Data collection in Grid

Data privacy has become an important element of privacy rights in recent years due to the drastic growth and collection of personal data through technology, enhancing economic, social, and legal stakes. 

Laws such as the European Union’s GDPR or the California Consumer Protection Act are intended to impose strict rules on businesses that handle customers’ personally identifying information and issue fines and penalties against those that fail to safeguard such information properly. 

Risks for failing to abide by data privacy laws include fines and penalties by regulators, lawsuits, and loss of trust by customers.

Recognizing this new reality of risk, we have created a new code, Data Privacy and Protection (DPP), to capture relevant adverse media and monitored lists into our risk database, including information about businesses that suffer data breaches and other data privacy violations, ransomware attacks, data privacy-related fines, penalties, and lawsuits, and more.

Recognizing the current inherent limits of English-language global coverage, Grid contains the full text of high-quality, human-translated foreign language news through monitoring news sources from leading competitive intelligence services specializing in monitoring and analyzing online and media content. As most large-circulation, English-language publications will cover high-profile scandals or other risk events; this coverage is strongly weighted toward local media sources that have a higher likelihood of covering early warning indicators of risk by virtue of the fact that most scandals that do not involve national-level figures are covered first by smaller-circulation local publications. Moody's KYC Grid also takes direct translations from publishers offering English-language versions of the original content.

When translation services are unavailable, data staff manually monitors hundreds of publications in the local language daily, searching for risk-relevant content. Articles meeting Grid ’s risk-relevant definitions are then summarized in English and captured in Grid as part of our global online media collection.

Hate groups and hate crimes have become an increasingly large problem over the last decade, with the steady rise in activity and prominence culminating in the assault of the U.S. Capitol on January 6th, 2021.

While there is currently no domestic terrorism statute in the U.S., the activities of these groups and their frequently political motivations create a nexus between hate groups and terrorism. Especially given FinCEN’s designation of domestic terrorism financing as a national AML/CFT priority in June 2021, maintaining due diligence on these groups and their affiliations is crucial for both mitigating their impact and avoiding reputational risk.

Moody's Analytics created the HTE risk code in 2021 to provide clear, comprehensive coverage of the influential members and affiliated organizations of hate groups, as well as hate crimes in general. The continued expansion of this content set will ensure that the networks of hate are exposed.

The sources used in this hate group and hate crime collection are all publicly available - Moody's Analytics is not the original source for any of the content. Original sources are linked in the entity URL and sources sections where available.

​Iran Connect is a product designed to assist clients in complying with the Comprehensive Iran Sanctions, Accountability, and Divestment Act (CISADA) of 2010. CISADA expands upon the 1996 Iran Sanctions Act and the Iranian Transaction Regulations administered by the Treasury Department’s Office of Foreign Assets Control (OFAC).

​Iran Connect provides detailed, open-sourced profiles of Iran-relevant entities and the associated individuals and organizations tied to those entities, which are kept current as new information or details emerge. The profiles for each entity include addresses, aliases, connections and relationships to other records, dates of birth when available, and source information.

​Iran Connect data is pulled from foreign Chambers of Commerce, Middle East business advocacy journals; full-scale public source research of the Islamic Revolutionary Guard Corps (IRGC) affiliated persons and organizations inside and outside Iran and any subsidiaries under their control; foreign banks conducting business with the IRGC or IRGC front companies; full mining of relevant investigative reporting and key think tank research on Iran.

Highly trained and qualified analysts conduct quality control and review ​Iran Connect records at all stages of the research and data entry process; review possible client alerts to minimize false positive returns; and domain experts provide an additional level of materiality review. In our ​Iran Connect data set, you will see many relationships, including affiliates. Grid defines this relationship type as a well-known client, partner, or vendor of the entity concerned.

The sources used in this collection are selected based on their ability to identify potential sanctions-related risks based on regulations and recommendations relating to CISADA compliance obligations.

The Controlled Substance Act makes it illegal under US federal law to manufacture, distribute, or dispense marijuana, but a majority of states have legalized certain marijuana-related activities. In light of these developments, the US government, through the Department of Justice and FinCEN, has issued guidance to financial institutions on how to bank these types of organizations, including ongoing monitoring of publicly available sources for adverse media about the business and related parties as well as for suspicious activity.

Moody's Analytics has researched publicly available sources to create a database containing thousands of entities and individuals affiliated with marijuana-related businesses (MRBs) and the supply chain, such as growers, wholesalers, and retailers.

Further, because of the 2018 Farm Bill and the US Department of Agriculture’s requirement that they approve all state hemp programs by January 1, 2022, lest the state’s hemp production be illegal, we’ve added thousands of profiles for hemp across all applicable states. This data includes both businesses and individuals, and the state’s status with the USDA is noted in each profile.

This dataset allows Moody's Analytics clients to identify, track, and continuously monitor such entities, allowing clients to apply the appropriate level of due diligence based on their individual risk policies.

Moody's Analytics strives to identify, for each state and territory, the official published registries of licensed businesses. Directories and registers are used for those states and jurisdictions that do not publish licensed entities.

The extensive sources used to create PEP Connect records are validated and include media from 240 countries, extensive public source government documents, specialized political, trade, and industry journals, academy specialty publications, and biographic special interest journals.

For each country’s PEPs, teams first research the political hierarchy for each state and employ trained country and regional specialists to create records that capture each category of politically exposed person outlined by regulations associated with the USA PATRIOT Act, Europe’s Financial Action Task Force, the EU Third Money Laundering Directive, and any country-specific regulatory requirements. Grid employs a proprietary category classification for PEPs in PEP Connect to allow for client filtering and risk scoring based on a PEP's position, country, and event parameters.

Categories of PEPs include:

The final review of records entered into PEP Connect is designed to ensure that records are of the highest possible quality in terms of their accuracy and completeness. The tools that our PEP Connect teams use to build individual PEP profiles safeguard against the most common errors, such as not identifying the category or level of a PEP. A final level of review for quality is completed before our records are shared with our clients. Senior analysts and domain experts thoroughly review 100% of all PEP Connect records created by our regional research teams.

As mandatory federal requirements and an intense focus on national security increase, so does the need for proactive behavior when it comes to building and maintaining a compliance program that will serve your organization and protect you from investigations and potential fines. Highly effective, secure web-based customer verification data technology will reduce your organization’s operation, reputation, and compliance risk quickly and cost-effectively.

​Sanctions Connect is an available dataset that provides information on the individuals and organizations associated with sanctioned entities. Covering all sanctioned countries and entities, the data set establishes the connections to individuals and organizations spanning over 100 countries.

Organizational relationships include:

Individual relationships include:

This dataset includes connections such as:

Data for Grid is selected on the basis of its utility to assist clients in managing money laundering, fraud, corruption, compliance, organized crime, sanctions, embargoes, and associated regulatory and reputational risks. Moody's KYC Gridaccomplishes this through comprehensive efforts to harness subject matter expertise, experience, and technology into an ever-increasing risk archive. Moody's KYC Grid targets open-source public records to support Grid with the largest database of potential, probable, and known money launderers, fraudsters, organized crime figures, terrorists, and criminals.

Occasionally, key information will not be available in monitored lists or adverse media articles but can be found elsewhere in publicly available information. This information is added to a profile through supplemental profile information sources, and the entity URL of the source is included in the Source information section.

Governments worldwide have struggled to understand and regulate cryptocurrencies, which have exploded into a $2 trillion market cap in an extraordinarily short amount of time. Traditional financial institutions are wary of working with crypto-related businesses as the decentralized and anonymous natures of cryptocurrencies make them enticing to criminals.

Global regulators are setting their crypto policies and enforcing them. As the industry becomes more mainstream and crypto-related businesses seek to assimilate into traditional finance, it is important that financial institutions maintain due diligence.

In 2019, a new risk virtual currency risk code was created, known as VCY, to monitor Bitcoin ATM operators, ICOs, and virtual currency exchanges based on guidance released by global financial regulators and industry watchdogs. We are expanding that scope to include other crypto-related businesses, such as payment processors and brokers.