By Cynthia Hetherington

This past year has brought about a great deal of change in due dili­gence requirements for compliance regulations. The Committee on Foreign Investment in the United States (CFIUS) saw the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA) signed into law. CFIUS and FIRRMA didn’t capture as much attention as the European Union’s GDPR, but the impact on U.S. businesses is signifi­cantly more involved for open source investigators.

Our research efforts deconstruct foreign investors to address the “growing national security concerns over foreign exploitation of certain investment structures” who are investing into U.S.-based interests. If the investors don’t qualify, they will lose their opportunity. This work brings the best of what we investiga­tors do into clear focus, as it requires expert due diligence efforts for nation­al security. This is not the only due dili­gence requirement; states also have their own requirements.

In this 4-part series, we provide information on banks and financial institutions, business entities, non-profits, and franchises, so that when you conduct due diligence for your clients, you know you’re dotting all the i’s and crossing all the t’s. This week, we review key searches for non-profits and franchises. 

Searching Non-Profits

Private foundations, charities, non-profits, churches, hospitals, schools, or publicly-supported organizations are subject to special considerations regarding federal taxes. These entities file different forms with the IRS, and all must contribute detailed financial and member information, which can be a great asset for the online intelligence investigator.

The information regarding officers and the financials in a non-profit organ­ization is completely transparent in the Form 990, an annual report that certain federally tax-exempt organizations must file with the IRS. Form 990 provides information on the filing organization’s mission, programs, finances, and beyond. For example, on Part 8 of the Form all the trustees are listed, which can be a great investigative lead.

Searching these entities at the state level is much like searching the for-prof­its entities, but these online sources can actually provide added depth to investi­gators and researchers. Whether you are looking to reveal experts in the field, local interests to a region, or the finan­cial participation of a particular founda­tion, these organizations can open a number of investigative leads. Finding out what organizations or affiliations a person belongs to can give insight into that person’s character. Categories can include religious, athletic, health, child-focused, or specific-interest areas (for example, there are two non-profit asso­ciations dedicated solely to avocados).

Searching Franchise Records

Franchises are regulated by both the Federal Trade Commission (FTC) and by state regulatory agencies. (See Blue Sky Laws.) If the franchise involves a public offering, then records may also be in the SEC database.

A key public records document asso­ciated with a franchise is the Uniform Franchise Offering Circular (UFOC). Usually this document may be obtained from a state agency or from a vendor, but not the FTC. The International Franchise Association (IFA) is a great resource of in-depth informa­tion about franchising and finding Franchise Members by topic or service.

Summing It Up

New compliance and regulatory laws are constantly evolving. An investigator needs to keep abreast of any changes that may affect due diligence compliance. In many cases, the investigator learns about these laws before a company does, creating new opportunities for you to offer clients improved services.

Are you an analyst or investigator looking for advanced training on enhanced due diligence compliance? If so, check out Hg’s webinar series, where you can attend live sessions and receive CEUs or watch previously recorded sessions to beef up your OSINT skills.


In today’s global marketplace, investors are faced with multi-national compliance regulations. As veteran investigators in enhanced due diligence, Hetherington Group understands the business world and the legal and regulatory frameworks in which corporations and privately held companies operate.  Learn how our team can help you mitigate risk at home and abroad.



Cynthia Hetherington, MLS, MSM, CFE, CII is the founder and president of Hetherington Group, a consulting, publishing, and training firm that leads in due diligence, corporate intelligence, and cyber investigations by keeping pace with the latest security threats and assessments. She has authored three books on how to conduct investigations, is the publisher of the newsletter, Data2know: Internet and Online Intelligence, and annually trains thousands of investigators, security professionals, attorneys, accountants, auditors, military intelligence professionals, and federal, state, and local agencies on best practices in the public and private sectors.