Let me describe the process we go through in determining whether we will establish a memorandum of understanding for information exchange with another organization.
We undertake a fair bit of due diligence. We look at questions of integrity and corruption. We look at whether the entity has the capacity to protect information physically if we provide it to them. We look at whether they have the legislative capacity to provide protection if we share information with them. If we satisfy ourselves that those things are in place, then we will undertake to negotiate an MOU. In the MOU we expressly have provisions that require that the information be protected and that it not be further disclosed without our prior concurrence.
This is what is called in the jargon the third-party rule. Intelligence organizations, law enforcement organizations, and financial intelligence units subscribe to that as the basis on which information is exchanged, whether or not they have MOUs in place.
In our case, we expressly state it in the MOU, and periodically we will also have bilateral sessions with FIUs with whom we have exchanged information, partly to get feedback on the usefulness of the information, but partly to inquire and to satisfy ourselves that the information is being protected and is not being passed on to any other parties without our concurrence.
In some cases, we might make a disclosure to a financial intelligence unit that a month or two later might come back, tell us that this particular police organization or this particular prosecutorial office would be interested in this information, and ask for permission to pass it on. If the question were to be stated as broadly as that, we would probably say no, but if they could assure us that the investigation or the prosecution would be related to either money laundering or terrorism financing, then we would probably say yes, but in each case--