Guide for Smarter Open Source Searching Due Diligence

This guide is all about open-source searching a low-cost but powerful step in your AML due diligence process. Whether you’re onboarding a new client or reviewing your existing file, these checks are essential for spotting red flags early.

What Is Open Source Searching?

Open-source searching means using publicly available information: like Google results, online reviews, news articles, and regulatory registers. You will be able to understand more about your client, their reputation, and any risks associated with them.

Under the Money Laundering Regulations 2017, regulated firms must take a risk-based approach. Open-source checks are a key part of that. They help you:

Identify adverse media
Spot signs of fraud or criminal property
Confirm regulatory status
Protect your business from reputational damage

Who Should You Search?

You should carry out checks on:

All individuals linked to the business or service
Persons with Significant Control (PwSC)
Shareholders or beneficial owners
Connected companies, intermediaries, or agents

💡 Flex Tip: Don’t forget to review linked directors, especially where there are multiple company appointments or nominee structures.

How to Conduct an Open Source Search

Use combinations of:

Full name (try with and without middle names)
Name + city or country
Name + keywords like:
- “fraud”
- “money laundering”
- “director ban”
- “complaint”
- “scam”
- “arrest”

Search company names + keywords too. Try different search engines (Google, Bing, DuckDuckGo), and consider:

Domain lookups (e.g. whois.domaintools.com)
Google Reviews, Trustpilot, Glassdoor
LinkedIn and other social profiles

💡 Flex Tip: Use incognito or private browsing to avoid search results being influenced by your history.

Open Source AML Search Checklist

Use this step-by-step checklist to keep your file complete and audit-ready:

🔎 Search Setup

Use incognito/private mode
Search full name with and without middle name
Add city, postcode or company name
Add risk keywords (fraud, scam, money laundering, etc.)
Try at least 2 search engines

📝 What to Record

Search date and your initials
Search terms used
Summary of findings (including “no adverse media found”)
Any rationale if search was limited (e.g. common name, insufficient data)
Screenshot or save key articles/links

🚩 Red Flags to Escalate

Negative media or press coverage
Multiple dissolved companies or high number of directorships
Connections to high-risk jurisdictions or shell companies
Complaints, poor reviews, or trading bans
Use of false documents or reluctance to provide KYC

📂 Documentation & Follow-Up

Save search results securely in AML file
Escalate to MLRO or compliance lead if needed
Update client risk rating if applicable
Schedule review (onboarding / annual / material change)

💡 Flex Tip: Use a templated search log for each file – we’ve got one ready for you, just ask!

Don’t Forget Sanctions and PEP Checks

Your open-source checks should be paired with:

Sanctions checks via OFSI, UN, HMT or OFAC
PEP screening, especially where enhanced due diligence is required

Keep records of:

When the checks were last done
The result (even if no matches found)
Evidence that the screening tool is up to date

🧠 Final Thoughts

Open-source checks are often overlooked, but they’re one of the best ways to detect risk early and demonstrate compliance to HMRC.

They show:

You’re taking a risk-based approach
You’re acting proactively
You care about doing the right thing