National Security: reserved publication

This article was published by José C. Nordmann on 04/09/2023 at LinkedIn

Introduction

Criminals are increasingly using technological tools to neutralize police operations, and to significantly increase their “creative” capabilities to produce new criminal patterns, thus significantly reducing the time available for security forces to prevent, detect and repress these illegal actions, which causes the need to update and/or create almost daily, or at least weekly the link analysis models used to identify criminal activities.

In this context, it is essential to have specialized support in the technological tools that are part of the police framework for purposes often unknown “until the previous week”, making not only inadvisable, but also impossible, the detailed planning of such activities when writing the terms of reference or notices of a public tender.

A real case

It recently finalized a bidding process for the acquisition of tools and services to fight organized crime in an important State of the Brazilian Federation. Given my status as a Member of the World Council for a Safer Planet, I had the privilege of participating as Principal Advisor to the offering company which resulted awarded as the winner of the contest.

The process had actually been published and decided two years earlier by the Administration of the Public Security Secretariat (the equivalent of the Interior Ministry in the States of Brazilian Union), and when the contract was about to be signed, there was a belated and complex controversy, which it seems opportune to comment on, saving the confidentiality elements of the case (although all actions are public), for the benefit of the law enforcement community (Public Ministries and Police) in Brazil and in other Latin American countries.

When the process left the hands of the Purchasing area, once all the legal rites of documentation validation about the winning bidder had been completed, and after the fully satisfactory completion of the POC (Proof Of Concept by its acronyms in English) provided for in the Term of Reference (TR), an Advisor to the Staff of the Secretariat filed an objection to the signing of the contract, which later turned out to be unfounded, but which had an enormous impact on the acquisition process, delaying it by more than two years and demanding considerable efforts from the author of this article and from the Secretary of State, in an extensive discussion process, which we now want to comment on with the intention of avoiding delays and unnecessary organizational efforts to other security forces.

The winning bid, in compliance with the provisions of the TR, included among the deliverables offered, licenses to use software of the i2 Suite (at that time from IBM and since January 2022 from Harris – i2 Group), training services and a “bank” of 3,500 hours of specialized consulting services, aimed at carrying out activities to develop models and cases to combat crimes and fraud and to support the Secretariat's forces in planning, implementing and sustaining preventive and repressive measures against organized crime.

The objection presented by the Advisor was based on the fact that, in his opinion, the winning bid did not present a technical demonstration to justify in detail how the 3,500 hours foreseen for development and support activities would be used, the lack of prior detailed planning for the use of said hours, and the lack of a procedure with guidelines and mechanisms for contracting services and estimating the hours needed for each service that would consume hours from the original bank.

Rationale

In the next paragraphs, I will briefly reproduce the essence of our argumentation (omitting names, although, I reiterate, the information on the process is public), which determined that, after more than two years, it was decided to maintain the original decision in favor of the company that won the bid.

1. It is not convenient to specify a priori implementation activities in detail. Including these details in the notice of a public tender would expose criminals to the tactical – strategic vision, and mainly the concrete plans of the security forces.

2. It is not possible to write a priori detailed implementation specifications. This requires knowledge from two parties: the bidding Organization and the Supplier, and a priori, when the TR is written, it is not known who the Supplier will be and, especially, it is unknown which Counter Crime Solution will be implemented.

3. The detailed specification of the activities is always carried out in the first phases of the Implementation Project, jointly between the bidding Organization and the awarded Supplier. In the Survey, Detailed Analysis and Design phases, these two required knowledges are applied: that of the bidding organization who knows its environment, use cases, challenges, and threats, and that of the Supplier who knows the architecture and specific functionalities of the Solution.

4. Nobody performs a priori the detailed specification of implementation activities. Due to the inconvenience and impossibility of doing so, all security, intelligence and investigation agencies describe in their TR the generic functionalities that should be included in the Solution and later carry out the detail of its implementation together with the Supplier, during the first phases of the Implementation Project. Numerous recent examples of bids by Brazilian public entities show that in all cases hiring a number of hours of consulting services was foreseen without detailing the specific tasks in which such hours would be used.

5. What could be detailed a priori was detailed. The TR Technical Specifications include the complete and exhaustive description of the functionalities that should be supported by the Solution to be offered in the Tender. The TR also provided that these theoretical technical requirements, which could be established before knowing what the winning Solution would be, would be complemented by the physical verification (functionality verification), which was effectively carried out by the winning Supplier with full acceptance by the bidding Organization through a proof of concept (POC by its acronym in English).

6. The object of the bidding included three main objects: they are, firstly, to provide use licenses and support service of the Link Analysis Solution, to be provided by the Manufacturer; second, training services for the Customer Professionals about the Solution offered; and thirdly, solution implementation services (development and support in the implementation of analysis and investigation models), foreseeing the eventual use of up to 3,500 hours of specialized consultancy services. The bidding Authority did not object to the first two items: only to the third one.

7. In case of continuing with the bidding process, the bidding organization would not be obliged to use even one of the 3,500 consultancy services hours. The TR procedure established that such hours could only be used at the initiative of the bidding Organization, which should ask the winner Supplier to estimate the consumption of hours to carry out specific detailed activities during the execution of the contract (project).

8. The bidding Organization could continue with the bidding process only effectively acquiring the first two items of the object, which were not objected. Although the Brazilian legislation allows analyzing and eventually interrupting the bidding process in any stage, we understand that the late manifestation of possible objections related to the third item, did not constitute sufficient reason to annul an entire process that costed enormous efforts, resources and a lot of time of the reputable bidding Institution, given that, without prejudice to our disagreement with such objections, the bidding Organization might proceed to contract the winning Supplier and simply execute the acquisition of the first two items of the object, not requesting any service of the third item to the Supplier, thus eliminating all the potential effects of that item which was the only one that was preventing the continuation of the process.

9. The bidding Organization's strategic vision, aligned with the best practices in the fight against crimes and fraud in Brazil and in the world, has for years foreseen the need to complement its technological strengthening process with solutions for graphical analysis of links. We know that criminals and scammers extensively use advanced technologies to plan and execute their criminal activities. They did not stop for two years their evolution in the use of highly sophisticated tools. The current Superior Authorities of the bidding Organization had the opportunity to continue this strategic vision, taking advantage of precious time, proceeding with the acquisition of the licenses and training services referred to the Link Analysis Platforms of Suite i2, absolute leader in the world and in Brazil in link analysis activities for intelligence and investigation in the counter crimes and antifraud activities.

If current Superior Authorities agreed with the objections to the third item of the Tender, they might simply not request development services and implementation support from the Supplier, proceeding to carry out a tender exclusively for such services, without prejudice to being able to immediately start the implementation of models against delinquency, thanks to the availability of licenses to use the i2 Platform and Personnel trained in its use.

Conclusions

To conclude, it seems opportune to remember that the i2 Suite of software solutions is used by several Public Security Secretariats in the 27 Federative Units of Brazil, by numerous State Civil Polices and State Military Polices, by the Federal Police Department (DPF), by ABIN (Brazilian Intelligence Agency), by the Ministry of Justice, by SENASP (National Public Security Secretariat) and by SEOPI (Integrated Operations Secretariat) among other public agencies in Brazil, as well as by most of the main Brazilian banks, among which we mention four of the five largest banks: Banco do Brasil, Caixa Econômica Federal, Itaú and Bradesco for AML (Anti Money Laundering) and to combat other financial crimes.

The i2 Suite is also widely used in Western Police Departments such as the United States: the FBI and 80% of US law enforcement agencies and organizations including 4,000 police jurisdictions; in the UK: across 100% of police forces: 43 territorial police forces and 4 special police forces; in 80% of the world's Security Agencies, in 70% of NATO Defense Agencies; in 8 of the 10 largest Companies in the world and in 12 of the 20 largest banks in the world, with more than 30 years of experience and continuous innovation in link analysis to fight crime and fraud, with more than 35,000 power users in 140 countries and in 18 languages, naturally including Portuguese and Spanish.

Every single police force in the United Kingdom uses the i2 Suite to permanently implement, in their daily activities, new analytical models to combat crime. Below, we reproduce two paragraphs from an article published by IBM, which illustrates this situation:

“Today's police analysts need advanced analytics software to track criminal activity and pursue serious crimes and organized crime networks more effectively. With greater access to these analytics solutions, analysts can work more effectively – solving crimes faster and keeping the public safer.”

“Police forces can perform sophisticated analysis on phone records, bank account transactions, custody records, car license plate´s tracking and more – uncovering complex criminal networks and relationships to help solve cases faster and to identify emerging threats sooner. "Insights" into criminal networks can save hours of time and help officers to be better informed when they are sent to the streets."

José C. Nordmann
SME in real-time Digital Frauds
Member of the World Council for a Safer Planet
Member of ACFE (Association of Certified Fraud Examiners)