Putting the “Intelligence” back into AI :

Artificial Intelligence (AI) has transformed our daily lives to drive better customer experiences, from connected home devices to retail experiences. But what will it take to unlock the power of AI in the commercial due diligence process?

| 1 in 3 said the ability to harness the information with data analytics would help to accelerate the due diligence process (Merrill).

However, despite AI applications becoming crucial in M&A in the coming years, those working within the sector may feel in the dark about its true benefits and limitations.

Machine learning (ML) is an application of AI technology that has provided sectors with invaluable insight. For example, in fraud prevention and AML processes, ML can increase the accuracy and speed in which fraudulent activity is flagged and processed.

What are the limitations and opportunities?

Training ML platforms and human intervention is a problem often raised, as well as algorithmic bias, overestimating capabilities, and reputational risk. Hence, with all the benefits and wonders of AI, it still needs to be coupled with the human touch to fully appreciate and aid its applications.

So how can AI benefits be unlocked without compromising data reliability or losing the human cognitive function? Well, combining these factors can allow humans (for all our faults) to supplement AI and ML to remove false positives and provide contextual analysis. AI should complement, not supersede the current decision-making processes.

Providing a whole greater than the sum of its parts61% of M&A professionals expect technology to change due diligence by supporting deeper analytical capabilities. An intelligence cycle that combines Open Source Intelligence (OSINT), Natural Language Processing (NLP), and human analytics, is powerful.

However, a full switch to AI may not be favourable. Instead, finding a hybrid process which combines technology with human intelligence can drive deeper insights, and faster, more informed decisions for a competitive edge.

Contact us today to find out how you can leverage AI for more informed risk-based decisions.

Passport programme in the Pacific faces criticism

The citizenship programme in Vanuatu was launched in 2016 and since then, it has raised more than $200 million in government revenue. 1,800 passports were handed out in 2018 alone and the scheme generated a THIRD of government revenues last year. But what has the fallout been?

Concerns have been raised over inadequate due diligence measures and lack of screening of applicants, which could ultimately undermine visa-free access Vanuatu enjoys with the EU. Under Vanuatu’s scheme, successful applicants can become citizens within a matter of months, and there’s no requirement to reside in the country or even to set foot on Vanuatu soil at all.

The job of screening an applicant’s criminal and financial backgrounds is performed by the Government’s Financial Intelligence Unit. In this week’s story published in the FT, Vanuatu’s minister for foreign affairs commented:

We are getting some negative implications as a result of the lack of due diligence on applicants to get citizenships, which is affecting our bilateral relations with other countries”.

The review of the programme comes amid wider worries in the west over Chinese influence in the Pacific.

Spotlight was also previously placed on Vanuatu when six Chinese nationals were arrested and deported back to China at the request of Beijing law enforcement officials. The group was allegedly running an online financial scam targeting people back in China. Of the group, four had successfully applied for Vanuatu citizenship and obtained passports.

Earlier this year, Vanuatu’s founding president Sokomanu commented:

“We achieved our name and now put it on sale and people are coming in and we don’t know [who] we’re inviting”.

The passport granted through the Vanuatu scheme provides visa-free access to 129 countries, including the EU. This more cautious sentiment is not limited to Vanuatu nor will it be the only passport scheme under increasing scrutiny. The Balearics for instance want an end to the ‘Golden Visa’ scheme, citing that some of the money may have a ‘dubious origin’.

With the world’s heads increasingly turned towards passport and visa schemes, we would argue that there is a huge risk of not knowing who the applicants really are or where their money really comes from. Due diligence measures that delve deeper (into the applicants’ source of funds and networks for instance) on a case by case basis are going to help government officials make informed decisions. In the case of Vanuatu, it may all be too little too late.

Data Driven FCA

As we approach the anniversary of the FCA’s first published set of aggregated results, it is a good time to review what that means for risk managers across the UK and Europe.

Based on its annual financial crime survey of over 2,000 firms, firms may find the insights helpful as the data enables a comparison of their own management information against industry-wide trends and averages reported in the survey. Since 31 December 2016, the FCA has required over 2,000 firms subject to the UK Money Laundering Regulations, including all UK banks and building societies, to submit an annual financial crime data return.

The report identified that the respondent firms had a customer base of approximately 549m relationships in total.  Of these 120,000 involved ‘politically exposed persons’ (PEPs), just 0.02% of total customers, with 1.6m other ‘high-risk customers’ (an overall share of 0.29% of total customers).  While these percentages may be a small share of overall relationships their importance should not be underestimated.

It is possible that the FCA could use this industry-wide data to target firms for additional supervision in terms of AML controls. For instance, the FCA could focus on an individual firm with high-risk or PEP customer shares exceeding these industry-wide averages, such as Wealth management firms or, on the other hand, target those falling significantly below what might be expected for a firm of that size (and therefore potentially evidencing inadequate identification of high-risk customers). Adequate identification and management of high-risk customers has remained a key focus in the FCA’s 2017/18 annual report.  Enforcement activity taken in June 2018 against Canara Bank is just one example…

The challenge then is one of multiple layers.  As well as ensuring a culture of compliance there is the need to carefully apply budgets and resources to the high volume of clients and transactions that may become an issue as well as the high risk clients that need closer supervision.

The Money Laundering Reporting Officers within the surveyed firms handled 923,000 internally escalated suspicious cases in the 12-month reporting period. Following investigations, 363,000 suspicious activity reports (almost 40%) were then filed externally by firms with the UK National Crime Agency (the NCA), together with over 2,100 terrorism-related suspicious activity reports.  Only a small percentage (approximately 1%) of SARs filed with the NCA resulted in the NCA taking enforcement action.  This perhaps indicates ‘over reporting’ within the sector but the OECD has criticised the UK for the low level of corruption enforcement activity resulting from the current SARs regime. Given the large volume of SARs filed on a daily basis, and many being of ‘low quality’, investigation authorities face a challenge in detecting where the real risks lie.

In relation to country risk, the top 5 countries most often classified as ‘high risk’ by surveyed firms based on the risk of financial crime were Iran, Panama and Russia, Iraq and Laos.  The FCA emphasised that the industry rankings of country risk based on the survey results do not reflect the FCA’s views given that some firms may not have performed a risk assessment of certain jurisdictions. Despite this caveat, when viewed alongside other publicly available indexes such as Transparency International’s Corruption Perceptions Index, firms may find this useful guidance on the general views taken by their peers on country risk.

Rogue customers are perceived to be the principal perpetrators of crimes such as application fraud, insurance fraud, mortgage fraud and loan repayment fraud. Employees are similarly believed to be behind most expenses fraud and situations where fraud results from a person abusing a position of trust.

As data improves to better identify the risk so do the tools available to manage the risk.  At Neotas we utilise AI, machine learning, natural language processing and skilled analysts to ensure that enhanced due diligence is faster and more insightful than ever before.  Zero false positives, comprehensive use of surface, deep web and social media content, unlimited timelines (not just a 3 year news search!) and a number of other technological advantages ensure that our clients are better informed, and thereby more compliant than ever before.

Contact us today!

A Stewards Enquiry for Investment Due Diligence?

On Wednesday 22 May, Neotas hosted a networking evening with clients, peers and partners from across the Investment and M&A world. The evening began with an engaging panel discussion led by guest panellists, Dr. Mike Hicks of Catalysis Advisory, Carrie Osman of Cruxy & Company, and Nicholas Nicolaides of Symvan Capital. Our panellists brought unique viewpoints to the table and it was quickly apparent that parallels can be drawn between investment decisions, deal due diligence, and horse racing! So what’s the consensus on backing the jockey or the horse; or is it a combination of both? And what can we learn about deal due diligence in the digital era?

For Investment and M&A leaders, decisions are informed by insights into the company (“the horse”), including its age, network and form, the past performance and previous wins of the management team (“the jockey”), and the market landscape (“the going”). Over 70% of those in the room last week raised their hand when asked “Do you back the jockey?”, suggesting there’s a welcome shift towards considering the behaviour, network and character of the founders of companies AND the company itself (for example, through traditional commercial and financial due diligence), to inform deal decisions on today’s competitive racetrack.

“Perceptions have been shifting slowly across the private equity investor world so that understanding management isn’t confined just to looking at top team personalities. Instead, managing risk and increasing value is seen to rest on harnessing all available data to inform business decisions, covering top executives, team effectiveness, organisational structures and processes, people capacity and capability in target/investee companies” – Dr. Mike Hicks, Catalysis Advisory

It’s as important as ever for firms to feel they have a tight grip on the due diligence reins, encompassing company networks, directorships, PEPs, sanctions, plus all other data that should be readily available in today’s digital era. Reputational risks and wrongdoings are quick to cross global borders and for investors looking at jurisdictions outside of their home countries, a more informed decision based on ALL available information is paramount.

“The futility of box-ticking in due diligence means you are leaving money on the table. You miss the nuances of each market environment or business model, and fail to see the true value which can be extracted post-investment. Market data and generic interviews only show half of the story – digging deep into the ‘why’ can find the hidden weapon that will get that market to pay double and maximise your return.”  Carrie Osman, CEO & Founder, Cruxy & Company

As we shared last week, there is a vast amount of untapped intelligence available across social media, deep and dark web, that can provide a valuable piece that completes the due diligence jigsaw. Management due diligence that harnesses publicly available sources online will identify reputational risks or concerns, provide deeper insights into the jockey (including network, behaviour and performance) and according to Nicholas Nicolaides, help to pinpoint the “unknown unknowns”…

“Management due diligence remains the weakest link in VC and PE deal assessment and completion processes. Beyond the usual checks, evaluating how the team can perform under pressure is far removed from evaluating how, for example, a tech stack will perform when exposed to high-write traffic. The approach to evaluation of management is changing and shifting away from over-reliance on box-ticking. We need to consider so much more in our processes and look for the unknown unknowns.” Nicholas Nicolaides, Investment Manager, Symvan Capital

There are of course a lot of unknowns in today’s climate, including the current political landscape in the UK. With a surge in technology driven start-ups disrupting various sectors, investors are turning their attention to the hubs that are home to these firms across the globe. In doing so, there is an inherent need for the right due diligence services to be available that take into consideration the jurisdictions in which these firms operate and a deeper understanding of the market environment.

Perceptions are definitely shifting with regards to investment due diligence and more specifically, management due diligence that delves deeper into the people behind the business. Is it a stewards enquiry? We don’t think so, as in today’s world, to make informed deal decisions, confidence in both the horse AND the jockey needs to be a by-product of the investment due diligence process. Gut feeling is still a factor, but why not reinforce and verify those decisions with deeper due diligence that is built for the investors of today?

With thanks to our attendees and guest panellists who joined us on Wednesday 22 May!

Want to stay in the know? SUBSCRIBE to our newsletter to receive exclusive insights & event invites.

Are you an investor? Get in touch to find out what how we can lower your investment risks today.

Public Faux Pas

One of the longest standing traditions in British politics is public faux pas, often in the form of controversial, ignorant or downright outrageous statements made by Members of Parliament. In the past, apart from the most egregious of quotes, MPs only had to survive the embarrassment of the weekly news cycle before their misstep faded from memory. Before the advent of social media, many of these comments probably never even saw the light of day. They could be made offhand without the worry of ever coming back to haunt them in the future.

Then along came Twitter. Politicians jumped at the chance to create a social media presence and tweet their thoughts and opinions to the world. Twitter was a perfect platform to bounce policy ideas off of the general public and get in plenty of political point scoring at the same time. Unfortunately for them, every terrible or ridiculous tweet was now a fixture in their profile’s history, publicly available for anyone to view, no matter how long ago it was posted.

In the last week alone, several politicians who have recently increased their political prominence have fallen afoul of old tweets resurfacing into the public spotlight. Brand new political party, Change UK, has seen two of its European Parliament candidates face intense scrutiny.

Within hours of Ali Sadjady’s unveiling as a candidate, an offensive tweet from November 2017 was uncovered, in which he commented on ‘Romanian pickpockets’. He has already resigned. Joseph Russo had only been Change UK’s lead candidate in Scotland for 24 hours when several offensive tweets from 2012 re-surfaced and started to do the rounds. He has also stepped down.

Whilst social media has become an invaluable part of modern politics, it has opened up a whole new avenue of potential pitfalls. It’s more important than ever for MPs, and others in the public spotlight, to be aware of their online reputation, the permanence of what they share online and how it can have serious repercussions on their professional image. A proactive attitude by political parties towards online reputation screening and social media checks could have mitigated their risk from the outset and saved the fall-out in the press.

Modern Slavery and human trafficking are some of the most widespread crimes in the world. An estimated 40.3 million people are victims of human trafficking, with 24.9m of these estimated to have been exploited for labour and 15.4m in forced marriage (according to the International Labour Organisation).

STOP THE TRAFFIK plays a central role in spreading awareness of modern slavery and putting in place effective crime prevention measures.

Intelligence-led prevention measures

Among the partners that are helping STOP THE TRAFFIK in its mission to prevent human trafficking, Neotas are playing a pivotal role through pro-bono analytical and advanced intelligence support. We are providing actionable intelligence that draws on insights from publicly available information.

We are applying the open source intelligence (OSINT) tools and techniques that we utilise every day to conduct in-depth due diligence. From network mapping across social media channels, to building out motivators and behavioural insights (of both victims and perpetrators), this intelligence-led approach aids the creation of effective awareness campaigns and the prevention of modern slavery.

The role of social media

Social media is increasingly becoming a part of our everyday life and enabling communication across borders, with an estimated 2.77 bn users in 2019. This means that it provides the same opportunity to traffickers and is often used to recruit their victims. Open source intelligence and social network analysis plays a central role in gaining an understanding of overall trends, hotspots and means used by traffickers.

As indicated by STOP THE TRAFFIK, this is crucial for the effective awareness campaigns that specifically target at-risk communities and individuals, using the power of OSINT for good.

Modern Slavery – Financial Crime

Collaboration with STOP THE TRAFFIK has enabled Neotas to support a charity that aims to make a real impact on the lives of millions of victims. While helping STOP THE TRAFFIK in its mission, it also serves as a reminder of modern slavery’s intrinsic ties to financial crime and illicit flows.

There is an increasing focus on tackling financial crime and preventing money laundering at an institutional level, going beyond regulatory compliance.  Implicit in this is the importance of pinpointing any risk factors across the supply chain and it calls for more collaboration from financial institutions, regulators and governmental bodies, and the wider ecosystem, to help combat financial crime at the source.

What’s next?

Our partnership with STOP THE TRAFFIK has proven to be both exciting and mutually enriching. To be able to have such a profound impact on the lives of those suffering from modern slavery is truly an inspiring thing.

With key projects already delivered, we look forward to continuing our partnership with STOP THE TRAFFIK and using the power of OSINT for good to try to prevent human trafficking.

Relevant Links

• Find out more about STOP THE TRAFFIK and their incredible work here
• Follow Neotas here for live updates on our partnership with STOP THE TRAFFIK
• Learn more about the intelligence delivered via our ORCA platform here

Is it time to get your act together online?

Recent news has covered a string of incidents involving public figures in relation to their activity online. Yesterday, an actress was fired by a TV soap series due to historic and offensive tweets. What she had shared on a computer screen led to the producers taking her off screen.  So in today’s world, how important is your digital reputation?

Not only is your online behaviour treated as a reflection of your real character, but it’s out there for all to see; not limited by location, audience or time zones. And it’s no different for celebrities and high-profile figures.

Emmerdale actress Shila Iqbal was fired by her employer given the nature of the tweets that were shared in 2013 when she was 19 years of age. This follows another case involving The Colour Purple actress being dropped from the musical over homophobic comments. The Australian rubgy player Israel Folauls is also to be sacked in relation to his homophobic and hateful social media outburst and refusal to accept the code of conduct for prominent sports figures such as himself.

Having since deleted her Twitter account, Ms. Iqbal issued sincere apologies, acknowledged that she was young but that “I, like everyone else, have a responsibility about the language I have used on social media as well as in conversation”.

“Your online digital reputation defines how people perceive you without ever having a single conversation with you” – Sylvie De Guisto, professional speaker

Celebrities and high-profile figures have to be mindful of their conduct and behaviour, as in this case and many similar, it can have far-reaching repercussions.

There are no exceptions in the online world: Social media influencers, footballers and prominent sports figures, politicians, CEO’s, and indeed all of us are all held accountable for our behaviour online and managing our reputational risk.

Companies are increasingly focused on their own digital reputations, encompassing the behaviour of their staff.  We saw it last week after the BBC’s response to its employees sharing personal views online.

Individuals’ online behaviour will always be challenging to monitor, but there is an opportunity for organisations to instil a culture of trust whilst managing their reputational risk from the outset.

In the case of Ms. Iqbal, the tweets were only flagged to the employer after she was hired. What would have happened if the tweets had been flagged sooner?

For us all as individuals, this serves as a reminder we should be mindful of our online behaviour (that goes to keyboard warriors too!) For organisations, the time is ripe to start placing more emphasis on this when they hire staff and onboard clients. In this digital world, protecting your online reputation has never been so important.

Abuse of children

A recent story highlighted the need to constantly maintain and review safeguarding controls.  An associate head teacher admitted to the crimes of gathering over 2000 images showing the sexual abuse of children, as well as owning Class A drugs. It is reported that the recruitment process at the time acted in accordance with all safeguarding requirements, including an appropriate criminal record check, but did not extend into checking his online footprint for signs of adverse behaviour. Therefore, if this current process hits the safeguarding requirements, shouldn’t it be time to raise the standard?

Improving the vetting process in institutions such as schools and hospitals is two-fold. Firstly, schools can collaborate with charities such as the Lucy Faithfull Foundation, which runs the Stop it Now! Advice Helpline reporting concerning behaviour toward children. The charity referred 148 offenders between 2016-17, including individuals who have been hired into ‘high-risk’ positions. Secondly, screening procedures must become more rigorous. An individual’s digital footprint can be an invaluable source of insight into employment-related risk indicators. Tapping into this publicly available data source can reveal information not available in a criminal record check. Collaboration between schools and charities, coupled with raising the bar in online screening standards, will provide a more complete picture of the individual and thereby increase the chances of adverse behaviour and red risks being flagged before it’s too late.

The role of government, and departments such as Ofsted, is to establish guidelines that keep our children safe, to protect vulnerable people by ensuring a stringent vetting process. By redefining the processes currently in place to recognise the evolving challenges, they can better help to prevent the wrong individuals from being hired and better safeguard the vulnerable.  In light of the case of Mr. Newbury, we would pose the question: are current checks inadequate for the education sector and is it time to ramp up efforts across the whole ecosystem to ensure the safety of the individuals these institutions are accountable for?

In PART 2 of the Courage, Culture and Conduct series, Patrick Butler shared his views on courage as the foundation of a value-focused culture  >> READ HERE

The question we are most often asked at the Conduct and Culture Academy (CCA) is, “how do you measure behaviour, given it is subjective and nebulous?” Delegates often comment that this is frequently used as an excuse not to invest in long-term behavioural initiatives “because we cannot produce the management information that shows it works”.

Indeed, in the FCA Discussion Paper on Transforming Culture in Banking in February 2018, Jonathan Davidson remarked that:

“… leaders can manage culture even if they can’t measure it very well”.

Yet an inability to measure culture is no longer the case. There are now some startlingly effective tools emerging to strengthen MI beyond vague sentiment surveys and the standard, superficial profiling of staff and customers, such as the advanced intelligence platform developed by Neotas and the Alderbrooke Group (CultureScope). These tools offer a rigorous and systematic approach to gain insight on clients and staff, linking behaviour to value and giving accountable managers tangible ways to move the dial on conduct and culture. Curiously, many decision makers seem to be wary of using these tools. Could this be because of what they may show? Perhaps, but this should not be the case.

The emerging regulatory approach is to expect leaders to have courage and, as we see from the sandbox approach to FinTech companies, be more tolerant of honest failures if the decisions are well-thought out, i.e. made with the integrity of the market, long-term good outcomes and the protection of clients and customers in mind.

This may need some difficult truths to be accepted and new skills to be developed, but leaders who develop a more sophisticated behavioural approach to managing their firms for the long-term will ultimately create trust, productivity and thus success for their firms – as well as themselves.

Without this approach, as regulators become more expert as to how senior managers can and should drive better conduct, they will become less tolerant of senior managers’ inability, or unwillingness to find ways to measure and manage culture effectively.

With it, the forward-thinking leaders will become the catalysts for sustainable value for their firms and the rehabilitation of the finance industry. With the rebuilding of trust will come a greater confidence and so greater participation, reducing volatility and driving growth. With finance as the lifeblood of the economy, I need hardly spell out what this will do for standards of living.

Consistent with the value offered by fostering cognitive diversity – i.e. with more information to hand – senior leaders can equip themselves to drive the right Culture to underpin success by:

• Seeking a culture of openness and transparency by proactively managing and measuring cultural change by clearly defined metrics
• Driving better decisions and enhanced decision-making processes and capabilities, e.g. defining, developing and rewarding characteristics that enable you to manage Conduct and Culture, right through all parts of your firm
• Leveraging new technology fearlessly to measure and foster behaviours that build trust and inspire all staff to control risk and create sustainable business value
• Treating this strategy, not as a defensive control mechanism, but as an opportunity to innovate and so boost the success of your company

They will then be truly successful. In the words of Simon Sinek:

“if the challenge we face doesn’t scare us, then it’s probably not that important.”

Stay tuned for the video soundbites from the Courage, Culture and Conduct Series >>  live updates here

First published on www.neotas.com > helping organisations to harness digital intelligence, measure behaviour and mitigate people risk.

______________________________________________________________________________

About this Series:

The concepts in this series and some of the new tools available to manage culture will be discussed further at the UK Finance Culture eats Strategy for Breakfast event on 14 March for Board level executives. They will also be explored in more detail within the fourth cohort of the Conduct and Culture Academy beginning at the end of March.

About the Author:

Patrick Butler is co-founder of the Conduct and Culture Academy at UK Finance and founder of Calitor Limited. A former Diplomat, Investment banker, Operating Officer, Head of Compliance, he now advises and coaches senior management and future leaders to enhance behavioural understanding underpinning practical solutions to meet the changing regulatory landscape and build competitive advantage.

View the Free Webinar >> Managing Culture to Deliver Strategic Success: Converting the Regulatory Imperative into Business Success.

In PART 1 of the Courage, Culture and Conduct series, Patrick Butler shared his views on overcoming the fear factor to drive success.  >> READ HERE

PART 2: Courage as the foundation of a value-focused culture

Cognitive bias can cause fear of new ideas and new ways. We see examples of specific behavioural models (Confirmation bias, Framing, Anchoring etc), when decision makers…

• rely on instincts and practices developed over years that result in downplaying or ignoring uncomfortable messages
  focus on what is easy to measure, or provides positive evidence for past decisions, rather than seeking out ways to measure the more important warning signs
• deprioritise active learning, questioning behaviour to find new ways to measure, and so foster less tangible but fundamental behavioural drivers of success
• ignore innovations that may give better insight to clients or staff and so be able to predict and better influence their likely future behaviours to benefit all stakeholders.

Instead, we need to foster courage at every level of the firm, from the board downwards, to:

• challenge the status quo in both the firm’s and their own thinking to drive an open, aspirational culture – rather than one of over-control, blame and fear
• show humanity and integrity (by which we mean authenticity) to set the example and inspire staff to do likewise
• be open about failures in order to encourage lessons to be learned
• speak up when something does not look right, or with fresh ideas that may enhance the firm’s ability to succeed in the long term, even if they may have a short-term cost.

This may be intuitive, but shareholders demand financial returns , not measures of collaboration. ‘Humility’ does not pay pensions that are due or provide expected investor returns. However, without the strong foundation of these qualities, you risk a Carillion, a Nokia, a Lehman, Bear Stearns, a Patisserie Valerie, Tesco, LIBOR, Interest Rate Swaps… etc. etc.

Thus, managers who have the courage to have open discussions with boards and shareholders to demonstrate the link between good conduct, good business practices and longer-term confidence in order to take better strategic decisions, will build trust, productivity and thus success for their firms – as well as themselves.

Forward-thinking leaders can become the catalysts for sustainable value for their firms and the rehabilitation of the finance industry, greater confidence and participation in the market, reducing volatility and driving growth. With finance as the lifeblood of the economy, I need hardly spell out what this will do for standards of living.

So, what can senior managers do – in practice?
• Can they, in fact, measure culture?
• How might they really build a better understanding of their colleagues’ motivations, to align personal goals with the values of a firm and interests of shareholders and customers alike, to ensure long-term success?

Instilling cultural and behavioural change from the ‘ground up’ can be challenging, but by aligning measured approaches and gathering insights that are honest and true, managers can foster better decision making that will benefit clients, colleagues and shareholders alike.

The key to this is finding reliable ways to measure the behavioural drivers…

In Part 3 of the Courage, Culture and Conduct series, we’ll take a look at the ways in which we can measure culture. CLICK HERE to follow us and receive live updates.

About this series:

The concepts in this series and some of the new tools available to manage culture will be discussed further at the UK Finance Culture eats Strategy for Breakfast event on 14 March for Board level executives. They will also be explored in more detail within the fourth cohort of the Conduct and Culture Academy beginning at the end of March.

About the author:

Patrick Butler is co-founder of the Conduct and Culture Academy at UK Finance and founder of Calitor Limited. A former Diplomat, Investment banker, Operating Officer, Head of Compliance, he now advises and coaches senior management and future leaders to enhance behavioural understanding underpinning practical solutions to meet the changing regulatory landscape and build competitive advantage.

At the end of 2018, a £13.8m contract was awarded to a ferry company, Seaborne Freight, in preparation for the potential consequences of a ‘no-deal’ Brexit. The company is expected to run ferry services between Ramsgate and Ostend from March onwards. However, in a very public outing, it was revealed that there was a string of potential risks in association with this company. We ask the question; how did this one slip through the net and would there have been any areas of concern or potential risks that our management due diligence would have flagged?

Initial searches into the company’s Directors show a clear potential risk indicator almost immediately. John Edmund Paul Sharp (also known as Ben Sharpe) was the director of Mercator International Ltd, Mercator Ship Chartering Ltd and Mercator Platforms Ltd. These companies were all subject to compulsory liquidation, and Mercator International Ltd showed debts of £1.46m at the time of dissolution in 2016.

The company’s website also displays other areas of concern, for instance the website’s ‘Portal Login’ is only an image and not interactive. This may have potentially indicated even higher risks associated with signing a large contract deal. The Terms and Conditions on the company website appeared to be copied directly from a food delivery website. This has since been amended, but cached versions of the web page can still be found that reference “placing a meal / order”. Another potential area of interest, entails the company’s Twitter page – it only includes weather forecasts from June to September 2018.

According to Chris Grayling, the Secretary of State for Transport, due diligence checks were carried out and searches were conducted on the Directors. These searches raised nothing of interest that would have prevented a contract from being signed or the deal being questioned at the due diligence stage.

Andy McDonald, the Shadow Transport Secretary, said: “Awarding a contract to a ferry company with no ships is yet another disgraceful misuse of public money by the transport secretary.”

For a sizeable deal of almost £14m, it is unsurprising that deeper due diligence checks (including management due diligence) were expected to be taken regarding the company and its Directors. The checks that were claimed to have been made had been considered satisfactory. And yet, in the fall-out, numerous issues have surfaced.

Conducting more rigorous checks for a new contract deal, on the company and its directors, provides an added layer of protection against fraud and reputational risk, better inform the decision-making process and ultimately safeguard any investments. The case of Seaborne Freight is just one example of the limitations of existing due diligence processes. It calls for management due diligence that delves deeper, especially for government contracts.

>>>

How well do you know the people and companies you invest in?  

By leveraging the latest technology and advanced analytical capabilities, Neotas is setting new standards in due diligence and reducing the number of investment deals gone wrong. Find out more about our Management Due Diligence >> click here. 

The behavioural theories that underpin the regulators’ approach to mitigate misconduct, are also fundamental to driving success. If we focus on the behaviours that drive value in the long term, this will align interests of employees, managers, boards and shareholders with those of customers and simultaneously crowd out misconduct.

This long-term focus critically changes leaders’ priorities. It means that leaders need to articulate clearly what these long-term goals look like (rather than focus on short-term returns demanded by just one stakeholder – usually an activist shareholder, or the fund manager supposedly representing myriad silent small shareholder, such as pensioners, but often driven by personal targets. This requires the courage to define the fundamental values of a firm that will achieve those goals, and then challenge themselves to work out how to manage the drivers of those values.

These drivers are not backward-looking measures such as financial accounting measures, or HR defined metrics. They are behaviours that drive future outcomes and are the core levers by which leaders (at every level) may embed a Culture that will be both a safety net and an engine of success. At the UK Finance Conduct and Culture Academy (CCA) we explore the link between behaviours and financial value including how to build financial models that can be powerful tools for firms to deliver their strategy.

But what behaviours? Among others: collaboration, courage, self-awareness, active learning, conformity, accountability, temperance, a tendency to be outward looking, humility, innovation, and transparency (and their opposite pairings), not the simplistic outcomes (mis-selling, unauthorised trading) often at the core of Conduct Risk Frameworks. The FCA internal model of leadership characteristics includes these sorts of attributes with which it can assess leadership of the institutions it supervises, currently informally – and I imagine soon formally – under its Senior Managers & Certification regime.

Firms can rebuild frameworks, using a behavioural lens to articulate and reward these behaviours to stimulate the innovation and productivity that drives sustainable growth. Yet few firms make this core to their strategy, preferring to continue using or slightly tweak their existing frameworks, in some cases shoe-horning Conduct into a traditional Risk framework, rather than threading it through all activities. Why is this? Could it be fear of the different, or fear of accepting sunk cost as a loss? Yet the status quo has hardly been a paragon of success.

“Fear” was a key topic of discussion at the FCA CEO roundtable in November. Although some leaders are starting to view fear as a cultural impediment to business success, many still talk more about their own fear of failure by themselves or others, or of issues they cannot control, such as Brexit.

These responses reflect findings from recent research and surveys on behaviour and culture at board level. For example, the propensity for leaders to overestimate their abilities to measure and manage culture, even though they recognise it as key to success.

Fear of unfair blame or criticism (e.g. under SMCR) tends to suppress the right behaviour, even though behavioural research by the likes of Dan Ariely demonstrates that the ability to admit failures reduces the likelihood of recurrence.  Such honesty can only be in the best interests for all stakeholders of any industry, and society.

Yet this cognitive bias may cause managers to ignore the behavioural drivers that ultimately will cause their bank to trip up or lose them the opportunity to foster those that will drive sustainable success. The courage to recognise cognitive bias is the first step for leaders to manage it and so ensure sustainable value to the firm.

At the CCA, we explore the growing discussion on Culture in Banking amongst regulators. On the surface, it may be the only way the regulators can supervise and control a constantly changing, complex interdependent global industry that constantly seems to find new ways to demonstrate misconduct. But, if we switch to the other side of the coin, courage to learn how to manage Culture proactively can in fact drive sustainable value, rather than just prevent regulatory loss.

>>> END OF PART 1 >>>

Stay tuned for PART 2 of the Courage, Culture and Conduct series: “Countering Cognitive Bias” > live updates here

First published on www.neotas.com > helping organisations to harness digital intelligence, evidence compliance and mitigate people risk.

______________________________________________________________________________

About this Series:

The concepts in this series and some of the new tools available to manage culture will be discussed further at the UK Finance Culture eats Strategy for Breakfast event on 14 March for Board level executives. They will also be explored in more detail within the fourth cohort of the Conduct and Culture Academy beginning at the end of March.

About the Author:

Patrick Butler is co-founder of the Conduct and Culture Academy at UK Finance and founder of Calitor Limited. A former Diplomat, Investment banker, Operating Officer, Head of Compliance, he now advises and coaches senior management and future leaders to enhance behavioural understanding underpinning practical solutions to meet the changing regulatory landscape and build competitive advantage.

View the Free Webinar >> Managing Culture to Deliver Strategic Success: Converting the Regulatory Imperative into Business Success.

How OSINT and AML Synergize in the Evolving Banking Landscape

Between 2-5% of the global GDP is laundered globally in one year, amounting to approximately $2 trillion in current US dollars, according to an estimate by the United Nations Office on Drugs and Crime. In the UK alone it is estimated that British banks spend £5bn each year fighting financial crime and yet, less than 1% of illicit financial flows are claimed to be confiscated by law enforcement agencies. Simply put, money laundering and financial crime is not a small issue. The monetary and reputational costs involved are extremely high, making finding and combining new methods of detection with existing anti-money laundering (AML) processes all the more important as part of the fight against illicit financial activity.

Earlier last week, a joint statement was issued by the Federal Reserve Board and four other regulatory agencies, including the Office of the Comptroller of the Currency (OCC), urging banks in the US to begin incorporating innovative approaches to AML processes. This call for innovation comes with a clear message of support. The regulatory bodies made it clear that banks who choose not to engage in pilot programmes will not be penalised. Furthermore, and more crucially, they also highlighted that banks that do test new methods will not be penalised should the outcomes of experimentation and use of new artificial intelligence tools reveal gaps in existing AML processes. Additionally, they stated that there will not necessarily be supervisory consequences or additional regulatory expectations arising from it either.

This opens a clear pathway for banks to freely pursue the implementation of new techniques, without the fear of current AML processes being criticised or highlighted as ineffective in comparison. The door is wide open to trial new technologies, even if they prove to be unsuccessful. In this move towards more collaborative efforts, the US regulatory bodies are also keen to provide platforms that promote dialogue between financial institutions and tech companies to collectively discover all the possible applications and implications of new tools.

Banks are always aspiring to evolve their approach to financial crime risk management, and this is the suggested approach. In an article published by HSBC earlier this year, Colin Bell, Group Head of Financial Crime Risk, highlighted the limitations of approaches that do not consider all available information, including those from open sources.

“Gathering together all of the relevant data …and bringing in external, publicly available data, will help us identify global patterns and systemic problems that might otherwise be invisible.”

Colin Bell, Group Head of Financial Crime Risk, HSBC

For us here at Neotas, the call for innovative approaches by regulatory bodies is a clear signal that there is room for AML processes to be enhanced and developed through the use of new technologies and techniques. What’s more, the value of open sources and external data is being recognised by banks as providing additional insights; that sometimes provide the key to unlock the AML answer. The use of open source intelligence (OSINT) and machine learning technology provides analysis of all publicly available information in a short time frame, removing false positives and supplementing insights with a considerable amount of external data to help spot and track suspicious behaviour. OSINT not only makes use of what is already visible and available, but it can provide the bigger picture to laundering operations and illicit financial flows across international borders.

Neotas are helping organisations fight financial crime through enhanced due diligence services and OSINT-based tools. In the last 18 months, we have provided insights that led to the reporting of individuals to the UK Serious Fraud Office, as well as PREVENT for suspected terrorism-related activities. In one case alone, Neotas uncovered a Director whose business had ties to a money laundering ring and involvement in arms and drugs trafficking. Amongst many red flags, Neotas uncovered numerous aliases associated with this individual, who had had various assets repossessed, was tied to modern slavery concerns and who had been reported in the Panama Papers.

We offer enhanced due diligence and advanced screening services to help reduce fraud and mitigate people risk. To receive a snapshot of Neotas’ work in this space, please contact us here.

Frequently Asked Questions (FAQs) about Anti-Money Laundering (AML) in Banking:

1. Why is AML important to the banking industry?

• AML is crucial to prevent illegal activities like money laundering and terrorist financing.
• It safeguards the reputation and integrity of financial institutions.
• Non-compliance can lead to severe penalties and legal consequences for banks.

2. What is AML in banking?

• AML in banking refers to policies and procedures to detect and prevent money laundering and other financial crimes.
• It involves customer due diligence, transaction monitoring, and reporting suspicious activities.

3. What is AML intelligence?

• AML intelligence is the information gathered to identify and mitigate money laundering risks.
• It involves data analysis, technology, and human expertise to detect suspicious patterns and behaviors.

4. What are the AML actions taken by banks?

• Customer Due Diligence (CDD): Verifying customer identity and assessing risk.
• Transaction Monitoring: Continuously watching for suspicious activities.
• Suspicious Activity Reporting (SAR): Reporting suspicious transactions to authorities.
• Enhanced Due Diligence (EDD): In-depth investigations for high-risk customers.
• Training and Education: Providing staff with knowledge to recognize potential money laundering.
• Regulatory Compliance: Following all AML laws and regulations.

5. How does AML benefit the banking industry?

• Protects against involvement in illicit activities.
• Maintains regulatory compliance and avoids penalties.
• Contributes to the stability and security of the economy.

6. What are the consequences of non-compliance with AML regulations?

• Severe penalties, fines, and legal consequences for financial institutions.
• Damage to the reputation and trust of the bank.
• Potential disruption of business operations.

7. How does AML technology assist in the banking industry?

• Automates complex checks and reduces errors for more consistent results.
• Enhances fraud detection and streamlines operations for seamless compliance.
• Centralizes data for efficient insights and clear audit trails.

8. How can banks ensure ongoing compliance with AML regulations?

• Regularly updating and implementing AML policies and procedures.
• Conducting periodic training and awareness programs for staff.
• Staying informed about changes in AML laws and regulations.

9. How does AML contribute to the overall financial system?

• Helps maintain the integrity and stability of the financial system.
• Prevents the flow of illicit funds that can undermine economic security.
• Supports international efforts to combat financial crime and terrorism.

~ by Alice Pearce, OSINT Analyst

Facebook’s meteoric rise as the social media platform of choice in the late 2000’s and early 2010’s paved the way for the integration of social media into modern life. Suddenly the online world wasn’t just for you and your friends but your parents and grandparents too. For many, Facebook was the perfect vessel to share your life with the world and connect with others. Despite the slow exodus of younger generations from the platform, it is still going strong with over 2 billion active users recorded in 2018. 

Whilst many view Facebook as the place to catch up with old friends or read an overly long rant from that weird aunt, its role in society has become so much more. In the wake of the Cambridge Analytica scandal, Facebook was revealed to be not just a social media platform, but a tool to influence public opinion. Targeted advertising and “fake news” posts allegedly swaying voters in both the UK’s EU Referendum and the US Presidential race. 

Political parties have recognised the importance of Facebook. A combined $70 million was spent on Facebook advertising by the Trump and Clinton election campaigns. Facebook themselves sent dedicated staff to advise.  

On the other side of the geopolitical sphere, the importance of social media as an influential tool has also been recognised by terrorist groups including ISIS and Al-Qaeda. Every day, extremist propaganda is uploaded to Facebook with the aim to spread fear and discourse or to recruit for the cause. The pressure is piling on Facebook to handle this problem. The European Commission is threatening heavy fines for radical content that is not removed within an hour on the platform. Despite their best efforts, the propaganda keeps on coming. 

Facebook is leveraged as a global platform, without borders. In politics, propaganda, marketing, business and advertising, just to name a few. So why not due diligence?  

Previous blogs have elaborated on the pivotal role that social media can play in the understanding of a potential employee. Revealing the motivations and behaviours that tick box exercises cannot. The information that Facebook presents us with provides the perfect opportunity for enhanced due diligence. The rest of the world has caught on to the uses of social media, it’s time that due diligence did too.

– Alex Penn, Open Source Intelligence Analyst

In the news this week:

‘NASA Intern loses job after accidental profanity-laced tweet to space council fellow’ 

In the never-ending series of social-media faux pas affecting an individual’s employment opportunities, the news which broke this week from NASA is perhaps the most bizarre yet. After receiving an offer of an internship at the space agency, a woman took to Twitter to excitedly (and expletively) tell the world of her good news. When a stranger asked her to mind her language, she replied with further expletives, and her friends joined in with the abuse. The stranger then informed the woman that he was a member of the space council, which oversees NASA, and she subsequently had her internship offer revoked. 

Some may argue that this is an overreaction on NASA’s part – even the member of the space council has expressed his regret at the decision – but it highlights the ever-increasing role internet activity can have on real life events. While the initial expletive tweet may not necessarily be indicative of the person’s personality and behaviour in general, her aggressive reaction to being challenged by the council member inevitably raised some alarm bells within the company.  

Enhanced Due Diligence (EDD) is not just about finding one misguided Tweet and highlighting it to end a career. It provides a deeper understanding of an individual, and offers an holistic insight into their behaviours, motivators and professional background. As such, it is trends in behaviour over time, be they an aggressive nature, intolerance of others or professional malpractices, which are highlighted. These factors are ultimately of greater concern to an employer than a spur-of-the-moment excited tweet.  

The internet provides the greatest wealth of information ever available from which to build pictures of individuals and help determine (or otherwise) their credibility as a representative of any firm. More and more firms such as NASA are beginning to realise the potential this provides to protect their reputation. While NASA stumbled upon it by chance, firms are increasingly adding EDD into their long-term due diligence processes, and it is already proving successful in many cases. 

The Open Source Intelligence (OSINT) market has grown significantly in recent years and is anticipated to grow over the forecast period 2018-2023, according to a recent study by Crystal Market Research. OSINT’s interoperability across various markets allows clients from all over the world to apply it flexibly. It has been predominantly used in human intelligence and the network analysis market for some time, and now people are beginning to witness its full potential. The use of publicly accessible data can increase investigative capabilities across relevant areas and to help overcome real-world issues, such as preventing crime, defence from cyber-attacks and even helping to uncover instances of human trafficking and modern slavery. Its recent rise has not gone unnoticed by the intelligence community.

Attendees of the annual DEFCON security conference, attended by Neotas, competed in the first OSINT non-profit Capture the Flag (CTF), challenging people to trace real missing people through publicly available information. The final goal was to provide additional information for authorities to help track down the missing individuals. This is a great example of OSINT for the greater good!

Most noticeably, people within online communities are beginning to use OSINT without knowing it. A user on Reddit shared a photo of a car part that had fallen off a vehicle after a fatal hit-and-run in Washington earlier this month. By sharing it on the social news site, other users were quickly able to identify the black piece of metal as a section of a “Chevy Silverado headlamp bezel”. In turn, police eventually made an arrest with the help of the Reddit community.

OSINT being leveraged in more ‘real-world’ scenarios, even unwittingly, is a prime indicator and example of its growth and potential growth globally. Use cases, once few and far between, are now hitting our screens more regularly and highlighting the benefits of OSINT.

Neotas’ proprietary platform leverages OSINT and experienced analysts to uncover digital trails, mitigate risks, enhance due diligence and evidence compliance processes. We are always seeking new ways to connect the dots and we thrive off uncovering hard-to-find information.

Follow us at @NeotasLtd for plenty more updates & blog posts like this.

We were lucky enough to have our Neotas Summer party at Sandown races last night and with this came the realisation of the difficulties in backing the right horse. But how can horse racing be linked to the world of investment and due diligence?

When the horses are walked round the paddock, there isn’t much to set them apart. Arguably less thinking time is spent during the selection process at a fun race day – and of course considerably less than in the boardroom – but there are still checks that can be made using information openly available.

Here are just a few points to consider before the horses are under starter’s orders:

• What is the form? How many times has the horse previously won. Are there any prior red flags raised? The form is perhaps the strongest indicator of what to expect.
• What is the network? Believe it or not, horses have networks too. Trainers, owners, jockeys, even their next of kin. All help to build up a picture of the good or bad.
• What is the going? Will the racecourse itself affect the horse? Is there a particular pattern seen with horses in particular conditions?

There are of course various other factors but putting these and the odds aside, the horse in question is theoretically profiled. Even its network can be scanned quickly by studying the form.

So how does this relate to investment?

Naturally, when investing money to receive potential returns, it is important to know where your money is going. Parallels can be drawn (although a slightly tenuous link) to the world of corporate investment.

Before a private equity deal for instance, extensive due diligence checks are made to screen the company, its background and its stakeholders.

“Approximately 50% of all deals fall through during the due diligence stage.” – Forbes

This serves as a reminder of the risks associated with the due diligence stage, despite the time and resources spent to identify any red flags.

Neotas uses open source intelligence to uncover digital trails, identify and mitigate risks and enhance due diligence processes.  Some may even say we shorten the odds.

Find out how we have recently helped protect the business interests of investors and private equity firms – request a free sample report here.

With my office circling for a blog this week, I decided to bite and to put a different kind of fin in fintech. So here it is, a blog that I can really get my teeth into. No fin can stop me now. Oh this is about to be so bad…

This week is Shark Week and while it hasn’t yet crossed the Atlantic with the same enthusiasm, having lived and indulged in this fishy fiesta in the US for several years I started my week watching Jaws after work on Monday. A classic in my opinion but for the majority in our office, a film that has never been seen and that got me thinking. Firstly, why on earth have this generation never watched Jaws and secondly, just how far we’ve come since the 1975 movie scared a generation out of the water.

Rewinding to 1975, news was far from instant, Hollywood fuelled our nightmares and dreams and sharks were neither well understood nor respected. Building on this foundation and embracing the power of television as a medium of communication, the Discovery Channel launched its first shark week in 1988 devoted to conservation efforts and correcting misconceptions about sharks. The week gathered momentum and in 2000, six million 3D glasses were distributed to viewers in the US and Canada for an episode on Shark Week featuring an extinct giant 3D shark. For the 20th anniversary in 2007, Sharkrunners, a video game that uses GPS data from tagged sharks in the Pacific Ocean, was released. Ten years later, we watched Michael Phelps, Olympic champion, race an AI generated great white shark and now in its 30th year, shark week is broadcast in more than 70 countries and is live across social media globally (#sharkweek). Conservationists have over these 30 years embraced technology to its fullest in order to educate and inform the world. They understand that information is key to the preservation of species and that to ignore research or to have an uninformed population could potentially jeopardise the future of our oceans. It therefore surprises me that while conservationists have embraced the ‘information is power’ philosophy, Neotas’ operating domain in the financial sector are still struggling with the same ethos.

In an environment with plenty of threats, prey and predators, the financial industry has over the past decade received the Jaws treatment, due to which the mass population have lost faith and are apprehensive to get back into the water. The great white lies and gill-ty executives have led to a culture of distrust. Over time, this can only be resolved by ensuring that those in solitary leadership roles are fit and proper, and that the processes to achieve these are as clear as the sea. It is no longer enough to look at the surface to spot the threats. Instead institutions must begin to dive deep and to identify the behaviours and actions that smell fishy before they are bitten on the butt. Without hammer(head)ing the point home or the bask(ing) in our own glory, Neotas due diligence solutions can assist institutions to safety and while there may always be bigger fish to fry, we’re chomping at the bit as we begin to make waves with respect to the attitudes and opinions of the schools around us regarding due diligence.

-Jennifer Roderick

After 2 months of grafting, heart break, doing bits, questionable loyalty and copious amounts of sun burn, Love Island is now drawing to a close. As the remaining couples fight to reach the final, they remain oblivious to the month-long heat wave, England reaching the World Cup Semi-Finals and the extra juicy information the whole country knows about their lives before the villa.

Love Island has once again gained a huge audience by feeding our nosey cravings but watching people’s relationships up close and personal just isn’t quite enough for Love Island viewers. Oh no, not only do we want to see everything they do in the villa, but also the details of their lives before they entered. People up and down the country of all ages and professions have unknowingly been using their own OSINT skills to find out the juicy deets.

The Islanders are all avid users of Instagram; after the first episode was aired, the contestants’ Instagram handles were found and shared in articles online. Their followings grew instantly. By looking through their profiles, people have been able to find out information including their interests, lifestyle, travel destinations, gyms they visit, family members and previous partners. The images have also been used to determine which Islanders smoke, as this is now not shown in the programme. Their Facebook and Twitter accounts have also been searched to gain similar insights. One Islander was even outed for supporting a well-known far-right activist on their Facebook profile.

LinkedIn has been used to discover the Islanders’ day jobs prior to entering the villa and even find out what their parents do. One fan of the show found an Islander’s professional email address to see if they had returned to work after being dumped from the villa or if they would receive an automated out of office reply.

Other viewers have delved deeper into their online footprints and found numerous Islanders featuring in music videos with famous artists. Older photos reveal those who have gone through cosmetic surgery and birth certificates have been identified to settle disputes regarding age.

Without even realising it, Love Island fans have used their OSINT skills to join the dots and create a more detailed picture of who this year’s contestants really are.

#OpenSourceLoveIslandIntelligence #KnowYourIslanders #DrDoMoreChecks

-Anna Fletcher

News broke last Friday of the arrest of a senior programmer from Israeli security firm, NSO Group, the company behind the infamous mobile spyware Pegasus. Allegedly faced with termination, he attempted to sell stolen source and development code valued at hundreds of millions of dollars on the Dark Web. He was caught after a potential buyer reported the sale of NSO code to authorities, allowing them to conduct an internal investigation to find the culprit.

They got lucky. In this case, stolen code not only represented a significant loss in IP but a threat to international security. A buyer with malicious intent would have acquired software with the capability to access and spy on millions of phones worldwide.

The Dark Web has long been seen as a mysterious corner of the internet, inhabited by a small group of shady hackers. The reality is very different. Just a quick Google search and download of the Tor browser can get anyone online onto the Dark Web in minutes. Millions of users access Tor every day to take advantage of the anonymity it provides. Combining anonymity with untraceable cryptocurrency makes it the perfect place for illegal activity, like the notorious drugs marketplace, The Silk Road.

Surface Web and Deep Web searches are slowly becoming a recognised part of the due diligence and repeated company screening process and the Dark Web should follow. Proprietary software and code is becoming ever increasingly more valuable and a more tempting target for theft and resell. Whilst the anonymity of the Dark Web protects sellers, the product can still be identified.

As the Dark Web continues to become the marketplace of choice, companies must adapt to ensure their IP stays safe. In the case of the NSO Group, they were saved by a benevolent Dark Web user. This will not always be the case and companies must take responsibility to recognise the importance of Dark Web investigation.

-Alex Penn

It has been 3 years since the introduction of the Modern Slavery Act in the United Kingdom, and so far it has produced mixed results. Whilst the percentage of businesses unmasking slavery in their supply chains has risen, the act is still struggling to apply serious pressure to the global companies most at risk from modern slavery. With no direct sanctions for failure to produce a statement, and no enforced directives about what the statement should entail, many firms still appear to be placing the abolition of slavery at the back of their ‘to do’ list. 

In October 2017, corporate responsibility watchdog CORE highlighted that, whilst most big-name brands had published a statement in line with the act, most statements were ‘short on detail and lacked transparency’. In 2018 a similar report found that more than 40% of government suppliers failed to meet the minimum level of compliance. Companies were paying lip-service to the act without any proof of substance or behavioural change. 

One issue multi-national corporations have is the broad scope of their supply chains. With hundreds or thousands of primary suppliers, each with multiple suppliers of their own, it is a daunting task to follow each avenue back to the raw material source. Instead, many firms are choosing to publicly state their opposition to slavery, while sending questionnaires to suppliers asking them to promise they don’t use slaves. Rather than putting pressure on those companies employing slave labour, this approach merely reinforces the shirking of responsibility that the act sought to remove. 

If firms based in the UK want to prove they are taking this issue seriously, it is time to start taking actions that have an impact. 3 years is a long enough adjustment period; now they need to seek strategies and due diligence approaches that have a far-reaching effect on the state of the world. 

-Sam Haslam

An England team picked by Neotas would win the football World Cup. It’s a bold claim, I know, but considering recent tournament attempts, you might as well hear us out.

England have suffered from a team that never seems to gel. We have had plenty of brilliant players. The “golden generation” included some of the best midfielders that the country has turned out from Gerrard to Lampard to Scholes yet we consistently underachieved. They never seemed to click and play well together.

It has always seemed like the team has been thrown together by a tick-box process of: this player plays for a well-established team; this player has scored a lot of goals for his club; etc. There has never been any effort to go further and understand the true character, behaviours, motivations, personality and backgrounds of the players, all things that have a sizeable impact on the team’s performance.

This is what Neotas does for due diligence. Our analysts go beyond the standard background checks to reveal a deeper understanding of hires and investments to aid companies with compliance, KYC and SMR regulations and help build a workforce they have confidence in.

The Neotas process would produce an England team that has gone through a vetting like never before. Our understanding of the players allowing us to build a team in perfect balance that complements each player’s abilities and personality. A team that could win the cup! In reality, whilst our due diligence process is like no other, our footballing brains might not be up to par. It’s probably best we stick with compliance and KYC.

We wish England and every other team competing in Russia the best of luck but if another “Iceland incident” happens then maybe it won’t be long before the FA comes knocking on the Neotas door…

-Alex Penn

Like much of the world, the Neotas team is eagerly awaiting the kick off to the 2018 FIFA World Cup. Millions of fans from countries all around the world will be pouring into Russia to watch thirty-two teams battle it out for the most prized trophy in football.

Instagram, Facebook and Snapchat feeds will soon be filled with photos from fans showing off the view from their seats or how flash (or not) their hotel room is. Social media is a great tool to tell the world about the experiences we’re having. However, what are the consequences of all of this?

Posting that photo of you cheering on England from the stands to your public Instagram may seem innocuous but now anyone looking at your feed knows exactly where you are. And the fact that you’re not at home. They scroll further back through your feed and see that photo you posted of your new car in the driveway. Now they know where you are and what your house looks like. It is so easy to make ourselves vulnerable online without even realising.

It’s not just fans at risk. With public social media playing such an important part in branding, players fall into this trap all too often. Just a few days ago, Barcelona defender Gerard Pique had his house robbed whilst visiting his wife Shakira on tour in Germany. In January, West Brom player James McClean came home to a break-in after playing an evening fixture. Last year, John Terry and his wife were posting public photos of their holiday at the exact same time as their house was burgled.

Social media is an amazing thing, but we needlessly put ourselves at risk. Just a moment’s thought about who our audience actually is and what we’re showing them can make all the difference.

-Alex Penn

In an increasing trend in British football, players are being reprimanded by the press and FA alike for historical activity on social media. In the most recent cases, the dubious online activity of a player has come to light only when they have made the news headlines for another reason – be it Shane Duffy dating Katie Price or Andre Gray’s first premier league goal – but has had a direct effect on their football career. 

Despite the player often representing a different club at the time of the faux-pas, it is the player’s current club who are punished as the player is banned by the FA and faces humiliation in the press. This may seem unfair, but an employer who does not properly vet their staff’s online footprint is leaving itself exposed to these kinds of scenarios.  

The issues are not always external either, as Joey Barton and Ryan Christie have shown; both players tweeted offensive comments about specific clubs, bringing embarrassment and anger from the clubs’ own supporters when they later signed the players. An online footprint check could have highlighted and removed these tweets before the signings were made public and saved the clubs from an unnecessary PR headache.  

The new generation of footballers are the first to have been active on social media from youth, so it will be no surprise if the trend of exposés continues to grow. Football clubs should realise that reaction to cases such as these is not enough, and proactive vetting of online footprints can prevent unnecessary publicity and FA sanctions.  

-Sam Haslam

Since before Neotas was Neotas, social responsibility has been central to our team. As such, we’ve developed relationships with several charities and volunteer groups. Of note, is our relationship with STOP THE TRAFFIK; a coalition which aims to bring an end to human trafficking worldwide.

Three years ago, I started working for them as a volunteer analyst. Over time, this has grown into a corporate partnership founded on information sharing, analysis and the collaborative development of bespoke tools, techniques and deliverables (more on this to come in the coming weeks… Watch this space!).

STOP THE TRAFFIK shines a light in dark places in order to uncover modern slavery and human trafficking and to disrupt it at its source. STOP THE TRAFFIK’s Centre for Intelligence-Led Prevention, in collaboration with technology partners, collect and analyse data on global human trafficking patterns. The intelligence gathered is used to build resilience and transform communities as well as to directly intervene in vulnerable communities. These actions seek to fuel the systemic disruption of human trafficking networks.

One of the aims of this initiative is to inform business and consumer communities about how and where modern slavery is present in global supply chains. In recent years, it has become increasingly clear that business plays an integral role in the fight against these crimes.

Businesses can be associated with human trafficking, forced labour and exploitation, both directly and indirectly. Large companies are often implicated unknowingly, as a result of their long, multi-tiered, and transnational supply chains. Indeed, when a large company needs to address issues of modern slavery within its supply chains, it can often be entirely overwhelming as to where to begin. Nevertheless, as legislation becomes more stringent, the risk for businesses that ignore these issues increases.

Over the coming weeks, the Neotas team will expand on the issues relating to modern slavery in supply chains focusing the difficulty companies face in conducting due diligence on complex, multi-faceted and transnational networks, as well as shedding some light on the legislation that guides us. In addition, we will also discuss case studies in which Neotas have uncovered modern slavery in a supply chain using open sources.

Human trafficking and modern slavery are thought to be amongst one of the most widespread crimes in the world, affecting millions of men, women and children each day. Moreover, the problems are only increasing. It is time to change this dynamic and in the words of Baroness Stroud at the recent launch of modernslaverymap.org, “To do what you’ve always done, you’ll get what you’ve always got”.

-Jennifer Roderick

From the 22nd to 24th May, the Financial Conduct Authority (FCA) for the United Kingdom held their 5th TechSprint at Canary Wharf. The theme of the TechSprint was Anti-Money Laundering (AML) and Financial Crime and following an emotive launch, the event kicked off with gusto and excitement.

The event sought to increase understanding surrounding the challenges of financial crime and to deepen international and cross industry dialogue around the role of modern technology in tackling these issues. Amongst the 220 participants, including developers, subject matter experts, senior executives, and international regulators from around the world, were two Neotas familiar faces, myself and Kunal Aggarwal. We were not alone in our quest however as we were fortunate enough to join an amazing team with specialists from Octopus Labs, Lysis, and Idemia.

With the latest UN estimates suggesting that criminal activities, including drug trafficking, smuggling, human trafficking, and corruption, generate proceeds exceeding $1.6 trillion annually and that less than 1% of these illicit financial flows are ever detected, seized and frozen, it is time for the financial industry to respond. The problem is that it cannot and should not seek to do it alone. Indeed, the phrase “it takes a network to defeat a network” was mentioned in the open speeches and continued to ring true across the 3 days as new ideas were formulated, prototypes developed, and pitches practiced. Ideas and solutions covered blockchain, bitcoin, network analysis, digital identity, company due diligence and open source intelligence and while some solutions sought to solve age old problems with new technology others attempted to create solutions that would seek to get ahead of the criminals before they have a chance to exploit a weakness or failing.

In total, 16 ideas were pitched, potentially ground-breaking initiatives were developed, and countless business connections were made.

Given our background and expertise, we were able to enrich the information picture using open source information in conjunction with traditional data sources. Working with both our own team and others, including a number of the members of the RegTech team from the FCA, we were able to show how open sources both supports and enhances data and how it can create networks and insights previously uncovered.

Although it was a long and hectic few days, we absolutely loved the experience and cannot wait to continue our efforts with our team members and others, and to develop those conversations and relationships that were initiated over the 3 days. We strongly believe that this event triggered the start of great things to come and provided the perfect platform from which to launch a fight against some of the biggest challenges facing our society both now and in the future. On to the next challenge!

‘Trust is the currency of the future’, said Stuart Lacey, founder of Trunomi, at the ‘Let’s talk about RegTech’ event at Rise last night. The panel discussion centered on RegTech’s place in the world, how regulators function and meeting the challenges posed by regulation. Whilst trust in institutions was at the core of the discussion, there was an interesting point made: Is RegTech disruptive?

RegTech is inherently reactive: Regulators produce legislation. Institutions clamor to meet the challenges posed by it, and RegTech companies provide slick solutions.

The cycle repeats.

In this cycle, where’s the room for true innovation? Where’s the opportunity to disrupt? To take a proactive stance and help improve trust in financial institutions to a greater degree than regulation stipulates?

StartUps aim to disrupt – to fundamentally change the way something is done in society: to radically change how we use services and products. But how can RegTech disrupt? It’s tied to institutions, and institutions are tied to regulation. RegTech is bound up in a vicious cycle which gives the minimum required to satisfy regulators, in the most efficient way possible.

For trust to be restored in institutions, more must be done.

The panel last night concluded that we’re moving in a positive direction: regulators are increasingly focusing on outcomes and principles. This will give RegTechs the freedom to innovate according to regulatory ideas, and not institutional minimums.

Hopefully, this will incentivise institutions to adopt the best practices to satisfy regulators. To adopt RegTech solutions that do more than the minimum, that disrupt the status quo and inspire trust.

-Dan Burke-Ward & Reece Wickens

The National Crime Agency released their National Strategic Assessment of Serious and Organised Crime recently, and they found that Fraud continues to be the most common form of crime in the UK, with over 3.4 million incidents recorded in the last financial year. The 2017 Annual Fraud Indicator (AFI) estimated that fraud cost the UK economy over £190 billion per year, with the private sector losing an estimated £140 billion, the public sector £40.4 billion and the last £6.8 billion being lost by individuals.

Why is this still the case when we have an abundance of technology available? The innovative, new, young tech leaders as well as the enthusiasm that the new generation have in combating crime should be reducing these loses significantly, so why aren’t they?

Could it be that old institutions want to stay using “best practice models” or the “checklists” of old policies and procedures? Could it be that old institutions want to ensure they are doing just enough due diligence to make the regulator happy? So much information is online. To continue to only follow the bare minimum in due diligence checks is dangerous and costly.

Having worked in financial crime for many years, I thought that our searches were robust, vigorous, and comprehensive, but I was wrong. Just checking an internal data base to make sure the bank account matches is not enough.

Take a customer who has been flagged for potential AML related concerns. Normally, you’d do a bank check; check your internal high-risk monitoring database (or whatever database you have) and maybe Google their name. If the individual has had prior convictions, there may even be some media online about them. This just affirms what you already know. Google only searches 4% of the internet – there’s so much more out there!

By leveraging the power of the open source intelligence, you can build a much bigger picture about a person or a company and build a much bigger picture.

But what if you looked at their online activity in a much more structured manner: their social media accounts, their home address, their general lifestyle? Using open sources mean that the world’s information is at your fingertips, allowing you to delve deeper and see the whole picture. It allows you to learn new information.

The industry needs to do more to combat financial crime than just checking a database, it must realise that open source intelligence needs to be embraced and not feared.

-Suzanne Lynch

World Password Day

In an ironic twist of fate, Thursday’s “World Password Day” was marked with the news that the passwords for all Twitter users globally had the potential to be exposed after a glitch in the company’s encryption process.

Breaches of online accounts and the leaking of personal details are becoming an ever more present concern. In the case of Twitter, an internal bug was to blame however many breaches are often the work of individuals with the intent to cause harm or create havoc. In documented cases in the past 6 years, not considering all those that are not yet announced, over 5 billion personal accounts have been victim to data breaches across platforms such as LinkedIn, Ashley Madison, MySpace, and Dropbox amongst others. But what does a breach mean to me and should I care? The answer is a simple yes.

A breached account means that the email address, username and password all have the potential to be exposed. Additionally, it can also give someone access to personal information, private photos and message chains, and entirely opens up the possibility of identity theft. How are your friends and colleagues to know that the person sending them links to phishing sites or posting content from your account is not you? This can lead to serious reputation concerns that affect both personal and professional life.

Taking the necessary steps to reduce vulnerability online start with password management including regularly changing passwords, using random strings of characters and using different passwords for each account. Nevertheless, password management is a chore. Everyone suffers from the frustration of typing passwords over and over again as we struggle to remember whether this one has an exclamation mark or not. Due to this, we often take the easy way out with simple to remember, repeated passwords across multiple accounts. However, if we stop to really consider how much information a single password is protecting, our attitude towards them would not be so lax.

Our analysts at Neotas regularly stumble upon breached accounts and passwords whether in screenings, SMR Fit and Proper checks or investment due diligence. Regardless of our research purpose, we work with all of our clients to provide recommendations and advice in order to ensure the safety of the individuals and to protect both the individual and organisation against any reputational damage or further data breach.

Schrödinger’s Personality Traits

In 1935, Erwin Schrödinger stated that a cat, placed in a sealed box with a jar of poison, is thought to be both alive and dead. Only once the box is opened does the scientist know whether they have a healthy living cat or a lifeless corpse. 

Imagine each recruit to a firm carries with them a sealed box. Inside the box is not a cat, but a personality, including honesty, motivations and integrity. Only once the employee is hired and the firm has paid the significant search, legal and hiring costs is the box opened and the true state of the personality confirmed. Until the costs have been covered, it is a pure gamble as to what is inside the all-important box; even numerous interviews and criminal record checks cannot change this.  

This has long been the case in recruitment and due diligence. Now, however, open source investigative methods can scrutinise the contents of the previously unreadable box and prevent firms risking the honesty and integrity of their business with each new hire. 

Through one of our recent investigations we uncovered a potential recruit operating online under an alias to post racist, homophobic and sexist content across numerous platforms. However, because the individual had no criminal past or financial trouble, traditional due-diligence approved them as an acceptable employee. Having someone with such explicit views working in a modern work environment would have created untold damage both internally and to the company’s reputation externally. 

If you interviewed this person and talked amicably about their past and their ideas for the future you almost certainly would have branded them an upstanding ambassador for the company. The reality is, posting hateful commentary is the antithesis of integrity. Doing so under a false name is the antithesis of honesty. 

Conducting open source investigations removes uncertainty in the hiring process; it protects a firm’s reputation and leaves no chance of unintentionally failing to comply with regulations. If Erwin Schrodinger was able to drill a hole in his proverbial cat’s box, he could have discovered the animal’s true state long before he went to the expense of removing the lid to find a dead feline. 

Schrödinger’s Personality Traits: Navigating the Complexity of Human Behavior

In the realm of psychology, understanding the intricacies of human behavior and personality is akin to peering into a quantum mechanical system. The notion of Schrödinger’s Personality Traits, a whimsical extension of Schrödinger’s cat paradox, offers a thought-provoking lens through which we can contemplate the enigma of human nature.

Unpacking Schrödinger’s Personality Traits

Erwin Schrödinger’s cat experiment delves into the paradoxical nature of quantum mechanics. In a sealed box, a cat is simultaneously alive and dead until observed. Similarly, Schrödinger’s Personality Traits postulate that an individual’s personality can exist in multiple states, revealing different facets based on context, environment, and observer.

The Contextual Nature of Behavior

Human behavior is profoundly influenced by context. A person might exhibit assertiveness in a professional setting, yet demonstrate warmth and empathy in their personal relationships. This contextual variability challenges the notion of fixed, immutable personality traits.

Consider a colleague who is reserved during team meetings but exuberant on social occasions. Are they introverted or extroverted? Schrödinger’s Personality Traits suggest that both traits coexist within the individual, revealing themselves based on the setting.

The Observer Effect in Personality

Much like in quantum mechanics, the observer plays a pivotal role in perceiving personality traits. The traits we attribute to individuals may be contingent on our perspective, experiences, and expectations. This phenomenon is evident in first impressions, where initial observations may not capture the entirety of a person’s character.

Imagine encountering someone who appears aloof at a social gathering. A different observer might perceive them as introspective rather than distant. Schrödinger’s Personality Traits invite us to recognize that our interpretations are influenced by our own lenses and biases.

The Multifaceted Nature of Personality

Traditional personality theories, such as the Big Five personality traits (Openness, Conscientiousness, Extroversion, Agreeableness, Neuroticism), provide valuable frameworks for understanding human behavior. However, they may fall short in encapsulating the complexity and dynamism of personality.

Schrödinger’s Personality Traits propose that individuals possess a spectrum of traits, some of which may contradict or complement each other. For instance, a person can be simultaneously analytical and creative, introverted and outgoing, depending on the context and observer.

Embracing Paradoxes in Personality

Society tends to favor clear-cut classifications. However, Schrödinger’s Personality Traits compel us to embrace paradoxes and contradictions within ourselves and others. Recognizing that individuals can embody seemingly opposing traits fosters empathy and a deeper understanding of human complexity.

Consider a friend who is both fiercely independent and deeply reliant on their support system. Rather than viewing this duality as a contradiction, Schrödinger’s Personality Traits encourage us to appreciate the nuanced interplay of these characteristics.

Implications for Personal Growth and Development

Acknowledging the fluidity of personality traits offers liberating possibilities for personal growth. Individuals can transcend the confines of predefined categories, allowing for self-discovery and evolution.

Embracing Change and Adaptability

Schrödinger’s Personality Traits underscore the adaptability inherent in human nature. As we navigate different life stages, roles, and environments, our dominant traits may shift. Embracing this malleability empowers individuals to embrace change and pursue diverse paths of development.

Cultivating Empathy and Understanding

By recognizing the coexistence of various personality traits within ourselves and others, we cultivate empathy. We become attuned to the complexities of human experience, appreciating that each person carries a rich tapestry of characteristics.

Navigating Relationships and Interactions

Understanding Schrödinger’s Personality Traits can revolutionize how we approach relationships. Rather than imposing fixed expectations on others, we allow space for them to reveal different aspects of themselves over time.

Fostering Authentic Connections

In friendships, partnerships, and professional relationships, acknowledging the multi-dimensional nature of personality encourages authentic connections. We grant others the freedom to express themselves in diverse ways, fostering trust and mutual respect.

Conclusion: Embracing the Paradoxes Within

Schrödinger’s Personality Traits invite us to embrace the inherent paradoxes of human nature. By acknowledging the coexistence of seemingly opposing traits, we embark on a journey of self-discovery, empathy, and authentic connection with others. In this paradigm, we celebrate the complexity that defines us all, allowing our personalities to unfold in beautifully unpredictable ways.

For the most part, due-diligence consists of checks against databases (Criminal records, Credit checks, Sanctions lists etc.). This form of structured information is only half the picture. Our innovative method of conducting enhanced due-diligence regularly leads to additional insights that change how business is conducted.

In a recent case, an investment house was looking to invest in an established company. The deal seemed like a certainty, and Neotas were brought in to do a quick check just a few days before contracts were exchanged. A thorough examination of open sources highlighted that the company had recently undergone a change in trading name. This was the sole difference between the two companies: cosmetic. All staff members remained with the company, and the company’s offerings were identical.

The first alarm bell was raised when we recovered deleted customer reviews against the company’s previous trading name. All the deleted reviews we discovered were deeply negative in nature. Further examination uncovered ex-employee reviews of the company. Multiple reviews stated that key management regularly manipulated contracts and would often celebrate this activity by consuming Class A drugs.

Staff members were encouraged to participate with these activities. One review went as far as to describe the company culture as “living on a diet of cocaine, coffee, and lies”.

Management had embarked on a strategy to hide this information from the due-diligence process. The additional information found led to the immediate termination of the deal. Traditional due-diligence is an important component of completing a deal, but in today’s world it’s insufficient. There’s so much more information out there that can be leveraged, and an open-source investigation is the best way to identify business-critical information that traditional methods might miss.

– Reece Wickens & Dan Burke-Ward

Open-source intelligence (OSINT) for Business Risk Assessment

Last Friday marked the end of my second week as the newest member of the analyst team at Neotas. We use open-source intelligence (OSINT) to give businesses peace of mind about prospective investments and hires by going far beyond standard due diligence checks.

As a Physics graduate, fresh out of university, the jump into open-source intelligence was not immediately an obvious one. Before joining Neotas I, like most people, had little awareness of the concept of using OSINT in the business world. People do not realise the vast quantity of information that the internet holds about every person who interacts with it. However, with just a small step into the world of OSINT, it becomes very quickly apparent that the internet can be harnessed into a powerful and useful tool that can build up a detailed profile of a person or company.

Online information is broken down into two parts, active and passive. Active information is what we choose to put online about ourselves. Personal blogs, programming forums, gaming forums and social media such as Twitter and Facebook are all examples that fall into this category. Passive information is any data we did not put there ourselves, this ranges from birth certificates to mentions in newspaper articles.

Having all this information out there is all well and good, but the key becomes turning this into intelligence. This is where Neotas stands above all others.

The last two weeks have been a whirlwind tour of open-source intelligence methodology and techniques refined by a Neotas team made up of some of the top minds in cyber security, fraud prevention and intelligence gathering. ‘Googling’ may give you an outline, but Neotas analysts go far beyond into the deep & dark web to give you more detail, putting together all the pieces of the puzzle to build a complete cyber profile of your potential investment or hire.

In this age of increasing regulations and compliance, it is easy to see the waves that Neotas is making. In just my second week, I was given the chance to help represent Neotas at the recent Innovate Finance Global Summit. It was clear to me that Neotas stand out from the crowd of emerging FinTech and RegTech businesses by keeping the analyst at the centre of the process. With our advanced use of OSINT supported by our analyst driven platform nobody can do what we do as well as we do. The business world is changing, and I am truly excited to be a part of a company that is leading the charge.

Starting with Open-source Intelligence (OSINT) for business risk assessment can provide valuable insights into potential risks and opportunities. Here’s a step-by-step guide to help you get started with Open-source intelligence (OSINT) for Business Risk Assessment :

1. Understand Business Objectives: Clearly define the goals of your business risk assessment. Are you looking to assess market trends, competitor activities, supply chain vulnerabilities, or other specific risks? Understanding your objectives will guide your OSINT efforts.
2. Identify Data Sources: Determine the types of information you need to gather and where you can find them. OSINT sources include social media, news articles, blogs, forums, government websites, industry reports, company websites, and more.
3. Select Tools: There are various tools that can help streamline your OSINT efforts. Consider using web scraping tools (like BeautifulSoup or Scrapy), social media monitoring tools (such as Hootsuite or Mention), and search engines (Google, Bing) for targeted searches.
4. Build Search Queries: Craft specific search queries to narrow down relevant information. Use keywords related to your business, industry, competitors, and risk factors. Experiment with different combinations of keywords and operators to refine your search results.
5. Monitor News and Social Media: Regularly monitor news outlets, social media platforms, and industry-specific forums to stay updated on relevant events and discussions. Tools like Google Alerts can help you receive email notifications for specific keywords.
6. Analyze Competitor Activities: Study your competitors’ online presence, press releases, social media accounts, and any public information available. This can provide insights into their strategies, product launches, partnerships, and potential vulnerabilities.
7. Evaluate Market Trends: Analyze industry reports, market research, and expert analyses to understand current and projected market trends. This information can help you identify potential risks and opportunities.
8. Assess Regulatory Landscape: Explore government websites and regulatory databases to gather information about compliance requirements, industry regulations, and potential legal risks that could affect your business.
9. Map Supply Chain: If supply chain risks are a concern, gather information about your suppliers, their financial stability, geographical locations, and any past issues they might have faced.
10. Social Media Analysis: Analyze social media sentiments and discussions related to your business, brand, and industry. Tools like sentiment analysis can help gauge public perception and potential reputation risks.
11. Evaluate Cybersecurity Threats: Research potential cybersecurity threats and vulnerabilities that your business might face. Look for any data breaches, hacking incidents, or security advisories related to your industry.
12. Collaborate with Experts: Consider collaborating with OSINT experts or consultants who have experience in business risk assessment. They can provide guidance on effective strategies and tools to use.
13. Stay Ethical and Legal: While collecting OSINT, ensure that you respect privacy and adhere to ethical guidelines. Be aware of any legal restrictions related to data collection and use.
14. Analyze and Interpret Data: Gathered data can be overwhelming. Organize and analyze the information to identify trends, patterns, and potential risks. Cross-reference multiple sources to verify information.
15. Create Actionable Insights: Transform your analysis into actionable insights. Prepare reports or presentations that highlight identified risks, opportunities, and suggested strategies for mitigating risks.
16. Stay Updated: OSINT is an ongoing process. Regularly update your research and analysis to stay ahead of changing risks and market dynamics.

Neotas’ Innovative Approach: The Fusion of Art and Science:

Neotas’ leadership in OSINT techniques is a harmonious blend of innovation, ethics, and client-centricity:

• Advanced Technologies: Neotas employs cutting-edge technologies such as artificial intelligence (AI) and machine learning to amplify the effectiveness of OSINT techniques. These technologies streamline data processing, enabling rapid pattern recognition and trend analysis.
• Ethical Considerations: Amidst growing data privacy concerns, Neotas stands as a paragon of ethical OSINT practices. The company places a premium on responsible data collection, adhering to legal and ethical boundaries to ensure respect for privacy.
• Tailored Solutions: Neotas’ OSINT techniques are not one-size-fits-all. By collaborating closely with clients, Neotas designs bespoke solutions that align with specific industry needs and objectives. This ensures that OSINT insights are not only relevant but also actionable.

OSINT techniques have revolutionized the way organizations glean insights from the digital realm. Neotas’ innovative approach and commitment to excellence have elevated OSINT from a mere data collection process to a holistic art and science. As the digital landscape evolves, Neotas remains at the forefront of OSINT techniques, continuously refining and redefining the boundaries of what is possible.

By Alex Penn

With social media comes the ability to share anything, from thoughts and opinions to holiday photos, in real time to – potentially – anyone with internet access. And while venting on Twitter or posting a photo to Instagram enjoying cocktails on a beach may seem innocent, the possible impacts of these are not always considered.

The Good:

Social media has countless advantages, but one thing Twitter users have learnt over the years is that complaining via Tweet to an official company Twitter account will often result in a fast and appeasing response whilst removing the need for awkward face-to-face confrontation or time wasted being kept on hold. Not only that, but the public nature of the complaint means that companies want to ensure that any problems are resolved quickly and to a high standard in order to maintain their reputation. Just a few months ago, Tesco had to make a public apology and offer dozens of refunds after unhappy customers took to Twitter to complain about their “rancid” and “inedible” Christmas turkeys.

Despite producing a positive outcome for customers, public complaints and bad reviews can have negative impacts on the ways in which a company is viewed by other potential customers, employees or investors.

The Bad:

In a previous blog, Free private information give-away, the disadvantages of sharing personal information in the public environment of social media platforms was discussed; including posting photos whilst you are on holiday and therefore advertising your house as empty. We no longer share printed photos of our travels with friends and family after returning home, in fact, we will often let the world know we’re off on holiday before even leaving the airport. Tagging and checking-in to locations online lets anyone, who has the access, know exactly where you are (or perhaps more importantly, where you are not) at that exact time. Whether it’s at Heathrow airport, the Eiffel Tower or the pub down the road. This information can be used maliciously by criminals wanting to burgle houses or to track an individual’s whereabouts.

The Ugly:

Social media has given us the ability to share our opinions, good and bad, in direct response to real-time events. TV shows will often invite viewers to make comments and respond to the unraveling events on social media in real-time by providing hashtags on screen. However, not everyone likes what they see, hear and read, and many aren’t afraid to voice these opinions online. Just last week, Flo and Joan of the musical Nationwide adverts, were two of the most recent victims of online death threats with viewers hoping they would be involved in a car accident and asking who else would be “chipping in” to get them “brutally murdered”. Although to some it may seem like harmless venting or said with no real intention, comments like these can have a serious effect on those they are direct towards. Public figures and celebrities often discuss the emotional toll of online trolls and receiving hate and the impact it can have on their mental health. However, posting hate towards others online also casts shade on the perceived character of the original poster.

At Neotas, we aim to go beyond traditional background checks and employee screenings to uncover further the true character, behaviour and motivators of a subject.  Discovering hateful and threatening comments online directed to a particular person or group of people would raise concerns to us regarding the character and online reputation of the subject.

By Anna Fletcher

If you’ve read our previous blog about the real cost of a bad hire then you will know that when you fail to screen your employees properly you are putting your business at risk. But what about the Senior Management in your company?

In March 2016 the FCA replaced the Approved Persons Regime (APR) with the Senior Managers Certification Regime (SMCR). The SMCR is a new regime that aims to reduce harm to companies by making SMs more accountable for their competence and conduct.

Every Senior Manager needs to have a statement of responsibilities that states what they are responsible and accountable for. The senior manager must also be fit and proper for the role, but what exactly does fit and proper mean? Well, according to the FCA, in order to ensure an individual’s “fit and proper-ness”, you must consider…

• honesty (including openness with self-disclosures, integrity and reputation)
• competence and capability
• financial soundness

The above assessments, although important, fail to tell you the full story of a person’s motivation, character and personality.

In today’s inter-connected world, most things about you are online, this goes for corporations and their directors. That said, companies nowadays continue just to vet their upper management in the traditional checklist manner, which continues not to work.

In 2011, The Guardian stated “In 2007, nearly half of all fraudsters worked in senior management. While this has fallen to 35%, board level perpetrators increased from 11% to 18% between 2007 and 2011.”

HSBC had to apologise for allowing fraudulent funds to be knowingly processed through their bank by Mexican drug cartels. HSBC’s chief executive of retail banking and wealth management said that he was horrified by what he found. However, it was later discovered that HSBC’s head office in London was aware of the illicit funds travelling through the bank but failed to do anything to resolve the problem.

Also falling victim to bad senior management was Deutsche Bank who was fined £163 million in 2017 for failing to maintain adequate Anti-Money Laundering (AML) controls. Mark Steward, Director of Enforcement and Market Oversight at the FCA, said, “Financial crime is a risk to the UK financial system. Deutsche Bank was obliged to establish and maintain an effective AML control framework. By failing to do so, Deutsche Bank put itself at risk of being used to facilitate financial crime and exposed the UK to the risk of financial crime.”

Whether the role is for an entry level position or as a company director, we at Neotas believe in going beyond the standard checks by delving deeper to ensure that the person is fit and competent for the job. We create a full in-depth report detailing the individual’s education and employment history, as well as looking at all online and media content (both adverse and positive) to give you the full picture.

The recent Florida High School tragedy has caught public attention in many ways. In my view, one of the most profound elements of the event was the way it was initially reported to the public.

School children filmed the incident on Snapchat thinking it was a hoax or safety drill. They weren’t to know that the situation was more serious than they first thought. The children filmed the entire incident, even tweeting about what was going on whilst the shooting took place.

Whilst this incident isn’t the first time that events have been live-streamed in real time, it’s yet another example of how we now have an instant ability to share information on social media during a tragic incident. News broadcasting teams even deemed some of the videos recorded on the students’ Snapchat ‘too graphic’ to show to the public. But why has this become such a prevalent trend, especially during dangerous situations? And when did the question of fight or flight expand to include post, stream or tweet as options?

Over the course of a series of blogs, I will attempt to shed some light on this issue and how at Neotas, we are finding more and more of these incidents and events in our open source investigations. I am interested to discover whether the ‘bystander effect’ has an impact on the person sharing the information, the impact on the public and how this new source of broadcasting influences public services.

The popularity of social media platforms such as Facebook, Twitter and Snapchat have transformed the way in which crime and victimisation are presented in the media. Such popularity has led social media to become our preferred source of news, with news broadcasting often showing footage of a crime that has been filmed by a victim or even people sharing videos on their personal profiles before the news is even aware of an event. Unfortunately, there are both positive and negative effects of everyone becoming an ‘independent journalist’. In short, is social media creating a diffusion of responsibility by allowing us to react instantaneously and share what we want?

Most of us are aware that if our social media privacy settings are not quite adequate, then our lives are open for all to see; whether it’s that drunken photo of you at university, the staff night out two years ago or maybe the questionable video of you dancing at your friend’s wedding. It doesn’t matter what we put online, we are always conscious of what image we want to portray to our friends and how exciting and fantastic our life is.

But what happens when sharing things online stops being fun and starts being dangerous? You may think that sharing your daily run on fitness tracking applications like Strava or RunKeeper is just harmless boasting, but it can easily leave you and others vulnerable.

This is exactly what happened recently when American soldiers in Afghanistan were using the apps to track their running without adaquate privacy settings. These US soldiers were unknowingly giving away vital information to everyone about where the base was, the layout of the roads within the base and what their daily running schedule was like.

Even if you’re not in the military, giving out the time and duration of your daily run leaves you vulnerable to the possibility of being a victim of a crime; with just a small amount of OSINT, anyone can easily determine where you live and when you’re out, leaving your house susceptible to burglary.

What about those holiday photos taken while you and the family were away? You wouldn’t leave your house without locking the door, so why shout out that your house is empty for everyone to see? Many famous footballers have fallen victim to burglary after posting holiday snaps on Instagram.

Or what about the photo of your kids in their school uniform? Not only could you have given away your location by not turning off your geographical location settings, but you have also given away where your kids go to school. And for someone in a powerful position, this could make you vulnerable to bribery.

Conversely, social media has been used to actually solve crimes. Recently, a Canadian woman was sentenced to seven years in jail for killing her best friend; thanks to her poor security settings the police linked the murder weapon to a selfie that she had posted on her Facebook page.

The insatiable need for society to share everything online has become almost epidemic, and we are all guilty of it. We live our lives online in the hope that we get 15 minutes of fame or we get all those “likes” on our Instagram page, but at what cost?

At Neotas, we look at the potential vulnerabilities your everyday online activity can cause you; alerting you to places in which you can fall victim, helping you stay safe both on and offline.

We have been asking a number of HR professionals this question recently, and there’s a host of different answers. Broadly it falls into the following;

• Direct costs of sunk hiring fees (approx. 20% salary),
• Sunk cost of salary of a poor or disruptive performer (ask yourself, how long does it take to work out they aren’t who you thought they were and then decide to do something about it, 6 months?)
• Then put together a package to manage them out the business (3 months payoff?)

In this example that’s 95% of their first year salary and we haven’t taken into account all the indirect costs, such as

• How much company time was taken up interviewing them in the first place?
• How much HR and management time was taken up working out what to do?
• How disruptive was this person to the rest of the organisation, or worse, externally to your clients?
• Did you need external legal advice to confirm your actions?

All in all, we’re now talking well over 100% of an annual salary. Our cost per screening to avoid all these issues is less than 1%.

For this you get the opportunity to make better decisions as we provide:

• A full digital profile
• Confidence that you are hiring the right people
• Improve the quality of your workforce over time
• Reduced wasted management and HR time on resolving problems

Even a small business can save hundreds of thousands of pounds a year.

Background screening is often seen as a tick box exercise. But can your firm really afford not to screen people properly?

As we rapidly enter the festive weekend, Santa and his elves are working to finalise exactly who belongs on those naughty and nice lists. Safe in the knowledge that everyone in our office is on the nice list (**awkward glance**) this got us thinking, imagine if Santa used Neotas to help him get through the workload. Would he really think those Snaps and Instagram selfies were the act of a ‘nice’ girl? Does the banter on Twitter potentially cross a line and push you on to the naughty list? How about that Tinder profile which might not necessarily accurately reflect the real you? To be honest, we don’t judge anyone by these standards and we aren’t convinced that Santa would really judge anyone for any of these things either, however some of the individuals that we have looked at this year are definitely receiving coal.

From employee screenings with individuals involved in football violence against police officers to international business men involved in modern slavery and illegal arms and drugs smuggling, the Neotas team have seen our fair share of naughtiness. We’ve seen the fraudsters who almost signed the important business deal to those who’ve been hired without relevant qualifications. We’ve uncovered addictions, crime, hate, bullying, and stalking and this is just a small sample of our findings for the year. All of these and so many more are definitely on our naughty list as well as Santa’s. But not everything is doom and gloom, we’ve also seen a lot of nice listers!

The volunteers and fundraisers who are making a difference in the lives of those around them. The entrepreneurs with a thirst for success who got that big investment. The thought leaders who potentially struggle in an interview but thrive online. The fitness fanatics who are consistently bettering themselves and achieving new levels of personal triumph. The modest award winners who fail to mention their skills and accolades on their CV. The Neotas nice list is definitely longer than the naughty list.

Regardless of what your footprint says about you and whether you find yourself on the naughty or nice list this Christmas, Neotas would like to wish our clients, partners, friends and everyone else a very merry Christmas and a happy New Year. Here’s to 2018…Now if only your online footprint could reset as easily as the calendar!

In early 2017, New Jersey implemented an algorithm: it generates a score and gives counsel to judges. The algorithm advises them as to whether they should grant bail to detainees. This process entirely replaces bail hearings. It’s possible for the judge to never see the subject they sentence, and to never to see the effect of their judgement.  

While this sounds dystopian I can recognise the benefit. An impartial, free from bias sentence – the theory is perfect. The practice is distorted. Algorithms operate based upon past data. But what happens when past data is warped? What happens in a judicial system that has been marred by racism for countless years? What happens when past data reflects the racist history of a nation? 

The answer is simple – that tendency continues. Black people are therefore less likely to be released on bail than white people. I, and I hope you, can see that this isn’t just or fair. How can we teach machines when humans haven’t got it right yet? 

Judges are analysts at their core. They learn facts, process, and output. The similarity between them and machines ends there – Judges understand ethics; machines don’t. Judges can process extraneous factors; machines can’t. Judges are swayed by ideological movements; machines aren’t.  

Automation is a tide flowing through each sector – a tsunami threatening to crumble industries, to damage the bedrock that is the foundation of our society. And automation might well do so for many walks of life, but other paths, like that of the humble analyst, can stand proud and untouched. Morality, ethics, and processing in the wake of true understanding is what distinguishes us from machines. Analysts can provide this; machines cannot. Is there place for humans in this world of increasingly automated processes?  

I believe yes. If in the distant future all work is automated save sectors of compassion, morality and ethics, then surely the AI, NPR and automotive drive has in fact freed us to be more human: to analyse with greater clarity. This is why I think Neotas will retain value in the face of automation – we retain the human component.

Daniel Burke-Ward 

In recent months, Artificial Intelligence (AI) has seen a vast increase into its efficiency and advancements. The benefits of developing AI are clear, with growing software developments that are designed to save time and money into businesses. Consequently, this leaves the question: are these innovations likely to replace human analysts?

The rise of “machine learning” has always had the role of efficient assistance rather than replacement. However, a new intelligence company called Primer, have now developed a product that is part intended to augment the job of an intelligence analyst. Primer takes both the reading of that information, as well as the writing of the report, and automates the processes using AI. The CEO of the company, Sean Gourley, argued that “analysts get tired and can miss data if given vast quantities”.

Despite this comment being a strong argument, as an Analyst at Neotas I can safely believe that the human perspective of data analytics is critical to influencing the interpretation of data. Understanding what it means to be human and gaining first hand experiences in everyday life can be the difference to finding the meaning behind information rather than facts and figures.

In conclusion, the growth of machine learning cannot be ignored and if anything, just be encouraged to assist intelligence gathering. Nonetheless, I argue it will be a long time before AI processers can configure human interaction and meaning. In the meantime, whilst this debate continues, AI can point towards the right information to help aid research and develop a human analyst’s skills. Whilst the consumer still wants meaningful answers, our humanity will continue to be the strongest asset.

By Reece Wickens

Recently a young woman in America was fired from her job in a Texas Bank because her engagement photos were deemed inappropriate for a “family-oriented” company. The photos were uploaded to social media by the photographer and were tasteful and professional; the man was topless with a pair of jeans on and the woman wore a swimming costume that was pulled down but her breasts weren’t shown.

The ex-employee said, “I gave over a year to a company that I worked really hard for and then to have them turn on me for doing something so positive, something that I was so proud of — to help myself as a woman — it was hurtful.”

The bank’s decision to fire pregnant Stephanie (who is over 20 weeks pregnant) not only raised huge concerns for her wellbeing (she lost her maternity leave and insurance which in America is a major necessity) but it also raised questions about how employers look at social media.

Although social media is a great place to see the full picture of a person, details obtained from a personal site should be discussed with your employee, if you believe that, even though their content may not show them doing anything illegal but you feel is inappropriate or affects the company, talk to your employee about privacy rules and have a professional conversation about what they share online.

Here at Neotas, we investigate an individual’s social media footprint and online presence in search of illegal activity, discriminatory behaviour and evidence of undisclosed information. We do not hack, steal or invade the individual’s privacy nor do we judge or manipulate their online personal life. Our findings are based on workplace safety issues and vulnerability concerns for both the individual and the hiring company. Specifically, our staff screening provides clients with a report that delves deeper and provides insights and facts that current database checks fail to unearth – not just the single photo that one person might not like!

Earlier this week, Andrew Parker, Director-General of MI5, made a rare public appearance to outline the severity of the terrorist threat currently being faced in the United Kingdom. Within his speech, Mr Parker said that technology firms, specifically social media platforms and operators, were inadvertently helping terrorists by not doing enough to take down extremist content or for allowing terrorists a “safe space” to both communicate and operate. He went on to state that he believes “that there is a responsibility on the companies that offer those services to help governments be able to stop the worst excesses of human criminal behaviour.” A viewpoint that echoes that of the Prime Minister, who last month urged Tech firms to “go further and faster” to stop terrorist material reaching online platforms.

While no-one can argue with the intention of these statements, their implementation however is considerably more difficult. Over the past 12 months, we have seen social media platforms battle to understand how their platforms are being exploited and what can be done to mitigate, remediate, and protect against the issues. We’ve seen Facebook amongst others admit that machine learning and artificial intelligence alone cannot identify and resolve all issues and in the 48 hours Twitter have launched their latest crackdown on hate and abuse. But the question remains, is this enough?

Here at Neotas, we believe that it is not only the social media tech firms but the entire tech community who can assist to start eliminating these “safe spaces”. Through our screenings and investigations, we are consistently delving deeper into social media profiles in addition to those portions of the web hidden away from Google. Over the past six months, our team of expert analysts have reported numerous cases to Crimestoppers and through the Government Prevent strategy. We have policies in place for exactly these eventualities, as we believe that our commitment is not only to our clients but to the greater community as a whole. It is for this reason that we additionally work with a number of charities and partners to use open source information to combat some of the greatest challenges facing our society today.

No matter how much artificial intelligence develops, no single platform can prevent and stop these issues alone. Moreover, the inclusion of an analyst is essential to both review and influence the direction an investigation. At Neotas, we are proud of the work of our analysts and to be collaborating and contributing to a safer internet environment.

In August, Neotas reached the 6 month mark and to celebrate this milestone we thought we would share with you our journey so far – the good, the bad and the ugly (and that’s just the bosses)!

Neotas went live in February 2017. With one full-time paid member of staff and one client, we were off. We started with a new website, research techniques constantly developing, our platform constantly improving and never-ending meetings.

Our growth from that point forward has been amazing. Six months later, we now have an amazing team of seven full-time members of staff, a growing number of key strategic thought leaders, a pool of addition analytical support and an active client list of over fifteen clients. We’ve additionally built significant partnerships with a number of charities. For our primary charity, Stop The Traffik, we provide analytical support and are working with them to develop a platform which is able to identify modern slavery hotspots globally and to provide supply chain due diligence required for compliance with the Modern Slavery Act.

Our message continues to spread. Last month we completed our first exhibition stand at the inaugral Innovate Finance Growth Forum and Jenni, our Head of Research, has already spoken at a number of key events across London. We’ve focused our efforts and then through demand, refocused our efforts to meet requirements. We’ve disagreed, we’ve battled and surprisingly on the odd occasion we’ve actually agreed with each other.

We are so incredibly fortunate to have such an amazing and growing Neotas family who all as individuals care and believe in the venture as much as the initial founders did. The work we are producing is also key. Over our first six months, we have raised Amber and Red flags on 32% of all reports we have completed. Considering the vast majority of these had already undergone traditional background screenings and due diligence, this figure is huge! Even more significant is what some of those alerts have been. While our reports have actively informed decision making for investors, laywers and HR departments alike, in our most serious cases, we have been required to refer 2 cases to crimestoppers, 1 through PREVENT for concerns relating to terrorism, and 4 cases have been referred by the clients to the UK’s serious fraud office. Just when we think we’ve seen it all, we have our eyes opened once again! More importantly, all of our clients are happy! In fact we are still running at a 100% acceptance rate for clients who trial our reports in some capacity who then become clients. The road for Neotas has just begun and our team cannot wait to continue to share our experiences and this journey with you.

If you’d like to get in touch to know more or to discuss applications which are relevant to your business, please visit our website.

Until recently, crimes tended to be committed away from the eyes of society and reported post-event through traditional channels. Over the past several years however, increased usage of social media platforms has seen a rise in ‘performance’ crimes in which individuals document their criminal behaviour for a public audience.  Embracing this connected society, individuals are often observed to be operating online, often under aliases, in an environment in which they feel like they can live another life, say what they really think without dealing with the consequences, and post that controversial picture or video to get a reaction, all the while feeling anonymous and disconnected from ‘real-world crimes’ they are committing.

From murders on Facebook Live to radicalisation on Twitter and from top financial executives sharing confidential information over WhatsApp to 18 year old girls being arrested for trespassing and documenting their crime spree on SnapChat, the scale and scope of criminal activity being both enabled and documented on social media is increasing exponentially. Nevertheless while platforms are battling, along with law enforcement, to eradicate such content, the sheer volume is increasing more rapidly than resources permit.

At Neotas, we have been involved in a number of cases in which criminal activity has been identified and subsequently reported. Recently we received a request for an employee screening, a potential new recruit had been through traditional background checks and concluded two interview stages with no issues raised. Prior to the job offer letter being sent, Neotas were requested to complete a staff screening using only information provided on the subjects CV. The findings were eye-opening! The individual actively documented their entire life openly for the whole world to see, comment on and encourage. Of specific note, the following content was identified:

• The subject was identified through social media as being actively involved in football related violence. In one specific incident, the subject posted videos, images and commentary which positively identified themselves as being the individual responsible for an attack on police officers. The subject openly encouraged violence towards opposing teams, fans and police officers alike on a number of occasions.
• Significant discussions and media including videos and photographs relating to substance abuse, specifically Ketamine and Cocaine, was identified through social media platforms by the individual and key associates.
• The subject actively initiates, engages in and promotes sexist, homophobic and racist content including personally attacking individuals through their online accounts and profiles.
• The subject posted numerous confidential screenshots of his phone and work computer on social media. In a number of posts, client account details, email addresses and personal information were clearly visible and openly available.

As a result of the screening completed by Neotas, the subject was subsequently removed from the recruitment process, and in consultation with the client was reported to Crime Stoppers. The reason why this individual was able to pass traditional screening and not our screening processes is that they simply didn’t appear in any databases since they had never been caught and charged by the authorities.

While not everyone we screen raises the same number of alerts and flags as the individual above, the case is most certainly not unique. In fact over the past 3 months, more than 42% of all of the pre-employment staff, KYC and AML screenings processed by Neotas have had issues raised with them with, concerns and risk areas ranging from the criminal activities above, undisclosed Directorships, and source of funds etc. Based on this, our message to employers could not be clearer – Traditional checks are simply not enough anymore. Especially when individuals are actively posting their lives for all to see.

For individuals and prospective employees out there who cannot resist the temptation to post their entire lives online, this blog is not intended to suggest that you should monitor everything you put online, or that everything you say and do should be serious and not remotely humorous (we are certainly not here as the fun police!) What we are highlighting however is that more and more companies and individuals are looking at social media to make judgement calls on you to see if are suited for the job, course or even date. Therefore maybe it’s time to consider either keeping your profiles private or stop and think, “is that photo of me snorting cocaine on Twitter really such a good idea?”