The Expensify EC-1

Let’s make it clear from the outset that this story is about an expense management SaaS business called Expensify. As you’d expect, yes, this is about the expense management market and how Expensify has grown, its technology and all of that. Normally, that would make us change the channel. But this is also a story about pirates; peer-to-peer hackers who asked, “Why not work from Thailand and dozens of countries across the globe?” and actually did it using P2P hacker culture as a model for consensus-driven decision-making — all with pre-Uber Travis Kalanick in a guest-starring role.

Most interestingly, this is a story about just not giving a damn about what anyone goddamn thinks, an approach to life and business that led to more than $100 million in annual revenue, and an IPO incoming on what looks to be a very quick timetable. Prodigious revenues, 10 million users and only 130 employees running the whole shebang — that’s a hell of an achievement in only 13 years.

If you’re going a bit “WTF,” well, we’d concur. Expensify is as contradictory as they come in the enterprise world. It’s managed to take what might well be the most boring part of the corporate business stack and turn it into something special. It doesn’t borrow its culture from other startups, it built its own tech stack from the ground up, and even hires in a completely radical way. Oh, and no one really has job titles either, because why the hell bother with hierarchy anyway? They’re pirates after all.

If expense management is about avoiding corporate plunder, then letting the pirates and hackers run the ship is probably the best approach. And now, Expensify is plundering the corporate spend world one travel ticket and business meal at a time just as the world is rebuilding in the wake of COVID-19.

TechCrunch’s writer and analyst for this EC-1 is Anna Heim. Heim is a tech journalist and former startup founder who has written for different tech publications since 2011. She recently joined Extra Crunch as a daily reporter, where she will be sharing insights on startups, particularly in SaaS. The lead editor of this package was Ram Iyer, the series editor was Danny Crichton, the copy editor was Richard Dal Porto, and original illustrations were created by Nigel Sussman with art direction from Bryce Durbin.

Expensify had no say in the content of this analysis and did not get advance access to it. Heim has no financial ties to Expensify or other conflicts of interest to disclose.

The Expensify EC-1 will be a serialized sequence of five articles published over the course of the coming weeks. We interviewed the company in February and March, well before the company announced a confidential filing of its S-1 to the SEC. Let’s take a look:

  • Part 1: Origin storyHow a band of P2P hackers planted the seeds of a unique expense management giant” (2,400 words/10 minutes) — Explores the colorful history of the Expensify founders’ days with Travis Kalanick’s venture before Uber, a P2P content distribution startup called Red Swoosh, and how that experience would eventually influence what would one day become an expense management giant.
  • Parts 2-5: Upcoming shortly.

We’re always iterating on the EC-1 format. If you have questions, comments or ideas, please send an email to TechCrunch Managing Editor Danny Crichton at danny@techcrunch.com.

Activist investor Starboard Value makes official bid for Box board seats in letter

Last week activist investor Starboard delivered a public letter rebuking Box for what it perceives as underperformance. Today the firm, which owns 8% of Box stock, making it the company’s largest stock holder, took it a step further with an official slate of four candidates it will be putting up at the next stockholder’s meeting.

While the company rehashed many of the same complaints as in last week’s letter, this week it explicitly stated its intent to run its own slate of candidates for the Box board. “Therefore, in accordance with the Company’s governance deadlines and in order to preserve our rights as stockholders, we have delivered a formal notice to Box nominating four highly qualified director candidates (the “Nominees”) for election to the Board at the Annual Meeting,” Starboard wrote in a public letter to Box.

Box responded in a press release that the Board as currently constituted categorically rejects this attempt by Starboard to take over additional seats.

“The Box Board of Directors does not believe the changes to the Board proposed by Starboard are warranted or in the best interests of all stockholders. The Box Board has been consistently responsive to feedback from all of its stockholders, including suggestions from Starboard, and open-minded toward all value enhancing opportunities. Furthermore, Starboard’s statements do not accurately depict the progress Box has made,” the Board wrote in a statement this morning.

Box further points out that the company overhauled the Board last year with three new board members specifically receiving Starboard approval.

What is driving Starboard to take this action? Like any good activist investor it wants a higher stock price and is seeking more growth from Box. Activist investors often come in and try to extract value by brute force when they perceive the company is underperforming. The end game, were they to be successful, could involve removing Levie as CEO or more likely selling the company and grabbing its profit on the way out.

Box asserted that “Starboard’s statements do not accurately depict the progress Box has made,” highlighting some of its recent financial performance, including “a $127 million increase in free cash flow in fiscal 2021.” The former private-market darling also argued that its fiscal 2021 “revenue growth rate plus free cash flow margin [came to more than] 26%,” which beat its own target of 25% and was “nearly double” what it managed in its fiscal 2020.

This is a good time for a “yes, but“: Yes, but Box’s ability to improve its profitability does not change the fact that its growth rate has been in steady decline for years. And while a company’s growth rate can cover nearly any sin, slowing growth that has already slipped into the single digits doesn’t cut Box much slack. (For reference, in its most recent quarter, the fourth of its fiscal 2021, Box grew just 8% on a year-over-year basis.)

It’s worth noting that the company did promise “accelerated growth and higher operating margins in the years ahead” in its most recent earnings call, but the company’s recent $500 million investment from KKR particularly irked Starboard, which asserts that it was akin to “buying the vote.”

“[Box] made several poor capital allocation decisions, including its recent entry into a financing transaction that we believe serves no business purpose and was done in the face of a potential election contest with Starboard at the 2021 Annual Meeting of Stockholders.”

Now it’s becoming a battle over more board seats. Box is putting up Levie, Verisign CFO Dana Evan and Peter Leav, CEO of McAfee and former CEO of BMC. Evan sits on the boards of Domo and Survey Monkey in addition to Box, while Leav previously served on the board of ProofPoint, which was acquired last month by Thoma Bravo for over $12 billion.

While Starboard’s nominees come with impressive resumes, it’s worth pointing out that they mostly lack direct experience working with an enterprise SaaS company like Box. The folks on the slate include Deborah S. Conrad, former executive at Intel; Peter A. Feld, Starboard’s head of research; John R. McCormack, former CEO of WebSense and Xavier D. Williams, a director of American Virtual Cloud Technologies, a public company on $170 million run rate. Box made $771 million last fiscal year.

The vote will take place at the Box stockholder’s meeting, which has traditionally been held in late June or early July. To this point, the company has not put out the exact date publicly.

ServiceNow leaps into applications performance monitoring with Lightstep acquisition

This morning ServiceNow announced that it was acquiring Lightstep, an applications performance monitoring startup that has raised over $70 million, according to Crunchbase data. The companies did not share the acquisition price.

ServiceNow wants to take advantage of Lightstep’s capabilities to enhance its IT operations offerings. With Lightstep, the company should be able to provide customers with a way to monitor the performance of applications with the goal of detecting problems before the grow into major issues that take down a website or application.

“With Lightstep, ServiceNow will transform how software solutions are delivered to customers. This will ultimately make it easier for customers to innovate quickly. Now they’ll be able to build and operate their software faster than ever before and take the new era of work head on with confidence,” Pablo Stern, SVP & GM for IT Workflow Products at ServiceNow said in a statement.

Ben Sigelman, founder and CEO at Lightstep sees the larger organization being a good landing spot for his company. “We’ve always believed that the value of observability should extend across the entire enterprise, providing greater clarity and confidence to every team involved in these modern, digital businesses. By joining ServiceNow, together we will realize that vision for our customers and help transform the world of work in the process […], Sigelman said in a statement.

Lightstep is part of the application performance monitoring market with companies like DataDog, New Relic and AppDynamics, which Cisco acquired in 2017 the week before it was scheduled to IPO for $3.7 billion. It seems to be an area that is catching the interest of larger enterprise vendors, who are picking off smaller startups in the space.

Last November, IBM bought Instana, an APM startup and then bought Turbonomic for $2 billion at the end of last month as a complementary technology. Being able to monitor apps and keep them up and running is crucial, not only from a business continuity perspective, but also from a brand loyalty one. Even if the app isn’t completely down, but is running slowly or generally malfunctioning in some way, it’s likely to annoy users and could ultimately cause users to jump to a competitor. This type of software gives customers the ability to observe and detect problems before they have an impact on large numbers of users.

Lightstep, which is based in San Jose California, was founded in 2015. It raised $70 million from investors like Altimeter Capital, Sequoia, Redpoint and Harrison Metal. Customers include GitHub, Spotify and Twilio. The deal is expected to close this quarter.

Fintech Startup Offers $500 for Payroll Passwords

How much is your payroll data worth? Probably a lot more than you think. One financial startup that’s targeting the gig worker market is offering up to $500 to anyone willing to hand over the payroll account username and password given to them by their employer, plus a regular payment for each month afterwards in which those credentials still work.

This ad, from workplaceunited[.]com, promised up to $500 for people who provided their payroll passwords, plus $25 a month for each month those credentials kept working.

New York-based Argyle.com says it’s building a platform where people who work multiple jobs and/or side hustles can improve their credit and employment options by pooling all of their gig work data in one place.

“Consumers’ access to financial security and upward mobility is dependent on their access to and control over their own employment records and how easily they can share those records with financial institutions,” Argyle explained in a May 3 blog post. “We enable access to a dataset that, for too long, has gone unstandardized, unregulated, and controlled by corporations instead of consumers, contributing to system-wide inequalities.”

Argyle’s app flow. Image: Argyle.com.

In that sense, Argyle is making a play for a discrete chunk of a much larger employment data market dominated by the major credit bureaus, which have been hoovering up and selling access to employment data for years.

The 800-lb. gorilla there is Equifax, whose The Work Number product has for years purchased employment data flows from some of the world’s largest companies (employees consent to this sharing as part of their employment contract, and The Work Number makes it fairly easy for anyone to learn how much you earn).

The Work Number is designed to provide automated employment and income verification for prospective employers, and tens of thousands of companies report employee salary data to it. It also allows anyone whose employer uses the service to provide proof of their income when purchasing a home or applying for a loan.

On its blog, Argyle imagines a world in which companies choose to integrate its application platform interface (API) and share their employee payroll data. At the same time, the company appears to be part of an effort in which non-salaried workers are prompted to repay their erstwhile employers’ trust by selling payroll credentials.

If Argyle is worried these two goals might somehow conflict, that is not obvious by looking at some of its direct-to-consumer efforts.

The website pictured below prompts visitors to “connect payroll,” and those who proceed agree to have their payroll data shared with a company called Earnin, a mobile payday loan app that lets users get an advance on their upcoming paycheck.

Clicking “Connect Payroll” brings up a list of payroll login pages for brand name companies, including Walmart, Starbucks, Amazon, Uber, Chipotle, etc., with a search feature that reveals login pages for everyone from the Federal Bureau of Investigation (FBI) to the Federal Reserve and Federal Trade Commission (FTC).

The default Argyle list of payroll login pages for major companies.

Here’s what comes up when you search by “Department of” at this site:

Drilling down into individual companies listed here produces a username and password form that in some cases is modified to request an employee identifier other than a username, such as a employee ID, associate or partner number instead. Here’s the login page for Starbucks employees:

The site pictured above actively checks if any submitted credentials are working, by submitting them directly to the employer in question. This Argyle status page indicates the system’s “data connection status” to countless employers.

Some of you may be thinking, “How many of us actually know or have our payroll passwords?” According to Argyle, plenty of people do.

“At Argyle, we are intimately familiar with how likely someone is to know the password for their employment account or payroll system, because we’ve seen hundreds of thousands of users successfully (and unsuccessfully) provide their credentials,” Argyle’s Billy Mardsen wrote on Apr. 1. “We closely monitor their success rate—what we call conversion—because it drives the performance of the products and applications that our clients build on top of Argyle.”

Argyle’s “conversion” numbers by employer. Image: Argyle.com

UNCOMMON GROUNDS

KrebsOnSecurity first heard about this company via Twitter from security researcher Kevin Beaumont, who pointed to a nest of domains associated with Argyle’s API — nearly all of which are offline now. At the time, Beaumont and others digging into this suspected the sites were part of an elaborate phishing scam.

These sites, which seemed to be grouped around a recent recruitment effort variously called “Workers United,” “UniteAtWork,” “WageCompete” and “CommonGrounds,” indicate that Argyle’s platform has been pivotal in a slew of campaigns paying employees at specific companies up to $100 for their payroll account passwords. Here’s one seeking T-Mobile employees:

A promotion offering T-Mobile employees $100 to give up their T-Mobile payroll account passwords.

Another recent promotion targeted employees at J.P. Morgan Chase, the largest financial institution in the United States:

Argyle declined multiple interview requests for this story, so it’s not clear how much of a role — if any — the company may have played in these various sites. But code prebuilds and instructions published in the company’s name on Github strongly suggest Argyle was instrumental in the WageCompete initiative.

Also, this page over at Scopeinc.com says the WageCompete program is provided by Argyle Expert Services.

Here’s a graphical look at the various websites mentioned here and their ties to Argyle’s API (click to enlarge):

The network of sites paying people for payroll passwords and their connections to Argyle’s API. Click to enlarge. Image: Virustotal

One of the sites in that graphic above that’s connected to Argyle’s API — workerresearchalliances[.]com — is currently live and includes the same verbiage about participants getting paid for their payroll credentials. The terms and conditions of the “WorkersApp beta program” were set by a company called Workers Research Alliances LLC, incorporated in February. The address for Workers Research Alliances is just a few blocks from Argyle’s office in New York City.

‘WE DO THINGS OTHERS DARE NOT DO’

Steve Friedl, an IT consultant in the payroll service bureau industry, said it appears Argyle has been paying people to help them refine their API and data scraping technology.

“They are not paying this money just to be able to sell people services, they are doing so to maintain their screen-scraping software API,” Friedl said. “This is essentially paying employees to help Argyle hack their payroll provider.”

Last fall Argyle announced it had landed a $20 million investment from Bain Capital, among others. The company’s co-founder, Shmulik Fishman, is described as a “disruptor” who says he wants to make credit scores obsolete.

“We’re fearless,” Fishman told Authority Magazine. “We do things other people dare not do.”

That much is clear. Hey, I can get behind almost anything that disintermediates the creaky old credit bureaus in a straightforward and consumer-friendly way. And the last time I checked, it’s not against the law to give someone your password, or to induce someone to do so willingly in exchange for something else (unless maybe you work for a federal agency).

But I wonder how many of the companies listed on all these payroll connect sites will respond to knowing their brands and logos are associated with a site that asks their employees to give away passwords.

KrebsOnSecurity contacted multiple high-level sources at major companies whose login pages are shown in these payroll connect programs running on Argyle’s platform. None of those sources were authorized to talk to the media, but all seemed fairly horrified at what they were seeing, and each said their employer’s legal departments were launching their own investigations.

Beaumont said he’s worried that in some companies, an employee’s payroll credentials may work to gain access to other parts of the organization — meaning some employees may be giving away more than they realize.

“My concern is some companies use single sign-on for payroll,” Beaumont said. “That’s a lot of access for a data harvesting company.”

The human-focused startups of the hellfire

Disasters may not always be man-made, but they are always responded to by humans. There’s a whole panoply of skills and professions required today to respond to even the tiniest emergency, and that doesn’t even include the needs during pre-disaster planning and post-disaster recovery. It’s not a very remunerative industry for most and the mental health effects from stress can linger for decades, but the mission at the core of this work — to help people in the time of their greatest need — is what continues to attract many to partake in this never-ending battle anyway.

In the last three parts of this series on the future of technology and disaster response, I’ve focused on, well, technology, and specifically the sales cycle for new products, the sudden data deluge now that Internet of Things (IoT) is in full force, and the connectivity that allows that data to radiate all around. What we haven’t looked at enough so far is the human element: the people who actually respond to disasters as well as what challenges they face and how technology can help them.

So in this fourth and final part of the series, we’ll look at four areas where humans and technology intersect within disaster response and what future opportunities lie in this market: training and development, mental health, crowdsourced responses to disasters, and our doomsday future of hyper-complex emergencies.

Training in a hellfire

Most fields have linear approaches to training. To become a software engineer, students learn some computer science theory, add in some programming practice, and voilà (note: your mileage may vary). To become a medical doctor, aspiring physicians take an undergraduate curriculum teeming with biology and chemistry, head to medical school for two deadened years of core anatomy and other classes and then switch into clinical rotations, a residency, and maybe fellowships.

But how do you train someone to respond to emergencies?

From 911 call takers to EMTs and paramedics to emergency planning officials and the on-the-ground responders who are operating in the center of the storm as it were, there are large permutations in the skills required to do these jobs well. What’s necessary aren’t just specific hard skills like using call dispatch software or knowing how to upload video from a disaster site, but also critically-important softer skills as well: precisely communicating, having sangfroid, increasing agility, and balancing improvisation with consistency. The chaos element also can’t be overstated: every disaster is different, and these skills must be viscerally recombined and exercised under extreme pressure with frequently sparse information.

A whole range of what might be dubbed “edtech” products could serve these needs, and not just exclusively for emergency management.

Communications, for instance, isn’t just about team communications, but also communicating with many different constituencies. Aaron Clark-Ginsberg, a social scientist at RAND Corporation, said that “a lot of these skills are social skills — being able to work with different groups of people in culturally and socially appropriate ways.” He notes that the field of emergency management has heightened attention to these issues in recent years, and “the skillset we need is to work with those community structures” that already exist where a disaster strikes.

As we’ve seen in the tech industry the last few years, cross-cultural communication skills remain scarce. One can always learn this just through repeated experiences, but could we train people to develop empathy and understanding through software? Can we develop better and richer scenarios to train emergency responders — and all of us, really — on how to communicate effectively in widely diverging conditions? That’s a huge opportunity for a startup to tackle.

Emergency management is now a well-developed career path. “The history of the field is very fascinating, [it’s] been increasingly professionalized, with all these certifications,” Clark-Ginsberg said. That professionalization “standardizes emergency response so that you know what you are getting since they have all these certs, and you know what they know and what they don’t.” Certifications can indicate singular competence, but perhaps not holistic assessment, and it’s a market that offers opportunities for new startups to create better assessments.

Like many of us, responders get used to doing the same thing over and over again, and that can make training for new skills even more challenging. Michael Martin of emergency data management platform RapidSOS describes how 911 call takers get used to muscle memory, “so switching to a new system is very high-risk.” No matter how bad existing software interfaces are, changing them will very likely slow every single response down while increasing the risk of errors. That’s why the company offers “25,000 hours a year for training, support, integration.” There remains a huge and relatively fragmented market for training staff as well as transitioning them from one software stack to another.

Outside these somewhat narrow niches, there is a need for a massive renaissance in training in this whole area. My colleague Natasha Mascarenhas recently wrote an EC-1 on Duolingo, an app designed to gamify and entrance students interested in learning second languages. It’s a compelling product, and there is no comparative training system for engaging the full gamut of first responders.

Art delaCruz, COO and president of Team Rubicon, a non-profit which assembles teams of volunteer military veterans to respond to natural disasters, said that it’s an issue his organization is spending more time thinking about. “Part of resilience is education, and the ability to access information, and that is a gap that we continue to close on,” he said. “How do you present information that’s more simple than [a learning management system]?” He described the need for “knowledge bombs like flash cards” to regularly provide responders with new knowledge while testing existing ideas.

There’s also a need to scale up best practices rapidly across the world. Tom Cotter, director of emergency response and preparedness at Project Hope, a non-profit which empowers local healthcare workers in disaster-stricken and impoverished areas, said that in the context of COVID-19, “a lot of what was going to be needed [early on] was training — there were huge information gaps at the clinical level, how to communicate it at a community level.” The organization developed a curriculum with Brown University’s Watson Institute in the form of interactive PowerPoints that were ultimately used to train 100,000 healthcare workers on the new virus, according to Cotter.

When I look at the spectrum of edtech products existing today, one of the key peculiarities is just how narrow each seems to focus. There are apps for language learning and for learning math and developing literacy. There are flash card apps like Anki that are popular among medical students, and more interactive approaches like Labster for science experiments and Sketchy for learning anatomy.

Yet, for all the talk of boot camps in Silicon Valley, there is no edtech company that tries to completely transform a student in the way that a bona fide boot camp does. No startup wants to holistically develop their students, adding in hard skills while also advancing the ability to handle stress, the improvisation needed to confront rapidly-changing environments, and the skills needed to communicate with empathy.

Maybe that can’t be done with software. Maybe. Or perhaps, no founder has just had the ambition so far to go for broke — to really revolutionize how we think about training the next generation of emergency management professionals and everyone else in private industry who needs to handle stress or think on their feet just as much as frontline workers.

That’s the direction where Bryce Stirton, president and co-founder of public-safety company Responder Corp, has been thinking about. “Another area I am personally a fan of is the training space around VR,” he said. “It’s very difficult to synthesize these stressful environments,” in areas like firefighting, but new technologies have “the ability to pump the heart that you need to experience in training.” He concludes that “the VR world, it can have a large impact.”

Healing after disaster

When it comes to trauma, few fields face quite the challenge as emergency response. It’s work that almost by definition forces its personnel to confront some of the most harrowing scenes imaginable. Death and destruction are given, but what’s not always accounted for is the lack of agency in some of these contexts for first responders — the family that can’t be saved in time so a 911 call taker has to offer final solace, or the paramedics who don’t have the right equipment even as they are showing up on site.

Post-traumatic stress is perhaps the most well-known and common mental health condition facing first responders, although it is hardly the only one. How to ameliorate and potentially even cure these conditions represents a burgeoning area of investment and growth for a number of startups and investors.

Risk & Return, for instance, is a venture firm heavily focused on companies working on mental health as well as human performance more generally. In my profile of the firm a few weeks ago, managing director Jeff Eggers said that “We love that type of technology since it has that dual purpose: going to serve the first responder on the ground, but the community is also going to benefit.”

Two examples of companies from its portfolio are useful here to explore as examples of different pathways in this category. The first is Alto Neuroscience, which is a stealthy startup founded by Amit Etkin, a multidisciplinary neuroscientist and psychiatrist at Stanford, to create new clinical treatments to post-traumatic stress and other conditions based on brainwave data. Given its therapeutic focus, it’s probably years before testing and regulatory approvals come through, but this sort of research is on the cutting-edge of innovation here.

The second company is NeuroFlow, which is a software startup using apps to guide patients to better mental health outcomes. Through persistent polling, testing, and collaboration with practitioners, the company’s tools allow for more active monitoring of mental health — looking for emerging symptoms or relapses in even the most complicated cases. NeuroFlow is more on the clinical side, but there are obviously a wealth of wellness startups that have percolated in recent years as well like Headspace and Calm.

Outside of therapeutics and software though, there are entirely new frontiers around mental health in areas like psychedelics. That was one of the trends I called out as a top five area for investment in the 2020s earlier this year, and I stand by that. We’ve also covered a startup called Osmind which is a clinical platform for managing patients with a psychedelic focus.

Risk & Return itself hasn’t made an investment in psychedelics yet, but Bob Kerrey, the firm’s board chairman and the former co-chair of the 9/11 Commission as well as former governor and senator of Nebraska, said that “it’s difficult to do this if you are the government, but easier to do this in the private sector.”

Similar to edtech, mental health startups might get their start in the first responder community, but they are hardly limited to this population. Post-traumatic stress and other mental health conditions affect wide swaths of the world’s population, and solutions that work in one community can often translate more broadly to others. It’s a massive, massive market, and one that could potentially transform the lives of millions of people for the better.

Before moving on, there’s one other area of interest here, and that is creating impactful communities for healing. First responders and military veterans experience a mission and camaraderie in their service that they often lack once they are in new jobs or on convalescence. DelaCruz of Team Rubicon says that one of the goals of bringing veterans to help in disaster regions is that the veterans themselves “reconnect with identity and community — we have these incredible assets in these men and women who have served.” It’s not enough to just find a single treatment per patient — we oftentimes need to zoom out to the wider population to see how mental health ripples out.

Helping people find purpose may not be the easiest challenge to solve as a startup, but it’s certainly a major challenge for many, and an area fermenting with new approaches now that the the social networking wave has reached its nadir.

Crowdsourcing disaster response

Decentralization has been all the rage in tech in recent years — just mention the word blockchain in a TechCrunch article to get at least 50 PR emails about the latest NFT for a toilet stain. While there is obviously a lot of noise, one area where substance may pan out well is in disaster response.

If the COVID-19 pandemic showed anything, it was the power of the internet to aggregate as well as verify data, build dashboards, and deliver highly-effective visualizations of complex information for professionals and laypeople alike. Those products were developed by people all around the world often from the comfort of their own homes, and they demonstrate how crowds can quickly draft serious labor to help respond to crises as they crop up.

Jonathan Sury, project director at the National Center for Disaster Preparedness at the Earth Institute at Columbia University, said that “COVID has really blown so much of what we think about out of the water.” With so many ways to collaborate online right now, “that’s what I would say is very exciting … and also practical and empowering.”

Clark-Ginsberg of RAND calls it the “next frontier of disaster management.” He argues that “if you can use technology to broaden the number of people who can participate in disaster management and respond to disasters,” then we might be reaching an entirely new paradigm for what effective disaster response will look like. “Formal structures [for professional frontline workers] have strengthened and that has saved lives and resources, but our ability to engage with everyday responders is still something to work on.”

Many of the tools that underpin these crowdsourced efforts don’t even focus on disasters. Sury pointed to Tableau and data visualization platform Flourish as examples of the kinds of tools that remote, lay first responders are using. There are now quite robust tools for tabular data, but we’re still relatively early in the development of tools for handling mapping data — obviously critical in the crisis context. Unfolded.ai, which I profiled earlier this year, is working on building scalable geospatial analytics in the browser. A lot more can be done here.

Oftentimes there are ways to coordinate the coordinators. Develop for Good, which I looked at late last year, is a non-profit designed to connect enterprising computer science students to software and data projects at non-profits and agencies that needed help during the pandemic. Sometimes these coordinators are non-profit orgs, and sometimes, just very active Twitter accounts. There’s a lot more experimentation possible on how to coordinate efforts in a decentralized way while still engaging with professional first responders and the public sector.

Speaking of decentralization, it’s even possible that blockchain could play a role in disaster and crisis response. Many of these opportunities rest on using blockchain for evidence collection or for identity. For example, earlier this week Leigh Cuen took a careful look at an at-home sexual assault evidence collection kit from Leda Health that uses the blockchain to establish a clear time for when a sample was collected.

There is a lot more potential to harness the power of crowdsourcing and decentralization, and many of these projects have applications far outside disaster management itself. These tools not only solve real problems — they provide real community to people who may not be related to the disaster itself, but are enthusiastic to do their part to help others.

The black swans of black swans

In terms of startups, the three markets I identified — better training, better mental health, and better crowdsourcing collaboration tools, particularly around data — collectively represent a very compelling set of markets that will not only be valuable for founders, but can rapidly improve lives.

In his book Normal Accidents, Charles Perrow talks about how an increasing level of complexity and coupledness in our modern technical systems all but guarantee disasters to occur. Add in a warming world as well as the intensity, frequency, and just plain unusualness of disasters arriving each year, and we are increasingly seeing entirely novel forms of emergencies we have never responded to before. Take most recently the ultra-frigid conditions in Texas that sapped power from its grid, leading to statewide blackouts for hours and days in some parts of the state.

Clark-Ginsberg said, “We are seeing these risks emerge that aren’t just typical wildfires — where we have a response structure that we can easily setup and manage the hazard, [we’re] very good at managing these typical disasters. There are more of these atypical disasters cropping up, and we have a very hard time setting up structures for this — the pandemic is a great example of that.”

He describes these challenges as “trans-boundary risk management,” disasters that cross bureaucratic lines, professions, societies, and means of action. “It takes a certain agility and the ability to move quickly and the ability to work in ways outside typical bureaucratic structures, and that is just challenging full stop,” he said.

The Future of Technology and Disaster Response

Even as we begin to have better point solutions to the individual problems that disasters and their responses require, we can’t be remiss in neglecting the more systematic challenges that these emergencies are bringing to the fore. We have to start thinking about bringing humans together faster and in more novel ways to be the most effective, while coupling them flexibly and with agility to the best tools that meet their needs in the moment. That’s probably not literally “a startup,” but more a way of thinking about what it means to construct a disaster response fresh given the information available.

Amanda Levin, a policy analyst at the Natural Resources Defense Council, said that “even if we mitigate, there are huge pressures and huge impacts today from a warming world … even if we stop emissions today, [they] will still persist.” As one of my interviewees in government service who asked to go unnamed noted about disaster response, “You always are coming up short somewhere.” The problems are only getting harder, and we humans need much better tools to match the man-made trials we created for ourselves. That’s the challenge — and opportunity — for a tough century ahead.

When the Earth is gone, at least the internet will still be working

The internet is now our nervous system. We are constantly streaming and buying and watching and liking, our brains locked into the global information matrix as one universal and coruscating emanation of thought and emotion.

What happens when the machine stops though?

It’s a question that E.M. Forster was intensely focused on more than a century ago in a short story called, rightly enough, “The Machine Stops,” about a human civilization connected entirely through machines that one day just turn off.

Those fears of downtime are not just science fiction anymore. Outages aren’t just missing a must-watch TikTok clip. Hospitals, law enforcement, the government, every corporation — the entire spectrum of human institutions that constitute civilization now deeply rely on connectivity to function.

So when it comes to disaster response, the world has dramatically changed. In decades past, the singular focus could be roughly summarized as rescue and mitigation — save who you can while trying to limit the scale of destruction. Today though, the highest priority is by necessity internet access, not just for citizens, but increasingly for the on-the-ground first responders who need bandwidth to protect themselves, keep abreast of their mission objectives, and have real-time ground truth on where dangers lurk and where help is needed.

While the sales cycles might be arduous as we learned in part one and the data trickles have finally turned to streams in part two, the reality is that none of that matters if there isn’t connectivity to begin with. So in part three of this series on the future of technology and disaster response, we’re going to analyze the changing nature of bandwidth and connectivity and how they intersect with emergencies, taking a look at how telcos are creating resilience in their networks while defending against climate change, how first responders are integrating connectivity into their operations, and finally, exploring how new technologies like 5G and satellite internet will affect these critical activities.

Wireless resilience as the world burns

Climate change is inducing more intense weather patterns all around the world, creating second- and third-order effects for industries that rely on environmental stability for operations. Few industries have to be as dynamic to the changing context as telecom companies, whose wired and wireless infrastructure is regularly buffeted by severe storms. Resiliency of these networks isn’t just needed for consumers — it’s absolutely necessary for the very responders trying to mitigate disasters and get the network back up in the first place.

Unsurprisingly, no issue looms larger for telcos than access to power — no juice, no bars. So all three of America’s major telcos — Verizon (which owns TechCrunch’s parent company Verizon Media, although not for much longer), AT&T and T-Mobile — have had to dramatically scale up their resiliency efforts in recent years to compensate both for the demand for wireless and the growing damage wrought by weather.

Jay Naillon, senior director of national technology service operations strategy at T-Mobile, said that the company has made resilience a key part of its network buildout in recent years, with investments in generators at cell towers that can be relied upon when the grid cannot. In “areas that have been hit by hurricanes or places that have fragile grids … that is where we have invested most of our fixed assets,” he said.

Like all three telcos, T-Mobile pre-deploys equipment in anticipation for disruptions. So when a hurricane begins to swirl in the Atlantic Ocean, the company will strategically fly in portable generators and mobile cell towers in anticipation of potential outages. “We look at storm forecasts for the year,” Naillon explained, and do “lots of preventative planning.” They also work with emergency managers and “run through various drills with them and respond and collaborate effectively with them” to determine which parts of the network are most at risk for damage in an emergency. Last year, the company partnered with StormGeo to accurately predict weather events.

Predictive AI for disasters is also a critical need for AT&T. Jason Porter, who leads public sector and the company’s FirstNet first-responder network, said that AT&T teamed up with Argonne National Laboratory to create a climate-change analysis tool to evaluate the siting of its cell towers and how they will weather the next 30 years of “floods, hurricanes, droughts and wildfires.” “We redesigned our buildout … based on what our algorithms told us would come,” he said, and the company has been elevating vulnerable cell towers four to eight feet high on “stilts” to improve their resiliency to at least some weather events. That “gave ourselves some additional buffer.”

AT&T has also had to manage the growing complexity of creating reliability with the chaos of a climate-change-induced world. In recent years, “we quickly realized that many of our deployments were due to weather-related events,” and the company has been “very focused on expanding our generator coverage over the past few years,” Porter said. It’s also been very focused on building out its portable infrastructure. “We essentially deploy entire data centers on trucks so that we can stand up essentially a central office,” he said, empathizing that the company’s national disaster recovery team responded to thousands of events last year.

Particularly on its FirstNet service, AT&T has pioneered two new technologies to try to get bandwidth to disaster-hit regions faster. First, it has invested in drones to offer wireless services from the sky. After Hurricane Laura hit Louisiana last year with record-setting winds, our “cell towers were twisted up like recycled aluminum cans … so we needed to deploy a sustainable solution,” Porter described. So the company deployed what it dubs the FirstNet One — a “dirigible” that “can cover twice the cell coverage range of a cell tower on a truck, and it can stay up for literally weeks, refuel in less than an hour and go back up — so long-term, sustainable coverage,” he said.

AT&T’s FirstNet One dirigible to offer internet access from the air for first responders. Image Credits: AT&T/FirstNet

Secondly, the company has been building out what it calls FirstNet MegaRange — a set of high-powered wireless equipment that it announced earlier this year that can deploy signals from miles away, say from a ship moored off a coast, to deliver reliable connectivity to first responders in the hardest-hit disaster zones.

As the internet has absorbed more of daily life, the norms for network resilience have become ever more exacting. Small outages can disrupt not just a first responder, but a child taking virtual classes and a doctor conducting remote surgery. From fixed and portable generators to rapid-deployment mobile cell towers and dirigibles, telcos are investing major resources to keep their networks running continuously.

Yet, these initiatives are ultimately costs borne by telcos increasingly confronting a world burning up. Across conversations with all three telcos and others in the disaster response space, there was a general sense that utilities just increasingly have to self-insulate themselves in a climate-changed world. For instance, cell towers need their own generators because — as we saw with Texas earlier this year — even the power grid itself can’t be guaranteed to be there. Critical applications need to have offline capabilities, since internet outages can’t always be prevented. The machine runs, but the machine stops, too.

The trend lines on the frontlines are data lines

While we may rely on connectivity in our daily lives as consumers, disaster responders have been much more hesitant to fully transition to connected services. It is precisely in the middle of a tornado and the cell tower is down that you realize a printed map might have been nice to have. Paper, pens, compasses — the old staples of survival flicks remain just as important in the field today as they were decades ago.

Yet, the power of software and connectivity to improve emergency response has forced a rethinking of field communications and how deeply technology is integrated on the ground. Data from the frontlines is extremely useful, and if it can be transmitted, dramatically improves the ability of operations planners to respond safely and efficiently.

Both AT&T and Verizon have made large investments in directly servicing the unique needs of the first responder community, with AT&T in particular gaining prominence with its FirstNet network, which it exclusively operates through a public-private partnership with the Department of Commerce’s First Responder Network Authority. The government offered a special spectrum license to the FirstNet authority in Band 14 in exchange for the buildout of a responder-exclusive network, a key recommendation of the 9/11 Commission, which found that first responders couldn’t communicate with each other on the day of those deadly terrorist attacks. Now, Porter of AT&T says that the company’s buildout is “90% complete” and is approaching 3 million square miles of coverage.

Why so much attention on first responders? The telcos are investing here because in many ways, the first responders are on the frontiers of technology. They need edge computing, AI/ML rapid decision-making, the bandwidth and latency of 5G (which we will get to in a bit), high reliability, and in general, are fairly profitable customers to boot. In other words, what first responders need today are what consumers in general are going to want tomorrow.

Cory Davis, director of public safety strategy and crisis response at Verizon, explained that “more than ever, first responders are relying on technology to go out there and save lives.” His counterpart, Nick Nilan, who leads product management for the public sector, said that “when we became Verizon, it was really about voice [and] what’s changed over the last five [years] is the importance of data.” He brings attention to tools for situational awareness, mapping, and more that are a becoming standard in the field. Everything first responders do “comes back to the network — do you have the coverage where you need it, do you have the network access when something happens?”

The challenge for the telcos is that we all want access to that network when catastrophe strikes, which is precisely when network resources are most scarce. The first responder trying to communicate with their team on the ground or their operations center is inevitably competing with a citizen letting friends know they are safe — or perhaps just watching the latest episode of a TV show in their vehicle as they are fleeing the evacuation zone.

That competition is the argument for a completely segmented network like FirstNet, which has its own dedicated spectrum with devices that can only be used by first responders. “With remote learning, remote work and general congestion,” Porter said, telcos and other bandwidth providers were overwhelmed with consumer demand. “Thankfully we saw through FirstNet … clearing that 20 MHz of spectrum for first responders” helped keep the lines clear for high-priority communications.

FirstNet’s big emphasis is on its dedicated spectrum, but that’s just one component of a larger strategy to give first responders always-on and ready access to wireless services. AT&T and Verizon have made prioritization and preemption key operational components of their networks in recent years. Prioritization gives public safety users better access to the network, while preemption can include actively kicking off lower-priority consumers from the network to ensure first responders have immediate access.

Nilan of Verizon said, “The network is built for everybody … but once we start thinking about who absolutely needs access to the network at a period of time, we prioritize our first responders.” Verizon has prioritization, preemption, and now virtual segmentation — “we separate their traffic from consumer traffic” so that first responders don’t have to compete if bandwidth is limited in the middle of a disaster. He noted that all three approaches have been enabled since 2018, and Verizon’s suite of bandwidth and software for first responders comes under the newly christened Verizon Frontline brand that launched in March.

With increased bandwidth reliability, first responders are increasingly connected in ways that even a decade ago would have been unfathomable. Tablets, sensors, connected devices and tools — equipment that would have been manual are now increasingly digital.

That opens up a wealth of possibilities now that the infrastructure is established. My interview subjects suggested applications as diverse as the decentralized coordination of response team movements through GPS and 5G; real-time updated maps that offer up-to-date risk analysis of how a disaster might progress; pathfinding for evacuees that’s updated as routes fluctuate; AI damage assessments even before the recovery process begins; and much, much more. In fact, when it comes to the ferment of the imagination, many of those possibilities will finally be realized in the coming years — when they have only ever been marketing-speak and technical promises in the past.

Five, Gee

We’ve been hearing about 5G for years now, and even 6G every once in a while just to cause reporters heart attacks, but what does 5G even mean in the context of disaster response? After years of speculation, we are finally starting to get answers.

Naillon of T-Mobile noted that the biggest benefit of 5G is that it “allows us to have greater coverage” particularly given the low-band spectrum that the standard partially uses. That said, “As far as applications — we are not really there at that point from an emergency response perspective,” he said.

Meanwhile, Porter of AT&T said that “the beauty of 5G that we have seen there is less about the speed and more about the latency.” Consumers have often seen marketing around voluminous bandwidths, but in the first-responder world, latency and edge computing tends to be the most desirable features. For instance, devices can relay video to each other on the frontlines, without necessarily needing a backhaul to the main wireless network. On-board processing of image data could allow for rapid decision-making in environments where seconds can be vital to the success of a mission.

That flexibility is allowing for many new applications in disaster response, and “we are seeing some amazing use cases coming out of our 5G deployments [and] we have launched some of our pilots with the [Department of Defense],” Porter said. He offered an example of “robotic dogs to go and do bomb dismantling or inspecting and recovery.”

Verizon has made innovating on new applications a strategic goal, launching a 5G First Responders Lab dedicated to guiding a new generation of startups to build at this crossroads. Nilan of Verizon said that the incubator has had more than 20 companies across four different cohorts, working on everything from virtual reality training environments to AR applications that allow firefighters to “see through walls.” His colleague Davis said that “artificial intelligence is going to continue to get better and better and better.”

Blueforce is a company that went through the first cohort of the Lab. The company uses 5G to connect sensors and devices together to allow first responders to make the best decisions they can with the most up-to-date data. Michael Helfrich, founder and CEO, said that “because of these new networks … commanders are able to leave the vehicle and go into the field and get the same fidelity” of information that they normally would have to be in a command center to receive. He noted that in addition to classic user interfaces, the company is exploring other ways of presenting information to responders. “They don’t have to look at a screen anymore, and [we’re] exploring different cognitive models like audio, vibration and heads-up displays.”

5G will offer many new ways to improve emergency responses, but that doesn’t mean that our current 4G networks will just disappear. Davis said that many sensors in the field don’t need the kind of latency or bandwidth that 5G offers. “LTE is going to be around for many, many more years,” he said, pointing to the hardware and applications taking advantage of LTE-M standards for Internet of Things (IoT) devices as a key development for the future here.

Michael Martin of emergency response data platform RapidSOS said that “it does feel like there is renewed energy to solve real problems,” in the disaster response market, which he dubbed the “Elon Musk effect.” And that effect definitely does exist when it comes to connectivity, where SpaceX’s satellite bandwidth project Starlink comes into play.

The Future of Technology and Disaster Response

Satellite uplinks have historically had horrific latency and bandwidth constraints, making them difficult to use in disaster contexts. Furthermore, depending on the particular type of disaster, satellite uplinks can be astonishingly challenging to setup given the ground environment. Starlink promises to shatter all of those barriers — easier connections, fat pipes, low latencies and a global footprint that would be the envy of any first responder globally. Its network is still under active development, so it is difficult to foresee today precisely what its impact will be on the disaster response market, but it’s an offering to watch closely in the years ahead, because it has the potential to completely upend the way we respond to disasters this century if its promises pan out.

Yet, even if we discount Starlink, the change coming this decade in emergency response represents a complete revolution. The depth and resilience of connectivity is changing the equation for first responders from complete reliance on antiquated tools to an embrace of the future of digital computing. The machine is no longer stoppable.

The Good, the Bad and the Ugly in Cybersecurity – Week 19

The Good

It should be safe to say, at this point, that we are all aware of the child trafficking and child abuse issues that have arisen around (and adjacent to) the internet. Oftentimes, the Dark Web gets blamed for containing the most vile of material. This past week a huge victory was scored in the fight against the distribution of such material with the arrest of four individuals allegedly behind a huge child abuse sharing platform serving 400,000 members on the darknet.

In a statement, Germany’s federal police referred to the child pornography network as “Boystown” due to the fact that the platform primarily traded in pictures and recordings of abused boys. The arrests actually took place in April (with one of the four being apprehended in Paraguay); however, news of the operation was only released this week. The arrested individuals allegedly pro-actively engaged with their member community and even provided assistance on how to avoid detection by law enforcement so as to exchange their illicit materials “safely”.

The Boystown platform had been in operation for almost two years, first appearing in June 2019. However, following the operation and arrests, the site (and many associated sites and resources) have been seized and taken down. We applaud the efforts that went into this effort greatly. If you would like to review the BKA statement (Germany’s federal police) there is a copy posted on the BKA site.

The Bad

Bad news this week for ordinary citizens of Belgium as a massive DDoS (Distributed-Denial-of-Service) attack was reported to have disrupted websites belonging to the Belgium government. The large-scale attack was focused on Belnet (Belgian National Research and Education Network), which hosts many government, education, religious and civil online resources. Early on the 4th of May, users attempting to connect to associated websites were experiencing various hangs and availability issues.

Belnet quickly released a statement (translated):

“Due to a DDoS-attack some Belnet customers are experiencing connectivity problems. Our teams are working hard to mitigate the attacks and to restore connectivity. Belnet customers can contact our Service Desk at 02 790 33 00. We apologize for the inconvenience.”

The attackers used a variety of tactics in successive waves to ensure the network remained unavailable throughout Tuesday to the two hundred or more institutions and organizations that rely on it. Fortunately, by the evening, Belnet was able to announce that multiple countermeasures had been put in place, and it appears as though the attack had waned by early Wednesday. At this time, it is not clear what provoked the attack or who was behind it.

DDoS attacks are not at all uncommon these days. However, with attacks like this one we have to remind ourselves about the current situation (COVID). All COVID-19-centric, and other public health resources, were taken offline as part of this attack. When citizens are no longer able to access potentially life-saving information, these attacks become much more serious.

The Ugly

This has been a truly ugly week with regards to new ransomware, new leaks, and new attack campaigns. To start, this week the Astro Team ransomware group updated their victim blog with news of a new partnership. Astro Team appears to have forged a new partnership with “Xing Locker” to produce, perpetuate, and share even more swaths of sensitive data.

It has yet to be determined just how deep this partnership runs, but by all appearances it is similar to Astro Team + Mount Locker with respect to cross-posting dumps and potentially sharing access.

We also saw two formidable RaaS (Ransomware-as-a-Service) offerings go up for sale. Both “Toxin” and “Galaxy” services offer the usual raft of features and services, including upcoming leak/victim-shaming blogs. Each service offers the enterprising criminals competitive buy-in pricing or profit sharing. The initial advertisements for Galaxy offer interesting insight via their FAQ. For example, they have a specialized build for non-business targets, and the cut of profits with Galaxy is also negotiable.

Sadly, many of these services launch on a daily basis. Some pan out and become formidable threats (e.g., Avaddon) while others fizzle out if they don’t gain the attraction of enough criminals.

This week also saw news break concerning CVE-2021-21551, a slew of flaws in Dell firmware which affects millions of devices. The flaws, tracked under one CVE, are specific to Dell’s firmware update driver and can be utilized to escalate privileges and ultimately achieve kernel-mode permissions.

Click to play

While at this time we are not aware of any in-the-wild abuse, all Dell device owners are urged to review Dell’s security update and take the appropriate action.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

5 investors discuss the future of RPA after UiPath’s IPO

Robotic process automation (RPA) has certainly been getting a lot of attention in the last year, with startups, acquisitions and IPOs all coming together in a flurry of market activity. It all seemed to culminate with UiPath’s IPO last month. The company that appeared to come out of nowhere in 2017 eventually had a final private valuation of $35 billion. It then had the audacity to match that at its IPO. A few weeks later, it still has a market cap of over $38 billion in spite of the stock price fluctuating at points.

Was this some kind of peak for the technology or a flash in the pan? Probably not. While it all seemed to come together in the last year with a big increase in attention to automation in general during the pandemic, it’s a market category that has been around for some time.

RPA allows companies to automate a group of highly mundane tasks and have a machine do the work instead of a human. Think of finding an invoice amount in an email, placing the figure in a spreadsheet and sending a Slack message to Accounts Payable. You could have humans do that, or you could do it more quickly and efficiently with a machine. We’re talking mind-numbing work that is well suited to automation.

In 2019, Gartner found RPA was the fastest-growing category in enterprise software. In spite of that, the market is still surprisingly small, with IDC estimates finding it will reach just $2 billion in 2021. That’s pretty tiny for the enterprise, but it shows that there’s plenty of room for this space to grow.

We spoke to five investors to find out more about RPA, and the general consensus was that we are just getting started. While we will continue to see the players at the top of the market — like UiPath, Automation Anywhere and Blue Prism — jockeying for position with the big enterprise vendors and startups, the size and scope of the market has a lot of potential and is likely to keep growing for some time to come.

To learn about all of this, we queried the following investors:

  • Mallun Yen, founder and partner, Operator Collective
  • Jai Das, partner and president, Sapphire Ventures
  • Soma Somasegar, managing director, Madrona Venture Group
  • Laela Sturdy, general partner, CapitalG
  • Ed Sim, founder and managing partner, Boldstart Ventures

We have seen a range of RPA startups emerge in recent years, with companies like UiPath, Blue Prism and Automation Anywhere leading the way. As the space matures, where do the biggest opportunities remain?

Mallun Yen: One of the fastest-growing categories of software, RPA has been growing at over 60% in recent years, versus 13% for enterprise software generally. But we’ve barely scratched the surface. The COVID-19 pandemic forced companies to shift how they run their business, how they hire and allocate staff.

Given that the workforce will remain at least partially permanently remote, companies recognize that this shift is also permanent, and so they need to make fundamental changes to how they run their businesses. It’s simply suboptimal to hire, train and deploy remote employees to run routine processes, which are prone to, among other things, human error and boredom.

Jai Das: All the companies that you have listed are focused on automating simple repetitive tasks that are performed by humans. These are mostly data entry and data validation jobs. Most of these tasks will be automated in the next couple of years. The new opportunity lies in automating business processes that involve multiple humans and machines within complicated workflow using AI/ML.

Sometimes this is also called process mining. There have been BPM companies in the past that have tried to automate these business processes, but they required a lot of services to implement and maintain these automated processes. AI/ML is providing a way for software to replace all these services.

Soma Somasegar: For all the progress that we have seen in RPA, I think it is still early days. The global demand for RPA market size in terms of revenue was more than $2 billion this past year and is expected to cross $20 billion in the coming decade, growing at a CAGR of more than 30% over the next seven to eight years, according to analysts such as Gartner.

That’s an astounding growth rate in the coming years and is a reflection of how early we are in the RPA journey and how much more is ahead of us. A recent study by Deloitte indicates that up to 50% of the tasks in businesses performed by employees are considered mundane, administrative and labor-intensive. That is just a recipe for a ton of process automation.

There are a lot of opportunities that I see here, including process discovery and mining; process analytics; application of AI to drive effective, more complex workflow automation; and using low code/no code as a way to enable a broader set of people to be able to automate tasks, processes and workflows, to name a few.

Laela Sturdy: We’re a long way from needing to think about the space maturing. In fact, RPA adoption is still in its early infancy when you consider its immense potential. Most companies are only now just beginning to explore the numerous use cases that exist across industries. The more enterprises dip their toes into RPA, the more use cases they envision.

I expect to see market leaders like UiPath continue to innovate rapidly while expanding the breadth and depth of their end-to-end automation platforms. As the technology continues to evolve, we should expect RPA to penetrate even more deeply into the enterprise and to automate increasingly more — and more critical — business processes.

Ed Sim: Most large-scale automation projects require a significant amount of professional services to deliver on the promises, and two areas where I still see opportunity include startups that can bring more intelligence and faster time to value. Examples include process discovery, which can help companies quickly and accurately understand how their business processes work and prioritize what to automate versus just rearchitecting an existing workflow.

Investment Scammer John Davies Reinvents Himself?

John Bernard, a pseudonym used by a convicted thief and con artist named John Clifton Davies who’s fleeced dozens of technology startups out of an estimated $30 million, appears to have reinvented himself again after being exposed in a recent investigative series published here. Sources tell KrebsOnSecurity that Davies/Bernard is now posing as John Cavendish and head of a new “private office” called Hempton Business Management LLP.

John Davies is a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared of murdering his wife on their honeymoon in India.

Davies’ fraud convictions stemmed from a series of U.K. companies he set up supposedly to help troubled companies reorganize their debt and turn things around. Davies ended up looting what little money his clients had left and spending it on lavish cars, home furnishings, vacations and luxury watches.

In a three-part series published last year, KrebsOnSecurity exposed how Davies — wanted by authorities in the U.K. — had fled the country, taken on the surname Bernard, remarried, and moved to his new (and fourth) wife’s hometown in Ukraine.

The scam artist John Bernard (left) in a recent Zoom call, and a photo of John Clifton Davies from 2015.

After eluding justice in the U.K., Davies reinvented himself as The Private Office of John Bernard, pretending to be a billionaire Swiss investor who made his fortunes in the dot-com boom 20 years ago and who was seeking private equity investment opportunities.

In case after case, Bernard would promise to invest millions in hi-tech startups, only to insist that companies pay tens of thousands of dollars worth of due diligence fees up front. However, the due diligence company he insisted on using — another Swiss firm called Inside Knowledge — also was secretly owned by Bernard, who would invariably pull out of the deal after receiving the due diligence money.

Bernard found a constant stream of new marks by offering extraordinarily generous finders fees to investment brokers who could introduce him to companies seeking an infusion of cash. Inside Knowledge and The Private Office both closed up shop not long after their exploits were detailed here late last year.

But it appears Davies has just assumed a new name. KrebsOnSecurity recently heard from an investment broker who previously represented multiple clients that got fleeced by Mr. Bernard/Davies over the years. That broker said he was blown away to hear Davies’ unique British accent on a recent call with a client that had been in investment talks with a Northern Ireland firm called Hempton Business Management.

This time, the source said, Davies was introduced by handlers on the call as John Cavendish.

“I just sat in on a call and John’s voice is unmistakable,” said the broker, who asked to remain anonymous. “He stumbled on the beginning of the call trying to remember which last name he was supposed to use. Immediately they go back to the standard script about the types of deals they are looking for. They want to be minority investors in private transactions and they are industry agnostic.  Their deal sizes are investments in the $5-20 million range, they prefer to not use big 4 firms for due diligence, and they have some smaller firms they use which are better suited for smaller investment deals.”

The source forwarded me some correspondence from Hempton Business Management, and I noticed it was sent from a Mariya Kulykova. This is interesting because Mr. Bernard’s personal assistant in Ukraine was a Mariya Kulikova (Ms. Kulikova deleted Bernard’s former companies from her LinkedIn profile shortly after last year’s series).

The company’s website says Hempton has been around since 2017, but the domain name was only registered in late November 2020. There is no information about who runs or owns the company on its site.

Hemptonllp[.]com was registered via Gandi, the same French registrar John Bernard/Davies has used over the years with his dozens of phantom companies.

Hempton Business Management’s only presence on LinkedIn appears to be a help wanted ad from a few weeks ago, for a marketing position at an office in Kyiv, Ukraine.

In response to an emailed request for comment on the apparent connections, Mr. Cavendish forwarded the message to a James Donohoe, who replied that he was the owner of Hempton. Donohoe said the domain was new because the company recently re-branded, although he declined to discuss the matter further.

“This sounds like an accusation of a big fraud?,” Donohoe wrote. “I have never had any dealings with a John Clifton Davies or John Bernard. You really are a cheeky little bugger aren’t you!”

Mr. Donohoe did not respond to further requests for comment.

Hempton appears to be part of a network of corporate facades designed to lead any investigators into a labyrinth of entities that exist only on paper. Hempton is what’s known as a “shelf corporation,” an aged or seasoned company that was formed but never used as a business. Shelf corporations are registered solely for the purposes of being resold to others at a later date. Simply put, their resale allows new enterprises to appear older, more established, and trusted.

“Perhaps the leading reason for acquiring an aged entity in general is credibility,” explains TBA & Associates, a company co-registered in the UK and New Zealand that has created hundreds of shelf companies for sale (PDF), including Hempton Business Management LLP in 2017.

“Business relationships are frequently influenced by the length of time a company has been in existence,” TBA continues. “This is often true when establishing financial and client/vendor relationships.”

Some of the shelf companies created and sold by TBA & Associates.

Documents from the UK business record index Companies House show two entities as officers in Hempton: ABA Group & Associates LTD, and Harper & Partners Ltd. Both of these are shelf companies in Hong Kong that are listed for sale in the same TBA PDF advertisement linked for Hempton.

Searching Companies House for information on ABA Group and Harper & Partners leads to a dizzying number of other shelf companies in Hong Kong, Belize and the U.K. — all of which also were recently listed for sale by TBA.

The only person’s name attached to each of these companies is a Joaquim Magro de Almeida, a rather mysterious 72 year-old Portuguese business consultant. OpenCorporates says this same guy is an officer in 313 active companies. The U.K.’s Companies House lists Mr. Almeida as one of three officers in Euro Forex Investments Ltd., which Reuters says was a sprawling pyramid scheme that stole $1 billion from at least 3,700 victims in China, the United States and elsewhere.

This 2017 story from New Zealand financial news site interest.co.nz follows a trail of various other investment scams leading back to TBA shell companies, and to Mr. Almeida, too.

In my first report on John Davies, I noted that before becoming John Bernard he previously used the pseudonym “Jonathan Bibi” with an address in the offshore company haven of Seychelles. That identity was tied to a number of fraudulent cryptocurrency and binary options investment schemes.

Fraudsters are drawn to complexity, and they typically incorporate their shell or shelf companies in countries with little to no oversight or background checks tied to the creation and maintenance of corporate entities. As we’ve seen here, the U.K. is a favorite of fraudsters and money launderers worldwide. In a scathing 2017 report titled Hiding in Plain Sight (PDF), Transparency International found some 766 UK corporate vehicles were alleged to have been used in 52 large-scale corruption and money laundering cases approaching £80 billion.

Shift Technology raises $220M at a $1B+ valuation to fight insurance fraud with AI

While incumbent insurance providers continue to get disrupted by startups like Lemonade, Alan, Clearcover, Pie and many others applying tech to rethink how to build a business around helping people and companies mitigate against risks with some financial security, one issue that has not disappeared is fraud. Today, a startup out of France is announcing some funding for AI technology that it has built for all insurance providers, old and new, to help them detect and prevent it.

Shift Technology, which provides a set of AI-based SaaS tools to insurance companies to scan and automatically flag fraud scenarios across a range of use cases — they include claims fraud, claims automation, underwriting, subrogation detection and financial crime detection — has raised $220 million, money that it will be using both to expand in the property and casualty insurance market, the area where it is already strong, as well as to expand into health, and to double down on growing its business in the U.S. It also provides fraud detection for the travel insurance sector.

This Series D is being led by Advent International, via Advent Tech, with participation from Avenir and others. Accel, Bessemer Venture Partners, General Catalyst and Iris Capital — who were all part of Shift’s Series C led by Bessemer in 2019 — also participated. With this round, Paris-and-Boston-based Shift Technology has now raised some $320 million and has confirmed that it is now valued at over $1 billion.

The company currently has around 100 customers across 25 different countries — with the list including Generali France and Mitsui Sumitomo, to give you an idea of where it’s pitching its business — and says that it has already analyzed nearly two billion claims, data that’s feeding its machine learning algorithms to improve how they work.

The challenge (or I suppose, opportunity) that Shift is tackling, however, is much bigger. The Coalition Against Insurance Fraud, a nonprofit in the U.S., estimates that at least $80 billion of fraudulent claims are made annually in the U.S. alone, but the figure is likely significantly higher. One problem has, ironically, been the move to more virtualized processes, which open the door to malicious actors exploiting loopholes in claims filing and fudging information. Another is the fact that insurance has grown as a market, but so too has the amount of people who are in financial straights, leading to more desperate and illegal acts to gain an edge.

Shift is also not alone in tackling this issue: the market for insurance fraud detection technology globally was estimated to be worth $2.5 billion in 2019 and projected to be worth as much as $8 billion by 2024.

In addition to others in claims management tech such as Brightcore and Guidewire, many of the wave of insurtech startups are building in their own in-house AI-based fraud protection, and it’s very likely that we’ll see a rise of other fraud protection services, built out of adjacent areas like fintech to guard against financial crime, making their way to insurance. As many a fintech entrepreneur has said to me in the past, the mechanics of how the two verticals work and the compliance issues both face are very closely aligned.

“The entire Shift team has worked tirelessly to build this company and provide insurers with the technology solutions they need to empower employees to best be there for their policyholders. We are thrilled to partner with Advent International, given their considerable sector expertise and global reach and are taking another giant step forward with this latest investment,” stated Jeremy Jawish, CEO and co-founder, Shift Technology, in a statement. “We have only just scratched the surface of what is possible when AI-based decision automation and optimization is applied to the critical processes that drive the insurance policy lifecycle.”

For its backers, one key point with Shift is that it’s helping older providers bring on more tools and services that can help them improve their margins as well as better compete against the technology built by newer players.

“Since its founding in 2014, Shift has made a name for itself in the complex world of insurance,” said Thomas Weisman, an Advent director, in a statement. “Shift’s advanced suite of SaaS products is helping insurers to reshape manual and often time-consuming claims processes in a safer and more automated way. We are proud to be part of this exciting company’s next wave of growth.”