Financing lone-actor or self-activating terrorism
Recently, Project CRAAFT released a paper on self-activating terrorism. This important paper helps to dispel misconceptions about financing activities of small-cell and lone actor violent extremists (which can also apply to Incel-motivated violence, as I’ve written about recently). I was invited to comment on the paper at a roundtable - my comments are below.
The issue of financing and lone-actor or “self activating” terrorism is something that I’ve had a chance to work on for a number of years. This was the main terrorist threat in Canada when I worked at CSIS, and indeed where I spent most of my time, trying to answer a simple question: how can we detect, prevent and disrupt lone actor and small cell terrorist attacks?
This is an under-studied topic. I’d also go further and say it’s under-theorized. WHY are we seeing so many small scale attacks?
The good news is that I think that it’s partly because our CTF policies and practices have been successful. We don’t know for sure (there’s a lack of empirical evidence), but preliminary data suggests that terrorists have adapted to CTF by self-financing attacks; this in turn has reduced the scope and scale of those attacks (for the most part), although there remains plenty of variation globally in scale (and funding and cost) of terrorist attacks.
The bad news is that we’re still, in the CTF world, struggling with some pretty basic questions: like what is CTF meant to do? Is it meant to detect and deter terrorist attacks? Is it meant to illuminate networks? Is CTF meant to reduce the scope and scale of terrorism globally? These questions may seem pedantic (as a practitioner myself I’d say “all of the above”), but the answer to this question matters in terms of how we design, implement, and evaluate policies.
Which brings me back to the matter at hand: how do we use CTF to detect, deter, and disrupt lone actor / self-activating terrorism?
We have to move our definition terrorist financing forward. Many people have a limited concept of terrorist financing – that it’s international, or involves large sums of money. Instead, I think we need to consider it along the lines of how terrorists of ANY level (groups, cells, and individual) raise, use, move, manage, store, and obscure their funds, including their use of financial tradecraft. This allows us to garner much more insight about terrorist behavior.
And we also need to broaden our understanding of CTF. It’s not just about preventing the financing of terrorist organizations (arguably its original intent); it’s about use CTF tools to disrupt operational financing as well. Part of that of course means that we need to know what operational financing looks like, which is a major contribution of this paper.
The other part means that we need to know what our CTF tools are. I’ve spoken recently about what those are, but briefly: criminalization, intelligence, sanctions, regulatory, military, technical assistance, and civil law. When I go through that list, it’s probably pretty clear that not all of these tools apply to self-activating terrorism.
The focus on financial intelligence is critical. But this is also a place where I think we need to expand our thinking a bit. We often think of financial intelligence as emanating from banks or financial institutions. But financial intelligence can also be derived from signals intelligence, human intelligence, covert entries, source / bystander reporting etc. I prefer to think of it as any intelligence of a financial nature that can shed light on the intent, capabilities, planning, and preparatory activities of potential terrorists. And all of this needs to be analyzed within the context of a terrorism investigation.
The other place where I think we need to expand our scope a bit is in looking at those preparatory behaviors of terrorists. This report focused on the pre-attack activities: purchasing weapons, components and devices, but for lone-actor and self-activating terrorists, there are a host of other activities that are just as important. Things like preparing a will, closing an account, gifting money, can all indicate that an attack may be imminent. So we need to think of all of these types of activities as preparatory behaviors as well.
Most lone-actor, small cell, and self-activating terrorist attacks cost little money, although there are some exceptions to that. Anders Breivik fits the definition applied here, and his attack cost over $80,000. However, most other attacks cost around $1,000 (or less, in many cases).
But cost is only one small component of understanding the financing of an attack - other preparatory behaviours and activities are just as important.
Which brings me to my final point – the regulatory approach to CTF applied to the lone actor / self-activating space. We CTF practitioners ask our financial entities to identify suspicious activities. But in my experience, the vast majority of the activities identified as indicators to the financial sector generate far more false positives than actual leads. This is a problem, and I think of it as the big data vs bespoke data problem. Big data solutions like machine learning (and indicators) work well when you have big data to work with. But they work far less well (if at all) when you have a small number of cases to train algorithms, and when trends and methods change frequently. So I think we need to question how much we should be pushing the private sector to identify this type of activity. The authors highlight the French approach multiple times – access to real-time financial data in specific cases (perhaps with judicial authorizations) provides far greater insight than hundreds of suspicious transaction reports.
I echo the authors’ call for more data, more analysis, and more information sharing. This is a difficult problem with a lot of overlapping considerations of privacy, security, and burden sharing, and while we may not solve it anytime soon, we can tighten the screws for the terrorists and make their lives much more difficult – a fundamental role of counter-terrorism and counter-terrorism financing.