Hired or Fired – No Judgement Here!

neotas

Recently a young woman in America was fired from her job in a Texas Bank because her engagement photos were deemed inappropriate for a “family-oriented” company. The photos were uploaded to social media by the photographer and were tasteful and professional; the man was topless with a pair of jeans on and the woman wore a swimming costume that was pulled down but her breasts weren’t shown.

The ex-employee said, “I gave over a year to a company that I worked really hard for and then to have them turn on me for doing something so positive, something that I was so proud of — to help myself as a woman — it was hurtful.”

The bank’s decision to fire pregnant Stephanie (who is over 20 weeks pregnant) not only raised huge concerns for her wellbeing (she lost her maternity leave and insurance which in America is a major necessity) but it also raised questions about how employers look at social media.

Although social media is a great place to see the full picture of a person, details obtained from a personal site should be discussed with your employee, if you believe that, even though their content may not show them doing anything illegal but you feel is inappropriate or affects the company, talk to your employee about privacy rules and have a professional conversation about what they share online.

Here at Neotas, we investigate an individual’s social media footprint and online presence in search of illegal activity, discriminatory behaviour and evidence of undisclosed information. We do not hack, steal or invade the individual’s privacy nor do we judge or manipulate their online personal life. Our findings are based on workplace safety issues and vulnerability concerns for both the individual and the hiring company. Specifically, our staff screening provides clients with a report that delves deeper and provides insights and facts that current database checks fail to unearth – not just the single photo that one person might not like!

Tech Community Versus Terrorism

neotas

Earlier this week, Andrew Parker, Director-General of MI5, made a rare public appearance to outline the severity of the terrorist threat currently being faced in the United Kingdom. Within his speech, Mr Parker said that technology firms, specifically social media platforms and operators, were inadvertently helping terrorists by not doing enough to take down extremist content or for allowing terrorists a “safe space” to both communicate and operate. He went on to state that he believes “that there is a responsibility on the companies that offer those services to help governments be able to stop the worst excesses of human criminal behaviour.” A viewpoint that echoes that of the Prime Minister, who last month urged Tech firms to “go further and faster” to stop terrorist material reaching online platforms.

While no-one can argue with the intention of these statements, their implementation however is considerably more difficult. Over the past 12 months, we have seen social media platforms battle to understand how their platforms are being exploited and what can be done to mitigate, remediate, and protect against the issues. We’ve seen Facebook amongst others admit that machine learning and artificial intelligence alone cannot identify and resolve all issues and in the 48 hours Twitter have launched their latest crackdown on hate and abuse. But the question remains, is this enough?

Here at Neotas, we believe that it is not only the social media tech firms but the entire tech community who can assist to start eliminating these “safe spaces”. Through our screenings and investigations, we are consistently delving deeper into social media profiles in addition to those portions of the web hidden away from Google. Over the past six months, our team of expert analysts have reported numerous cases to Crimestoppers and through the Government Prevent strategy. We have policies in place for exactly these eventualities, as we believe that our commitment is not only to our clients but to the greater community as a whole. It is for this reason that we additionally work with a number of charities and partners to use open source information to combat some of the greatest challenges facing our society today.

No matter how much artificial intelligence develops, no single platform can prevent and stop these issues alone. Moreover, the inclusion of an analyst is essential to both review and influence the direction an investigation. At Neotas, we are proud of the work of our analysts and to be collaborating and contributing to a safer internet environment.

Neotas at 6 months

neotas

In August, Neotas reached the 6 month mark and to celebrate this milestone we thought we would share with you our journey so far – the good, the bad and the ugly (and that’s just the bosses)!

Neotas went live in February 2017. With one full-time paid member of staff and one client, we were off. We started with a new website, research techniques constantly developing, our platform constantly improving and never-ending meetings.

Our growth from that point forward has been amazing. Six months later, we now have an amazing team of seven full-time members of staff, a growing number of key strategic thought leaders, a pool of addition analytical support and an active client list of over fifteen clients. We’ve additionally built significant partnerships with a number of charities. For our primary charity, Stop The Traffik, we provide analytical support and are working with them to develop a platform which is able to identify modern slavery hotspots globally and to provide supply chain due diligence required for compliance with the Modern Slavery Act.

 

Our message continues to spread. Last month we completed our first exhibition stand at the inaugral Innovate Finance Growth Forum and Jenni, our Head of Research, has already spoken at a number of key events across London. We’ve focused our efforts and then through demand, refocused our efforts to meet requirements. We’ve disagreed, we’ve battled and surprisingly on the odd occasion we’ve actually agreed with each other.

We are so incredibly fortunate to have such an amazing and growing Neotas family who all as individuals care and believe in the venture as much as the initial founders did. The work we are producing is also key. Over our first six months, we have raised Amber and Red flags on 32% of all reports we have completed. Considering the vast majority of these had already undergone traditional background screenings and due diligence, this figure is huge! Even more significant is what some of those alerts have been. While our reports have actively informed decision making for investors, laywers and HR departments alike, in our most serious cases, we have been required to refer 2 cases to crimestoppers, 1 through PREVENT for concerns relating to terrorism, and 4 cases have been referred by the clients to the UK’s serious fraud office. Just when we think we’ve seen it all, we have our eyes opened once again! More importantly, all of our clients are happy! In fact we are still running at a 100% acceptance rate for clients who trial our reports in some capacity who then become clients. The road for Neotas has just begun and our team cannot wait to continue to share our experiences and this journey with you.

If you’d like to get in touch to know more or to discuss applications which are relevant to your business, please visit our website.

 

The Criminal Without A Record

neotas

Until recently, crimes tended to be committed away from the eyes of society and reported post-event through traditional channels. Over the past several years however, increased usage of social media platforms has seen a rise in ‘performance’ crimes in which individuals document their criminal behaviour for a public audience.  Embracing this connected society, individuals are often observed to be operating online, often under aliases, in an environment in which they feel like they can live another life, say what they really think without dealing with the consequences, and post that controversial picture or video to get a reaction, all the while feeling anonymous and disconnected from ‘real-world crimes’ they are committing.

From murders on Facebook Live to radicalisation on Twitter and from top financial executives sharing confidential information over WhatsApp to 18 year old girls being arrested for trespassing and documenting their crime spree on SnapChat, the scale and scope of criminal activity being both enabled and documented on social media is increasing exponentially. Nevertheless while platforms are battling, along with law enforcement, to eradicate such content, the sheer volume is increasing more rapidly than resources permit.

At Neotas, we have been involved in a number of cases in which criminal activity has been identified and subsequently reported. Recently we received a request for an employee screening, a potential new recruit had been through traditional background checks and concluded two interview stages with no issues raised. Prior to the job offer letter being sent, Neotas were requested to complete a staff screening using only information provided on the subjects CV. The findings were eye-opening! The individual actively documented their entire life openly for the whole world to see, comment on and encourage. Of specific note, the following content was identified:

  • The subject was identified through social media as being actively involved in football related violence. In one specific incident, the subject posted videos, images and commentary which positively identified themselves as being the individual responsible for an attack on police officers. The subject openly encouraged violence towards opposing teams, fans and police officers alike on a number of occasions.
  • Significant discussions and media including videos and photographs relating to substance abuse, specifically Ketamine and Cocaine, was identified through social media platforms by the individual and key associates.
  • The subject actively initiates, engages in and promotes sexist, homophobic and racist content including personally attacking individuals through their online accounts and profiles.
  • The subject posted numerous confidential screenshots of his phone and work computer on social media. In a number of posts, client account details, email addresses and personal information were clearly visible and openly available.

As a result of the screening completed by Neotas, the subject was subsequently removed from the recruitment process, and in consultation with the client was reported to Crime Stoppers. The reason why this individual was able to pass traditional screening and not our screening processes is that they simply didn’t appear in any databases since they had never been caught and charged by the authorities.

While not everyone we screen raises the same number of alerts and flags as the individual above, the case is most certainly not unique. In fact over the past 3 months, more than 42% of all of the pre-employment staff, KYC and AML screenings processed by Neotas have had issues raised with them with, concerns and risk areas ranging from the criminal activities above, undisclosed Directorships, and source of funds etc. Based on this, our message to employers could not be clearer – Traditional checks are simply not enough anymore. Especially when individuals are actively posting their lives for all to see.

For individuals and prospective employees out there who cannot resist the temptation to post their entire lives online, this blog is not intended to suggest that you should monitor everything you put online, or that everything you say and do should be serious and not remotely humorous (we are certainly not here as the fun police!) What we are highlighting however is that more and more companies and individuals are looking at social media to make judgement calls on you to see if are suited for the job, course or even date. Therefore maybe it’s time to consider either keeping your profiles private or stop and think, “is that photo of me snorting cocaine on Twitter really such a good idea?”

Know Where You Are With Snapchat Maps

neotas

If you have followed the headlines published by newspapers and bloggers over the past month you would be led to believe that Snapchat’s new Snap Map feature is “going to ruin your life” and “is frightening as a privacy threat”, but what does the new feature mean for Snapchat users and should you be concerned?

In the latest Snapchat update, released in June 2017, users are now able to share their current location and activities with their friends. Providing you and a friend follow one another, you are now able to share your locations with each other on the Snap Map in addition to being able to see what is going on around you. Your location on the Snap Map is only updated when you are actively using Snapchat — so you don’t have to worry about your location being updated in the background. Additionally your location on the Map will expire after several hours. Also with the Snap Map, you can view Snaps of sporting events, celebrations, breaking news, and more from all across the world.

In light of this new update however, Snap Chat has received considerable criticism regarding privacy and safety concerns. The majority of the concerns relate to an increased risk for users, specifically younger generation users, to be exposed to stalking, bullying and strangers by individuals who are able to follow their exact locations. These concerns have been supported by police forces and schools around the UK who are scrambling to offer advice to parents and to ban the app on school premises. The update has also prompted the Child Exploitation and Online Protection Centre (CEOP) to update its ‘Thinkuknow’ parents’ and carers’ guide to Snapchat.

Despite these concerns, there are a number of simple ways that users can protect themselves. As part of the Snap Maps, the default setting, known as Ghost mode, allows the user to block their location so that they are not visible on the map. The only exception to this is if the user submits Snaps to the ‘Our Story’ feature as this will appear on the map regardless of the user’s privacy or location settings. The second and most significant piece of advice, is for users to only accept Friend Requests from individuals they know. Maps are only shared between friends and this can be further restricted by specifically selecting the individual friends who are able to see your location. Awareness of these simple features can in fact negate the vast majority of concerns since they essentially render the location feature deactivated.

The use of real-time location sharing presented in Snap Map is not the first of its kind and nor will it be the last. Companies such as Google, Apple, Facebook and WhatsApp already have their own features which allow the user to connect with friends and to share their location. There are even Apps, such as Glympse, whose sole purpose is provide a fast and free real-time location service to connect people. And while all of these apps and platforms offer privacy settings, delving beyond the hype and discussion, there exists a far deeper and more profound discussion relating to the volume of personal content which individuals are actively posting online and the ease at which this is becoming the norm.

Our analysts and experts at Neotas, are constantly amazed by the volume of personal content which exists in open sources whether actively posted by the individual or passively by others, through leaks or data breaches, reviews etc. Awareness of this and identification of an individual’s complete online footprint is key in order to prevent exposed vulnerabilities and risk, especially regarding high net worth individuals and executives.  As such, at Neotas, we provide Human Vulnerability Assessments and Online Reputation Reports in addition to our Staff Screening and Due Diligence services. Our role is not to create hype as we have seen recently within the media but instead to embrace the digital information generation and to create a more holistic view of an individual for all risk based decisions whether personal, professional or commercial.

People – Our Focus, Our Passion, Our Team.

neotas

At Neotas, we place people are at the core of everything we do, believe in and value. Whether it is the Neotas team, our clients, our advisory board of experts or the subjects we look at, each and every single day our focus is people.

When we consider our clients, it is obvious to understand why we value their involvement and spend considerable time nurturing and developing relationships. Our clients are joining us on a journey and to be their travel companion is an honour. They are breaking the norms and widely accepted traditional methodologies of tick box due diligence and employee screenings to embrace the digital information era. They are setting new standards in their sectors and embracing the principles laid out by regulators to go beyond. The willingness and drive of key individuals to embrace the future of due diligence is what drives us forwards each day.

Moving to our company level, Neotas is the accumulation of individuals who have spent their careers thus far realising that people are at the core of everything. From a Chief Information Security Officer, with the latest cyber security measures and endless budgets, who suffered a significant intellectual property breach at the hands of an employee to an officer within the Cyber Crime Unit of the National Crime Agency who spent his days fighting crime online – the consistent factor was always a person at the end of a computer keyboard. From the financial trader whose every decision was made and affected by the actions of individuals to the military officer who spent their career focused on counter terrorism operations overseas understanding and targeting individuals – people were at the core. Regardless of sector, people are the consistent factor. People affect the security and growth of every company and nation around the world, whether positively or negatively. Combining this realisation with our knowledge and experience, we have developed and grown Neotas and our platform to aid decision making across all sectors by providing increased situational awareness of people whether for business deals, security and background screening, or fit and proper compliance requirements.

When Neotas conduct due diligence research on an individual or company, we focus on the person. We unveil all active and passive content relating to the individual including networks, associations, interests, companies, motivators, and behavioural and personality traits plus so many other aspects. We don’t follow a set checklist and set of rules because each subject is unique and we treat their online footprint as such. By putting the subject first, we are able to develop a profile from which risks, flags, and areas of concern or conversely positive attributes can be highlighted. We approach each case as an individual and not a series of tick box confirmations.

So how do we do all of this? You’ve guessed it. People are at the core of our platform, company and research. Our propriety methodologies and platform have been developed by our amazing team. And while Neotas, like many other companies, have embraced the AI, Big Data, NLP, machine learning technology wave, we have also realised that all of these systems are only as good as the designer and the person driving them. This is why our team are so important to us. In order to produce the best research we must we continually train and develop methodologies and tools with the best analysts. And that is what Neotas does every day.

With people as our focus, our passion, and our enabler, Neotas are taking due diligence to the next level. To find out more about what we do and how we can assist with your due diligence and investigative requirements and procedures, please feel free to contact us and a member of our team will be happy to assist.

If Only I Knew Then What I Know Now

neotas

I started with Neotas about three months ago having spent the previous five years in financial crime. What I have learned in this short time period has blown my mind and if I had known then what I know now, fraud investigations would be dealt with in a completely different manner. Without a doubt, open source intelligence (OSINT) is the future of due diligence and KYC (Know Your Customer).

Working in Financial Crime, I regularly had to investigate cases of fraud or money laundering and prove, without doubt, that a customer had been a victim of fraud. The problem is that fraud investigators are more often than not required to work on gut feelings and instinct more than on actual proof. Don’t get me wrong, working in fraud requires a lot of instinct and trusting that gut feeling, however having evidence to prove the fraud would also be more than helpful. While fraud investigators do have tools to aid their investigations like bank checks and credit files checks, you’re often left questioning what does that really tell you about the person? That they have good credit and their bank account matches their identity? What if you had a husband and wife working together to scam the system? She may be telling you that she and her husband are separated and he has stolen her details. As an investigator you are not able to talk to the husband as he isn’t your customer, therefore you have to take the wife’s word as fact. However by using OSINT you can learn more about the individual including looking at their social media profiles to see if there is any evidence of a divorce or separation. Moreover, is there any evidence to tell you they are working together? If a child has impersonated their parent and both mother and daughter have the same name and live at the same address, there are only two companies in the world whose internal checks would be able to tell them apart. Most companies would accept an application in the mother’s details and send the money to the daughter’s bank account however by using OSINT you can look deeper into the daughters online behaviour, have they recently come into money? Are they talking about it?

Whether we realise it or not, almost everything about you is online. From date of birth on birth records, to your address, email addresses, phone numbers, interests, and key individuals, the list is often endless. The reason for this is simple. Most people do not read the endless pages of terms and conditions or adopt privacy settings, moreover most people feel that they can be themselves online and that is where they will often give away their plots and plans. By using OSINT you can find out a multitude of sins. A professional money launderer may look like the perfect customer from the outside: the credit file looks good; the bank matches; and they use the product regularly and always pay back on time. Someone like this may show up on a CDD or EDD list but after a few simple checks no issues would be found. If compliance departments and fraud departments had knowledge of OSINT they could look deeper into the individual, the house they are living in, can they afford that on their salary? The company they are a trustee or director of, does it make sense that the customer is involved with a company like that? OSINT paints a picture of what is going on and tells you what a standard background and credit check cannot.

Simply put, most financial crime departments do not have enough knowledge of OSINT and therefore follow “a checklist system” that was written in a policy because the regulator told you to. The problem is that as long as you are following the minimum requirements put forward by the regulator, financial companies will believe that the check list system is sufficient. It is not and this is allowing fraudsters to continue to get away their crimes while they are laughing at you publically on Facebook. Don’t get me wrong, I’m not saying that fraud investigators are not doing enough, what I am saying is investigations need to go further, OSINT is the future and before long the FCA will make this a requirement.

Neotas is a due diligence company that has developed an analyst driven Open Source Intelligence platform. The platform is used in many areas from financial regulations such as KYC/AML, Anti-Bribery, Modern Slavery Act, plus staff background screening, due diligence for VC and PE investments and lastly human vulnerability assessments as part of a cyber security strategy.

Conscientiously Online

neotas

In 2009, while in the process of applying to University in the United States, a rumour began to circulate that universities were likely to review the Facebook pages of applicants for any disqualifying content. At the time, Facebook was still an up and coming social media platform rather than the pervasive giant it is today but nevertheless I had an account and I started to worry. Having grown up in Europe, where the legal drinking age was lower than twenty-one, some of my content immediately fell into the ‘disqualifying’ category. In a panic, I rushed to remove any photograph, post or connection between myself and alcohol. Moreover, ever since that first rumour, I have regularly monitored content relating to myself through search engines and have regulated privacy settings on social media to manage my online footprint for jobs, university, and my own personal safety.

Fast forward a few years to when I joined Neotas in 2017. I felt confident that I had been actively sanitising my online footprint for years and everything was good. In an instance, however, I was amazed, not only by just how much information could be found about me with the right training and tools, but also how relevant every part of one’s online footprint could be. With every exercise or fitness application comes the ability to live track your activity and location. With every geolocated holiday snap, you are telling the world that your home is most likely left empty. From fraud to kidnapping, from robbery to stalking, the applications are only limited by one’s imagination.

As I have progressed as a Junior Analyst at Neotas, I have uncovered everything from hateful posts plastered across Twitter and Facebook and evidence of drug use, but also people using aliases to avoid bullying. To think that I was worried about a few photographs from a graduation party seems so insignificant with the material I have uncovered. I have seen how finding even the smallest element of risk or concern about a person, from either professional or a personal point of view, can tell you more about a person than any background check or interview. More importantly, the truth of the matter is that this is only going to increase as more and more information about us is digitised. Google’s recent announcement for its Google Lens app, for example, will allow the user to turn their camera into a search box, where anything it is pointed at is searched using artificial intelligence. A future where facial recognition on a phone camera brings up their social media profiles or any other online content with a picture of them is no longer science fiction but something that is possible and is on our horizon. While this may seem a frightening future, the reality is that most of this information is already available, if one simply knows where and how to look for it.

What may or may not have been a rumour back in 2009 is a definite reality in 2017, and not just for university applications, but for any prospective relationship, both personal and professional. With insider threats posing the single most dangerous issue in today’s professional world, the standard background or credit checks are simply missing the critical information. With people putting so much of their lives up online, at Neotas we are able to go beyond the standard investigation to obtain a profile of the subject rather than completing a tick in the checklist.

Moreover, content is contextualised to formulate a complete profile of the individual so the rather innocent photographs of me with an alcoholic drink all those years ago would not be an issue today with Neotas’ analyst driven platform.

Do you really know who you are dealing with?

neotas

I just thought I’d share some thoughts, 3 months after Neotas was born. For those of you that don’t know us, we are a next-generation due diligence company. We have brought together a collection of ex-military and law enforcement intelligence specialists along with technology and finance experts to create an analyst driven platform that uses OSINT to conduct due diligence.

The whole exercise has really opened my eyes to how open-source intelligence can help across a wide number of areas, from employee and client onboarding, ‘fit and proper’ tests under SMR, KYC/AML reviews, supply chain audits to human vulnerability assessments as part of your cybersecurity strategy.

Every day the information we uncover never fails to amaze me. Knowing your people is more important than ever, it’s important to understand these risks so you can make better decisions.

 

51% of the people we vetted, that had already gone through standard background checking had additional flags raised against them. These included undisclosed directorships, second jobs, gambling addictions, drug habits, religious extremism, IP theft. We even found a video of a candidate assaulting a police officer that he stupidly posted online, and no, I’m not making that one up! And these were people looking at jobs in financial institutions……

51% seems a ridiculous statistic and right now as we just get going, it only covers 100’s rather than 1000’s of people but we still feel it’s a broad enough selection to get a sense of the scale of the problem.

As we go on, I’ll think about the stories I can share, I already feel I have enough material to write a book! Right now current screening and vetting processes are no longer fit for purpose. You need to think about how you can use the information that now exists about people and companies to make more informed decisions. directly.

In the meantime. if you would like to know more, please feel free to contact the team directly on our contact page.