INTEL
Status: blockedCLUSTERNovorossiysk-Turkish-Med Dark Fleet Cluster added — confirmedStatus: blockedCLUSTERPinnacle Petrol LLC added — likelyStatus: blockedCLUSTERSimar Chahal added — confirmedStatus: blockedCLUSTERSSW Kafcima added — likelyStatus: blockedCLUSTERNW Corp Singapore added — likelyStatus: pendingCORPUS429 entities · 64 countries

Quarterly intelligence

OilFlow Q3 2026 Commodity Compliance Index

The quarterly typology report on verified fraud patterns in physical commodity trade. First-party investigated, evidence-standardized, regulator-submission ready. Free for compliance, MLRO, and underwriting teams.

Always live · Updated continuously

The data behind the quarterly index

The quarterly PDF below is a snapshot. The live data — the cluster directory, the contribution surface, the corpus metrics, the per-cluster teardowns — is published continuously.

Cluster directory

429 active cluster entities

2 confirmed · 6 likely shell · 421 suspected pattern · 64 countries.

Flagship teardown

Simar Chahal cluster

The Chevron-CEO impersonation chain. Full evidence chain + fictional-entity catalog.

Live corpus metrics

Transparent depth report

Live counts across decision corpus, cluster intelligence, verified network, and defense ledger.

Customer contribution

Report a pitch you received

Public anon-rate-limited form. Submitter never named in the public record.

Live digest

The hourly compliance signal stream

Sanctions deltas, adverse-media findings, cluster additions, regulator guidance, and non-dilutive funding signals, surfaced by our monitoring agents (blocklist_monitor, adverse_media_monitor, news_signal) and public regulator feeds (FCA, MAS, OFAC, grants.gov).

Sanctions deltasSeven-list delta log →
Adverse media11-language findings, 7-day public delay →
Cluster additionsPublic cluster directory →
Subscribe/digest/rss

Email-gated download

Get the Q3 2026 Commodity Compliance Index

~30-page PDF: verified fraud cluster teardowns, sanctions-evasion typology analysis, jurisdictional risk shifts, and a regulator-submission ready evidence appendix.

Past editions

Quarterly cadence, semantic versioning, public errata

Every edition is archived. Methodology updates are versioned. Material corrections land in /intelligence/errata within 5 business days of report.

Q3 2026 — Inaugural Edition

In reviewSeptember 2026

Clusters

6

Jurisdictions

14

Typologies

6

Typology coverage

  • Mandate-chain layer cake (LOI / ICPO / DLC MT700)
  • CEO impersonation (Simar Chahal / Chevron pattern)
  • Russian-oil price-cap circumvention (KZ / AZ relabel)
  • Russia-Türkiye dark-fleet routing (Novorossiysk → Med)
  • Fake credentials (forged OGRA / EPRA / EWURA licences)
  • Non-refundable performance-bond extraction

In this edition

  • Teardown: Simar Chahal Chevron-CEO impersonation cluster — full evidence chain, LinkedIn ID overlaps, broker chain map.
  • Ahmad Pinnacle Petrol — EN590 ULSD mandate-chain layer cake with 7-layer broker stack.
  • Russia-Türkiye dark-fleet pattern — Novorossiysk → Turkish-Med discharge, auto-tagged origin disguise.
  • Regulator-submission ready evidence appendix (FATF Rec 10 + OFAC SDN candidate format).

Q4 2026

UpcomingDecember 2026

Clusters

TBD

Jurisdictions

TBD

Typologies

3

Typology coverage

  • Mid-East LC-fronted commodity-trade fraud
  • Singapore bunker MT-700 abuse pattern
  • EM trade-finance smurfing

In this edition

  • Quarter-over-quarter cluster growth report.
  • Sanctions-list delta analysis: which lists changed, what it means for commodity counterparty screening.
  • New jurisdictions added to the regulatory matrix.

Q1 2027

UpcomingMarch 2027

Clusters

TBD

Jurisdictions

TBD

Typologies

1

Typology coverage

  • TBD

In this edition

  • Annual fraud-pattern retrospective for 2026.
  • Contributor co-authored typology submissions.

Methodology

How OilFlow investigates clusters, scores severity, and redacts

Compliance teams cite the index in their internal procedures only when they understand how it was built. Five pillars below — verbatim from our internal investigations playbook.

First-party investigation

Every cluster in the index is investigated end-to-end by OilFlow's internal team. We start from an inbound interaction (broker DM, mandate chain, intake form) and walk back the LinkedIn profile, registered company, broker chain, email pattern, and payment-instruction history. We do not include 'name and shame' rumors from compliance Slack channels.

Evidence standards

A cluster reaches 'confirmed' severity when we have at least three independent evidence vectors: (1) traceable false-identity claim, (2) a payment-instruction or mandate-chain artifact in our possession, and (3) cross-reference to a public or first-party investigated prior pattern. 'Likely' and 'suspected' tiers ship with documented evidence gaps.

Redaction protocol

Cluster entries are published under the verified entity's public-domain identity (LinkedIn handle, registered company name). Counterparty victim names (banks, trading houses, insurers) are redacted unless the victim has explicitly authorized publication. Evidence appendices use hashed identifiers for any non-public PII.

Submission to regulators

Each quarterly index doubles as the source material for OilFlow's regulator submissions: OFAC SDN candidate intake, OFSI Threat Group submissions, FCA SYSC 18 working examples, MAS Notice 626 typologies, FATF Recommendation 10 working group papers. We disclose which clusters have been submitted and to which body.

Versioning + correction policy

Indexes are versioned semantically (v1.0 → v1.0.1 for typo-grade fixes, v1.1 for material evidence updates). Corrections are listed in a public errata at /intelligence/errata. If you spot a factual error, email intel@oilflow.us — we fix and re-issue within five business days.

Contribute

Banks, insurers, inspectors: submit anonymized fraud cases for inclusion.

The cluster corpus grows fastest when the people who see fraud first contribute it back. We accept anonymized case submissions from compliance teams at banks and insurers, forensic teams at Big 4 and inspection majors, and regulators with cleared-for-public typology material. Contributors get read-access to the full cluster API at no cost — the OilFlow contribution channel is structured exactly the way ISACs ship threat intel for cyber.

  • Submit via secure intake → OilFlow signs an MNDA on receipt
  • We anonymize victim parties + redact PII before publication
  • You retain attribution control — public credit, anonymous, or initials-only
  • Contributors get free cluster-feed read access for the duration of contribution

Contributor tiers

  • Tier 1 — Single-case submitter

    Anonymized incident report. We do the investigation lift. Public credit optional. 90 days cluster-feed access.

  • Tier 2 — Quarterly contributor

    Recurring submissions (≥1/quarter). Co-author byline on relevant index sections. Year-long cluster-feed access.

  • Tier 3 — Sector lead

    Named contributor relationship (e.g. Atradius for trade credit, SGS for inspection). Editorial review on relevant sections. Cluster-feed access for term.