Hot Commodities

Jack Margolin, Senior Analyst and Irina Bukharin, Senior Analyst

This blog post previews an upcoming C4ADS report on South Asian proliferation networks and remote detection of nuclear dual-use trade using public information. You can subscribe here to get updates on C4ADS, including report releases and blog posts.

Today, the Bureau of Industry and Security (BIS) of the US Department of Commerce published the determination of the End-User Review Committee (ERC), a panel of inter-agency U.S. Government officials, that Kepler Corporation, Pegasus General Trading FZE and National Engineering Service Trading and Consultancy Company (NESTACC) be added to the Entity List. In the rule adding these companies to the Entity List, BIS stated that each company had contributed to unsafeguarded nuclear activity.

C4ADS identified and monitored these companies over the past several months as part of our Counterproliferation Cell’s effort to identify and disrupt illicit networks trading in strategic goods. Kepler Corporation, Pegasus General Trading, and NESTACC’s illicit procurement activities are visible in publicly available information (PAI) based on their patterns of trade, locations, and corporate affiliations. Through this brief summary of our investigation, we showcase how PAI, along with the right technology and analytical approaches, can empower law enforcement and civil regulators to identify proliferators not only in Pakistan, but also in other jurisdictions around the world.

Pakistan is not a signatory of the Nonproliferation Treaty (NPT), the Comprehensive Test Ban Treaty (CTBT) or a member of the Nuclear Suppliers Group (NSG); despite this, it maintains an active nuclear weapons program. Because Pakistan cannot indigenously produce everything its nuclear program needs, it relies in part on front companies* trading abroad to procure the equipment and supplies necessary to produce nuclear weapons and delivery systems like ballistic missiles. Nations like the United States, Japan, and members of the European Union seek to identify and block these corporations as a top national security priority in order to prevent sensitive technology from being used in nuclear weapons or missile production.

We used PAI, including millions of rows of trade data from 255 different jurisdictions, corporate records, and other sources to examine three of the companies listed today for patterns of dual-use trade and associations with the Pakistani nuclear program.

Kepler Corporation is a Pakistani company that, prior to today’s action, was not publicly known to have procured for Pakistan’s unsafeguarded nuclear facilities or weapons program. However, an analysis of Kepler’s footprint using PAI such as trade records and corporate data finds that Kepler behaves in much the same way as a nuclear proliferator: Kepler has procured possible nuclear dual-use materials, is part of trading networks that have also supplied companies known to contribute to Pakistan’s nuclear program, and is co-located with entities publicly identified as Pakistani proliferators.

Pegasus General Trading FZC is a company based in Sharjah, UAE, that was added to the Entity List today, which “made multiple attempts to acquire U.S.-origin commodities ultimately destined for Pakistan’s unsafeguarded nuclear program, has provided false and misleading information to BIS during an end-use check, and has falsified official documents to obfuscate the true end-users of items subject to the EAR.” Using trade data, we found that Pegasus General Trading FZC previously supplied entities listed by BIS for supporting Pakistan’s nuclear and missile programs.

In addition, Pegasus itself may be closely tied to or controlled by National Engineering Services Trading & Consultancy Co. (NESTACC), an engineering company that provides goods and services for entities historically linked to Pakistan’s nuclear and missile industries that was also added to the Entity List today.

By examining the goods these companies trade, the relationships they maintain, and the physical geography they inhabit, we can come to a better understanding of the role these entities likely play in the nuclear supply chain.

RISKY PRODUCTS: EXAMINING SHIPMENTS OF DUAL-USE COMPONENTS

We first flagged Kepler Corporation based on trade records from 2016 to 2019, as a result of both the products Kepler was buying as well as the companies it was buying them from. The product descriptions in available trade data for the shipments sent to Kepler Corporation were sparse, but some include product classifications that indicate the contents may be nuclear dual-use goods as per Nuclear Suppliers Group Part 2 Guidelines. For example, one January 2019 shipment lists its contents as “nuclear safety class 2 valves.” The NSG Part 2 Guidelines indicate that to be dual-use, a valve must meet certain size and material specifications. Without information about those factors, we were unable to conclusively determine whether the valves are dual-use or not. However, the description “nuclear safety class 2” likely refers to a standard set by the American Society of Mechanical Engineers Boiler & Pressure Vessel Code, indicating that the valves may be used in a nuclear facility. Further information can be gleaned by comparing the value of the shipment with the number of units. In this case, the 6 valves in the shipment cost a total of USD $15,875.60, or USD $2,645.93 each, indicating that the valves are of high value and may be specialty equipment.

RISKY COUNTERPARTIES: COMPARING THE TRADE PARTNERS OF KEPLER AND KNOWN PAKISTANI PROCUREMENT COMPANIEs

We then examined the companies that sent shipments to Kepler in more detail. Seventy percent of the companies that had exported products to Kepler Corporation had also shipped to companies known to have procured on behalf of Pakistan’s nuclear or missile programs. In the case of the valves discussed above, Kepler Corporation purchased them from a Hong Kong-based company that only shipped to three Pakistani buyers between 2016 and 2019: Kepler Corporation, Galaxy Corporation, and the Chashma Nuclear Power Generating Station. Galaxy Corporation was identified as a probable front company for the Pakistan Atomic Energy Commission (PAEC) by Project Alpha at King’s College London in 2016. The Chashma Nuclear Power Generating Station is a civil nuclear facility subordinate to the PAEC, listed on the US BIS Entity List. The image below illustrates some of Kepler Corporation’s trading relationships, as shown in available trade data, with a variety of companies listed for WMD proliferation concern by US BIS or Japan’s Ministry of Economy Trade and Industry (METI).

A shared address may seem like an obvious connection, but data irregularities can hide this relationship in plain sight.

For Kepler, we focused on its physical address. We wanted to find out if Kepler shared space with other companies of proliferation concern, but given inconsistencies across address formats, it was not immediately possible to compare them. By geocoding the addresses found in trade data, we were able to create reliable indications of company location. The image below shows the concentration of companies and imports to specific areas in Islamabad, including the address of Kepler Corporation: Office No. 13, 2nd Floor Jannat Arcade G-11, Markaz, Islamabad, with the associated coordinates, 33°40’09.6″N 72°59’59.8″E.

We then identified all companies located at Kepler Corporation’s address. Through this technique, we found that Kepler Corporation used the same address that had been used by two entities publicly associated with Pakistani nuclear proliferation: Al Technique Corporation and SMB Associates. Notably, BIS added Al Technique Corporation to its Entity List as a “Pakistani government, parastatal [or] private entity determined to be involved in nuclear or missile activities”, and SMB Associates was placed on Japan’s METI End User List as an entity of nuclear proliferation concern.

While Kepler does not outwardly declare any affiliation with the Pakistani nuclear program, PAI demonstrates that it has links to companies deeply involved in dual-use procurement, and trades similarly to these companies. Kepler’s location, its trade partners, and its purchasing habits, taken in sum, indicate that it is a company presenting high risk of illicit procurement. Turning to two other entities listed by BIS today, we see how these same signatures can manifest differently for other entities involved in dual-use trade, this time outside of Pakistan.

PEGASUS’ RISKY TRADE PARTNERS

As with Kepler, trade data showed that Pegasus General Trading FZC had relationships with several companies that have allegedly contributed to Pakistan’s nuclear proliferation efforts. For example, Pegasus General Trading FZC has previously supplied metal products to the Advanced Engineering and Research Organization (AERO). AERO is a Pakistani entity listed by BIS that has been reported by Project Alpha to be the commercial arm of Pakistan’s Air Weapons Complex (AWC), the Pakistani government entity responsible for developing delivery systems* for Pakistan’s nuclear weapons.

One of Pegasus General Trading FZC’s most prolific trade partners claims to supply Pakistani organizations involved in Pakistan’s nuclear program, and was also listed as part of today’s action. National Engineering Services Trading & Consultancy Co. (NESTACC) has received over 90 shipments from Pegasus since 2016, including as recently as January 2020. Some of these products have possible nuclear, missile, or defense applications, including items such as pressure gauges, frequency inverters, and graphite. On NESTACC’s website, the company lists clients that include Pakistan Ordnance Factories, historically involved* in illicit procurement and assessed by Jane’s Intelligence** as likely continuing to produce Pakistan’s nuclear weapons. Other listed clients include Heavy Mechanical Complex (HMC), an entity under the Pakistan Defense Ministry* that has a division that is subordinate to the BIS-listed Pakistan Atomic Energy Commission (PAEC).

NESTACC: Finding the Digital Connection

Trade isn’t the only thing connecting Pegasus and NESTACC: the registration of Pegasus’ website indicates that a deeper relationship may exist between the two. Pegasus’ website is minimal, containing contact information and little else. Corporate data reveals that Pegasus was incorporated on June 23, 2018, but it does not contain shareholder information. However, the domain registration information for Pegasus’ website indicates that an organization based in Pakistan called NESTACC registered the website for Pegasus General Trading. This unusual relationship, taken in consideration with the high-volume trade between the two, indicates that there may be a deeper connection.

Earlier this year, the U.S. Department of Commerce issued due diligence guidance related to Pakistan, emphasizing that proliferation activity is becoming harder to detect. It noted that “automated screening may not be sufficient to identify entities listed on the Entity List and manual review may be necessary.” More rigorous integration of PAI into both automated and manual review systems can provide enhanced awareness, and is a core imperative for effective screening. Our analysis on these companies, using only PAI, assessed that they pose a high-risk of proliferation, as is now corroborated by today’s action by BIS.

When illicit activity touches licit systems, it often leaves an observable signature. This might be a vessel’s uneconomic voyages as it evades sanctions, or a wildlife trafficking network’s regular use of the same corrupt port agent. Similarly, Pakistan’s illicit procurement of strategic goods leaves a trail in PAI. Kepler Corporation has received shipments that may contain dual-use goods, receives shipments from the same foreign companies that have supplied known entities of proliferation concern, and is co-located with some of these entities. Pegasus General Trading has traded with entities related to Pakistan’s nuclear weapons and missile programs, including those listed by BIS, and it appears to be directly affiliated with another newly listed Pakistani company, NESTACC, that lists similarly high-risk companies among its clients.

These signals are directly discoverable using PAI, giving entities and individuals charged with a counterproliferation mission the edge in preventing illicit dual-use trade. If we understand how these front companies behave, we can identify others like them at a system level, not just on an individual basis.

REFERENCES:

*: Feroz Hassan Khan, Eating Grass: The Making of the Pakistani Bomb. Stanford, CA: Stanford University Press, 2012. p. 166

**: Brian Cloughley and Robert Kelley, ‘Pakistan adopts full-spectrum nuclear deterrent,’ Jane’s Intelligence Review, 26 May 2016.