It was 4:15 on an otherwise unremarkable Sunday afternoon in March 2018, when two people – a man and a woman – were found slouched over a bench in the middle of a crowded street in Salisbury. Drifting in and out of consciousness, the pair were said to be foaming at the mouth, their eyes staring blankly into space. This was not the effect of alcohol or drugs, but something the public would quickly learn to be far more sinister, the targeted release of a lethal chemical weapon on a UK city. Over the following months, the event would soon turn into one of the largest public health emergencies in history, spark an international manhunt and shine a light on the murky world of espionage and a new chapter of worldwide malign influence; hybrid warfare.
The story of Sergei and Yulia Skripal, poisoned by the Russian state with a chemical nerve agent – Novichok – on the streets of a middle-class city in rural England, quickly became international news and even a BBC mini-series. As an ex-Spy himself, Sergei Skripal had risked his life working for British intelligence, MI6, informing on the activities of covert Russian agents all around the world. Like any spy, risk was inherent, but as a double agent – keeping the trust of his Russian spy colleagues while also reporting on them to the British – the stakes were life and death.
After an alleged ten-year career working undercover, something had gone terribly wrong. Perhaps an unusual behaviour of financial activity had sparked attention, perhaps communications had been intercepted, perhaps another double agent had informed on him. Whatever the reason, Skripal’s betrayal had been uncovered, and he was arrested for treason by Russian authorities in 2004. The Russian newspaper Komsomolskaya Pravda remarked that in Soviet times he would have been shot; but instead he was given 13 years in prison for “high treason in the form of espionage”. Less than 6 years later, in another dramatic movie-worthy twist, Skripal’s release from Russia was secured in 2010 in a classic ‘spy swap’ deal after a network of illegal Russian undercover operatives were discovered in the USA, including notables such as Anna Chapman.
In his release, Skripal had settled down with his family in the comfort and anonymity of Salisbury, sheltered by the country that he had helped in secret for so many years. On that fateful Sunday, as he and his daughter ate at the italian restaurant Zizzi’s, little did he know that two assassins from his former employer – the Russian military intelligence department or GRU – had travelled to the UK with the intent to kill him. A message and warning to any others who might defy the Russian state, betrayal will never be forgotten and nowhere, not even a quiet cathedral city in England, can be safe from retribution. After arriving into London from Moscow, the two assassins, travelling under the alias’ identities of Alexander Petrov and Ruslan Borishov, had initially travelled to Salisbury for less than 2 hours likely in order to conduct reconnaissance for their mission. The next day they travelled again to Salisbury, deploying the chemical nerve agent Novichok – hidden in counterfeit Nina Ricci perfume bottle – on the door handle of Skripals suburban residence. The substance, a highly toxic weapon developed in the Soviet-era, is designed to kill by shutting down the body’s nervous system, causing a loss of all critical functions including breathing. Only a few hours later the exposure had left Sergei and Yulia fighting for their life.
CCTV footage released by the police showed the pair walking in a residential area of Salisbury the day of the attack
What is Hybrid Warfare?
The event in Salisbury wasn’t an isolated incident. It was part of a wider coordinated strategy to exert power and influence in a new era of warfare. Often termed ‘hybrid warfare’, the strategy sits outside of the typical rules-based system of traditional foreign policy. It is a doctrine that is highly flexible and adaptive; it uses a variety of covert tools at its disposal to achieve strategic political objectives. From propaganda and ‘fake news’, to cyber-attacks, assassinations, political warfare and even economic and financial effects, these techniques can all be combined to exert a new kind of global influence. By its very nature it is concealed, with the war being fought by journalists, hackers, businesses and politicians – both witting and unwitting combatants in a greater game for power.
Unlike traditional warfare, where uniforms, insignia, and open declarations by politicians mean consequences can be more easily understood, the difficulty of attributing these coordinated activities means retaliation and retribution is more difficult for the national security communities tasked to defend against it. This completely upends the traditional ‘tit for tat’ mentality which has long been a bastion of international equilibrium. Therefore, it is a highly asymmetric threat, where the power no longer lies with shock and awe, but with networks, coordinated goals, and hidden agendas.
Russia’s fondness for coordinated subterfuge may go back decades, but it wasn’t until 2013 when Russia’s Chief of the General Staff, General Valery Gerasimov outlined what most would come to recognise as the modern codification of hybrid warfare. To wit, non-military techniques aren’t just ways of augmenting the traditional forms of war but are now the main form of influence in an increasingly connected and digital world. It is a war that is fought not only on the ground, but also in the digital networks of cyber space and in the psychological domain of people and cultures. The goal being not in singular military victories, but to keep adversaries in a perpetual state of competition and confrontation.
These techniques include:
Assassinations – While the attempt made on the life Sergei Skripal was ultimately unsuccessful, political assassinations send a powerful message; there is no place to hide and nowhere will be safe. The method of deadly nerve agent is also important, enemies will not be safe even with bodyguards, security or bullet-proof vests. Alexander Litvenko, another ex-spy targeted for revenge in 2006 was murdered after drinking a cup of tea laced with radioactive polonium in a busy 5-star hotel in the heart of Mayfair, London.
Cyber Attacks – hybrid warfare makes extensive use of digital techniques to achieve its aims. Hacking into computer systems provides valuable intelligence which can be used as part of a leak desired to inflame or exacerbate political weakness (as was seen throughout the 2016 US presidential campaign). Shortly after the Salsibury poisonings, local authorities in the area were hit with ‘well coordinated’ cyber attacks likely as part of the same operation. Cyber attacks can fuel other parts of the hybrid operation, collecting information from which to use later or as a platform for disruption – with the potential for damaging vital computer systems in order to leverage influence such as the “NotPetya” attack that while ostensibly targeted Ukraine, wrought worldwide damage to thousands of victims worldwide.
In a remarkable interviewed aired on RT, the pair expressed their passion for gothic architecture and the 123 metre spire of Salisbury Cathedral
Disinformation – Much has been made of the rise of “fake news” that can be pushed out in order to sow distrust in official statements, and counter the narrative. While online social media and automated ‘bots’ often garner attention, fake news has more impact when delivered through mainstream and official channels. Throughout the Salisbury investigation numerous false statements appeared via channels controlled by the Russian state including a claim by the Russian ambassador Alexandar Yakovenko accusing the UK of “destroying all possible evidence” “classifying all remaining materials and making a transparent investigation impossible.” and perhaps most infamously the eventual appearance of the assassins “Borishov” and “Petrov” on Russia Today as two fitness instructors with more than a strong interest in the gothic spire of Salisbury Cathedral.
Espionage – The use of undercover operatives has always been crucial to warfare, but when combined with other levers of power it can have powerful effects to amplify these clandestine goals. The Salisbury assassins were allegedly met in London by another high ranking GRU officer Denis Sergeev, travelling under the alias of Sergey Fedotov who likely gave them their final orders to proceed. These networks of spies, with access to infrastructure, and local connections allow more specialised operations to take place. Throughout 2018 after the Skripal poisoning, Russian agents attempted to access laboratory facilities and networks across Europe including in Switzerland and the Netherlands where material relating to the attack was being analysed. Combining traditional human intelligence techniques, technical surveillance and on-the-ground cyber attacks – undercover teams can be a formidable asset, accessing vital information that could not be gathered any other way.
What can be done to counter Hybrid Warfare?
Just as hybrid warfare uses a holistic blend of techniques to achieve its goals, countering it must also seek to break down barriers between traditionally separate capabilities. Understanding the networks and infrastructure that enable adversaries to coordinate espionage, cyber-attacks, disinformation, and assassinations can help decision makers devise strategies that can create resilience in society and counteract the subversive effects of instability.
Data fusion for analysis and intelligence – Sound intelligence is fundamental to countering hybrid threats, but being able to see the complete picture relies on the fusion of data from all sources; joining the dots between data of different types is critical to unpicking the threads of deception. From the moment that the Salisbury assassins entered the UK, they generated data that investigators and analysts could use to understand their movements and intentions. From CCTV at airports, train stations other locations, to mobile phone data and passport information, we all leave digital footprints in an ocean of data that can give clues to our behaviour.
For instance, in September 2018 a major breakthrough in the Skripal case came from investigative journalists working at Bellingcat and The Insider. Piecing together information from publicly available information on the internet and leaked information on the dark web, Bellingcat showed the world how careful examination of data could uncover the real life identities of the assassins as GRU officer Colonel Anatoliy Chepiga and Dr. Alexander Mishkin. Critical to these breakthroughs was the ability to fuse data from database records, passport scans, images, news articles, websites and documents – linking alias names, addresses, dates of birth and key events to resolve their real life identities (see also our guide on “Entity Resolution” here).
Sanctions and Expulsions – On the27th March 2018, less than three weeks after the attack at Salisbury, an international community of 27 countries including the United States, Ukraine, Canada, Germany, France and Poland expelled 142 Russian nationals from their countries in the largest mass expulsion of diplomats in history. In 2020, the USA, EU and UK went even further, issuing legal sanctions against GRU officers involved in many of these operations, including Aleksei Minin, Aleksei Morenets, Yevgeny Serebriakov, and Oleg Sotnikov who were all accused of taking part in the espionage attempt at the OPCW in the Netherlands where material from Salisbury was being analysed. Such sanctions, effectively deployed within the financial and travel sectors (deployed using technology such as Ripjar’s Name Screening Solution) restrict these individuals’ ability to access basic services and commerce, providing a vital part of the deterrence strategy to send a message to others who may choose to be involved in these types of operations that there are consequences for their actions.
Interagency cooperation and knowledge sharing – No single organisation has a complete picture of all data or is responsible for enacting the strategies to counter hybrid threats. Therefore, effective security strategies to defend against hybrid warfare rely on intelligence sharing and collaboration between government departments, law enforcement, the intelligence services and the private sector. The UK government’s ‘Fusion Doctrine’ published the same month as the Salisbury attack, outlines this whole-of-government approach to collaboration for the purposes of national security, but it must also be underpinned by the technical enablers to do so. From secure communications to data platforms that can share knowledge on threats and intelligence reports, the infrastructure for collaboration must also enable investigations. While police may have access to CCTV data and witness statements, other areas may have specialised data on chemical weapons systems, or the public health emergency developing in the area. Furthermore, banks and other financial institutions will have access to money flows and transfers that all might give a small piece of the puzzle to uncovering the larger pattern of subversion.
Predictive Analytics for Discovery – Finally,countering hybrid threats will not succeed if there exists only a retrospective capability to understand events after the fact – even if that capability does include the heroic forensic detail from sources such as open-source intelligence and the dark web.Therefore, in order to build our defences, data analytics must become forward-looking for discovery of such threats as they emerge. Artificial intelligence and new ways of processing data for behavioural clues will play a vital role in the development of such discovery analytics. Combining all data sources and an understanding of hybrid threats and their characteristics, these advanced forms of data analysis are able spot a clandestine officer arriving from overseas and who they were travelling with, setting up bank accounts or other infrastructure and are able to automatically link known data points of existing threats, to unknown but active data points within the same pool of information. This means threats can be uncovered more quickly, automatically and with more efficient use of resources to help scale against the size of the challenge.
Organised Crime on a Global Scale
Sergei Skirpal and his daughter Yulia ultimately survived the attack. A member of the public Dawn Sturgess, sadly did not. Some may call it hybrid warfare, others simply as murder. The act of criminality, albeit committed by a state actor, does not reduce its culpability, it heightens it. Responsibility for such murder doesn’t just fall to the individual who committed it, but to the entire system that enabled it.
Tackling organised crime on global scale, acts that take place outside of the norms of international behaviour requires a shift in our thinking. Distinguishing between crimes committed by terrorists, gangs or even governments may be difficult, if not impossible without strong attribution of cause and effect. Technology, and new advancements like artificial intelligence and data fusion, deployed within the public and private sectors will accelerate the detection of these hidden networks, and the very connectedness that allows hybrid warfare techniques to succeed will eventually be the same method from which it is successfully defeated.
David Balson Director of Intelligence, Ripjar March 2021
Pointing out the uncertain times that came with much of 2020 now seems passé. We have all experienced it, and have witnessed the effect on our lives, some positive and some, tragically, not so. While the vaccines are now starting to roll out across the world, it will still be many months before 2021 delivers some semblance of normality to our daily lives. During this time, I’ve been truly humbled by our staff at Ripjar for their dedication and hard work – in the first week of lockdown we moved from 3 physical offices across three diverse cities in the UK – Cheltenham, Bristol and London – to being an effective, exclusively remote working hive mind, continuing seamlessly to serve our customers across four continents. It has been a pleasure and I thank them all for their dedication, professionalism and service.
But while our software engineers and data scientists have continued to innovate during this time, so too have the global criminal networks that we aim to stop. The criminal fraternity have sought to take advantage, defrauding government programmes designed to help protect the vulnerable, crafting elaborate scams and impersonation frauds, and turning to cybercrime – using ransomware to intimidate and extort, even targeting the very institutions that we have relied to fight the pandemic itself.
This latest surge in criminal enterprise is sadly just the latest evidence that organised crime networks are largely succeeding in funnelling billions out of the global economy, and successfully laundering those proceeds into luxury lifestyles, and further expansion of criminality that target millions of innocent victims.
One such group of victims are those trapped in the horror of modern slavery. Criminal gangs operate all over the world with as many as 40 million victims working only for the benefit of others, their basic freedom and labour exploited without any concern for wellbeing or basic human dignity. Ending trafficking of persons and modern slavery is of paramount importance, but it is a problem only recently attracting enough attention to tackle. In an increasingly globalised economy, supply chains are complex and intricate – the subtle and hidden signals of human exploitation can be spread across multiple organisations. It will take a revolution in due diligence, whether in the global banking system, logistics providers, energy companies and the law enforcement community to raise the barrier to entry and deter criminals from this most destructive crime. This is something my colleague David Balson has written extensively about here, but there is far more to be done and I see Ripjar technology at the forefront of this war.
The criminal thirst for money may have even more widespread consequences. Let us not also forget the genesis of the COVID-19 pandemic, and the risk factor of a future zoonotic virus causing the next pandemic. When exotic animals are traded and trafficked by criminal gangs, the risk of a pathogen being passed between the animals and then onto humans becomes greatly increased. Today, the illegal wildlife trade, facilitated by online communications, e-commerce, and social networks is sadly another billion-dollar industry. In satiating consumer demand for products and consumables from endangered species, elephants, rhinos, tigers, or even pangolins – the destruction of our natural world has been accelerated by criminal enterprise. Working with the financial sector to improve detection of illegal wildlife trafficking and other environmental crimes is becoming key to future due diligence capabilities for new and exciting ESG funds, and I am delighted to see the economic benefits of these pay off.
Lastly, this year has seen unprecedented discussion around transparency and the effectiveness of information sharing to prevent money laundering. The revelations of the “FINCEN Files” back in September prompted our strategic advisor Graham Barrow to discuss how banks and law enforcement could better work together on joining the dots between information in the private and public sector, potentially moving beyond the current Suspicious Activity Reports (SARs) regime. Just this week, the US House of Congress passed a landmark bill on corporate transparency, which will mean far greater transparency on ownership structures and previously anonymous ultimate beneficiaries, with far more data sharing and collaboration between international partners. Transparency is a vital weapon to fight financial crime, removing the shadows where criminals hide is vital if we are to stem the tide against the worldwide networks of dirty money that fuel crimes like human trafficking, modern slavery, wildlife exploitation and fraud.
So, it is on those points that I see Ripjar ideally poised to help companies, financial institutions and government agencies fight this plague of criminality. We have spent the last two decades working in data intelligence technology and designing systems that help investigators investigate, automate and monitor criminal threats. Our technology platform is now used in dozens of countries to detect risk in supply chain and counterparty relationships, perform real-time checks on millions of clients to detect financial crime risk and join the dots between hundreds of data sources to unpick the networks of cybercriminals and terrorists.
I also see our technology at the heart of these emerging global trends. We have taken lessons from our work in the cybersecurity sector on information sharing and common data formats that can be applied to similar effect within the financial crime sector. This will transform the way investigators can share machine-readable data between each other, providing law enforcement and financial intelligence units (FIUs) with new tools to see the complete picture of how organised criminals move their money and profit from the misery and suffering of others. Additionally, with increasing scrutiny on the integrity and ethics of supply chains, our due diligence technology will also grow to play a bigger role in the detection of modern slavery and environmental crime. Our advanced Natural Language Processing (NLP) technology, which today reads and interprets over 3 million articles a day, even provides us with the basis to conduct the large-scale detection of ‘fake’ news and propaganda, especially important during this time where society needs truthful information on vaccines and increasing the integrity of the information environment to resist extremists.
With our recent funding announcement from Long Ridge, Ripjar is equipped to supply software for the future of countering these serious and endemic threats to our world. We are using that money to recruit, and we will be advertising for many opportunities as we continue to grow.
With that mission in mind, and the technology and people that we have at Ripjar I am optimistic that we can work with leading organisations to tackle the pandemic of crime the world faces, and I am sincerely looking forward to the next year and the new wave of hope that it will be bringing.
The dreadful attack in Vienna last month has yet again brought the shadow of terrorism down upon Europe. The shooting, which followed two further terrorist atrocities in France in October speaks to the changing nature of the terrorist threat, and the inherent vulnerability of society from violent extremists intent on spreading fear, and their message of hatred.
Shortly after 8pm on the 2nd of November 2020, on the eve of another necessary curfew to stem the spread of COVID-19, the attacker began shooting at those enjoying a few final drinks before a new lockdown began. Heavily armed with an automatic rifle, pistol and machete, and wearing a mock suicide vest, the attacker Kujtim Fejzulai was known to authorities; he had previously been jailed for 22 months in April 2019 after trying to travel to join the Islamic State or Daesh fighters in Syria, but was freed after just 8 months in December after convincing authorities he no longer held extremist views. Before he could be stopped by armed police, he had killed 4 and injured 23 victims.
This parallels the attack at London Bridge a year ago where another extremist, Usman Khan – who had previously been released from prison for terror offenses – attempted a mass stabbing at an event designed to promote rehabilitation, killing 2 and injuring 3 before armed police intervened.
Fejzulai however, had raised a further red flag earlier this year. In July, Slovakian police been made aware of an Austrian national trying to buy ammunition for an AK-47 assault rifle without a licence – despite passing this intelligence on to the BVT (the Austrian equivalent of MI5), leads were not followed and no further action had been taken.
Assessing the Risk
When attacks are conducted by individuals known to authorities it often feels like a failure, either in the assessment of the individual and the threat they pose, or in the situational awareness of the authorities in understanding the pre-cursor behaviours of an attack.
Law enforcement, intelligence agencies and other bodies designed to protect society are not gifted with the power of prediction, let alone clairvoyance. Our expectations are that they are able to understand risk from data that they are able to lawfully collect and interpret that data correctly to inform assessments and decision making. When tragically lives are taken by terrorist actors, it is vital to revisit these assessments and review if the necessary risk management was in place.
These attacks continue the trend, particularly since the collapse of the Islamic State, towards more improvised attacks and weapons and those that involve smaller groups of people working in comparative isolation (if not single individuals with intent known only to themselves). Therefore, understanding the risk and recidivism of extremists can be extremely difficult, even for those who are extremely close to them, such as probation officers or covert intelligence sources. Further, the scale and diversity of these threats is increasing, with other extreme ideologies like those of the far-right contributing to an individuals grievance and desire for political violence.
Spotting Red Flags – Opportunities to widen the net
However, even the most atomic of terror plots must coexist within the services and functions of society. Just as the Slovakian gun licencing programme flagged and even temporarily thwarted Vienna attacker Fejzulai’s attempts to buy ammunition months before the attack took place, control frameworks around key infrastructure can give society an early warning sign for risk.
Unlike traditional police work though, these control frameworks must exist within wider institutions to be effective in their goals, often within the private sector. For example, one of the most fundamental capabilities for terrorists to act is having access to money and finance. Establishing a flow of money to be able to buy the necessary supplies and make preparations for an attack is essential and banks are duty bound to make provisions to detect and report suspicious financial flows to authorities.
The constantly evolving terrorist threat though means this regulation and associated downstream capability are targeted mainly at complex, multi-national terror plots, and prone to constant false positives when flagging known terrorists from watchlists when on-boarding a new client or when transferring funds between accounts. False positives plague attempts to tackle the scale of the threat.
False negatives may also be on the rise. As attacks increasingly rely on low cost improvisations – more subtle indicators within financial flows may also be red flags; for instance, warning signs may be present from the intent to just hiring a vehicle. In 2017, Khalid Masood carried out an attack on pedestrians on Westminster Bridge using a rented vehicle and in 2016 in a horrific attack attributed to the Islamic State, Mohamed Lahouaiej-Bouhlel used a rented truck to kill more than 80 people in Nice, France.
Other areas for potential alerts may also be easily missed. The brothers behind the Manchester Bombing in 2017 Salman Abedi and Hashem Abedi, purchased the quantities of chemicals necessary for building the explosive device that targeted young people enjoying an Ariana Grande concert from online retailer Amazon, via an intermediary. This perhaps highlights the difficulty when providing screening technology – to use additional analysis and context to screen transactions and shipments – particularly for chemicals such as hydrogen peroxide and alert authorities appropriately.
Artificial Intelligence – At the heart of automation and monitoring
The UK’s strategy of prevent, protect, pursue and prepare and the international regime around countering terrorist financing governed by the FATF, has been subject to much scrutiny since the events of 9/11 and the last two decades of innovation in counter terrorism and anti-money laundering (AML) departments all around the world. With the changing terrorist threat must come changing ways that the risk is managed; technology and processes must be adapted if we are to maintain a safe and prosperous society.
These changes are greatly enhanced by advances in technology. At Ripjar, we are developing AI-powered software that is now able to support both private and public sector institutions in automating, monitoring and investigating the threat from any data source.
One of the breakthroughs we have made is to dramatically improve the performance of watchlist monitoring and name matching. Even at its most basic, this can be a challenge for existing technology. Names are not unique, they can be abbreviated, mis-spelt, or rendered in different alphabets. Tamerlan Tsnarnev, who, with his brother Dzhokhar, became one of the 2013 Boston Marathon Bombers, had already been flagged; in a rare collaboration, the Russian intelligence agency the FSB had warned US authorities that Tsnarnev posed a potential security risk. While the FBI did not have any further intelligence to act, his name was put on international watchlists at every airport and border control point to alert on foreign travel. The technology to flag this however, did not use even the most basic fuzzy matching, and by the time that Tamerlan Tsarnaev returned from Dagestan, the spelling on his passport “Tsarnayev” did not alert on the watchlist record for “Tsarnaev”. A year later two pressure cooker bombs went off at the finish line of the Boston marathon, killing three people and severely injuring more than 260.
AI-based entity resolution offers a solution to addressing this problem, increasing the effectiveness of these searches by more than 90%. Using data-driven approaches to learn and understand how names, their permutations and their likely matches are used, we can reduce both the false positives that mean security and compliance professionals are swamped with irrelevant data and increase the chances that those that seek to harm by accessing infrastructure such as finance, travel or products and services do not slip through the net.
Name screening though, is only as effective as a risk management control as the quality of the data and the places it is deployed. Automation provides a further benefit as it can be more easily integrated into any transaction or on-boarding system, with fewer overheads than manual approaches. This type of automation and monitoring capability can be readily deployed in banks, retailers, border control or any of the vital areas discussed above that might provide the early signs of a terrorist plot.
The Future of Counter Terrorism
Public institutions and commercial businesses play vital roles in the protection of society; this is not just a matter for law enforcement and the hidden world of the intelligence services. As terrorist plots adapt and grow into the next decade, we must embed resilience into the wider fabric of our collective services.
This will require a careful balance between regulators and commercial businesses, it will require these controls to be both effective and largely invisible to the public, and will require innovations behind the scenes as terrorists learn and adapt to new measures. However, these requirements are essential if we are to keep pace with terrorists but also provide commercially desirable, seamless customer experiences and low-friction services.
The sharing of intelligence has long been posited as the holy grail for defending lives and protecting against future attacks. However, what good can come from sharing intelligence if it is not easy to make use of, or it is not deployed in the right places for action? A new generation of intelligence sharing capabilities will be combined with a new generation of intelligence enabling capabilities, specifically those that combine advances in artificial intelligence to screen known entities and hidden patterns of behaviour when acquiring financial services, bank accounts, or when buying ammunition, or chemicals, buying or renting vehicles, or travelling in and out of high risk countries.
We believe that Ripjar has a significant role to play in supporting both financial organisations and government institutions change the way they monitor for terrorist threats using AI, please do get in touch if you’d like to find out more.
There is nothing modern about slavery. For as long as there has been a distinction between the powerful and the powerless, people have sought to take advantage of human labour, setting up the systematic exploitation of entire ethnic groups and vulnerable people. Despite hundreds of years of formalised abolition all over the world, slavery persists. It has adapted and evolved to survive – if not thrive – in the modern day. Today, organised criminal networks profit between $50-150Bn a year from the indentured labour of as many as 50 million victims worldwide.
This crime is closer than you think. In the UK, some estimates put the number of victims at 100,000 or more. These victims, trafficked into wealthier countries from overseas, often find themselves deep in our daily supply chain – in our factories and farms, or for luxury items like flowers or fashion. As the current healthcare crisis evolves into an economic crisis, criminals are already seeking to take advantage and find new victims.
To profit from this flagrant abuse of basic human rights, criminal gangs use an array of psychological, financial, and physical techniques to maintain a tight control on those in their employ. Preying on often vulnerable groups including homeless or substance-dependent individuals often means victims are not even always aware of their own victimhood – their captors seen as simply helping them find work and shelter.
Trafficking individuals from overseas further traps victims to financial debt to the gangs, or by a language barrier, not able to communicate effectively with those around them at work or to the police. Finally, an ever-present threat of physical violence against victims and their families is used to ensure compliance.
Modern Slavery: a board-level issue
This all makes detecting and disrupting this type of crime extremely difficult. Cases reported to the Police (5,144 in 2019) and the National Referral Mechanism (6,985 in 2018) are rising, but perhaps more than 90% of this type of crime goes undetected.
This is not just a matter for the police. Businesses, financial institutions, and government bodies must all work together to spot the red flags that might hint to an underlying concern of exploitation. Legislation such as the The Modern Slavery Act (2015) and the EU’s upcoming 6th Anti-Money Laundering Directive have all made this crime a board-level issue, but questions remain on the implementation, and who ultimately is responsible for its detection. Complex supply chains must be understood better, and organisations that inadvertently enable exploitation must all do their part if we are to hope to eradicate this type of crime for good.
Bold leadership, social policies and control frameworks will all be required to catch criminals and stop victims falling into the trap of modern slavery. A key enabler is being able to see the entire picture of a supply chain from all available data sources, but legacy technology and institutional stovepipes persist. The evidential trail of modern slavery, the data that could allow an elaborate international network to be completely unravelled often sits over many organisational boundaries. Enterprise analytics built to detect large scale money laundering and international sanctions evasion may not alert on the subtle, low-value payments made to a dozen migrant workers all sharing the same address. Fortunately, technology can now provide some vital support to companies, banks and governments in these areas.
The vital role of AI – 4 key areas
Artificial Intelligence is a breakthrough technology to help respond to the growing criminal threat. Advanced data analytics are now helping organisations automatically detect risk in their supply chain and customer base. It can scale their understanding of available data, joining the dots automatically to detect and prevent human trafficking and modern slavery. We are now seeing a step change in how entity resolution and natural language processing (NLP) are helping partners across the entire supply chain ecosystem make significant leaps forward in the detection of this pernicious and abhorrent crime.
We are seeing four key areas where our technology is now being deployed on the front lines of the fight against modern slavery:
Enhancing Due Diligence – Modern slavery relies on significant deception in acquiring legitimate enabling assets such as bank accounts, national insurance numbers and tax details. These allow money to be deposited, extracted and laundered, and having these legitimate identifiers avoids scrutiny by law enforcement and employers. Crucially, it enables criminals to place victims in well-paying jobs in the supply chain. Victims, who may not even speak the local language often lack the basic details that banks would be collected at on-boarding such as proof of residence address, phone number, email and other infrastructure – details which criminal gangs are happy to provide on their behalf and open accounts which they are in control of. Using analytics that can spot hidden connections between otherwise seemingly disconnected individuals means that next generation KYC checks can more reliably flag the signs of deception and exploitation and escalate to law enforcement if necessary.
Employment Vetting – placing vulnerable workers within legitimate employment is a key step in the modern slavery crime; the perception that victims are mostly paid cash or off-the-books is largely false. With legitimate assets and tax codes, victims can unknowingly earn tens of thousands of pounds a year while only receiving a few pounds per week on top of their food and shelter. Employment agencies and supply chain partners such as factories and warehouses are now employing their own due diligence based on the details provided by workers. Entity resolution – AI that can uniquely identify individuals from ambiguous and sparse datasets can detect the tell-tale red flags of exploitation such as unusual numbers of employees sharing the same address or bank details.
Follow the money – The desire for wealth drives criminal behaviour. Money paid to victims needs to be interdicted by the gangs, extracted and then laundered so they can spend it on lavish lifestyles of cars, mansions and luxury goods. Transaction analysis within banks designed to catch money laundering often misses the small flows of money, taken from bank accounts in the victim’s name, often just with repeat visits to a local ATM. Banks provide the infrastructure from which modern slavery thrives. Behavioural analytics are now able to look across the network of accounts and their activities; combining contextual risk factors with transaction data to more easily spot these crime typologies and flag suspicious activity to law enforcement.
Complex Investigations – police forces and other law enforcement agencies face an uphill struggle in piecing together data from a multitude of sources to identify suspects, victims and the infrastructure used in the trafficking and exploitation of victims. Data fusion technology, driven by platforms like Ripjar, are now allowing resource-constrained teams of intelligence analysts to more easily exploit data from any source – whether structured or unstructured. Natural language processing (NLP) and entity resolution combined with flexible link-analysis software mean investigators are able to build up a single, centralised knowledge graph for a case or network of criminal gangs – connecting the dots automatically between victims, suspects phone numbers, bank accounts, transactions, flight records or any other evidence collected during an investigation.
Conclusion
The application of AI is a key development in the fight against modern slavery. It can automatically identify risks at any point in the client or employee lifecycle and help the entire ecosystem of employers, agencies, financial institutions and police forces understand the tell-tale signs of human trafficking and exploitation. Entity resolution, automatic prioritisation, natural language processing and data fusion all play a role in ensuring that relevant data is not missed and the links that criminals go to great lengths to hide are much more rapidly uncovered by compliance, risk and law enforcement analysts. Within a single platform, such as Ripjar, means these breakthroughs can all be harnessed while retaining full audit and accountability – bringing about a step-change in the way that modern slavery is detected and prevented.
