Panama Papers


Berikut ini berita terkait Panama Papers yang dikutip dari sueddeutsche.de, tempo.co, dan bankinfosecurity.com.

89063523_panama_index_draft2

About the Panama Papers

sueddeutsche.de | By Frederik Obermaier, Bastian Obermayer, Vanessa Wormer and Wolfgang Jaschensky

Over a year ago, an anonymous source contacted the Süddeutsche Zeitung (SZ) and submitted encrypted internal documents from Mossack Fonseca, a Panamanian law firm that sells anonymous offshore companies around the world. These shell companies enable their owners to cover up their business dealings, no matter how shady.

In the months that followed, the number of documents continued to grow far beyond the original leak. Ultimately, SZ acquired about 2.6 terabytes of data, making the leak the biggest that journalists had ever worked with. The source wanted neither financial compensation nor anything else in return, apart from a few security measures.

The data provides rare insights into a world that can only exist in the shadows. It proves how a global industry led by major banks, legal firms, and asset management companies secretly manages the estates of the world’s rich and famous: from politicians, Fifa officials, fraudsters and drug smugglers, to celebrities and professional athletes.

A group effort

The Süddeutsche Zeitung decided to analyze the data in cooperation with theInternational Consortium of Investigative Journalists (ICIJ). ICIJ had already coordinated the research for past projects that SZ was also involved in, among them Offshore Leaks, Lux Leaks, and Swiss Leaks. Panama Papers is the biggest-ever international cooperation of its kind. In the past 12 months, around 400 journalists from more than 100 media organizations in over 80 countries have taken part in researching the documents. These have included teams from the Guardian and the BBC in England, Le Monde in France, and La Nación in Argentina. In Germany, SZ journalists have cooperated with their colleagues from two public broadcasters, NDR and WDR. Journalists from the Swiss Sonntagszeitung and the Austrian weekly Falter have also worked on the project, as have their colleagues at ORF, Austria’s national public broadcaster. The international team initially met in Washington, Munich, Lillehammer and London to map out the research approach.

Making of

 modules_2_video_previewimageurl

The data

The Panama Papers include approximately 11.5 million documents – more than the combined total of the Wikileaks Cablegate, Offshore Leaks, Lux Leaks, and Swiss Leaks. The data primarily comprises e-mails, pdf files, photo files, and excerpts of an internal Mossack Fonseca database. It covers a period spanning from the 1970s to the spring of 2016.

modules_4_image_url

Moreover, the journalists crosschecked a large number of documents, including passport copies. About two years ago, a whistleblower had already sold internal Mossack Fonseca data to the German authorities, but the dataset was much older and smaller in scope: while it addressed a few hundred offshore companies, the Panama Papers provide data on some 214,000 companies. In the wake of the data purchase, last year investigators searched the homes and offices of about 100 people. The Commerzbank was also raided. As a consequence of their business dealings with Mossack Fonseca, Commerzbank, HSH Nordbank, and Hypovereinsbank agreed to pay fines of around 20 million euros, respectively. Since then, other countries have also acquired data from the initial smaller leak, among them the United States, the UK, and Iceland.

The system

The leaked data is structured as follows: Mossack Fonseca created a folder for each shell firm. Each folder contains e-mails, contracts, transcripts, and scanned documents. In some instances, there are several thousand pages of documentation. First, the data had to be systematically indexed to make searching through this sea of information possible. To this end, the Süddeutsche Zeitung used Nuix, the same program that international investigators work with. Süddeutsche Zeitung and ICIJ uploaded millions of documents onto high-performance computers. They applied optical character recognition (OCR) to transform data into machine-readable and easy to search files. The process turned images – such as scanned IDs and signed contracts – into searchable text. This was an important step: it enabled journalists to comb through as large a portion of the leak as possible using a simple search mask similar to Google.

The journalists compiled lists of important politicians, international criminals, and well-known professional athletes, among others. The digital processing made it possible to then search the leak for the names on these lists. The “party donations scandal” list contained 130 names, and the UN sanctions list more than 600. In just a few minutes, the powerful search algorithm compared the lists with the 11.5 million documents.

modules_6_image_url

The research

For each name found, a detailed research process was initiated that posed the following questions: what is this person’s role in the network of companies? Where does the money come from? Where is it going? Is this structure legal?Generally speaking, owning an offshore company is not illegal in itself. In fact, establishing an offshore company can be seen as a logical step for a broad range of business transactions. However, a look through the Panama Papers very quickly reveals that concealing the identities of the true company owners was the primary aim in the vast majority of cases. From the outset, the journalists had their work cut out for them. The providers of offshore companies – among them banks, lawyers, and investment advisors – often keep their clients’ names secret and use proxies. In turn, the proxies’ tracks then lead to heads of state, important officials, and millionaires. Over the course of the international project, journalists cooperated with one another to investigate thousands of leads: they examined evidence, studied contracts, and spoke with experts.

Among others, Mossack Fonsecas’ clients include criminals and members of various Mafia groups. The documents also expose bribery scandals and corrupt heads of state and government. The alleged offshore companies of twelve current and former heads of state make up one of the most spectacular parts of the leak, as do the links to other leaders, and to their families, closest advisors, and friends. The Panamanian law firm also counts almost 200 other politicians from around the globe among its clients, including a number of ministers.

The company

The company at the center of all these stories is Mossack Fonseca, a Panamanian provider of offshore companies with dozens of offices all over the world. It sells its shell firms in cities such as Zurich, London, and Hong Kong – in some instances at bargain prices. Clients can buy an anonymous company for as little as USD 1,000. However, at this price it is just an empty shell. For an extra fee, Mossack Fonseca provides a sham director and, if desired, conceals the company’s true shareholder. The result is an offshore company whose true purpose and ownership structure is indecipherable from the outside. Mossack Fonseca has founded, sold, and managed thousands of companies. The documents provide a detailed view of how Mossack Fonseca routinely accepts to engage in business activities that potentially violate sanctions, in addition to aiding and abetting tax evasion and money laundering.

About Süddeutsche Zeitung

Headquartered in Munich, Süddeutsche Zeitung (SZ) is one of Germany’s leading newspapers. SZ has a total readership of 4.4 million for its print and online media. Its investigative journalism team counts five people, three of which are members of the International Consortium of Investigative Journalists (ICIJ). The Süddeutsche Zeitunghas won a number of prestigious awards for its research work. Its team has cooperated with other media organizations on a number of projects, including Offshore Leaks, Swiss Leaks, and Lux Leaks, which ICIJ coordinated. At the beginning of 2015, an anonymous source began sending the Süddeutsche Zeitung data from Mossack Fonseca, a provider of offshore companies. This marked the beginning of the Panama Papers project.

The Süddeutsche Zeitung, in cooperation with the International Consortium for Investigative Journalists, sent Mossfon several written requests for comment. In response Mossfon sent two general statements, which can be viewed here.

Source:

 

Ini Deretan Pengusaha RI yang Terseret Panama Papers

SELASA, 05 APRIL 2016 | 19:52 WIB
495406_620

TEMPO.CO, Jakarta – Beberapa nama pengusaha terkenal Indonesia masuk dalam daftar klien Mossack Fonseca, sebuah firma hukum asal Panama. Berdasarkan bocoran dokumen yang kini dikenal sebagai The Panama Papers itu, ada sekitar 800 nama pebisnis dan politikus Indonesia yang masuk dalam daftar klien Mossack Fonseca.

Mossack Fonseca adalah sebuah firma hukum kecil namun amat berpengaruh di Panama. Firma ini memiliki kantor cabang di Hong Kong, Zurich, Miami, dan 35 kota lain di seluruh dunia. Bocornya data tersebut dipublikasikan serentak oleh 100 media di seluruh dunia.

Tempo merupakan satu-satunya media di Indonesia yang tergabung dalam kolaborasi lintas negara ini. Sejak setahun lalu, 370 jurnalis dari 76 negara—diorganisasi oleh The International Consortium of Investigative Journalists (ICIJ)—menelisik 11,5 juta data di dokumen itu. Dokumen ini pertama kali didapat oleh sebuah koran dari Jerman, Süddeutsche Zeitung.

Selain mencantumkan nama-nama asal Indonesia, dokumen finansial itu memuat sejumlah kepala negara (mantan dan yang masih menjabat), pebisnis internasional, dan tokoh dunia. Mereka masuk dalam daftar itu karena pernah menyewa Mossack Fonseca untuk mendirikan perusahaan di yuridiksi bebas pajak di luar negeri (offshore).

SIMAK: Bagaimana Tempo Terlibat Investigasi Panama Papers?

Berikut nama-nama miliarder Indonesia yang terseret Skandal Panama Papers:

1. Pemilik grup Lippo, James Riady

Tercatat sebagai pemegang saham di sebuah perusahaan bernama Golden Walk Enterprise Ltd. Perusahaan itu didirikan dengan bantuan Mossack Fonseca di British Virgin Islands pada 2011. Putranya, John Riady, juga tercatat sebagai pemilik Phoenix Pacific Enterprise Ltd di BVI. Ketika dimintai konfirmasi, salah seorang keluarga Riady memberikan keterangan off the record.

2. Direktur PT Indofood Sukses Makmur, Franciscus Welirang.

Dia tercatat sebagai pemegang saham perusahaan offshore bernama Azzorine Limited. Nama Fransiscus tak langsung tercatat sebagai klien Mossack Fonseca. Dia terafiliasi lewat BOS Trust Company (Jersey) Ltd, yang menjadi klien sejak 2013. Franciscus awalnya mengaku tak tahu ihwal informasi itu. “Azzorine? Saya enggak tahu,” kata Franciscus ketika ditanya soal ini, kemarin. Meski begitu, dia berjanji akan mengecek keterkaitan perusahaan itu dengan dirinya.

Belakangan, setelah memeriksa dokumentasinya, Fransiscus membenarkan. “Iya benar, itu memang perusahaan saya,” katanya. Dia menegaskan bahwa Azzorine adalah perusahaan tanpa investasi, yang disebutnya “perusahaan satu dolar”. Dia juga memastikan bahwa dia taat membayar pajak di Indonesia.

SIMAK: Panama Papers, Ada Nama Sandiaga Uno dan Riza Chalid!

3. Sandiaga Uno

Pebisnis terkemuka yang kini tengah mencalonkan diri menjadi calon Gubernur DKI Jakarta, juga tersangkut dokumen ini. Pekan lalu, Sandiaga mengaku memang memiliki beberapa perusahaan offshore di British Virgin Islands. Keberadaan perusahaan offshore itu penting untuk bisnis Saratoga Equities, sebuah perusahaan investasi yang dia dirikan bersama Edwin Soeryadjaya.

Setidaknya ada tiga perusahaan yang terkait dengan Sandiaga: Aldia Enterprises Ltd, Attica Finance Ltd, dan Ocean Blue Global Holdings Ltd. Ketiganya didirikan berurutan sejak 2004 sampai 2006. “Saya memang punya rencana membuka semuanya karena saya sekarang dalam proses mencalonkan diri menjadi pejabat publik,” katanya tenang.

SIMAK: Apa Itu Skandal Pajak Panama Papers? Ini Penjelasannya

Secara hukum, memiliki perusahaan offshore bukanlah sesuatu yang otomatis ilegal. Yang jelas, Mossack Fonseca menawarkan jasa untuk membuat perusahaan di yuridiksi bebas pajak untuk kliennya. Firma ini juga bisa menyamarkan kepemilikan perusahaan offshore agar tak mudah dilacak.

Selain tiga nama tadi, dua orang yang kerap dicari penegak hukum untuk kepentingan penyidikan kasus korupsi, yakni taipan minyak Muhammad Riza Chalid dan pengusaha properti Djoko Soegiarto Tjandra, juga tercantum dalam dokumen Mossack.

Riza dikabarkan tengah berada berada di luar Indonesia sehingga menyulitkan Kejaksaan Agung memeriksanya dalam kasus dugaan pencatutan nama Presiden Joko Widodo untuk mendapatkan saham PT Freeport Indonesia. Sedangkan Djoko menjadi buron dalam kasus pengalihan hak tagih (cessie) Bank Bali senilai Rp 904 miliar sejak 2009.

Selain mereka, masih banyak nama lain yang ada dalam dokumen Mossack dan kini sedang ditelusuri Tempo.

SIMAK: Pengusaha RI Masuk Panama Papers: 4 Modus Sembunyikan Harta

Data Mossack yang bocor berisi informasi soal Mossack dan klien-kliennya sejak 1977 sampai awal 2015. Keberadaan data ini memungkinkan publik mengintip bagaimana dunia offshore bekerja dan bagaimana fulus gelap mengalir di dalam jagat finansial global.

Salah seorang pendiri Mossack, Ramon Fonseca, menegaskan bahwa perusahaannya tidak punya tanggung jawab atas apa pun yang dilakukan kliennya dalam menggunakan perusahaan offshore yang dijual oleh Mossack.

Laporan lengkap investigasi ini bisa dibaca di Investigasi Tempo, Panama Papers. Adapun infografis lengkap mengenai nama-nama orang terkenal yang tersangkut dokumen ini bisa dilihat di https://panamapapers.icij.org/the_power_players/ABDUL MANAN | DIKO OKTARA | AZ | TIM ICIJ

Source:

 

‘Panama Papers’ – 6 Security Takeaways

Encryption, Access Controls and Network Monitoring Remain Essential

panama-papers-security-lessons-learned-showcase_image-5-a-9018

The fallout from the so-called “Panama Papers” leak continues.

See Also: How to Illuminate Data Risk to Avoid Financial Shocks

So far, the leak of 11.5 million records – emails, databases, images – allegedly from Panama-based law firm Mossack Fonseca has led to difficult questions for politicians and public figures, including Russian President Vladimir Putin and the government of Pakistan. On April 5, it even triggered the resignation of Iceland Prime Minister Sigmundur David Gunnlaugssonafter his name appeared in the leaked documents, tied to a previously undeclared shell company.

From an information security standpoint, however, experts say the breach highlights how one law firm apparently failed to have the right defenses in place. Essentials, security experts say, include encrypting sensitive data, using access controls as well as monitoring access patterns for signs of data exfiltration.

Here are six security takeaways from the massive data leak:

1. Law Firms: Wake Up

The Panama Papers should be a wake-up call for all law firms, says Brian Honan, who heads Dublin-based information security consultancy BH Consulting.

“All law firms should review where their critical data is located, be that on servers, laptops, phones, portable devices and even paper, to determine how best to secure it,” says Honan, who’s also an adviser to Europol, which is the EU’s law enforcement intelligence agency. “They should look at the various security risks that are posed to the data wherever it is located and look to implement proper security controls as a result.”

2. Prepare to Be Breached

The FBI has long warned law firms that they’re at risk of being hacked, but it’s unclear how many firms take that threat seriously. Last week, meanwhile, The Wall Street Journal reported that both Cravath Swaine and Weil Gotshal, law firms that represent Wall Street and Fortune 500 firms for everything from lawsuits to merger deals worth billions of dollars, have recently been breached.

Such breaches are a concern because the information law firms handle could be used to give an organization the upper hand in negotiation. Or it could be used for insider trading (see Feds Charge 9 with $30M Insider Trading, Hacking Scheme).

While Weil Gotshal declined to comment to the newspaper, Cravath confirmed that it had suffered a “limited breach” last summer and that the firm is “not aware that any of the information that may have been accessed has been used improperly.” Both the Manhattan U.S. attorney’s office and FBI have reportedly been probing the breaches since last year.

These incidents show that all organizations – not just law firms – must assume they will be breached, says Itzik Kotler, CTO of Israeli cybersecurity startup firm SafeBreach. “Hackers getting in – it’s a given. They will find a way, by using social engineering or an exploit,” he says. “Stopping them from getting access to a server, or taking information from a server – exfiltration – is the key here.”

Itzik Kotler, CTO of SafeBreach, offers lessons learned from the Panama Papers leak.

3. Beware Insiders

It’s not yet clear when Mossack Fonseca first discovered that sensitive information had been exfiltrated. An anonymous source first approached German newspaper Süddeutsche Zeitungat the end of 2014, it says, offering to provide data. The newspaper says the leaks continued until this spring.

“All this time, [the firm] had a chance to do damage control,” Kotler says, but apparently failed, despite the vast amount of information that was being stolen.

On April 1, the firm alerted clients that it was investigating “an unauthorized breach of our email server,” according to a copy of the message posted by whistleblowing site WikiLeaks.

The scale of the breach has led some security experts to suggest that an insider leaked the data, given the vast quantity of data that had to be copied, as well as the timeframe. For now, however, the insider angle remains conjecture.

Meanwhile, the founding partner of Mossack Fonseca on April 5 claimed that his firm was a victim of a hack from outside the company, Reuters reports.

4. Don’t Miss Breach Warning Signs

It’s also not yet clear whether Mossack Fonseca’s April 1 warning had anything to do with the exfiltration that allowed someone to walk away with 2.6 terabytes of corporate information.

“Similar to the Sony Entertainment breach, a huge amount of data has been compromised,” Honan says (see Will Sony Settle Cyber-Attack Lawsuit?). “We are yet unclear as to how this happened. However, one would expect that if appropriate security monitoring mechanisms were in place this large exfiltration of data should have been detected earlier.”

5. Cull Data

Too many organizations retain too much data, despite the security risks. “In our experience people working in office environments tend to hoard data, very often the only justification being ‘in case we need it again,'” Honan says. “However, if you keep information you then have to secure it.”

Otherwise, stored data becomes a target for attackers, and a liability to organizations, as last year’s Ashley Madison data dump demonstrated. In that case, the online dating service retained former subscribers’ data, including their email addresses and GPS coordinates (seeThe 2 Worst Breaches of 2015).

If firms choose to – or must – retain information in either digital or physical form, they shouldn’t underestimate the challenges associated with keeping it secure, Honan says. Barring any legal, regulatory or contractual obligations, “the safest way to secure it is to destroy it in a secure manner,” he says.

6. Keep Reviewing Access Permissions

For any data that an organization chooses to retain, security managers must review who has access to that information and then keep reviewing it. The goal is to keep information compartmentalized and thus lower the chance that an attacker – or malicious insider – could execute a data breach of catastrophic, or “Panama Papers,” proportions.

“Companies should regularly review their access controls to see who has access to what information and whether or not that access is still relevant to peoples’ roles,” Honan says. “Appropriate monitoring of access to key data stores and detection of data being moved from a secure location should also be in place.”

Source:

Iklan

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

%d blogger menyukai ini: