The National Security Consequences of Deregulation

By Ganesh Sitaraman
Monday, April 3, 2017, 8:39 AM

When most people think about regulations, they think about health, safety, and environmental rules. As part of their efforts to deregulate in these areas, the House of Representatives has passed sweeping bills that would completely transform the process that every federal agency uses to issue regulations: the Regulatory Accountability Act and the Regulations from the Executive in Need of Scrutiny (REINS) Act. The Senate Committee on Homeland Security and Governmental Affairs is now gearing up to consider these bills. But what the House and Senate probably don’t realize is that these radical reforms to the regulatory process have serious consequences for national security and the fight against terrorism.

Some background is in order. Since 1946, all government agencies have been required to follow a detailed and extensive process when they are implementing laws passed by Congress. They have to gather data and build a technical record, provide notice to the public, allow for comments on the proposed rule, and respond to comments. Congress oversees the agencies through hearings, budgets, and confirmation of agency personnel. The President nominates and supervises agencies. And the courts review agency rules to make sure they are not arbitrary or capricious. This is our modern system of checks and balances in action.

The new House bills upend this structure—including for seemingly ordinary rules that have huge national security implications. Here’s an example to start: The Financial Crimes Enforcement Network (FinCEN), an office within the Treasury Department, issues rules under the Bank Secrecy Act that require financial institutions to conduct due diligence on customers. These regulations are designed to make sure that criminals, tax evaders, and money launderers are not using shell companies for illegal activities. Among other things, FinCEN requires banks to monitor accounts for suspicious activities. These rules aren’t just about illicit operations within the United States; they are also central to preventing terrorists from funding their activities.

Under the proposed Regulatory Accountability Act, however, FinCEN would have to use the “least costly” approach to regulation unless they can document the benefits of a higher cost option. The problem is that while it is relatively easy to measure the costs of compliance on the banks, it is difficult to measure the benefits. Any bank that doesn’t want to monitor accounts for suspicious activity, for example, could challenge the FinCEN rule. After all, one less costly (but far less beneficial) option is for a bank to politely ask criminals and terrorists to not to engage in illegal behavior.

Even if FinCEN issues a weak rule to ensure continued monitoring, under the REINS Act the rule wouldn’t take effect automatically. It would first have to go to Congress—where it would be susceptible to bank lobbyists trying to block it and to partisan gridlock and gamesmanship. Now, one might say that on important national security questions, Congress will surely come together to pass rules. But with political polarization higher than its been in decades and lobbyists running amok in Washington, are we really willing to take that risk?

This isn’t an isolated example. The Office of Foreign Assets Control (OFAC), also within the Treasury Department, has responsibility for issuing regulations to implement economic sanctions with countries like Iran and North Korea. When Congress passes a law, it isn’t always clear how the law will apply in a specific situation. As a result, agencies interpret the law when it makes rules implementing sanctions. Judges recognize that they don’t have the expertise that OFAC has in sanctions, money laundering, and national security, so the courts traditionally have given a good measure of deference to agency rules.

The Regulatory Accountability Act ends that deference. Instead of a politically accountable agency making a judgment based on its expertise, if there are two plausible readings of the law, unaccountable, non-expert judges will make the determination. The views of career civil servants who spend their lives preventing criminals from funneling money to sanctioned countries won’t matter. Maybe judges will make the right decision. But maybe they won’t.

There’s another problem. Effective sanctions require international cooperation. If the major financial centers of the world aren’t on the same page, then there will be holes that criminals and terrorists can use to launder money. Because these bills make it harder to issue rules by adding on layers of new economic and cost-benefit analyses, they make it more likely that our government will be late in responding to emerging threats, effectively becoming the weakest link in the international fight against terrorism. This also holds true when it comes to preventing the next global financial crisis.

These bills can’t be fixed by adding an exception for “national security” or “foreign affairs.” Both bills attempt to do so, one through a short-term emergency exception, the other by exempting national security issues from some requirements. But these are limited exceptions, and in any event, no exception can solve the fundamental problem: Across agencies, regulatory issues cannot always be neatly categorized as “national security” or “ordinary domestic policy.” The Bank Secrecy Act, for example, applies to ordinary domestic crimes—like tax evasion and fraud—not just to international terrorism. “Domestic” financial crises have major international implications.

The proponents of these bills say they are essential because of the high costs of regulations. But that is true only from the perspective of the regulated entity, not from the perspective of the public that benefits from protections against financial crises and terrorist attacks. Regulations must be sensible, but we have in place today a robust process for government agencies to engage in economic analyses of rules, take public input on them, and make reasonable changes. If anything, that process is already too vulnerable to capture by regulated corporations. Going forward, we should be looking for ways to reduce regulatory capture, not radically alter the entire process of making regulations across every agency—particularly when even seemingly “ordinary” regulations can have serious national security consequences.