Banks Are Making Billions From Terror Screening, and Nobody Wants to Admit It

Look at the numbers and the picture gets blunt fast. Financial crime compliance now costs the global financial sector well over $200 billion a year by several industry estimates, including repeated surveys from LexisNexis Risk Solutions and other compliance trackers. That broad category includes anti-money laundering, sanctions enforcement, and counter-terror finance. The exact share tied only to terrorism is hard to isolate, but no serious banker would deny that terror screening rules are now stitched into daily operations. Every wire transfer, every customer profile, every cross-border payment sits under this sprawling system of software alerts, document checks, and risk reviews.

The winners are not hard to find. Big banks hire armies of compliance staff. Specialist firms sell watchlist screening tools, transaction-monitoring systems, identity verification products, and due-diligence services. Consulting giants bill heavily to help boards avoid regulatory humiliation. Thomson Reuters, LexisNexis Risk Solutions, NICE Actimize, Fiserv, Oracle, and a pack of smaller regtech players have all fed on this market for years. This is not a side hustle. It is a business model built on fear, regulation, and the threat of billion-dollar fines.

That threat is very real. In the past decade, regulators have punished banks with massive penalties for weak controls tied to sanctions breaches, money laundering failures, and compliance breakdowns that often overlap with terror-finance enforcement. BNP Paribas paid nearly $9 billion in 2014 over sanctions violations. Standard Chartered, HSBC, Deutsche Bank, and others have repeatedly faced huge enforcement actions in the US and UK. Not every case was about terror financing in a narrow legal sense, but the message to the industry was crystal clear: spend whatever it takes, or get crushed.

So banks spent. They spent with the panic of people paying protection money to a system that never stops asking for more. JPMorgan, HSBC, Deutsche Bank, and other global lenders have each disclosed over the years that they employ thousands, sometimes tens of thousands, of staff in risk and compliance roles. HSBC said years ago that it had more than 7,000 compliance employees after its scandals. Today the major institutions operate huge compliance bureaucracies that would have looked absurd in the 1990s. Nobody wants to be the next cautionary tale dragged before senators, regulators, and front pages.

But here is the part the industry says quietly, if at all. This machine is expensive, clumsy, and often shockingly bad at precision. The United Nations has estimated that the amount of criminal finance actually seized worldwide is only a tiny fraction of illicit flows. Academic studies and policy reviews have repeatedly found that anti-money laundering systems generate vast numbers of suspicious activity reports and alerts while producing limited visible disruption compared with their cost. Terror-finance systems are even harder to judge because successful prevention is difficult to measure, but the false positives are legendary. Humanitarian groups, migrants, small charities, and Muslim-owned businesses have all been caught in the dragnet.

Britain offers one of the clearest windows into the problem. For years, Muslim charities operating in conflict zones have complained that banks shut their accounts or delayed transfers because institutions feared exposure to terror-finance risk. In some cases, aid groups trying to send lawful support into Syria, Somalia, or Gaza found themselves treated less like customers and more like contamination. The Charity Finance Group and humanitarian organizations have warned repeatedly that over-compliance, also known as de-risking, has frozen legitimate activity. In plain English, banks often decide it is safer to walk away from whole categories of clients than to prove they are safe enough.

The United States has seen the same pattern. After years of intense enforcement, money-service businesses serving immigrant communities reported account closures and banking access problems. The World Bank and other international bodies have documented how de-risking hit remittance corridors, especially those linked to fragile states. Somalia became the textbook case. When banks pulled back from remittance channels out of compliance fears, families who depended on overseas money were suddenly trapped. The stated goal was security. The lived effect was economic chokehold.

And still the spending rises. This is where the business story gets ugly and fascinating. Regulation created a market. Fear inflated it. Every major terror attack, every geopolitical flare-up, every sanctions package gives the compliance industry a fresh sales pitch. More lists to scan. More names to match. More software to buy. More outside experts to retain. Fintech startups now market artificial intelligence tools that promise to spot hidden risks faster than human analysts. Some are useful. Some are overhyped. All of them know one thing: no bank executive wants to be accused of going soft on terrorist finance.

There is also a deeper corporate truth that polite boardrooms avoid. Compliance has become a defensive moat for some large institutions and vendors. The rules are so complex and the penalties so severe that only the biggest firms can absorb the cost. That locks in demand for giant providers and squeezes smaller players. Community banks, regional lenders, fintech challengers, and nonprofit financial channels face the same legal expectations with fewer resources. In effect, a security regime designed to stop violent networks has also helped concentrate business in the hands of firms wealthy enough to survive it.

This does not mean terror threats are fictional. They are not. The financing of extremist groups has been documented across cash networks, charities used as fronts, hawala systems, smuggling, kidnapping, oil theft, and online fundraising. ISIS generated enormous revenue at its peak, with estimates from think tanks and US officials once putting its annual income in the hundreds of millions or more. Governments had every reason to respond. But that is exactly why the current model deserves harder scrutiny, not less. When a system claims national-security urgency, burns billions, disrupts lawful commerce, and enriches a private compliance economy along the way, the public has every right to ask whether the machine is serving the mission or feeding itself.

That question is now hitting boardrooms in a new way. Investors want efficiency. Customers want faster payments. Regulators want stricter controls. Politicians want zero headlines. Those demands collide every day inside banks, and the compromise is expensive bureaucracy hidden behind patriotic language. Nobody campaigns on that. Nobody puts it in an annual report with brutal honesty. But this is the truth of modern finance: counter-terror screening is not just a safeguard. It is an industry. It employs thousands, sustains vendors, shapes strategy, blocks customers, and quietly turns fear into revenue.

The crackdown never really ended. It just matured into a market. And in business terms, it may be one of the most durable growth sectors of the post-9/11 world.