Systematic screening of employees, internal contractors, external partners, agents, third parties and distributors must become standard practice for risk management
Last month's conviction of an NHS doctor from Iraq for plotting to commit mass murder through car bomb attacks outside London nightclubs and Glasgow airport in 2007 highlights the growing need for Enterprise Screening and the obvious gaps in internal risk management of public sector services, according to compliance and screening specialists, Datanomic Ltd. Current anti-terrorism and anti-money laundering regulations focus largely on external screening of clients and customers. However, the systematic screening of employees and internal contractors, as well as external partners, agents, third parties, and distributors - known as Enterprise Screening - must become standard business practice in order to achieve effective and responsible risk management for public and private sector companies.
Bilal Abdulla, 29, had been part of a terrorist cell in Iraq, according to counter-terrorism sources, yet was able to work undetected as an NHS doctor. Abdulla came to Britain to open a "new front" in the Islamist jihad through car bombs he tried to detonate outside the 'Tiger, Tiger' nightclub and at Glasgow airport. Abdulla is the son of respected physicians who had trained in Britain before returning to Iraq. US sources say that before he arrived in Britain he was known to have associated with a Sunni terrorist cell in Baghdad and played a backroom role, possibly as a quartermaster.
"This conviction is just the latest example of the gaping holes in current risk management and security practices in the public sector," said Dr Jonathan Pell, CEO of Datanomic Ltd. "NHS recruitment policies meant that Abdulla was able to hold a 'trusted position' as a doctor, treat patients and remain under the radar to his employers, despite the fact that he was detected by MI5 on the periphery of extremist activity when he associated with Muslim radicals, including members of the Hizb ut-Tahrir party, while studying in Cambridge."
Until now, Client Screening has largely been an automated process in the financial services industry and hasn't seen the same level of interest in other sectors. However, large organizations are starting to use the same technology as part of their proactive fraud and risk management strategies, particularly multi-national companies with a global presence, companies with large customer bases, and those with extended supply chains and partnerships. Datanomic terms this practice 'Enterprise Screening': screening employees, agents, associates, suppliers, business partners - anyone associated with the enterprise's brand.
"The same philosophy of Know-Your-Customer is expanding to incorporate 'Know-Your-Employee, Know-Your-Supplier, Client, Contractor, Distributor or Partner'," added Dr Pell. "Doing business with individuals and companies that you do not know or have not properly screened can be an expensive, embarrassing or in some instances, catastrophic mistake. We are seeing significant interest in Enterprise Screening from non-financial markets, such as telecommunications, utilities, transport and local government, and expect it to become standard business practice across all major industries within the next three years."
Adbulla is not the first high profile terrorist to work undetected in the UK public sector. In 2007, London Underground made a highly public security blunder when it emerged that Mohammed Kamel Mostafa, convicted terrorist and son of the jailed Islamic cleric Abu Hamza managed to get a job on the network. Mostafa, 25, who was jailed for three years in Yemen in 1999 for allegedly plotting a bombing campaign, was employed by a subcontractor of the network's maintenance company, Tube Lines. Mostafa was granted astonishing access to London's Tube network. Checks were carried out before he took up the post and it is thought he met the employment requirements as he had no criminal convictions in the UK. No screening was done against international sanctions lists or Politically Exposed Person (PEP) lists.
Likewise, in March 2008, MI5 agents identified four officers in the Metropolitan Police suspected of passing secrets from the force. All four are allegedly living in London and are feared to have links with Islamic extremists in Britain and worldwide terrorist organisations. MI5 bosses reportedly fear the moles may have been planted to keep Al Qaida informed of anti-terror raids and may have already accessed sensitive information about ongoing operations.
In the United States, ninety-four percent of alien residents from terrorist-supporting countries who were released from immigration detention were never found again and were never deported. They are presumably still living in the USA - many of them with new IDs, including driver's licenses and Social Security credentials, all available for a price, and many suspected of holding 'legitimate' jobs.
"We are seeing increasing demand for Enterprise Screening as a means of mitigating risk and proactively protecting brand reputation," added Dr. Pell. "The risks of doing business with individuals and companies that you don't know are simply too high, and the obvious gaps in recruitment practices must be tightened. Datanomic is already the trusted platform of choice in the financial services market to help mitigate risk, avoid multi-million pound fines, and help safeguard the reputations of some of the world's most respected companies. We expect to see the same stringent practices of screening become mirrored in the public sector to prevent individuals such as Bilal Abdulla from feigning legitimacy and holding jobs in the public sector."
Datanomic's holistic approach to delivering fit-for-purpose data and screening accuracy enables its growing list of European and North American blue chip clients to achieve a rapid Return on Investment, by exposing and correcting deficiencies in information their businesses rely upon, and by discovering potential regulatory and legislative compliance data issues in line with proactive risk management. Our clients come from a wide spectrum of industries including financial services, telecommunications, government, healthcare, utilities, professional services and engineering.