Our weekly hack for those in the field doing the work & digging up critical intel.
The ability to uncover information on the internet is the primary skill of an online investigator. There are hundreds of thousands of surface, deep, and dark websites, but which are most pertinent to your unique case? Do you know how to utilize Google to its full potential? With new social media platforms coming online at a rapid pace, capturing leads and evidence in social media networks is more complex than ever. Do you know the latest tools of the trade?
Hg’s OSINT Tips of the week provides you with the latest intel how to be most effective in our tradecraft. We are always looking for new tools, so don’t hesitate to let us know if you have one you’d like reviewed in a future post!
This week, we provide a list of useful compliance resources.
Housed within the U.S. Department of Commerce, the Bureau of Industry & Security’s tagline is “Where Industry and Security Intersect.” Its mission reads: Advance U.S. national security, foreign policy, and economic objectives by ensuring an effective export control and treaty compliance system and promoting continued U.S. strategic technology leadership. The Bureau’s website offers a plethora of resources for the compliance investigator, include the Denied Persons List (A list of individuals and entities that have been denied export privileges. Any dealings with a party on this list that would violate the terms of its denial order are prohibited. See Section 764.3(a)(2) of the EAR.); the Entity List (foreign parties prohibited from receiving some or all items subject to the EAR unless the exporter secures a license due to posed risks of diverting weapons of mass destruction and terrorist activities); the Unverified List; Military End User List (named parties represent an unacceptable risk of use in or diversion to a ‘military end use’ or ‘military end user’ in China, Russia, or Venezuela); and the Consolidated Screening List (a searchable and downloadable file that consolidates export screening lists of the Departments of Commerce, State and the Treasury).
Often, if your subject has sanctions, is a money launderer, or a known terrorist, you will quickly find the red flags. While there are powerful paid resources such as Lexis-Nexis World Compliance or Thomson Reuter’s World-Check which offer verified sources for regulatory and compliance checks, NameScan offers some free compliance checks. Namescan is powered by Member Check Pty Ltd, an online compliance service. NameScan states they are partners with Thomson Reuters and the Australian-based Neurocom Group on their Website. Their free searches include Politically Exposed Persons (PEP), Global Sanction and Office of Inspector General, and U.S. Department of Health & Human Services. Note, Namescan includes the following disclaimer, “The free PEP Check is based on a limited collection of publicly available, open source data, which has not been vetted.” Their premium paid service will run these same searches directly against the Thomson Reuters World-Check database.
The Office of Foreign Assets Control (OFAC) provides a searchable Sanctions List database, that features a “Minimum Name Score” function allowing for potential matches based on closeness to misspellings, etc. Search by type, name, ID#, Program, Address, City State and Province. OFAC recommends that users should keep an eye on program codes for returned records, as they identify how a “true hit” should be treated. The website notes that it is a resource tool not to be used as a substitute for “undertaking appropriate due diligence.
The World Bank helps investigators keep on top of ineligible firms and individuals across the globe. Its website provides a database, updated every 3 hours, of Debarred Firms and Individuals. The database includes the firm’s name, address, country, ineligibility period, and grounds (including Fraudulent and Corrupt Practices, Fraudulent and Collusive Practices, Controlled Affiliate of a Sanctioned Party, and Cross Debarment: ADB). World Bank informs the user that the Chrome Browser makes for the best user experience. If you haven’t used the site for a time, it’s important to note that as of January 1, 2021, the sanctionable practice can be found in the “Grounds” column.
Have an OSINT tip for us? Contact us, and we will consider reviewing it in future posts!
Are you an analyst or investigator looking for advanced OSINT & SOCMINT training? If so, check out Hg’s webinar series on social media investigative training, where you can attend live sessions and receive CEUs or watch previously recorded sessions to beef up your investigative skills.