Posts

Scott Bessent’s Imaginary Friends

/25 Comments/in /by

A week ago, Scott Bessent attempted to calm a bunch of bankers by describing that he would take a lead role in negotiations with 70 countries in the wake of Trump’s tariff flip-flops.

He claimed the US still has things called “allies” who would be willing to reach quick deals that would allow him to isolate China.

Bessent said there was great interest in negotiating with the U.S. to lower tariffs, noting that Trump had already spoken with the leaders of Japan and South Korea, and U.S. officials would meet with a delegation from Vietnam on Wednesday.

“I think … at the end of the day that we can probably reach a deal with our allies, with the other countries that have been … good military allies and not perfect economic allies. And then we can approach China as a group,” Bessent said.

He added that the sweeping reciprocal tariffs announced by Trump last week represented a ceiling for tariffs if countries didn’t retaliate, but China had not heeded that advice.

“In terms of escalation, unfortunately, the biggest offender in the global trading system is China, and they’re the only country who’s escalated,” Bessent said.

Bessent is still trying to pitch that PR line — that he has a plan — as in this WSJ article (which among other things, suggests Bessent only came up with this thing he fancies is a “strategy” on April 6, after Trump had already started destroying American credibility).

The Trump administration plans to use ongoing tariff negotiations to pressure U.S. trading partners to limit their dealings with China, according to people with knowledge of the conversations.

The idea is to extract commitments from U.S. trading partners to isolate China’s economy in exchange for reductions in trade and tariff barriers imposed by the White House. U.S. officials plan to use negotiations with more than 70 nations to ask them to disallow China to ship goods through their countries, prevent Chinese firms from locating in their territories to avoid U.S. tariffs, and not absorb China’s cheap industrial goods into their economies.

Those measures are meant to put a dent in China’s already rickety economy and force Beijing to the negotiating table with less leverage ahead of potential talks between Trump and Chinese President Xi Jinping. The exact demands could vary widely by nation, given their degree of involvement with the Chinese economy.

[snip]

One brain behind the strategy is Treasury Secretary Scott Bessent, who has taken a leading role in the trade negotiations since Trump announced a 90-day pause on reciprocal tariffs for most nations—but not China—on April 9.

Bessent pitched the idea to Trump during an April 6 meeting at Mar-a-Lago, the president’s club in Florida, said people familiar with the discussion, saying that extracting concessions from U.S. trading partners could prevent Beijing and its companies from avoiding U.S. tariffs, export controls and other economic measures, the people said.

The tactic is part of a strategy being pushed by Bessent to isolate the Chinese economy that has gained traction among Trump officials recently. Debates over the scope and severity of U.S. tariffs are ongoing, but officials largely appear to agree with Bessent’s China plan.

It involves cutting China off from the U.S. economy with tariffs and potentially even cutting Chinese stocks out of U.S. exchanges. Bessent didn’t rule out the administration trying to delist Chinese stocks in a recent interview with Fox Business.

Still, the ultimate goal of the administration’s China policy isn’t yet clear.

Bessent has also said there is still room for talks on a potential trade deal between the U.S. and China. Such talks would have to involve Trump and Xi.

In the time that Bessent has been pursuing this “strategy” to make deals with our “allies” that will isolate China, Xi Jinping had a showy appearance in Vietnam, where he posed as the guardian of “the multilateral trading system, … the stability of the global industrial and supply chains, and … the international environment for open cooperation.”

Xi also urged strengthening coordination and cooperation through regional initiatives such as the East Asia Cooperation and the Lancang-Mekong Cooperation, the ministry said, citing an article by the Chinese leader published in Vietnam media.

He called such efforts necessary to “inject more stability and positive energy into a chaotic and intertwined world”.

“There are no winners in trade wars and tariff wars, and protectionism has no way out,” Xi said, without mentioning the U.S. specifically.

“We must firmly safeguard the multilateral trading system, maintain the stability of the global industrial and supply chains, and maintain the international environment for open cooperation,” he said.

Last week, China sought to get ahead of U.S. negotiators, holding video calls with the EU and Malaysia, which is chairing ASEAN this year, as well as Saudi Arabia and South Africa, by way of reaching out to Gulf countries and the Group of 20 and BRICS nations.

And Trump has continued to destroy two important American markets that foster the kinds of friendship Bessent plans to exploit: tourism

… And education:

President Donald Trump says he wants to reduce our trade deficit. Yet he’s destroying one of our winningest exports: higher education.

Colleges and universities are among America’s most competitive international exporters. In dollar terms, last year, the United States sold more educational services to the rest of the world than it sold in natural gas and coal combined.

We also run a huge trade surplus in this sector, meaning that foreigners buy much more education from the United States than Americans buy from other countries. In the 2022-2023 school year, more than three times as many international students were enrolled in the United States as there were American students studying abroad. Translated to cash: Our education-services trade surplus is larger than the trade surplus in the entire completed civilian aircraft sector.

Why? Regardless of what Trumpland claims, America is really, really good at higher education.

Sure, even in spite of the damage Trump has caused to US credibility, the US retains a lot of ways to coerce its, um, friends and allies. Trump and Bessent will have a showy meeting with Japan today — a Japan that might be behind the recent US bond sell-off.

But to get just a sense of the degree to which a lot of US coverage treats the US as the sole protagonist of this story, compare this really fascinating interview with Ursula Von der Leyen.

Sure, like US sources, she brags about the friends that keep calling, coyly denying she’s now the leader of the free world while assuming that mantel.

ZEIT: You have just given the question of whether you are the new leader of the Western world a wide berth. But don’t you have to accept that Europe – the EU, with you at its head – has recently become the most important guarantor of Western values in the world?

Von der Leyen: The West as we knew it no longer exists. The world has become a globe also geopolitically, and today our networks of friendship span the globe, as you can see in the debate about tariffs. A positive side effect is that I am currently having countless talks with heads of state and government around the world who want to work together with us on the new order. This is true from Iceland to New Zealand, from Canada to the United Arab Emirates, as it is for India, Malaysia, Indonesia, Philippines, Thailand, Mexico, and South America. Right now, I could have these conversations 24 hours a day. Everyone is asking for more trade with Europe – and it’s not just about economic ties. It is also about establishing common rules and it is about predictability. Europe is known for its predictability and reliability, which is once again starting to be seen as something very valuable. On the one hand, this is very gratifying; on the other hand, there is also of course a huge responsibility that we have to live up to.

But then, amid questions about whether Europe — the lever that Bessent imagines he’ll use against China — remains friends with the US, Von der Leyen describes “reality [as] a strong ally.”

ZEIT: You have said that you are still friends with America. The problem is, of course, that the Americans are not friends with themselves. Most don’t seem to like Europe very much either. So, what is the US: a friend, a former friend, an opponent?

Von der Leyen: I’m not a fan of these kinds of classifications. There are millions of transatlantic friendships and economic, private and cultural ties that have grown over decades, and you can’t put a label on them. Right now, our relationship with each other is complicated. What is crucial in this situation is that we Europeans know exactly what we want and what our goals are. So, then we are very well placed to deal with the Americans, because they are pragmatic and open and understand clear language well.

ZEIT: The tariff conflict with the US seems to escalate and abate, and we have to wonder what on earth the basis for the negotiations is.

Von der Leyen: Reality is a strong ally. I keep pointing out how much prosperity on both sides of the Atlantic has been created by trade and that tariffs are actually like taxes on businesses and consumers. There are four points that are important to us. The first is that we are seeking to negotiate a solution. In parallel to the negotiations, we are developing countermeasures that focus on trade in both goods and services. All options are on the table. The second point is that we must be very vigilant that Chinese goods do not flood our market now because of the trade war between the US and China. So, we have protective measures in place there. The third point is that we need to build new partnerships and establish broader trade relations. The fourth point is that we need to get rid of the barriers in the single market and deepen and harmonise it.

Then, after reiterating a threat against US digital services that you should click through to read, Von der Leyen contrasts European solidarity with America’s bro culture, the same bro culture that aims to destroy US universities and tourism.

Von der Leyen: Yes, I think people have realised that in times of crisis, solidarity within a strong community is something truly precious, and has helped everyone navigate serious crises better. So whenever we overcome a crisis, this is also a victory for Europe and the European ideal. May I sing Europe’s praises?

ZEIT: Absolutely. To my knowledge, self-exaltation isn’t banned under the European Constitution.

Von der Leyen: Europe is still a peace project. We don’t have bros or oligarchs making the rules. We don’t invade our neighbours, and we don’t punish them. On the contrary, there are twelve countries on the waiting list to become members of the European Union. That’s about 150 million people. In Europe, children can go to good schools however wealthy their parents are. We have lower CO2 emissions, we have higher life expectancy. Controversial debates are allowed at our universities. This and more are all values that must be defended, and which show that Europe is more than a union. Europe is our home. And people know that, people feel that.

There is posturing all around. But Von der Leyen looks so much more like a grown-up than Scott Bessent and his imaginary friends.

It’s not just me saying that.

Even some of Trump’s closest friends question whether Trump and Bessent have any.

While both equally destructive, Trump’s efforts to destroy America’s educational and scientific leadership are at odds with his attempt to gain some advantage out of destroying global trade.

As a result, Donald Trump has left poor Scott Bessent with increasingly imaginary friends.

Share this entry

The List of Rules Marko Elez Didn’t Sign

/29 Comments/in /by

One of the lawsuits in which it was recently disclosed that DOGE boy Marko Elez emailed information with Personally Identifiable Information to two people at GSA (which I also wrote about here) is one in which Public Citizen is representing AARP in a Privacy Act claim against Treasury. [docket]

The government provided it in that case amid a discovery dispute, mostly as a courtesy because they were filing it in New York. But it contributed to a request for more information about what the hell Marko Elez was up to.

On February 18, Colleen Kollar-Kotelly ordered the government to file any Administrative Record behind the decision to give DOGE access to Treasury. The government squawked about that order, but after plaintiffs noted that the real decision maker in this case was Treasury Secretary Scott Bessent, not the people who had submitted declarations, Judge Kollar-Kotelly ordered those submitted, which the government provided — as a 215 page exhibit — on March 10.

On March 14 — the same day Treasury disclosed Elez’ mailed files to GSA — they supplemented that record. Some of the new documents appear to include some of the details Treasury gathered as they tried to figure out what Elez had done with his access.

That includes this data, showing that when someone first tried to give Elez access to the Top Secret Treasury Mainframe, they equivocated about whether to give Elez read only (the message on January 30) or read-write (the message the next day); at the time he appears to have been granted interim Secret, not Top Secret, clearance.

The main exhibit in the Administrative Record includes a spreadsheet showing what access he was supposed to have as of February 1, reflecting the sandboxed access described in earlier filings. It doesn’t reflect this read-write access.

Plaintiffs are also interested in Elez’ access during a late January trip to Kansas City, which has never been addressed in the declarations in this case.

What plaintiffs didn’t ask about (though they do ask for backup) is the letter sent on February 5 asking Elez to please sign the rules that go along with the Fiscal Service laptop Elez used to access Treasury networks.

Those rules include the following:

  • Use Fiscal Service data, equipment, and IT systems properly and follow laws, regulations, and policies governing the use of such resources (Base Line Security Requirements, (BLSRs), Treasury Information Technology Security Program (TD-P 85-01), the Treasury Security Manual (TD-P 15-71), and Fiscal Service Policies).
  • Protect Fiscal Service data, equipment and IT systems from loss, theft, damage, and unauthorized use or disclosure. Secure mobile media (paper and digital) based on the sensitivity of the information contained.
  • Use appropriate sensitivity markings on mobile media (paper and digital).
  • Promptly report any known or suspected security breaches or threats, including lost, stolen, or improper/suspicious use of Fiscal Service data, equipment, IT systems, or facilities to the IT Service Desk at 304-480-7777.
  • Do not attempt to circumvent any security or privacy controls.
  • Logoff, lock, or secure workstation/laptop to prevent unauthorized access to Fiscal Service IT systems or services.
  • Do not read, alter, insert, copy, or delete any Fiscal Service data except in accordance with assigned job responsibilities, guidance, policies, or regulations. The ability to access data does not equate to the authority to access data. In particular, Users must not browse or search Fiscal Service data except in the performance of authorized duties.
  • Do not reveal any data processed or stored by Fiscal Service except as required by job responsibilities and within established procedures.
  • Do not remotely access Fiscal Service IT systems unless authorized to do so, such as an approved telework agreement authorizing remote access over the bureau’s VPN software.
  • Do not transport or use Fiscal Service data or equipment outside of the United States or US Territories without written approval from the CSO or CISO.
  • Do not connect Fiscal Service equipment to or access a Fiscal Service IT system from a foreign network without written approval from the CSO or CISO.
  • Do not install or use unauthorized software or cloud services on Fiscal Service equipment.
  • Take reasonable precautions to prevent unauthorized individuals from viewing screen contents or printed documents.
  • Do not open e-mail attachments, or click links, from unknown or suspicious sources.
  • Be responsible for all activities associated with your assigned user IDs, passwords, access tokens, identification badges, Personal Identity Verification (PIV) cards, or other official identification device or method used to gain access to Fiscal Service data, equipment, IT systems, or facilities.
  • Protect passwords and other access credentials from improper disclosure. Do not share passwords with anyone else or use another person’s password or other access credential such as, but not limited to, someone else’s PIV card.
  • Use only equipment and software provided by Fiscal Service or that has been approved for use by Fiscal Service’s CIO or designee to conduct Fiscal Service business.
  • Provide non-work contact information to the bureau to facilitate emergency communications.
  • Comply with Fiscal Service social media policy, including restrictions on publishing Fiscal Service information to social media and public websites. [my emphasis]

One of these rules, about not revealing data processed by Fiscal Service, would seem to apply to his sharing of information with GSA.

There’s no evidence Elez ever did sign those rules. Instead, he quit — and, without evidence, the entire world has assumed he quit because he was revealed to have made racist comments on social media.

It’s not yet clear what happened; perhaps it’ll become more clear if plaintiffs get discovery. But by all appearances, on Scott Bessent’s authority, someone at least considered giving a guy only cleared to the Secret level Read/Write access to Treasury’s Top Secret Mainframe, without first making sure he had signed a list of rules about altering or copying data.

And then he left.

Update: I’ve tweaked this reflecting the comment below that the Mainframe may be called Top Secret, without actually being classified Top Secret.

Update: Judge Kollar-Kotelly did grant more limited discovery. That includes most, but not all, details plaintiffs wanted about Elez’ email:

9. With respect to the email sent by Marko Elez referred to in paragraph 12 of the declaration of David Ambrose, ECF 48-2:

a. identify each addressee, including any cc’s or bcc’s.

b. state the date on which the email was sent.

c. identify each individual, if any, who authorized or directed Mr. Elez to send the email.

d. identify the Bureau Systems from which the Personal Information contained in the email or the attached spreadsheet was obtained.

[removed]

f. describe the nature of the information that was transmitted, including whether the information relates to the USAID files that Mr. Elez copied, as noted in paragraph 18 of Joseph Gioeli’s declaration, ECF 24-2.

Share this entry

Marko Elez “Resigned” the Day His Write Access to Payment Systems Was Discovered

/41 Comments/in , , /by

According to the currently operative story, Marko Elez — the DOGE [sic] boy who had source code for Treasury’s payments system — resigned in response to a query from WSJ reporter Katherine Long about his social media posts in support of

A key DOGE staff member who gained access to the Treasury Department’s central-payments system resigned Thursday after he was linked to a deleted social-media account that advocated racism and eugenics.

Marko Elez, a 25-year-old who is part of a cadre of Elon Musk lieutenants deployed by the Department of Government Efficiency to scrutinize federal spending, resigned after The Wall Street Journal asked the White House about his connection to the account.

“Just for the record, I was racist before it was cool,” the account posted in July, according to the Journal’s review of archived posts.

“You could not pay me to marry outside of my ethnicity,” the account wrote on X in September. “Normalize Indian hate,” the account wrote the same month, in reference to a post noting the prevalence of people from India in Silicon Valley.

After the Journal inquired about the account, White House spokesperson Karoline Leavitt said that Elez had resigned from his role.

But that belief is only based on correlation, not any proof of causation. Long asked about posts that are in no way exceptional for the far right boys Elon has infiltrated into the government. And Elez resigned that same day.

Sure, Elon implied that Elez quit because the boy’s far right ideology was exposed — he led a campaign for his reinstatement. That campaign — and JD Vance’s support for it — similarly led a lot of people to believe that Elez had been reinstalled at Treasury. But multiple court filings claim that Elez resigned and never came back, at least not to Treasury.

In fact, there are two things that might provide better explanations than the discovery that like Elon himself, Elez is a racist.

As WSJ itself notes, Elez resigned the same day that Colleen Kollar-Kotelly ordered that Elez, then still identified as a Special Government Employee, be granted only read-only access to Treasury’s networks. Once Elez no longer worked for the defendants in that case — starting with Scott Bessent — then any access he had would be exempted from the order.

More importantly, as a court filing submitted yesterday reveals, Elez’ resignation happened the same day that Treasury discovered Elez’s Bureau laptop, “had mistakenly been configured with read/write permissions instead of read-only.” The filing is a declaration from Joseph Gioeli, who has been employed as the “Deputy Commissioner for Transformation and Modernization in the Bureau of the Fiscal Service” since 2023 and is a civil servant first hired in the first year of Trump’s first term.

His declaration describes how the 4-6 week “payment process engagement plan” initiated (per Thomas Krause) on January 26 required giving Elez risky access to payment systems. Gioeli describes how they tried to mitigate those risks.

11. The scope of work as envisioned in the engagement plan required access to Fiscal Service source code, applications, and databases across all these Fiscal Service payment and accounting systems and their hosting environments. This broad access presented risks, which included potential operational disruptions to Fiscal Service’s payment systems, access to sensitive data elements, insider threat risk, and other risks that are inherent to any user access to sensitive IT systems. In light of these risks, BFS and Treasury Departmental Office employees developed mitigation strategies that sought to reduce these risks.

12. These measures included the requirement that Mr. Elez be provided with a BFS laptop, which would be his only method of connecting to the Treasury payments systems, both in connecting with the source code repository and for his read-only access of the systems. He had previously been provided a Treasury laptop from the Department shortly after he onboarded, but due to Bureau security policy, that device was restricted from accessing the BFS systems and services he had requested. BFS used several cybersecurity tools to monitor Mr. Elez’s usage of his BFS laptop at all times and continuously log his activity. Additionally, the Bureau enabled enhanced monitoring on his laptop, which included the ability to monitor and block website access, block the use of external peripherals (such as USB drives or mass storage devices), monitor any scripts or commands executed on the device, and block access to cloud-based storage services. Additionally, the device contained data exfiltration detection, which alerts the Bureau to attempts to transmit sensitive data types. The laptop is also encrypted in accordance with Bureau policy, which, if the laptop were stolen or lost, would prevent unauthorized users from accessing data contained within the laptop.

13. Additional mitigation measures that were adopted included that Mr. Elez would receive “read-only” access to the systems, and that any reviews conducted using the “read-only” access would occur during low-utilization time periods, to minimize the possibility of operational disruptions. While providing a single individual with access to multiple systems and data records accessed here was broader in scope than what has occurred in the past, this read-only approach is similar to the kind of limited access the Bureau has provided to auditors for other Treasury non-payment systems, though even in those scenarios the availability of production data was significantly limited. [my emphasis]

Gioeli goes on to describe how, starting on February January 28, the Bureau gave Elez source code in a sandbox environment.

16. On January 28, 2025, the Bureau provided Mr. Elez with the Bureau laptop and with copies of the source code for PAM, SPS, and ASAP in a separate, secure coding environment known as a “secure code repository” or “sandbox.” Mr. Elez could review and make changes locally to copies of the source code in the cordoned-off code repository; however, he did not have the authority or capability to publish any code changes to the production system or underlying test environments. This repository was separate from Fiscal Service’s typical code development environment, and unlike the usual code development environment, this new repository was segmented, to ensure that no changes to the operative source code could be made. [my emphasis]

Then, six days after giving him that sandbox access, using the same laptop, they gave him read-only access to first two and then one more systems.

17. On February 3, 2025, consistent with the engagement plan and mitigation measures developed, Mr. Elez was provided with read-only access, through his Bureau laptop, to the certain BFS systems. The read-only access that Mr. Elez was provided gives the user the ability to view and query information and data but does not allow for any changes to that information and data within its source system. While this reduces risk, it does not fully eliminate the risks identified in the assessment (for example, the risk of overburdening the system with a complex read-only query). Specifically, Mr. Elez was provided read-only access to the Payment Automation Manager (PAM) Database, Payment Automation Manager (PAM) File System, and, subsequently on February 5, the Secure Payment System (SPS) Database.

After he got that access, per a review of the logs, Elez copied some files from the active database onto his Bureau laptop, on which he had the source code.

18. ISS configured his network access and assisted him in setting up the necessary tools to connect to the PAM database on February 3. His access was closely monitored by multiple BFS administrators throughout the process on February 3. That same day, he received a “walk-through” demonstration of two BFS payment systems, the PAM database and the PAM file system (the system that controls the payment file “landing zone” discussed above), to see how the systems worked. He logged in with his read-only access to these systems on February 3 during this “walk-through” demonstration. The Bureau is in the process of reviewing the logs of Mr. Elez’s activity on his Bureau laptop, and this review remains ongoing. Based on the preliminary log reviews conducted to date, it appears that on February 3, Mr. Elez copied two USAID files directly from the PAM database to his BFS laptop; on February 4 and 5, Mr. Elez accessed the PAM file system; and on February 5, Mr. Elez accessed the PAM payment processing database. These activities are consistent with the read-only access that Mr. Elez was provided and did not change or alter any BFS payment system or record within their source systems. As noted, reviews of Mr. Elez’s work are still actively occurring; I do not have any more detail to provide at this time about his activities with respect to PAM. [my emphasis]

Then, on February 5, Elez got access to the payment system itself — again, with the same laptop on which he had source code.

19. Due to scheduling constraints, Mr. Elez was unable to meet with Bureau personnel to set up his access to the SPS database until February 5. On that date, lSS held a virtual walk-through session to help him to connect to the SPS database. He accessed this database exclusively under the supervision of Bureau database administrators in a virtual walkthrough session. According to the preliminary review of logs the Bureau has conducted to date, it appears Mr. Elez accessed the SPS database only once during that walk-through demonstration on February 5. It does not appear that he accessed the database again. As part of the ongoing review, additional log reviews are currently underway to confirm this. Mr. Elez never logged into ASAP, CARS, or ITS.gov, as technical access to those systems was never established for him. [my emphasis]

The next day, “it was discovered” (Gioeli does not say by whom, which means we’re not seeing a declaration from that person) that Elez actually “had mistakenly been configured” with read/write access, rather than “read only.”

20. On the morning of February 6, it was discovered that Mr. Elez’s database access to SPS on February 5 had mistakenly been configured with read/write permissions instead of read-only. A forensic investigation was immediately initiated by database administrators to review all activities performed on that server and database. The initial investigation confirmed that all of Mr. Elez’s interactions with the SPS system occurred within the supervised, walk-through session and that no unauthorized actions had taken place. His access was promptly corrected to read-only, and he did not log into the system again after his initial virtual over-the-shoulder session on February 5. To the best of our knowledge, Mr. Elez never knew of the fact that he briefly had read/write permissions for the SPS database, and never took any action to exercise the “write” privileges in order to modify anything within the SPS database—indeed, he never logged in during the time that he had read/write privileges, other than during the virtual walk-through – and forensic analysis is currently underway to confirm this. [my emphasis]

Throughout his declaration, Gioeli stresses that they’re still investigating whether Elez did something unauthorized with his access.

21. As noted above, the Bureau used several cybersecurity tools to monitor Mr. Elez’s usage and continuously log his activity. While forensic analysis is still ongoing, Bureau personnel have conducted preliminary reviews of logs of his activity both on his laptop and within the systems and at this time have found no indication of any unauthorized use, of any use outside the scope that was directed by Treasury leadership, or that Mr. Elez used his BFS laptop to share any BFS payment systems data outside the U.S. Government.

And his declaration stops short of saying that some mitigation techniques were used. For example, Gioeli says that the enhanced monitoring on Elez’ Bureau laptop had the ability to “block the use of external peripherals (such as USB drives or mass storage devices)” and access to the cloud, but it doesn’t say whether those functionalities was used.

Plus, Gioeli’s declaration makes it clear that they have’t involved Elez in any review of his access. No one has asked Elez, for example, whether he knew he had write access to the payment system.

Similarly, in an earlier declaration submitted in the parallel DC case, Thomas Krause gave a very couched answer about whether Elez had has any ongoing access.

I currently have no reason to believe Mr. Elez retains access to any BFS payment data, source code, or systems.”

Did anyone think to ask the guy? Does anyone know where that guy is? Are you going to interview him? Or is someone deliberately trying to keep him from being questioned further?

Worse still, Thomas Krause declaration submitted in the NY case doesn’t even say that Elez has left Treasury — only that he has resigned from the role of, “working closely with engineers at the Bureau of the Fiscal Service (BFS) on information technology (IT) matters in service of BFS’s mission to promote financial integrity and operational efficiency of the federal government through accounting, financing, collection, payment, and other relevant BFS services.”

On February 6, 2025, Mr. Elez submitted his resignation from this role. On that same day, he turned in his Treasury laptop, BFS laptop, access card, and other government devices; his BFS systems access was terminated; and he has not conducted any work related to the BFS payment systems since that date.

Elez was made a Treasury employee — contrary to early reports, he was not a SGE. That may make it easier to shuffle him off somewhere else.

What Gioeli describes is the panic that ensues when a guy who had high level access quits unexpectedly. And to date, we’ve never been given a formal explanation of why he quit — or whether he was asked to do so. We certainly can’t reconcile the claims that he has been reinstated with claims that he’s not doing what he was doing at Treasury.

Everyone has always assumed that Elez quit because his racism was discovered. But given the timeline, we can’t rule out that he quit because of the access concerns (and ongoing investigation) at Treasury.

Timeline

January 21: Elez hired.

January 23: Krause hired.

January 26: Treasury focuses on USAD. Treasury also adopts a 4-6 week engagement plan.

January 28: Bureau provides Elez with Bureau laptop copies of the source code for PAM, SPS, and ASAP in sandbox.

January 31: Treasury focuses on TAS codes; Elez assists in “automating” manual review of payments. “A high-ranking career official at Treasury also raised the issue of risks from DOGE access in a memo to Treasury Secretary Scott Bessent.”

February 3: Treasury gives Elez access to PAM. Booz threat contractor delivers report warning of grave insider threat.

February 5: Treasury gives Elez access to SPS, the payment system.

February 6 (afternoon): Elez resignation.

February 7: Treasury flags but then approves four payments. WaPo publishes story about Booz report and Booz contractor is fired.

February 8: Paul Engelmeyer limits Krause’s access.

February 10: Millenium Challenge Corporation submits, but then requests not to process, a payment.

Documents

Opposition to Stay

Thomas Krause Declaration: Describing the plan to use technology to provide more oversight over payments (citing three Biden-era GAO reports, not anything DOGE has discovered).

Vona Robinson Declaration: Describing that the only payment that has been intercepted at Treasury was a payment to the Millenium Challenge Corporation.

Michael Wenzler Declaration: Describing the hiring, employment status, revisions thereof, of Thomas Krause and Marko Elez, and also confirming Elez’ resignation from Treasury.

Joseph Gioeli Declaration: Describing the circumstances of Elez’ access and the investigation into what he did with it.

Share this entry