On May 16, 2022, the US Departments of State and Treasury and the Federal Bureau of Investigation (“FBI”) issued a joint advisory alert to the public about attempts by the Democratic People’s Republic of Korea (“DPRK” a.k.a. North Korea) and DPRK information technology (“IT”) workers posing as non-DPRK nationals to obtain employment outside of North Korea. The Advisory provides guidance to help prevent inadvertent recruitment, hiring, and facilitation of North Korean IT workers, as the hiring or support of DPRK IT workers may create business risks that range from theft of data, intellectual property, and funds, to sanctions-related risks under both US and United Nations (“UN”) authorities.
The advisory guide provides information on how DPRK IT workers operate and notes red flag indicators and due diligence measures to help companies avoid hiring DPRK IT workers and to help platforms identify DPRK IT workers abusing their services. Below we summarize key read flag indicators and risk mitigation recommendations highlighted in the Advisory fact sheet.
Red Flag Indicators of Potential DPRK IT Worker Activity Include:
- Logins from multiple IP addresses (often from different countries) into one account within a short period of time;
- Frequent transfers of money through payment platforms, often to People’s Republic of China (PRC) based bank accounts or requests for payments in cryptocurrency;
- Inconsistency in information such as in name spelling, nationality, alleged work location, contact information, educational history, work history, and other details on freelance platforms, social media profiles, payment platforms, and external portfolio websites; and
- An inability to conduct business during regular business hours and an inability to reach the worker in a timely manner, particularly through instant communication methods.
Due Diligence Measures the Private Sector Can Take to Prevent the Inadvertent Hiring of DPRK IT Workers:
- Verify documents submitted to you as part of job applications directly with the listed company or educational institution in order to check for a different use of contact information from what was provided on submitted documentation;
- Carefully scrutinize identity verification documents for forgery;
- Conduct a video interview to verify a potential worker’s identity;
- Conduct a pre-employment background check and or biometric (fingerprint) log to verify identity and claimed location;
- Avoid payments in cryptocurrency and require banking information verification that corresponds to identifying documents;
- Check the name spelling, nationality, claimed location, contact information, educational history, work history, and other details are consistent across the developer’s freelance platform profiles, social media, platform payment accounts, and assessed location of hours of work; and
- Be suspicious if a developer is unable to receive items at the address on their identifying documents.
The authors acknowledge the assistance of Vanessa Keverenge in the preparation of this blog post.
Author
Kerry B. Contini
Kerry Contini is a partner in the Firm's international trade practice in Washington, DC. She advises companies on export controls, sanctions, and related human rights and supply chain compliance issues. She has been with Baker McKenzie since she was a summer associate in 2005 and started as an associate in 2006.
Kerry has been ranked in the Up and Coming categories for Export Controls & Trade Sanctions by Chambers Global (2022) and Chambers USA (2021), with clients highlighting that "her advice and solutions are business-focused" and that she is "very practical and easy to work with." Kerry has been recognized as a “standout” member of Baker McKenzie’s international trade team by Legal 500. Legal 500 reported a client as stating that, “Kerry is thoughtful, practical, efficient, and has really invested in getting to know our business and our team.” Kerry was recognized in the Who's Who Legal 2021 as a Global Leader in Trade & Customs - International Sanctions.
Kerry has written on export controls and trade sanctions issues for a number of publications, including WorldECR, The Export Practitioner, and Ethisphere. She has presented on pandemic-related supply chain issues to the US International Trade Commission. Kerry has been quoted in a number of publications, including Global Investigations Review and Asian Legal Business. She is an editor of the Firm’s Global Supply Chain Compliance blog and is a regular contributor to that blog as well as the Firm’s Sanctions & Export Controls Update blog. Kerry is a co-chair of the Export Controls and Sanctions Section of the Association of Women in International Trade.
Kerry is part of the diversity and inclusion leadership for the Washington DC office and is a member of the BakerWomen Steering Committee. She has maintained an active pro bono practice throughout her career at Baker McKenzie and is co-chair of the Washington DC office pro bono leadership team. Kerry has worked on a wide range of pro bono matters, primarily focusing on public international law, animal advocacy, and election protection. She is an active member of the Animal Law Committee of the Environment, Energy, and Natural Resources Community of the DC Bar.
Author
Lise S. Test
Lise Test is an of counsel in the Firm’s International Trade Group in Washington, DC and practices in the area of international trade regulation and compliance — with emphasis on US export control laws (Export Administration Regulations (EAR) and International Traffic in Arms Regulations (ITAR)), trade sanctions, and anti-boycott laws. Ms. Test advises clients on issues relating to product classifications, licensing, regulatory interpretations, risk assessments, enforcement actions, internal investigations and compliance audits, as well as the design, implementation, and administration of compliance programs.
Ms. Test works regularly with companies across a wide range of industries, including the pharmaceutical/medical device, telecommunications, manufacturing, and technology sectors. She joined the Firm as a summer associate in 2007 and became a full-time associate in 2008. Prior to joining Baker McKenzie, Ms. Test served as a lawyer at the Danish Ministry of Defence.
