Terrorists are increasingly exploiting technology to finance their activities. However, terrorist adoption of technology is an evolution, not a revolution. As the world has moved more of its day-to-day functions online and embraced things like online retailers and marketplaces, new financial technologies and cryptocurrency, as well as social media and crowdfunding platforms, terrorists have followed suit. Terrorists exploit these technologies to procure weapons and components, sell propaganda, move funds internationally, and solicit donations from their supporters around the world. Some terrorists and violent extremists become early adopters, but the vast majority enter a phase of testing and proof of concept before adopting a technology wholesale. For the most part, terrorists continue to exploit many different kinds of financing mechanisms, including traditional mechanisms like cash.
One of the main ways that terrorists use technology is to raise funds – this happens primarily through donations from identity-based support networks. Raising money from support networks is not a new method of fundraising; these networks have been exploited for decades (think of the Provisional IRA and US donations) but it’s been enabled and amplified by technology. Now, with a quick tweet or message (including on apps like Whatsapp, Signal, etc), terrorists can reach hundreds, thousands, or tens of thousands of prospective supporters – and of course they don’t always reveal their terrorist agenda.
Other times, they raise funds by selling propaganda (like the Proud Boys have done). In most cases, propaganda sales are unlikely to generate significant profit for terrorists and extremists, but generate a small source of funds, create loose networks of likeminded individuals, and serve to keep propaganda available to potential new recruits.
Online technology is also used by terrorists to acquire goods, services, weapons, device components, etc. Terrorists use online retailers and marketplaces like Amazon, eBay, Alibaba, and other regionally-specific platforms to procure goods and material for organisational needs as well as operational activity like terrorist attacks. For instance, ISIL bought drones and shipped them to Syria from a number of different online retailers, and terrorists involved in the 2015 and 2016 attacks in France and Belgium are also believed. Terrorists likely purchase weapons and components online out of convenience, but also to reduce their interaction with members of the public, limiting the possibility that a bystander might observe suspicious activity and report it to the police.
It’s common to read that a group is ‘fundraising’ using Bitcoin, but what is usually happening is that they’re soliciting donations, and they happen to be asking people to send those donations through Bitcoin (moving money). However, there are cases where terrorists actually generate funds by investing in crypto – for instance, anyone who bought Bitcoin in 2015 and has hung onto it has made a substantial profit. Other fund movement mechanisms like PayPal have been used by terrorists to move funds, and many other financial technologies have also likely been exploited.
Bitcoin and other cryptocurrencies have been adopted by terrorists to move money because of their perceived anonymity. However, in the case of Bitcoin, there’s a public ledger, while other less popular cryptocurrencies can be more difficult to track. Terrorists and extremists have used Bitcoin to move money and to pay for services like webhosting, although terrorists (particularly Islamic State) also use other cryptocurrencies like Monero. By far, the most common terrorist use of cryptocurrency is to solicit donations from supporters.
Despite these examples, cases of organisational financing of terrorist groups using cryptocurrency is only present in 4% of the terrorist groups that I have studied, and for terrorist attacks, it’s even more limited. This may be due to the broader trend of self-financing of terrorist attacks (thus having less of a requirement to move funds), but it may also indicate that cryptocurrencies still have a long way to go before they’re readily usable and accessible for operational terrorist activity.
Obscuring the Source and Destination of Funds
Crypto and other payments technologies are often used to obscure the source and destination of funds. Bitcoin, and to a lesser extent other financial technologies, appeal to terrorists in part because they are perceived to avoid the financial surveillance of the formal financial sector. At the same time, the pseudo-anonymous nature of transactions can be combined with other forms of financial tradecraft to increase anonymity and obscure the source and destination of funds.
Many of the people who donate to terrorist and extremist groups employ basic financial tradecraft and operational security measures such as the use of Bitcoin exchanges or tumblers, the use of new wallets to minimise the number of transactions that can be directly linked to them, or a combination of techniques. Newer financial technologies may also lack rigorous anti-money laundering and counter-terrorist financing compliance programs, or be unaware of their compliance requirements, in part due to the ‘move fast and break things’ start-up culture.
Counter-Terrorist Financing Responses to Terrorist Exploitation of Financial Technologies
There are a number of concrete ways that counter-terrorist financing practitioners and analysts can make the best of terrorist exploitation of technology. However, greater engagement with the private sector is required in order to devise more targeted policies and engagement, because despite nearly two decades of rigorous, global counter-terrorist financing requirements, financial technology companies and social media companies continue to struggle with preventing terrorist exploitation of their platforms.
- Following the money: Technology can actually make following a financial trail easier because the information is digital. However, the multiplicity of actors (financial technology companies, banks, cryptocurrency exchanges) can also rapidly complicate the process. To do this effectively, CTF professionals need to be able to rapidly access the required information, regardless of where the company / entity is domiciled.
- Stopping the money: Pre-emptive engagement with all the entities in a financial sector (and beyond) is critical in order to freeze and seize funds. When listings, designations, freeze orders, etc, come down, companies need to already know what their obligations are and how law enforcement / security services will engage with them, and what their response will be.
- Understanding the money: Using financial intelligence to illuminate terrorist intent, capability, planning, and preparation is actually easier to do when more of that information is digital. What terrorist actors are buying, how they are storing funds, where they’re getting them from, all tell part of the story about what they’re planning on doing. Think of this as pattern of life analysis, but for terrorist activity.
- Financially deplatforming the terrorists: It continues to be relatively easy for terrorists to obtain financial services, both in the traditional financial sector and with financial technology companies / services. Clearly, we have a long way to go for financial entities to understand what terrorist activity looks like, develop proactive policies to address it, and in some cases, even to respond to policy actions – weeks and months after it happens. This will likely require a careful calibration of a carrot (engagement & information-sharing) and stick (penalties and sanctions) approach.
These approaches all fit within our existing models of counter-terrorist financing approaches, which means that there are existing policy approaches or lessons that can be learned.
Terrorists are adopting technologies to enable their financing activities, but this is a slow process, not a sudden one. Some of these technologies exist largely in the financial technology sector, while others are more commonly seen as communications technology. The blurring of the line between these sectors is important to understand if we are going to draft effective policies to respond to this evolution, and part of that will require engagement with the private sector to understand their technologies and business model, pain points, and incentive structures.
These approaches also aren’t without consequences. The international community has yet to grapple with the full impact on civil society and human rights of the expanded use of counter-terrorist financing legislation and financial surveillance which has already had an impact on opposition and protest groups. When we consider the best ways to counter the use of technology for terrorist financing, it is critical to keep in mind the potential abuses of international norms, standards, policies and practices, and devise ways to mitigate their human rights impacts.