How OSINT supports financial crime investigations

In this Help Net Security interview, Stuart Clarke, CEO at Blackdot Solutions, discusses the strategic use of open-source intelligence (OSINT) in tackling financial crime. He outlines its application in areas such as fraud, sanctions evasion, and money laundering, and addresses the legal, ethical, and operational challenges involved. Clarke also provides case studies illustrating how OSINT has been used to uncover criminal networks.

Are there specific financial crime typologies, such as fraud, money laundering, or sanctions evasion, where OSINT has proven particularly valuable? Can you give examples?

There are numerous financial crime typologies where open-source intelligence has shown significant value. What’s important to emphasise, however, is that while we can identify certain core typologies – like fraud, sanctions evasion, and money laundering – they must remain fluid. Financial crime itself is inherently adaptive, and so the techniques used to investigate it must be as well.

Take sanctions evasion, for instance. A particularly effective application of OSINT in this domain involves combining sanctions lists with maritime vessel tracking data. This fusion allows investigators to identify vessels that may be engaging in suspicious routing behaviour, such as docking in intermediary countries to obscure the origin or destination of goods in violation of sanctions. This practice can help uncover networks deliberately routing shipments through third-party jurisdictions to evade sanctions and avoid detection.

Criminal actors frequently establish front companies to mask the true ownership and control of entities used to move illicit goods or funds. Corporate registries, which are publicly accessible in many jurisdictions, can reveal layers of ownership and expose shell structures designed to obscure links to criminals or sanctioned entities.

Then there are high-profile data leaks like the Panama Papers and Paradise Papers – just two examples of the leaks that are documented and shared by the ICIJ. These were originally leaked non-public data, rather than OSINT per se, but they gained investigative value when enriched with open-source data. Investigators overlaid leaked names and corporate data with public registries, sanctions databases, and corporate network analysis, exposing global webs of tax evasion and illicit asset concealment by individuals and companies. It’s an example of how OSINT can enhance and contextualise even non-public data to build a comprehensive picture of wrongdoing.

What are the ethical and legal boundaries investigators must navigate when using OSINT for financial crime detection?

Legal and ethical considerations are central to responsible OSINT usage, particularly in financial crime investigations. While legal frameworks vary across jurisdictions, there are certain common threads. Chief among these is data privacy: collecting and storing personally identifiable information en masse is broadly unacceptable and often unlawful, especially under regulations like the GDPR in Europe.

From an ethical standpoint, we operate under a clear set of principles, and we encourage our clients to do the same. Firstly, we only work with public data. This may include freely accessible information or commercially available datasets, but it must be legally and ethically sourced. Secondly, all investigations should be human-led. We advise against relying solely on automated bots or AI agents to conduct investigations, as human judgment is critical to avoiding bias and misinterpretation.

Transparency is another foundational principle. Investigators must maintain a full audit trail of their work so their findings are defensible and replicable. This is essential for both legal scrutiny and ethical accountability.

Finally, proportionality matters. Just because vast amounts of data are available doesn’t mean it’s appropriate to gather everything. Investigations should be narrowly scoped and purposeful. Our goal is always to ensure OSINT is used for good.

What are the biggest challenges you face when integrating OSINT into financial crime investigations: technological, legal, or human?

Technologically, one of the main barriers is accessing open-source data in a secure and defensible manner, and at scale. Investigators must avoid tipping off suspects or inadvertently tampering with potential evidence. Yet open-source data is often fragmented and is spread across corporate registries, publicly available social media, news archives, the dark web, and more. It’s not centrally stored, and it’s largely unstructured. Investigators need platforms that can consolidate this data into a cohesive, searchable format while maintaining operational security.

Human factors are both a current and future concern. There’s still a limited understanding in many sectors of OSINT’s true value. Alongside this, as the volume and complexity of data grow, there’s an increasing shortage of investigators with the right mix of analytical and technical skill sets.
Looking ahead, technology will be essential in helping bridge this gap. However, it must complement, not replace, human insight.

Legally, the issue isn’t necessarily the existence of barriers, but rather the lack of clear, consistent guidance. In some regions, like the US, we’ve seen progress with the introduction of official Government OSINT strategies. It’s important that similar guidance is rolled out across other nations, too.

On a more granular level, when it comes to the use of OSINT in financial institutions, regulators imply that OSINT is an important tool, but they do not yet mandate it. However, OSINT is essential for supporting financial institutions to gain a full picture of exposure to risk, especially in more complex investigations. We hope to see a regulatory shift and more concrete guidance in the near future.

Can you walk us through a redacted example or case study where OSINT played a role in uncovering or proving a financial crime?

One prominent example involved what turned out to be a Ponzi scheme centred around a supposedly revolutionary financial technology. It gained traction quickly, attracting considerable investment based on grandiose promises.

However, sceptics began to look more closely. Through basic OSINT techniques – including examining the website’s domain registration information and historical snapshots – they noticed red flags. The website infrastructure didn’t align with the company’s technological claims, and the site had undergone frequent content changes.

Investigators dug deeper, examining corporate registries and identifying the individuals involved. What emerged was a network of offshore shell companies, with overlapping personnel connected through public records and social media. Eventually, it was exposed as a fraudulent operation. The mastermind has been placed on an international wanted list.

On a more personal note, I’ve been involved in wildlife trafficking investigations. In one case, a network of individuals were connected to several shipping and logistics companies and, through registry data and trade records, it was linked to human and wildlife trafficking operations. It was a vivid example of how disparate pieces of open-source data can coalesce into a major discovery.

Have you encountered situations where OSINT led an investigation astray? What safeguards or best practices help prevent that?

It’s rarely the OSINT itself that misleads, it’s how it’s used. The sheer volume of data on the internet makes it easy to be overwhelmed or to draw incorrect conclusions without rigorous methodology.

The key safeguard is the investigator. An experienced investigator knows to question assumptions, cross-check sources, and follow structured methodologies. They must remain sceptical, verifying each piece of information from multiple angles. Training and adherence to investigative discipline are crucial.

Interestingly, data can sometimes “mislead” in a useful direction. A good investigator may start with one hypothesis but, through unexpected links and patterns, uncover a related or even more pressing issue. That’s the power (and challenge) of networked data.

With the advent of AI and large language models, this challenge will only grow. AI can accelerate investigations but also inject bias if left unchecked. Investigators must remain in the lead, using AI as a tool rather than a decision-maker. Regulation and clear guidance will be vital here, as will training and the development of industry-wide best practices.

Ultimately, success comes down to balance: using technology to amplify human insight while maintaining control, ethics, and accountability throughout the investigative process.