Open-source intelligence (OSINT) is an extremely valuable tool across a whole host of sectors and industries including insurance, gambling, banking, third-party supplier, law enforcement and defence to improve enhanced due diligence checks and investigations. As one example, the FCA and Gambling Commission require regulated entities to utilise open-source intelligence to supplement third party and internal data sources prior to making decisions about individuals and businesses:
“Open-source data exists which can help operators assess affordability for their GB customer base and improve their risk assessment for customer interactions.” – Remote Gambling Operators update from the Gambling Commission – Social Responsibility code 3.4.1
The examples are numerous – however, as a business we are often asked how to best use Open-Source intelligence, and find it is overlooked and maligned. If you are having doubts about how to best utilise open-source intelligence, read on to discover your options.
OSINT covers a broad range of areas and disciplines with the main problem that people come up against being the sheer number of results that are returned when running a simple search. If not done correctly, it can become labour intensive and leads to running down multiple rabbit holes whilst trying to identify the correct avenues to follow. If search is not refined or has or direction, key nuggets of information are overlooked creating operational inefficiencies and lost opportunities. As organisations often have a finite amount of time, it is easy to miss key data points if your approach is not configured to filter out the noise.
To overcome this gathering OSINT data needs not just expertise in complex open-source keyword search but an automated and analytical approach to ensure that you can filter out as many false positives as possible and get to the pertinent results quickly and efficiently.
Running a single search on an entity is not the right approach as you will pull back millions of records making it difficult to get the information you need. The right approach is to utilise complex searches with multiple search term filters that can better target the entity concerned and reduce false positives.
However, expertise in this kind of complex search, even if you are utilising copying and pasting pre-ordained dorks stored in Excel files, is not enough as sifting through the results can still be incredibly time-consuming, result in varying quality in report preparation if perhaps you have many team members working together and reduce accuracy and time you have available for decision making.
Technology that can automate the collation of your search is key, delivering results much faster and in a more standardised fashion. But it is essential that that this technology has the appropriate filters and analysis capabilities built in to do a suitably sophisticated, targeted search that narrows down and draws out the right information to save you time and ensure you uncover the right results. Multiple keyword filters are important, but the ability to analyse by advanced parameters, including proximity, timescale, document type, country specific search location can take the value of results to a much higher level and deliver greater operational efficiencies for your business. For example, the ability to only find results in a radius of twenty miles of the entity’s address will allow you to find key information much quicker.
By being smarter with your OSINT, you can start to utilise the information in an automated way and use it to make mission critical decisions. Below are some examples across different industries:
Insurance – Across both commercial and personal insurance open-source data can be used to help better price risk, find fraudulent claims, and improve operational efficiency. For example, in the case of business insurance, open-source data can be used to find more information that can better price risk – A companies house check will only give a small insight into an organisation whereas overlaying pertinent open-source information can provide a deeper understanding into that business and unearth negative press or criminal activity around the directors or the business. In a second example, several Elixir Group members offering personal lines were victim to a highly complex, organised fraud in excess of £8 million. Scout® investigated 94 entities in just 3 hrs, identified 15 significant business links, and saved 850 hours of investigation time compared to manual processing.
Law Firms – Inevitably law firms have to use open-source data to do extremely detailed and in-depth investigations. They usually have expertise in choosing the right search terms but find that the complexity of the investigations and the time needed to collate information, reduces their time for decision making. Recently, a legal firm utilised Scout® across investigations into third party supplier modern slavery, probate cases and a case of fraudulent signatures, returning results in seconds and utilising our Workbench technology to help visualise links between entities and avenues to follow.
Gaming – As I mentioned above, the Gambling Commission has mandated the use of open-source, noting its ability to help in establishing affordability, but also in anti-money laundering checks. Scout® is helping the gaming industry to carry out those checks more quickly and thoroughly, contributing to sustainability, cost-effectiveness, and compliance.
At Synalogik, we offer a wide range of OSINT services such as advice, training and how best to effectively bring this intelligence into an organisation whilst maintaining operational efficiency. Our flagship platform, Scout®, has the analytical capabilities to address the issues raised above, ensuring organisations get to the pertinent results quickly and efficiently. It has been developed by experts from military intelligence, law enforcement and the legal profession and has been adopted by multiple sectors including insurance, gaming, banking and legal.
If you would like to understand more about or capabilities, please contact us at firstname.lastname@example.org. Or complete this form: