analyst was a man with close family ties to Ukraine. He was tracking the finances of corrupt foreign officials in a job that requires a security clearance. Four sources said they were told by security officials at the agency that the analyst turned out not to have one.
He had applied for clearance during his previous posting at the State Department, they were told, but was denied it because of suspicious contacts with foreigners. The sources said the man also had unusual contacts with his colleagues both before and after he was fired.
Shortly after he was escorted out of FinCEN early last year, he showed up outside a coworker’s apartment building late at night and asked questions about investigations and internal Treasury databases. The coworker reported the encounter to supervisors.
The man’s uncleared access to sensitive info was considered such a major national security breach that FinCEN was stripped of its authority to grant clearances for some time, according to these four sources. FinCEN’s security chief was later placed on administrative leave.
A second employee was suspended after he was caught traveling to other countries without informing his supervisors — something that FinCEN analysts are forbidden to do because of the value their data could have to foreign powers.
🚨 Critical financial records on some Trump associates and Russian figures, collected by FinCEN analysts, have not been turned over to Congress, despite numerous requests.
One analyst wrote an investigative memo last year that was shared w FBI, falsely connecting a member of Trump’s inner circle to a notorious Kremlin bagman. A spelling error led the analyst to mistake an unrelated person for the Putin financier.
At least 10 FinCEN employees have filed formal whistleblower complaints about the department. The whistleblowers say they tried multiple times to raise concerns about issues they believed threatened national security, but that they faced retaliation instead of being heeded.
Some of FinCEN’s top officials quit in anger. One senior adviser has been arrested and accused of releasing financial records to a journalist.
Along with a colleague, Edwards wrote a letter last year to six congressional oversight committees. In it, the analysts included documentary evidence and Edwards wrote.…
I have brought forward lawful documented evidential disclosures of violations of law, rule, and regulations, gross mismanagement, gross waste of funds, abuse of authority, and substantial and specific danger to public safety and I have NOT been protected against reprisal.”
Edwards added that she reported the “wrongdoing” to her supervisor, the ig, Treasury’s general counsel, Treasury security personnel, and the counterterrorism unit, requesting an internal investigation.…Despite her disclosures, she wrote, “I continue to be retaliated against.”
“May Edwards took it on herself to try and protect everyone here as well as national security,” a senior FinCEN official told BuzzFeed News. “Nobody listened to her or some of the other brave whistleblowers who came forward. They’re all now paying a high price.”
Over the past two years, BuzzFeed News reporters have spoken at length to 12 individuals inside FinCEN. These men and women asked for anonymity to draw back the curtain on breakdowns inside the world’s most powerful financial watchdog.
They described an agency turned upside down, where failures left them vulnerable to foreign threats, hampered their ability to investigate financial crimes, and ultimately put the public in danger.
The foundations of the Treasury Department’s highly unorthodox relationship with its Russian counterpart were built late 2015, sources and internal documents show.
One of FinCEN’s key jobs is to work with other governments to track illicit money networks and shell companies across the globe. Nearly 160 countries, including Russia, have agreements to share bank information through a secure network.
But Russia chose to work outside that system — and it began by building a relationship with a unit of Treasury called the Office of Terrorist Financing and Financial Crimes.
Senior officials from the terror unit had multiple meetings with top officials at Rosfinmonitoring to discuss jointly tracking the financing of ISIS. Among the negotiators was the Russian financial watchdog’s second-in-command, Yuri Korotky.
Korotky went to a KGB finishing school the same year that Putin finished his training there, and worked for the KGB’s successor, the FSB, after the collapse of the Soviet Union.
Korotky and other Russian officials proposed that Rosfinmonitoring trade information directly with the US as part of their joint effort to defeat ISIS. But almost immediately, the Russians reneged on their end of the bargain.
Rosfinmonitoring was slow to share data. It sought ways to work around FinCEN, whose analysts were skeptical of sharing info directly w Russia. By the summer, Rosfinmonitoring had made a series of requests about individuals & co's seemingly unconnected to ISIS or jihadi terror.
Among them were Alexander Lebedev, a newspaper publisher and Putin critic based in London. The Russians asked for financial tracking documents on a company tied to the Panama Papers.

Throughout 2016, Rosfinmonitoring asked for documents on nearly two dozen entities that FinCEN insiders believed were enemies of the Kremlin.
Even more concerning: Documents show senior officials within the Terrorist Financing unit were communicating with Hotmail and Gmail accounts set up by the Russians, rather than using the standard secure channels.
March 2017, this same official wrote to supervisors to warn that Russia was manipulating system. She said the Terrorist Financing unit, which set up the collaboration w RU wasnt forthcoming about extent of relationship &wouldn’t let FinCEN attend meetings w its representatives.
Just as the Kremlin started fishing, a new leader took over FinCEN.

Jamal El-Hindi has spent nearly 20y at Treasury. When he was named acting dir of FinCEN in June 2016, he assumed control of one of the most important le bodies in US.

But during his tenure, FinCEN has withered.
About 70 full-time jobs have gone unfilled +El-Hindi canceled programs insiders felt helped them recruit young, talented analysts. Employees grumbled about a laggardly pace inside &complained that basic reports once took days to be approved were now being held in limbo for weeks.
Twelve current and former employees said El-Hindi was notoriously late to meetings. Unlike his predecessors, he did not set yearly priorities. One veteran supervisor said that FinCEN became too cautious and too concerned with the optics of its work rather than the substance.
By 2017, morale at FinCEN ranked dead last among every unit at the Treasury. Frustrated by the dysfunction, seasoned employees started leaving for more lucrative work in the private sector. That’s when officials in a rival department made a lunge for FinCEN’s greatest asset.
The unit of Treasury that monitors suspicious bank transacs outside US is Office of Intelligence & Analysis (OIA), a sister unit of the terror dept that struck deal w Ru. By fall 2016, OIA wanted more authority over FinCEN’s vast db of suspicious internatl financial transactions
The unit proposed a “realignment” that would have peeled off FinCEN’s authority over the db, some of its employees& a piece of budget. FinCEN staffers were aghast. They worried El-Hindi was too weak to fend off the incursion &it would hamper the ability to fight financial crime
They also said the move by OIA was illegal, because it would cross the bright line that is supposed to separate intelligence agencies that collect information abroad from those that collect information on US citizens and residents.
OIA’s maneuver led to an open revolt inside FinCEN. More than a dozen workers reported the matter to their supervisors or Congress. In Sept, an attorney from OIA got into a heated exchange w small group of FinCEN employees, according to eight sources and internal documents.
After BuzzFeed News published a report about the allegations last year, Sens. Ron Wyden and Orrin Hatch sent a letter to the Department of Treasury’s inspector general, Eric Thorson, requesting a briefing about the matter.…
After months of investigation, Thorson’s office concluded there was no merit to the complaints, which included the allegation that OIA analysts illegally snooped on the banking records of American individuals and companies.
El-Hindi wanted his department to “get along” with OIA, these sources said, and did little to stand in that office’s way. In fact, emails show that he instructed his workers not to take their complaints to Congress — which the whistleblowers viewed as a staggering betrayal.
But the FinCEN employees spoke out anyway.

At least 10 filed formal whistleblower paperwork, many for the first time in their government careers.
In mtgs w 6 did congressional committees, 2 of the whistleblowers described a litany of misconduct at Treasury, including Russia’s attempt to gather intel on its enemies during 2016 election. To this day, the committees have done little to address those whistleblowers’ concerns.
Ultimately, FinCEN won out. The realignment failed and the unit retained control over its records. But its battle with OIA wasn’t over.
In May 2017, a bomb exploded at an Ariana Grande concert in northwest England and killed 23 people. The following month, knife-wielding terrorists attacked pedestrians near London Bridge.
Because the US has access to the largest set of financial records in the world, the British turned to US for help. In the first frantic moments following an attack, FinCEN’s financial db can reveal important info about killers, others in their network, or another plot.
FinCEN analysts sprang into action, racing to their HQ to begin searching for clues. But when they discovered everyone was locked out of the classified networks that they depended upon.
They couldn’t open links from the FBI about the suspected terrorists they were supposed to be chasing and they couldn’t trace the suspects’ funding.
That night, two dozen FinCEN employees learned that the digital keys they needed to unlock classified data had expired without warning. The suspects remained on the run in London, but FinCEN was unable to help track them.
The office that administered those security keys was OIA, FinCEN's rival department.

Staffers were furious.
”We have escalated the critical problem to key individuals,” one of the whistleblowers wrote in an email, “and we still DO NOT have the ability to complete our mission or fully protect the American people.”
OIA blamed the FinCEN employees for forgetting to update their permissions. But more than a dozen FinCEN officials said they saw the incident as retaliation for their earlier power struggle
OIA had sent its own staffers an email weeks earlier reminding them to apply for new keys, but had not sent that same email to anyone at FinCEN. OIA officials blamed that oversight on “time” and “resource restraints.”
The divide grew, and made its way to Congress, where Rep Steve Pearce, chair of the House Subcommittee on Terrorism and Illicit Finance, demanded answers.
The Treasury Department’s inspector general stepped in again to investigate, and concluded that OIA had done nothing wrong — though he did acknowledge the strained relationship between OIA and FinCEN.
The whistleblowers told BuzzFeed News they have largely given up on seeing anyone at FinCEN, OIA, and TFFC held accountable for the chaos that they say has torn the Treasury apart over the past two years.
It is very hard to measure the sum total of the damage done,” said one of the whistleblowers, a senior FinCEN official. “We are treading water right now.”
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to 😐
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!