[db-wg] ORG record vetting ?

In this context, RIPE's published guidelines on due diligence (
https://www.ripe.net/publications/docs/ripe-700) cover what exactly is
checked. From my experience, the guidelines are always enforced as written.
As you mention, due to a variety of factors (based primarily on differences
in jurisdiction), this process isn't always perfect. I'm sure the NCC deals
with at least some of fraudulent activity as a result of the flaws you
mention. Unfortunately, short of drastic measures (such as prohibiting
certain jurisdictions from requesting resources), I can't see an easy way
to improve the current situation.
Do you have a suggestion for how the process could be improved?

Jacob Slater

On Sun, Jul 28, 2019 at 6:59 PM Ronald F. Guilmette via db-wg <
db-wg at ripe.net> wrote:

> In message <
> CAFV686eMtz+rYPwbNZ90N-WhK-Q9auHTkN5AKTXBXvhj_HyQ1w at mail.gmail.com>
> Jacob Slater <jacob at rezero.org> wrote:
>
> >Prior to an ASN or PI space being assigned by the NCC, the NCC goes
> through
> >and checks the organization info.
>
> Right.  Got it.  For some value of "checks".
>
> What would be the best way for a mere mortal, such as myself, to obtain
> some elaboration on the meaning of the word "checks" in this context?
>
> Not to digress too much from that one question, but to be frank, this
> whole notion of RIRs "checking" the organizations that they register
> has puzzled me for some time.  Let me explain.
>
> In every one of the five regions there are national or local jurisdictions
> that are well known as corporate "secrecy" jurisdictions.  I could easily
> rattle off the names of several of these for each of the five regions,
> but I'll spare you all and just assume you are all familiar with their
> names also.
>
> In each of the five regions, there are jurisdictions that allow for
> so-called
> "nominee" officers, i.e. people whose names get attached to the corporate
> registrations but who have neither any ownership of nor any day-to-day
> control over the operations of the company.
>
> In each of the five regions, there are jurisdictions that will not reveal
> the names of the actual "beneficial owners" of any given corporate entity
> registered in that jurisdiction, i.e. in the absence of a lawsuit and/or
> a court order to do so.
>
> In each of the five regions, there are jurisdictions that do not even
> -collect- information about the names of the actual "beneficial owners"
> of any given corporate entity registered in that jurisdiction.
>
> In each of the five regions, there are jurisdictions that DO collect
> information about the names of the (alleged) "beneficial owners" of each
> corporate entity registered within that jurisdiction, but where it is
> well and widely known that nobody ever checks any of this information
> due to an alleged lack of funding to do so (e.g. UK).
>
> In each of the five regions, there are jurisdictions that do not and will
> not reveal any information about -either- "beneficial owners" or even
> nominee officers in the absence of a lawsuit and/or a court order to do so.
>
> In each of the five regions, there are jurisdictions that do not operate
> -any- publicly accessible registry list of the corporate entities that
> -are- in fact legally incorporated in that jurisdiction.
>
> In each of the five regions, there are jurisdictions that do not, as a
> matter of either law or policy, divulge even the nanes of the corporate
> entities that are duly registered as legal entities within that
> jurisdiction,
> let alone any other or additional information about corporate entities,
> and these jurisdictions will not release even this minimal kind of yes/no,
> exists / doesn't exist kind of information on cororate entities in the
> absence of of a lawsuit and/or a court order to do so.
>
> In each of the five regions, there are jurisdictions that respect only
> their
> own local court rulings while utterly ignoring everyone else's (e.g.
> Nevis),
> and some of these jurisdictions go one step further and also make it both
> exceptrionally difficult and exceptionally expensive for outsiders to avail
> themselves of whatever passes for "justice" in these jurisdictions.
>
> In light of the final two paragraphs above, I am, have been, and remain
> in a state of ceaseless wonderment when it comes to this notion of RIRs
> vetting "all" entities that are resource holders in the various regions.
> The plain facts of the case would logically seem to render even the most
> minimal kind of *independent* vetting inherently and provably impossible,
> even in the best of conditions, at least with respect to those corpprate
> entities that have been formed within one of these maximally discreet
> corporate secrecy jurisdictions that litter the globe in every region.
>
> Am I wrong?  Or should I just accept this self-evident logical quandary
> as yet another one of the eternal, mystical, and insoluable mysteries of
> the Universe, like what happened before the Big Bang and where single
> socks go when they somehow escape, apparently of their own volition, from
> the dryer, never to be seen or heard from again?
>
>
> Regards,
> rfg
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/db-wg/attachments/20190728/aa7ac98f/attachment.html>