Leveraging OSINT for Public-Private Partnerships

The fight against financial crime is a global, multi-party endeavour which requires active involvement from both the public and private sectors. Financial institutions, regulators, law enforcement agencies, and other private and government bodies are increasingly focused on working together to collaboratively identify and stop malicious actors. In this light, public-private partnerships (PPPs) have long been heralded as key instruments in the fight against financial crime, allowing cross-sector collaboration to improve the analysis, investigation and prosecution of crimes. 

To be successful, PPPs need to use all the tools at their disposal to understand and investigate the risks they’re facing. One way they can do this is by leveraging the potential of open source intelligence (OSINT). OSINT is a powerful tool in the fight against financial crime, offering a wealth of information that is open to all and goes beyond what any one organisation can see (whether public or private). It can be harnessed to build out the picture of known threats being explored by PPPs, support investigations into specific risks or malign actors of interest to PPPs, or identify future trends and emerging threats which PPPs need to address.

The importance of PPPs

It is widely acknowledged that information silos pose one of the largest challenges to tackling financial crime. The multiple entities involved can all see different pieces of the puzzle, and have different responsibilities, priorities and motivations. PPPs are often seen as the answer to this, enabling the sharing of information between the two “teams” involved in identifying dirty money – financial institutions and law enforcement. The European Commission believes there are two key benefits to PPPs – the exchange of strategic information such as typologies, trends and industry risks; and the exchange of operational information between public authorities and financial services on persons of interest for law enforcement.

The role of OSINT

While the enormous potential of PPPs is widely recognised, they still face limitations and challenges in practice, not least restrictions on data sharing and operational constraints. OSINT can play a huge role in enriching the information available to participants and improving the outputs of the partnerships.

This approach is supported by the Centre for Financial Crime and Security Studies (CFCS) at RUSI, a leading authority on financial crime. In a recent paper, CFCS argues PPPs do not have to focus exclusively on detailed account and client level information sharing, but instead can work on developing typologies and better shared understanding of risk. This is the approach taken by PPPs in countries like Singapore, Canada or Kenya, which have proven to be effective vehicles by which the public and private sectors can come together. These types of forums can benefit hugely from effective OSINT research to identify emerging risks, uncover networks and patterns, and enhance participants’ understanding of their risk picture.

Addressing information gaps

PPPs allow participants to pool their collective knowledge (in theory – see Data Sharing Challenges below), but even amongst all the members of a PPP, there will still be information gaps. The use of publicly available information can be vital in filling in these gaps and glueing together information from financial institutions and law enforcement.  

For instance, sophisticated money laundering operations generally involve complicated networks with large numbers of individuals operating through multiple front companies and bank accounts. Law enforcement, or financial institutions, may have identified certain nodes or portions of these networks, but may need OSINT to connect the different parts together.

To give a more granular example, an operational-focused PPP might discuss an organised crime gang (OCG) operating in a certain sector within the UK. A participating bank might confirm that none of the identified members of the OCG are its clients. However, through OSINT research it may be able to establish connections between those members and some of its existing clients – e.g. through shared corporate interests, legal cases in which they are named as co-defendants, or social media connections. This could prompt an investigation of the clients’ activity, which could determine that they do appear to be involved in the OCG’s activities, thus opening up new leads and connections for law enforcement.

Overcoming data sharing challenges

A common challenge with PPPs is that there is no consensus and huge sensitivity about what client data can legally be shared. While sharing confidential information between financial institutions and law enforcement is covered under national money laundering regulations for the purposes of tackling financial crime, it is often unclear what information can be shared between financial institutions, even in the context of PPPs. OSINT is one area where these challenges don’t apply. Since all parties have access to the underlying sources, there are no restrictions on sharing OSINT information between the public and private sectors, and between private sector firms, to aid specific investigations and for broader risk management purposes. 

Multiplier effect

While all organisations have access to OSINT, they do not all have the resources and ability to mine it effectively and extract all the relevant information it can provide. Both public and private organisations’ research will be targeted on either individual actors or specific threat areas, driven by that body’s specific priorities, key risks and current investigations. If this output can be distributed and shared with other organisations through a PPP, the results of any one organisation’s OSINT research becomes exponentially more powerful.

Public-private OSINT sharing in action

An essential collaboration tool

Overall, OSINT can be a hugely significant tool within the already powerful arsenal of public-private partnerships. By harnessing the power of open source information, these partnerships gain an invaluable asset, enabling a more comprehensive understanding of evolving financial crime landscapes. The transparency, depth and breadth afforded by open source intelligence augments the effectiveness of collaborative anti-crime initiatives and cultivates a more resilient and proactive approach to safeguarding our financial systems.