Charities and Terrorist Financing
What CPAs Need to Know

By Peter Romaniuk and Jeffry Haber

E-mail Story
Print Story
MARCH 2008 - During the summer of 2007, two trials under anti–terrorist financing laws—both involving charities—made headlines. In Florida, of three men found guilty of conspiracy to commit terrorism and of offering material support to terrorists, one ran the American Worldwide Relief Organization, which is reported to have funneled support to Chechen rebels in the 1990s. In Texas, the Holy Land Foundation (HLF)
and several of its officers were accused of providing material support to a designated Foreign Terrorist Organization. Though the case ended in a mistrial, the Foundation was shut down. These cases serve to illustrate the role that charities may play in funding political violence and the determination of federal authorities to crack down on terrorist financing.

CPAs who work in the nonprofit and private foundation sectors should be aware of the federal anti–terrorist financing rules. Accountants are well positioned to provide advice regarding compliance in this area. They have access and exposure to critical and sensitive information—for example, regarding grantees and financial transactions—that is useful in spotting and identifying terrorist financing issues. Compliance requires awareness of the relevant rules and regulations as well as how the laws and rules apply to specific activities.

To be clear, the authors do not wish to contribute to the perception that CPAs are in the “front line” of the war on terrorist financing (although it is the case that CPAs abroad are increasingly expected to undertake regulatory tasks previously reserved for banks, such as reporting suspicious activity). Rather, they seek to raise consciousness about relevant developments, as prudence demands.

One further caveat: The description of laws and regulations provided herein should not be interpreted to mean that CPAs should approach individuals with suspicion. Far from it. Charities provide valuable services to needy populations in the U.S. and abroad. While cases involving the misuse of charities for terrorism purposes have come to light, they contrast sharply with the vast legitimate majority of charitable activity. Moreover, the nonprofit sector has taken proactive measures in the past several years to ensure that the donating public maintains trust in the operations of charities, providing significant input into the federal government guidelines discussed below. In this regard, CPAs can contribute to the ongoing vitality and integrity of this critical sector of the economy.

Terrorist Financing: The Basics

Terrorist groups incur both organizational and operational costs. Evidence indicates that terrorists use diverse methods—both licit and illicit—to raise and move funds. The misuse of charities represents one illicit method. By presenting themselves as charities, terrorists can exploit unwitting donors and provide a cover for the disbursement of funds. In recognition of these vulnerabilities, the oversight of charities has attracted increased attention among governments and international organizations in recent years.

Under U.S. law, it is an offense to provide or collect funds for acts of terrorism (18 USC section 2339C), to provide material support to terrorists (18 USC section 2339A), or to provide material support to designated terrorist organizations (18 USC section 2339B). The U.S. has a range of legislative and executive authorities under which individual terrorists, entities linked to terrorism, and terrorist organizations can be designated. The consolidated list—the specially designated nationals (SDN) list—is maintained by the U.S. Treasury’s Office of Foreign Asset Control (OFAC), which also has responsibility for administering sanctions programs not related to terrorism. The list is available from OFAC’s website at The SDN list is a critical reference point for charities (in their dealings with grantees) and their accountants and auditors. More than 40 charitable organizations have made an appearance on the list. (For more information about these charities, see

As a first step, nonprofits should check potential foreign grantees against the list. Admittedly, the list can be a blunt tool. A potential grantee’s name may appear on the list by coincidence; duplicate names occur with some frequency. Key protections that a nonprofit can establish include relevant and appropriate procedures to first identify potential problem areas and a set of guidelines on how to handle identified problems. The nonprofit should have written procedures for what to do when an SDN name-check reveals that a potential payee is on the list.

Commonsense steps the nonprofit can take would be to request a representation from the potential grantee that they are not the entity or individual listed on the SDN list. While not providing any significant level of comfort, this is a necessary first step. The nonprofit can then seek to develop evidence that the named entity or individual is indeed different from the potential grantee. For corporate entities, such additional checks can include simple and basic steps, such as using a database like to see if multiple entities have the same name, and searching for the name on the Internet, looking for distinct addresses for each entity. For individuals, the SDN list will provide a date and place of birth (albeit less than a complete address in most cases). By asking to see the passport of the potential grantee, the nonprofit can check whether the birthdate matches and whether the individual spends time in his or her country. Further guidance from OFAC is also available at /answer.shtml#hotline.

Treasury Department Guidelines

Beyond the SDN list, a key plank of the U.S. Department of the Treasury’s effort to suppress terrorist financing through nonprofits is industry outreach. The government and the nonprofit sector have not always agreed on how best to protect charities against terrorist financing. (See
Partly in response to industry concerns, the Treasury Department reissued guidance in September 2006 targeted to the nonprofit sector: Voluntary Best Practices for US-Based Charities (
). The guidelines emphasize a risk-based approach to countering terrorist financing. Although the primary audience for the guidelines is managers of charitable organizations, CPAs working in the sector are well advised to review them.

The best practices identified by the Treasury Department include the following:

  • Governance accountability and transparency. The guidelines specify that charities should establish transparent and robust governance procedures, including independent oversight by a governing board and the public disclosure of information about key employees.
  • Financial accountability and transparency. The guidelines recommend that charities with a total annual gross income of $250,000 or more should select an independent CPA firm to conduct an audit and issue an annual financial statement. All charities should account for all funds received and disbursed. The names of all grantees should be recorded and, to the extent possible, disbursements should be made by check or wire transfer. Where it is necessary to make disbursements in cash, the guidelines recommend that charities use small increments and exercise additional oversight.
  • Programmatic verification. The guidelines advise that charities require grantees to periodically report on their use of disbursed funds. Indeed, grantees should take reasonable steps to ensure that funds provided by the charity are not distributed to terrorists or their support networks. Where reasonable, charities should exercise oversight—including, for example, on-site audits—to ensure the integrity of disbursements.
  • Vetting and due diligence. The guidelines suggest that charities collect and maintain detailed information about grantees and conduct basic vetting of grantees (e.g., by using the SDN list). Charities should require grantees to certify that they are in compliance with all OFAC sanctions programs. Similarly, charities should conduct basic vetting of their own employees.

Finally, as noted above, in the event that the name of a grantee or employee appears to match a name on the SDN list, charities should undertake appropriate due diligence and consult further OFAC guidance (
). For suspicious financial activity related to terrorism but not involving a possible match, the guidelines recommend using the “counter-terrorist referral form for charities” (

The Risk-Based Approach

The guidance provided in the Voluntary Best Practices is broad in scope. But regulators acknowledge that some charities are more vulnerable to misuse than others. To make implementation manageable, the Treasury advocates a risk-based approach. In practice, this has meant issuing additional guidance in two forms.

First, in March 2007, OFAC released the Risk Matrix for the Charitable Sector (see
). The matrix is useful for CPAs because it effectively operationalizes the Voluntary Best Practices, giving a more concrete indication of what to look out for. In auditing charities, for example, it is prudent for accountants to be alert to red flags such as charitable grants that are not made in writing, charities that do not perform due diligence, large disbursements to grantees made in cash, and grantees with little or no history of charitable activity.

Second, both the U.S. Treasury Department (
) and international bodies (www.fatf have issued “typologies”—past examples of terrorist financing through charities—to provide illustrations of how abuse can occur. In addition to general examples, the Treasury Department document has a specific focus on the abuse of charities as part of the international response to the October 2005 earthquakes in Pakistan and India. Beyond the diversion of funds and the use of charities as front organizations, these typologies suggest that terrorist financing may occur through fraud at the branch or field office level.

Well-Placed Gatekeepers

CPAs play an increasingly important role in ensuring that charities and their grantees comply with terrorist financing laws and regulations. In their role as “gatekeepers,” accountants are exposed to a broad range of financial information and have a unique perspective of what goes on in an organization. In approving transactions or auditing financial statements, CPAs are well placed to detect and prevent suspicious activity. Moreover, in large financial institutions, accountants play an increasing role in designing and implementing counter–terrorist financing and anti–money laundering compliance programs and systems. In these ways, CPAs are in a unique position to help identify and mitigate potential problems by understanding the rules related to terrorist financing.

Click here to view Sidebar.

Peter Romaniuk, PhD, is an assistant professor of government at the John Jay College of Criminal Justice, CUNY, New York, N.Y. Jeffry Haber, PhD, CPA, is an associate professor of accounting at Iona College, New Rochelle, N.Y., and controller of the Commonwealth Fund, a private foundation focused on healthcare policy, New York, N.Y.




















The CPA Journal is broadly recognized as an outstanding, technical-refereed publication aimed at public practitioners, management, educators, and other accounting professionals. It is edited by CPAs for CPAs. Our goal is to provide CPAs and other accounting professionals with the information and news to enable them to be successful accountants, managers, and executives in today's practice environments.

©2009 The New York State Society of CPAs. Legal Notices