In the wake of Michael Cohen’s bombshell plea agreement with special counsel Robert Mueller, questions remain about the investigation into the illegal leaking of the former presidential fixer and longtime attorney's sensitive financial records.
They worry the matter has fallen off the administration's radar after Cohen signaled his cooperation with multiple investigations, including a New York state probe of the Trump Organization and the special counsel's investigation into Russia's meddling in the 2016 elections, the sources said. Their questions about the timing of the Treasury Department inspector general's probe of Cohen’s leaked financial information also come on the eve of his sentencing hearing in New York for tax evasion, campaign finance violations, giving a false statement to bank and lying to Congress.
The Treasury Department inspector general, when asked on multiple occasions over the last few months by ABC News, has said the status of the investigation into the leak is ongoing.
“All inspectors general are independent of their agencies, and of political considerations in investigative decisions and processes. That includes this one,” Rich Delmar, a spokesperson for the Treasury Department’s internal watchdog, told ABC News.
A former high-ranking federal prosecutor who has been following the case said that although the probe may appear to be moving slowly, the alleged offender will ultimately be found.
“On the face of it, identifying the computer where the material in question was downloaded should not be time-consuming. Ultimately, it’s likely the perpetrator or perpetrators will be identified if there is a vigorous investigation,” the former official said, speaking on background to ABC News.
The leak of Cohen’s financial information occurred through an unauthorized disclosure of Suspicious Activity Reports (SARs), according to the Treasury Department’s Office of Inspector General.
SARs – which are monitored by the Treasury Department’s Financial Crimes Enforcement Network, or FinCEN – are a channel for financial institutions to file legally-mandated reports of potentially improper financial transactions relevant to a possible violation of the law.
It is a felony, in most circumstances, to publicly disclose the existence of a Suspicious Activity Reports or its contents.
Peter Djinis, a former senior official at FinCEN who now specializes in anti-money laundering compliance, says tracking the unauthorized disclosure of Suspicious Activity Reports is not difficult if the person is authorized – that is, a law enforcement official, financial regulators, or someone in the intelligence community – but such tracking may cast a wide net.
“There's a digital trail any time that they pull back information off of the [Suspicious Activity Reports ] database,” Djinis said. “So if it's coming from one of those, that's a lot easier to identify because of the digital records.”
But experts in this type of financial information leak investigation suggest the timeline could be drawn out because of the large number of people with authorized access to these records.
“Most law enforcement agents know that their activity is being tracked,” Djinis said. “And so if they don't really have an investigative interest in investigating Michael Cohen, it would be pretty darn hard to explain what they're doing trying to pull up SARS involving Michael Cohen, or anyone else for that matter. You may have to go down the list of everyone who retrieved those SARS and ask the same questions because you want to get verifiable answers. If somebody has no good reason for querying the database, that puts the suspicion antennas way up front. Why are they trying to retrieve the information that they have no investigative interest?”
“It takes time," Djinis said. "It is gumshoe work.”
Such allegedly improper access to the database by an authorized user appears to have led to the October arrest of Natalie Sours Edwards, a senior adviser at FinCEN whom federal prosecutors accused last month of providing a journalist with confidential material, including SARs, on former Trump campaign chairman Paul Manafort and political consultant Rick Gates – but not Michael Cohen.
In that case, authorities allege that forensic analysis of her computer usage determined that Edwards, without a legitimate purpose for doing so, accessed more than twenty thousand files and off-loaded them to a government-issued flash drive.
Edwards’ arrest happened almost exactly one year after she first allegedly downloaded financial records and shared them with a reporter, according to her indictment. It is not clear when the Treasury inspector general and FBI began investigating her, but Edwards’ case may give a sense of the expected investigative timeline in a scenario similar to Cohen’s.
The greater challenge in identifying the person responsible for accessing the SAR, Djinis said, is if the person comes from the financial community – a bank, money transmitter, or casino, for example – with access to an internal SAR database.
“Access to their internal suspicious activity reports is not tracked by the government,” Djinis said. “So that would be up to the institution itself to be able to determine – if they have those systems in place – to be able to determine who was the one who had access to the information, pulled it down, and then presumably disclosed the information.”
Regardless of where the individual responsible for accessing the information works, determining who leaked the information could be a separate issue with its own challenges, Djinis said.
Adding to the intrigue of identifying a culprit in Cohen’s case, The New Yorker published an article on May 16 quoting an unnamed government official who claimed to be the source of the Cohen leaks. In the article, the official feared the government would suppress Cohen’s SARs in an effort to protect his business interests after discovering that some of his records were missing from a government database.
“To say that I am terrified right now would be an understatement,” the unidentified official said of their potential legal exposure.
ABC News later reported that Cohen’s SARs were never removed from the database, but had been put under restricted access, consistent with agency policy on matters tied to law enforcement investigations.