Finnish Security Awards 2018

We are honored to have been part of the Finnish Security Awards (FSA), which took place last month in October 2018. This is the fourth time that this event has been organized, thanks to Turvallisuus & Riskienhallinta, a Finnish security and risk management magazine.

This year the awards were held at the Old Student House in Helsinki. The opening ceremony featured a presentation about the future of security and safety by Professor Esko Valtaoja. There are eleven award categories at FSA, and each one had its own jury that was comprised of respected professionals in the industry.

A number of us at Centry attended the awards ceremony, and Mr. Risto Haataja of Centry was a member of the jury that selected Security Company of the Year!

This slideshow requires JavaScript.

Finding a Due Diligence Provider for your Business and Why it Matters

Company risk manifests in a myriad of ways, some seemingly easy to overlook and others more obvious. One of the biggest risks in day to day operations for companies comes from third parties – distributors, potential employees, suppliers, service providers, contracts, clients, vendors, etc. Basically, anyone on the outside who encounters your business can potentially become a threat.

Many security providers cannot address the risks and complex environment in hostile and emerging markets. They lack the needed infrastructure and cultural understanding to be able to provide services of high quality in locations outside of their area of familiarity, as majority of them are based in Europe or the USA.

The security provider should be a key to success, helping companies in business growth, finding new markets and mitigating potential risks.

What you don’t know can hurt you

Companies need to make informed decisions. The initial analysis of potential ventures and associated risks will show you the situation at hand and how to move forward.

Due diligence is an important part of every process at a business, from mergers and acquisitions to finding the right suppliers and clients.

Comprehensive due diligence is extremely important to getting the whole picture of an applicant or a third-party business relationship. Without going through this process, you expose your business to countless threats.

Making an assumption based on surface-level information could lead to difficulty conducting business, or at worst, breaching sanctions.

It is true that financial losses can be offset by insurance when damage has already taken place, but the stains on the company’s image and reputation are not covered by insurance policies.

Due Diligence makes it possible to secure the business environment before the incident occurs. In the case of cost structure, this can be found to be more of an investment as opposed to an expenditure.

What kind of provider do you need? The most suitable provider will be the one who has already dealt with the same or similar case in the market you want to operate and has built their network. They can aid you in determining potential risks as well as creating a mitigation agenda and budget through their local resources.

Field agents can provide insight into the environment you will be operating. They have years of professional experience and know the details of the potential uphill battle with the dangers and risks. There is no substitute for local knowledge.

It can be invaluable to know the backgrounds and affinities of the stakeholders that influence the company’s operations. Even if the investigated entity is perfectly compliant and lawful, these types of reports can be helpful simply on a level of benefitting the business relationship with information and perspective. The best results with Due Diligence investigations are often achieved when the process is outlined and integrated into the company’s entire business strategy.

Finding the security provider you need is not an easy task. Seek references and assess the capabilities of each provider. Look for companies who work on the ground and know the environment. The ideal partner has developed their network in the location you want to operate in and they possess local knowledge and expertise.

No one has all the answers, but you can find most of them by choosing the right security provider.

This article was written by Daniel Dadikozyan of Centry Global. It has been cross-published in the CIISCM magazine. For more content like this, be sure to subscribe to Centry Blog. If you have any questions or comments about due diligence services, feel free to reach out to us at info@centry.global!

 

Golden Visa for Sale! Now on special offer for the 1%

European passports and Schengen visas are the most desired traveling documents in the world. Not only do they grant the most traveling freedom, they give access to a safe and stable living environment, with free speech, in a market that can fulfill all your needs.

Many EU countries have taken advantage of this by offering entry in exchange for investment. This kind of activity is commonly referred to as a Golden Visa Program. For the subject countries, they are indeed golden, because they have the potential to bring in billions of capital into the country. Latvia, for example, used the program to stabilize its economy after the financial crisis.

According Transparency International, such programs have been in existence since the 1980s, and currently at least 12 EU Member States are offering them. Usually the reward is a residence permit, however Cyprus and Malta offer a fast track to citizenship should the customer invest enough money, and Portugal offers the citizenship option after a six year waiting period.

While the controls in most European countries should prevent individuals who are sanctioned by the EU from obtaining citizenship, many individuals took advantage of Golden Visa programs prior to implementation of the current international sanctions. It is a complicated matter for a nation to try to implement sanctions on its own citizens and capital that is invested within the country.

Most of these programs are legitimate, but the way they are set up invites abuse. Real estate is one of the easiest ways to launder dirty money, and these programs are taken advantage of all over the place.  

Some of the Golden Visa and Golden Passport programs are complex and might involve long red tapes and waiting periods. Of course, sometimes a suitable facilitation payment can fix that…

Latvia Golden Visa Program

The Latvian Golden Visa Scheme was heavily criticized. From 2010 to 2014, Latvia offered it at a discount price of EUR 71,150 if invested in countryside real-estate. The price for living in Riga was doubled to a value of EUR 142,300. As you can see, this could very easily be taken advantage of by someone looking to spend dirty money.

The number of people who took up this offer increased substantially  in 2014, the same year that Russia annexed Crimea. Almost 90% of the visa applicants came from Russia and countries that were formerly in the Soviet Union.  Thus, a program that had originally been intended for economic development and brought wealth to Latvia in the previous years had become embroiled in political significance.GV-by-Year

Picture 1: Latvian Golden Visas per year (Source)

The negative effects of the program eventually convinced the Latvian Administration to dismantle the discount in 2014. The greatest risk of these visa programs was spying, according to the deputy head of the Latvian Security Police in a 2017 parliamentary committee hearing. Then, of course, there was the risk to the economy, since many applicants were unable to prove the legality of their money. Although the program has since been dismantled, the effects of it and risks introduced by it will be felt for years to come.

Hungarian Golden Visa Program

Another interesting notorious golden visa program was the one in Hungary.

The Hungarian Golden Visa program was slightly different than in Latvia. Instead of it being based on investment in real estate, applicants had to buy a state bond from one of eight companies that had solitary rights to sell them on the behalf of the government. These bonds, which totaled up to EUR 300 000, were not inexpensive.

The results of this program were remarkable. The eight companies were able to earn about USD 600 million – and that’s a conservative estimate – over the course of the years that this program was running from 2013 to 2017. (OCCRP May 16, 2018)

The program ended in 2017 after criticism concerning the integrity of the eight bondseller companies. They were pretty mysterious – most were registered in offshore tax havens and it wasn’t completely clear who exactly profited from the sales.  

An investigation conducted by g7.hu and Transparency International Hungary uncovered the way these companies worked. Basically, companies would be assigned to territories around the world and allowed monopolies to sell the bonds under the program. But the way these companies were assigned required inside knowledge and connections – it wasn’t like it was a public tender. They had to have known about it separately since it was never advertised. Per the law, all the applicants were meant to be listed on the Hungarian Economic Committee’s agenda, but this was not always the case.

Although the Golden Visa program in Hungary has since been shut down, there are some rumors that a new ‘golden’ immigration program may be coming. Direkt36 reported that this new program was advertised by a Hong Kong based company on the Chinese platform WeChat. This new program now more closely resembles Latvia’s program, where applicants are required to invest a value of EUR 78 000 into Hungarian real estate.

Case Study: Who buys the visas? 

methode%2Fsundaytimes%2Fprodmigration%2Fweb%2Fbin%2Fb5259512-d8a9-4588-a80a-b4ca90e78b9d.jpg

Picture 2: Screenshot of Mr. Bogolyubov from The Times

Mr. Gennadiy Bogolyubov, the Cypriot, the Israeli, the Brit, the Ukrainian

Main Source: EveningStandard 11 Sep 2018

Mr. Gennadiy Bogolyubov is a popular face in the oligarch edition of the Bold and the Beautiful. He and his business partner, Mr. Igor Kolomoisky, are some of the best customers for UK lawyers – the costs alone for the litigation with their rival Mr. Viktor Pinchuk was estimated to be over GBP 50 million. The allegations and adverse reputation of the duo include alleged murders, violent takeovers and other accusations of mafia-style activities.

The two partners were very successful in post-Soviet era privatizations. Allegedly, the hasty privatization of a national bank in Ukraine to PrivatBank enabled the duo and their associates to empty out the bank’s capitalization with a decade long fraudulent loan scam.

To protect taxpayers’ interest and due to demands from Ukraine government’s external financiers (i.e. USA) PrivatBank was re-nationalized in 2016. “When Ukraine’s finance minister went to oversee the nationalization of the country’s biggest bank in December 2016, he took with him a team of bankers—and a security detail of special-forces operatives” (Wsj.com April 6, 2018).

Amongst Mr. Bogolyubov’s hobbies are philanthropy, which he practices through Bogolyubov Foundation.

Golden Visa United Kingdom Tier 1 Investor Visa (2009)

Cyprus Golden Citizenship (2016)

Nationalities Ukraine, Cyprus, Israel, United Kingdom
Current Residence Switzerland
Net Worth Unknown, was Ukraine’s #3 richest in 2010 (Kievpost)
Frozen Assets At least USD 2.6 Billion, shared with Mr. Igor Kolomoisky
Costs to Ukrainian Taxpayers USD 6 Billion to recapitalize Privatbank
Close Business Partner Mr. Igor Kolomoisky, who, according to a quote from the British Court, has taken over companies “at gunpoint” in Ukraine. Mr. Kolomoisky is a former governor and listed as an inactive PEP (Politically Exposed Person) per Dow Jones
Other Associates Mr. Alexander Zhukov, father of Roman Abramovich’s girlfriend
Powerful Enemies Mr. Viktor Pinchuk
London Real Estate GBP 62.5 Million home

GBP 20 Million house

Eaton Place Mansion

GBP 173 Million office block

Table 1. Mr. Gennadiy Bogolyubov’s Connections

This article was co-written by Oskar Savolainen and Kristina Weber of Centry Ltd. For more content like this, be sure to subscribe to Centry Blog for articles related to the security and risk industries.

Common Security Dos and Don’ts

internet screen security protection

Photo by Pixabay on Pexels.com

Security vulnerabilities pose a major threat to organizations. Breaches can be costly both in terms of finances and reputation. So what are some ways that businesses can take initiative in protecting themselves against some of the most common security threats?

Do screen job applicants and third parties

Comprehensive background checks and due diligence are extremely important to getting the whole picture of an applicant or a third-party business relationship. Without going through this process, you expose your business to countless threats.

Typical background checks may verify an applicant’s residence and professional history, where a comprehensive investigation including social media can identify more subtle connections that would alter the risk recommendation. If your business does not have the resources to do this on its own, we can help you with our team of professional investigators. Don’t hesitate to reach out!

For more on this subject, be sure to read our article on The Significance of Background Checks in Business.

Do come up with a robust security policy

Your organization’s security policy should cover procedures for preventing, detecting, and acting upon misuse, as well as guidelines for conducting due diligence. These should be crafted with a plan for investigating insider breaches as well.

A good security policy also contains risk management processes. Check out our guide here on the basics of forming a risk management plan.

Don’t overlook the threat of malicious emails

Your organization might go to extremes to secure their email system, and yet it remains one of the most vulnerable links in the chain. All it takes is for one person to inadvertently click on an malicious link or attachment to infect all the computers in the office.

A good rule of thumb is to never open a link or attachment if you don’t recognize the sender, and ensure that your employees are trained in recognizing this type of scamming/phishing behaviour. For help in training your employees on this, don’t hesitate to reach out to our cyber security team.

For more content like this, subscribe to our blog for regular updates in the security industry. If you have any questions or comments, feel free to reach out to us on Twitter @CentryLTD

Centry Opens New Office in Mexico City!

el-angel-de-independencia--mexican-landmark-552812595-59863bb2519de2001116a0d0

We are pleased to announce the expansion of Centry Global to Mexico!

Our new office is now open, located on the 17th Floor Torre Magenta, Paseo de la Reforma 284, Colonia Juarez, Distrito Federal, Mexico CP 06600.

new office.PNG

As an international security company, our work takes us across the world. With the opening of this office, we are now able to better serve our clients in the region.

At Centry, our focus is to develop long-term, communicative working relationships to provide you with the best resolutions to your security challenges. While our combined expertise primarily revolves around security and risk management, you will find among our ranks professionals in corporate and private investigations, fraud control, and experts in programming, software development, and more.

We look forward to meeting and working with more clients across Mexico. Please don’t hesitate to contact us!

📧 info@centry.global 📱 +52 55 4739 2665

 

Typosquatters

Man typing

Of all the myriad of ways that we can be duped, scammed, or otherwise taken advantage of on the internet, “typosquatting” remains one of the easiest to stumble into.

Perpetrators of this scam will purchase site domain names that are very similar to popular pages that people visit, usually by changing the .com part of the web address to .cm. This preys on people who make typos, which is, suffice to say it – all of us.

These duped sites can range from being pop-up laden cesspools riddled with viruses or malware, to near-replicas designed to fool users into inputting login information that can be manipulated later.

So, who is doing this? While these types of tricks can occasionally be tied down to lone actors (given how easy it is to obtain a domain name), KrebsOnSecurity identified the marketing firm Media Breakaway LLC to be behind more than 1500 of these false .cm domains. The company is headed by one Scott Richter – a convicted felon who has been the target of several successful lawsuits for illegal spamming. Other companies related to Richter include Dynamic Dolphin and affiliate[dot]com, also related to email spam.

Just how many people are falling victim to these scams? More than 12 million in a 3 month time frame – amounting to a potential of 50 million per year, according to an analysis conducted by Matthew Chambers. Several of these visitors additionally were found to be coming from .gov and .mil sites in the USA, which are the official federal government and military domains. Many popular news sites, social media, banking, and music streaming sites have these malicious doppelgangers.

The actionable item to protect yourself in this situation ultimately boils down to a matter of double-checking the web address before you hit enter, or bookmark your most commonly visited sites.

For more information on this subject, feel free to reach out to us @CentryLTD on Twitter or any of our other social platforms.

Supply Chain Security Introductory Guide

architecture-bay-boat-326410

Having a secure logistics supply chain can save your company millions in terms of assets and reputation, and here at Centry, we have the know-how to help you. Two of the biggest certifications that we offer consultation on in our supply chain security program include the Authorized Economic Operator (AEO) authorization and compliance with security standards of the Transported Asset Protection Association (TAPA).

What is AEO?

The Authorized Economic Operator (AEO) Program is an initiative of the European Union geared toward securing logistic supply chains against trafficking and financial fraud. Being an Authorized Economic Operator is beneficial – it is an open declaration that your company has a lower risk and threat evaluation.

Basically, traders who meet the criterion of the program are entitled to enjoy benefits of trade in international supply chains. Some of these benefits include things like easier admittance to customs simplification programs, fewer physical and document-based controls, priority treatment if selected for control, and reputational advantages such as recognition as a safe and secure business partner, improved relations with customs and gov’t authorities, and reduced theft and losses.

What is TAPA?

When you become a member of TAPA, you are taking a stance for your company with an internationally recognized leader of the fight against cargo crime. TAPA is a worldwide coalition of manufacturers, shippers, carriers, insurers, service providers, law enforcement, and government agencies. It is inclusive of every type of organization or company facing the problem of cargo crime within the transportation supply chain.

TAPA security requirements have expanded to global recognition as the industry standard for cargo facility and transport security, notably:

  • FSR (Freight Security Requirements)
  • TSR (Trucking Security Requirements)

These standards exist to help TAPA members reduce losses, and to provide a platform for more uniform conformance with state of the art security. Carrier hubs and depots that are TAPA certified guarantee with minimum security standards for manufacturers, and they are suitable for inclusion in contractual agreements.

Centry was recently appointed to be the TAPA Service Center in Thailand, becoming the main TAPA service provider in the country, supplying our services also to the general region of South East Asia.

Our supply chain security team supports organizations that are interested in enhancing the resilience of their supply chains by applying for international certificates and authorizations.

Who Can Benefit from this? ​

Our program is suitable for both organizations who are just beginning the journey toward a more secure supply chain, and organizations that have an established security resilience culture, but wish to improve it with objective knowledge. In order to ensure that the efforts of the organization receive the recognition they deserve, we support our customers in complying with the requirements of AEO, C-TPAT, ISO 28000, TAPA FSR and TSR certificates and authorizations.

Where to Begin

For businesses looking to begin the journey toward securing their supply chains, we provide our full spectrum of services that are aimed at guiding the customer through the whole process of certification and security– from preliminary discussions to the maintenance phase of the security management system.

Our primary objective is to support the creation of a system that suits the existing culture and processes of the organization. This begins with determining the desired outcome for the program, followed by examining the operations to understand the business and pinpoint the critical areas. When the key areas have been identified, we provide our expert knowledge to comply with the requirements of the certificate or authorization. This includes system upgrades, creation of documents, training of staff and third parties, inspections of third parties and ensuring compliance with internal requirements.

How to Extend Your Knowledge

For an organization with established security resilience culture, we provide objective and up-to-date knowledge and services regarding supply chain security. The service can be directed to specific issues or give an overarching view of the whole organization. It ensures that the team tasked to ensure supply chain resilience has the up-to-date information regarding key topics and solutions required to enhance the main business. The services we provide include: site and system assessments to ensure compliance with requirements, workshops and training sessions for key stakeholders, classroom sessions for larger crowds, e-learning solutions to ensure global coverage and intelligence services to clarify the opportunity and threat profiles for business objectives and areas.

As global supply chains involve long subcontracting chains, we provide third-party monitoring solutions. We conduct assessments and investigations on behalf of the organization to their third parties for an objective compliance evaluation against any security requirements.

All of these services can be included with Centry’s Security Manager as a Service -package. With it, the organization has the up-to-date knowledge available, when it is required.

If you have any questions or comments, feel free to contact us at info@centry.global.