NEW YORK, May 29 -- Leading financial services firms here have formed a private database company that will compile information about criminals, terrorists and other suspicious people, for use in screening new customers and weeding out those who may pose a risk.
The company, known as Regulatory DataCorp Int'l LLC, comes as financial services face strict new government mandates to make efforts to identify those who may want to use the U.S. financial system for illegal activity and file reports of suspicious activity to federal investigators, according to people involved in the effort.
One organizer predicted the new computer system will become "the world's best database of public information" about individuals, companies and groups who may be involved in fraud, terrorism funding, money laundering and other crimes. The organizer said it already has about 5 million files.
"It's got terrorists and suspected terrorists and other bad people," one official said. "I'm going to be able to take a million account holders on a tape and give it to this company . . . and they're going to give me back reports."
Among the founders are Goldman Sachs Group Inc., Citigroup Inc., Merrill Lynch & Co., UBS PaineWebber Inc. and more than a dozen other banks, asset managers and credit card companies in the United States and abroad. Organizers did not want to be identified until all the final details are worked out over the coming weeks.
But they said they're confident the collaboration will improve the safety of the financial system by helping firms better identify known criminals and terrorists.
While the privately held company does not need government approval, regulators have seen demonstrations of its computer system, a government official said.
Many database companies maintain demographic and marketing files about people, some that include law enforcement records. But this is one of the few that focuses on helping financial companies comply with anti-money-laundering regulations, including requirements in legislation approved after the Sept. 11 terror attacks.
Among other things, new legislation requires banks and other financial companies to monitor private banking and correspondent accounts for money laundering. They also must verify the identities of new customers and match names against lists of known terrorists.
Another new company that offers a similar service is World-Check Inc., which describes itself as the "world's largest banking compliance database," a computer system with about 55,000 names that "is used for vetting undesirables, assessing potential high risk clients and 'know-your-customer' requirements." World-Check claims to add 5,000 names a month to its files.
Information specialists said both those initiatives raise questions about consumer privacy, in part because of the risk of misidentifying an individual.
Mary Culnan, a business professor and information technology specialist, said she believes the database will eventually mistakenly identify people who have similar names, or prompt financial services officials to incorrectly spurn some customers.
It's not clear what rights an individual would have to appeal such a decision or to review records about themselves.
"If all the banks are using the same system and they reach the same conclusion incorrectly, that is wrong," said Culnan, a professor at Bentley College in Waltham, Mass. "They may black-mark people unfairly."
"It's the elite in the financial world taking matters into their own hands," said Evan Hendricks, editor of the Privacy Times newsletter. "It's the search for the perfect database on bad guys. What they might not realize is there is so much bad information out there."
One banking official working with Regulatory DataCorp acknowledged those risks, saying they exist in the technology-driven banking system now. Organizers said they have carefully considered the privacy issue with specialists and intend to protect individuals. Before taking any action, they will dig deeper to be sure of a customer's identity and attempt to confirm any allegations and reports, he said.
About 20 companies, led by Goldman Sachs, form the core of the Regulatory Data cooperative, which has been in the works for about two years. The new firm intends to operate for profit and offer the system up to a nationwide array of financial companies. It remains unclear the degree to which others, such as private investigators or lawyers, will be allowed to use the system.
The company will rely on the Internet and investigators on the ground to gather details from government records, lists of known suspects or terrorists, press reports and other public documents from around the world. Some files could go back decades, but the database won't contain confidential transactional data, two organizers said.