Identity laundering North Korean sanctions evasion: identity laundering explained

North Korean sanctions evasion: identity laundering explained

The May 2020 advisory demanded a higher level of due diligence, and the market reacted by onboarding more advanced systems. Nevertheless, the counteraction by bad actors was fast and more sophisticated than expected. With advanced deceptive tactics on the rise, stakes are higher than ever.

One of the latest tactics trending in the news is identity laundering. As reported by C4ADS, smugglers suspected of evading sanctions on North Korea have turned to this scheme to create fraudulent identities for sanctioned ships. 

The challenge

Identity laundering challenges standard compliance measures and regulations. This practice makes use of advanced tools to confound the ability to verify the true identity of a vessel. Perhaps one of the most unsettling characteristics of laundering is that the IMO, which has long been a single source of truth for establishing vessel identities, is defrauded to obtain a false registered identity.  

In order to understand identity laundering, it’s important to be familiar with the three core elements that make up a vessel’s identity. C4ADS defines these as registered, digital, and physical. To detect laundering, most stakeholders in the maritime domain rely only on one or two. For example, MDA systems tend to mostly rely on the digital identity, whereas port authorities rely on both physical and digital. Without reviewing all three in tandem, it becomes difficult to run a thorough analysis between IMO registration data, AIS transmissions across multiple identities, and the physical features of vessels. 

Vessel identity laundering is significantly more sophisticated than previously observed instances of vessel identity tampering, in which vessels modify their physical appearance or broadcast another vessel’s identity, or false data on AIS transmissions. To understand just how tricky these schemes are, we will walk through the case of the KINGSWAY. This vessel underwent a sophisticated identity laundering operation to avoid international sanctions for almost three years. 

The scheme

The KINGSWAY was a ‘dirty’ ship – accused of transferring fuel to North Korean tankers in 2017. In January 2018, the KINGSWAY was denied entry at Kaohsiung Port by Taiwan authorities. The KINGSWAY never transmitted AIS signals under its own identity again. So what happened? The KINGSWAY took on a new, fraudulent one. In July 2018, it transmitted for the first time the identity of the ALPHA on AIS while anchored northeast of the Singapore Strait. Bad actors then went a step further to enhance the vessel’s physical disguise through repainting. 

Windward newsletter

Everything you need to know about maritime AI direct to your inbox

By clicking submit, you consent to allow Windward to store and process the personal information submitted to provide you the content requested in accordance with our privacy policy.

In October 2018, the KINGSWAY ceased transmitting the ALPHA identity and began transmitting as the APEX. This was most likley done to more closely resemble the vessel’s true size. With its new APEX cover identity, the KINGSWAY resumed conducting voyage patterns typical of vessels engaging in fuel smuggling. In November 2019, the vessel changed its name to the SHUN FA (IMO 8528864). 

On May 6th, 2021, it was ultimately detained in Busan, South Korea, under its fraudulent identity as the SHUN FA, after being uncovered to be the sanctioned KINGSWAY (IMO 9191773). Sound complex? Lost in the timeline? That’s precisely what bad actors were after. 

The Windward effect

Given its complexity, vessel identity laundering presents new challenges for the maritime industry. For example, if a vessel has the IMO number, the appearance, and the AIS signal to back it up – how can stakeholders be expected to recognize it as another vessel? Thanks to this challenge, the KINGSWAY successfully avoided designation and operated freely for nearly three years—until its detention in May 2021. 

What’s the impact? If compliance teams had relied solely on list-matching, the KINGSWAY would have only been detected as high-risk years after its malicious operations. 

Windward follows a vessel’s entity over time regardless of transmitted changes. We leverage all three aspects of a vessel’s identity – registry information from providers, digital data from the best AIS coverage in the market, and physical information via satellite imagery. 

Analyzing multiple data points and sources in real-time is key to producing actionable insights with the timeliness required to detect illicit activity. Further, our ML-based platform resolves vessel entities over time to minimize the creation of false entities. How? Our algorithms unify entities across identity changes to create a continuous, comprehensive, and coherent vessel profile. This allows us to:

  • Create a cleaner, more reliable picture of movements worldwide over time
  • Preserve context on historical activities across multiple identity changes
  • Automatically detect cases of identity-tampering and other manipulations

Without a strong system, compliance teams can be left with difficult questions. If there is one case of identity laundering, how many other vessels are doing the same? How can you avoid doing business with these vessels if this is the case? To learn more about how we help our partners trade with confidence and protect their business, contact us.