7 March 2018 at 8:49 am Written by

I’m often asked on my Online Investigative Customer Due Diligence (CDD) courses if I provide a checklist of websites to use. Personally, I am against that approach, for me, it falls into the area of ‘tick box’ compliance. Something to be avoided if you want to be thorough and avoid the potential for regulatory action when things go wrong. Like any investigation conducting CDD needs to be a blend of intuition, skills and knowledge.

I do however have a toolbox of my six ‘must haves’. They are always loaded up and ready to go. I have to admit you have pay for 1 to 5 but it really is a worthwhile investment. With EU-GDPR on the horizon I do wonder for how much longer credible ‘open source’ (free) information is going to be available. That particular landscape is set to change irrevocably. I would suggest that investigators will need to be ready to work much harder to obtain information and adapt their working practices accordingly.

  1. Cybertoolbelthttps://www.cybertoolbelt.com/

An online investigator’s treasure trove of data, including historical domain look ups, which I have successfully used on countless occasions to link individuals to entities not previously known or disclosed.

  1. Echosechttps://www.echosec.net/

Location based social media tool. Want to research client lifestyle? Social media is the place to go. Echosec goes from strength to strength, admittedly you will never see everything because of user privacy settings but it is a great start.

  1. Express VPNhttps://www.expressvpn.com/

I had to chuckle recently when I saw a piece of feedback from a delegate about an ‘Internet Investigations’ course inferring that search was much more important than spending time on security, really? With the sorts of sensitive data moving around when conducting CDD, security is essential, avoid it at your peril.

There are many Virtual Private Networks (VPNs) out there, believe me I’ve tried loads. But Express VPN is one of the best. Easy to use, multiple servers and if or when you need it, excellent technical support.

  1. Hunchlyhttps://www.hunch.ly/

You absolutely have to record keep when conducting online investigations. Hand written notes are prone to error, difficult to keep and what do you do with images?  The genius that is Justin Seitz developed this solution that sits silently in the Chrome browser recording your every search, every page visited AND imagery. It maintains a complete history of your investigation and I have used it on a number of occasions to produce a record of the work I have completed for clients.

  1. Risk Screenhttps://www.riskscreen.com/

If you are serious about conducting compliance for AML properly you need a subscription database. I would never use a database in isolation though, it has to be complemented with other tools and vice versa. I’m impressed with Risk Screen it is quick, easy to use and trawls multiple sources. If you are a smaller business, you have the option of purchasing credits, so can be very cost effective as compared to the more expensive competitors.

  1. Protonmailhttps://protonmail.com/

So, you’ve conducted your research. Does that intelligence product now contain ‘sensitive’ data as per the EU-GDPR definition? It probably does, so are you going to send it over an insecure email account?

Protonmail offers a free and paid encrypted email service. It is much more secure when the recipient has a Protonmail account but will offer a level of security that normal email doesn’t.

Want to know more? I offer bespoke Internet Investigation courses for Customer Due Diligence. Half a day, one day, two days whatever works for you and your staff. Testimonials from previous courses and customers can be found here http://intelect.test/testimonials/

Intelect Solutions are continually improving, we have some exciting training developments which will be announced in coming weeks. Check back in to the website and our social media feeds for information.

I also offer investigation services for Customer Due Diligence and you can contact me for a confidential, no obligation discussion via email.

Written by