OSINT for customer due diligence in banking and finance

Discover how OSINT improves customer due diligence in banking and finance by enhancing risk assessment, identity verification and regulatory compliance.

Financial transactions, the backbone of today's interconnected business world, are now facilitated by technology. The rapid advancement of technology and internet communications has made it possible for a corporation in China to transfer billions of U.S. dollars to New York or Toronto banks in seconds. This technological jump, while beneficial for businesses worldwide, has also opened up opportunities for malicious actors to exploit financial networks to conceal and launder dirty money acquired from illicit activities such as drug trafficking, human trafficking and cybercrime.

Nasdaq's recent report, 'Global Financial Crime,' aimed to determine the global estimate of financial crime. The report's findings are staggering- the global cost of economic crime reached over $3 trillion USD in 2023. Financial crime compliance costs, a significant part of this figure, reached $60 billion in 2023 for organizations operating in the U.S. and Canada alone, according to recent research conducted by LexisNexis and Forrester Consulting.

This article will discuss how open-source Intelligence (OSINT) resources can be leveraged to enforce anti-money laundering processes, including customer due diligence (CDD) in banks and other financial organizations. These processes are not just important; they are crucial for identifying and mitigating financial crime risks in an increasingly complex global economic system. However, before we start, let us first discuss what CDD means and its significance in fighting financial crime.

Define customer due diligence

CDD is critical in risk assessment and regulatory compliance in the financial sector. It can be defined as the set of processes and procedures employed by banks and other financial organizations to verify the identity of their customers and the sources of their funds before they accept them as customers.

CDD allows banks and other financial organizations to assess risks associated with their customers through their entire lifecycle and ensure they are dealing with legitimate customers who have acquired their money legally. This prevents banks from falling victim to money laundering and other fraud activities executed by globally organized criminal groups and other groups supported by countries controlled by obsessive regimes that want to evade Western countries' sanctions.

Failing to perform proper customer due diligence can severely impact the affected financial institutions. For example, TD Bank, which is considered among Canada's largest banks, is under investigation by U.S. authorities. TD Bank's AML program has been under monitoring for years and recently, it was discovered that Chinese criminal groups involved in drug trafficking have used the bank to launder money from U.S. fentanyl sales.

Aside from the incident's reputational impact, TD Bank will also need to pay substantial fines for failing to adhere to regulatory compliance related to money laundering activities. The bank said they have reserved $450 million as an expected fine to resolve one investigation. This case highlights the critical importance of having robust CDD procedures and the potential consequences of inadequate AML controls.

Areas of CDD

The CDD requirements are set by regulatory authorities, who guide financial institutions in conducting a proper due diligence process for their customers. Here are the main areas that should be inspected about financial organizations' customers:

Verify customer's identity and other beneficial owners

The initial step for banks is to verify their customers' identities using government-issued identification documents. Organized criminal groups have the resources to create fake IDs and other official documents such as national IDs, passports, driving licenses and even fake phone, water and electricity bills for address verifications. The same procedures should be followed to verify beneficial owners, whether corporations or individuals. The ownership structure should be revealed so that banks know who controls corporate accounts.

Validate business activities

A bank customer, whether an individual or a corporation, should provide enough details to reveal their business activity. For example, they should disclose their industry, the type of products and services they provide, which countries they operate in, key stakeholders of their companies and what markets they target.

Verify money sources

Banks need to verify their customers' source of funds to ensure they are not derived from illegal and criminal activities. This process involves examining the funds' origin, the transfer method and the consistency of transactions with the customer's stated business activities.

Risk assessment

Banks need to assess the risks associated with each customer based on various factors. These include the customer's country of origin, current location, business industry, financial transaction history executed via other banks and other patterns related to each customer. The risk assessment will also evaluate relationships with sanctioned entities and individuals.

How can OSINT facilitate the CDD process in banks and other financial organizations?

Leveraging publicly available data can enhance the CDD process for banks and other financial institutions. OSINT provides rich, freely accessible sources. Here are the main areas in which OSINT can be leveraged in CDD.

Customer identification

To verify customers' identities, OSINT researchers can use the following:

Social media intelligence

Assessing potential customers' profiles on social media platforms will reveal their connections and give valuable information about their business/personal relationships and interests. SOCMINT analysis can also reveal previous places that a customer has visited. We have already created four guides on executing deep SOCMINT on the following platforms: Mastodon, Twitter (X), Discord and Reddit. Here are some online services to start your social media search:

• Namechk, Checkusernames - Reverse username search
• Social Searcher - Search for mentions across a large number of social media websites
• Google reverse image, Bing Visual Search, Yandex reverse image - Reverse image search
• Faceagle, Facecheck ID  - Face search engines
• Greatfon - Anonymous Instagram story viewer
• Notjustanalytics - Instagram profile analyzer
• YouTube Lookup - View YouTube video metadata
• Social Media Sentiment Visualization - Analysis of user's emotions in text
• Freepeoplesearchtool - Search for a person's name, location, phone number or company   

Public records

These repositories contain various information about citizens. Public records play a crucial role in customer identification through name, address and business verifications, conducting background checks on customers and revealing important financial data about the customer such as individual's or business's financial history, bankruptcies, liens and credit reports. Here are some resources to begin your search:

• USPS Address Verification - Verify U.S. mailing addresses
• Postgrid - Verify U.S. and Canadian addresses
• Census Bureau - Verify U.S. addresses  
• Global Address Check Tool - Verify global addresses
• DIGITAL STATE ARCHIVES - Contains links to all U.S. state archives. It holds links to public databases holding information about vital records, biographies, cemeteries, censuses, histories, immigration records and land records, to name only a few
• The Public Records Online Directory - Links to property offices across the U.S. For each county, there are links to deeds and mortgages, tax and assessment records

Beneficial Ownership Identification

When the beneficiary is corporate and not individual, OSINT can be used in various ways to verify the ownership information of all beneficiaries through corporate business registries, news websites and other public sources. Here are some online services for finding information about corporations:

• Corporate registries- Many countries maintain public databases of registered corporations. These can provide information on company management, shareholders and corporate structure. Here are some links for corporate registries:
  • Opencorporates - Search more than 225 million companies worldwide
  • ZoomInfo - Contains over 100 Million company profiles
  • The Global Business Listing Database - Contains information about more than 43 million corporations worldwide
  • U.K. companies house - A database of U.K. corporations
  • Corporationwiki - Allows searching for companies and people
• News websites- Facilitate customers due diligence through the following:
  • News websites can reveal information about customers' reputations. For example, negative news about a company run by someone is a red flag
  • Monitoring news over time about a specific company or person allows for checking how their reputation has changed. For example, a reputable company could have been caught conducting business with sanctioned entities. This thing affects its reputation
  • News websites contain valuable financial information such as GDP growth, inflation rates and unemployment figures, which helps assess bank customers' financial status

Here are some news websites to start your search:

• NBC News
• Google News
• Associated Press News
• CNN
• Reuters
• World Newspaper Archive

Breached and leaked database

Different websites hold breached data acquired from various websites and online services. Such information is considered valuable for executing CDD. For instance, by analyzing this information, banks can identify potential risks, detect fraudulent activities and strengthen their overall security posture.

For example, finding leaked credentials and personally identifiable information (PII) will allow a bank to alert its customers before their information becomes available to threat actors, who will use it to execute numerous fraudulent activities. On the other hand, identifying breached customer data will allow banks and other financial organizations to secure their online presence and customer accounts proactively.

Here are some online services for finding leaked datasets—please note that the darknet should also be monitored for similar information.

• Breachbase
• Breachforums
• have i been pwned?
• Leaked domains
• The Accountability Project

Sanctioned entities databases

Sanctioned entity databases are a critical component of a bank's CDD process. They contain information on individuals and companies subject to economic sanctions imposed by various parties, especially Western countries. Here are some reputable repositories for finding information about sanctioned entities:

• OFFSHORE LEAKS DATABASE - Discover the individuals behind over 810,000 offshore companies, foundations and trusts uncovered in the Pandora Papers, Paradise Papers, Bahamas Leaks, Panama Papers and Offshore Leaks investigations
• U.S. Office of Foreign Assets Control - Holds entities sanctioned by the U.S.
• EU Sanctions Map - List of countries and associated restrictive measures imposed by the European Union
• The U.K. Sanctions List - Lists people, entities and ships made under the Sanctions and Anti-Money Laundering Act 2018
• Opensanctions - A comprehensive, freely accessible database that aggregates information from various global sanctions lists, registers of politically exposed persons and other records of individuals of public interest. This resource aggregates data from hundreds of sources worldwide, providing a centralized repository of crucial information for due diligence and compliance efforts

To expand your knowledge about researching sanctioned entities, read our full guide about “Using OSINT to identify sanctioned entities”.

CDD has become a crucial aspect of the modern banking industry, especially in the fight against rising financial crime and money laundering. OSINT can significantly enhance the CDD process, making it more efficient and effective, particularly during the onboarding of new customers in banks and other financial institutions.

Ensure security and anonymity in your CDD investigations

When conducting OSINT to enhance your customer due diligence, it’s crucial to prioritize security and maintain anonymity throughout your investigations. Safeguard your identity and prevent your activities from being tracked by using a platform designed for secure online research, such as Silo for Research. With complete isolation and a suite of purpose-built investigation tools, you can confidently gather intelligence while keeping your data and intentions completely shielded. Elevate your CDD process and stay ahead in the fight against financial crime with Silo for Research.