Risk Report

An open source database used for strategic trade control that profiles thousands of entities linked to proliferation worldwide.

The Risk Report is a copyrighted subscription database created, owned, and maintained by the Wisconsin Project on Nuclear Arms Control. The Risk Report is the Project’s principal vehicle for helping governments and companies manage strategic trade. The database was first published in 1995 and it is now used in some 40 countries around the world. Through their subscriptions, Risk Report users directly support the Project’s research and its mission.

The Risk Report logo uses a boomerang to symbolize the expression: “What goes around comes around.” This expression aptly represents the Wisconsin Project’s mission of helping responsible suppliers (both government and industry) prevent their sensitive technology from contributing to proliferation. By exercising care with what is exported (what goes around), exporters avoid supporting a WMD or missile program that could one day target them (what comes around).

History and Impact

During the 1990s, the United States and other supplier countries began applying “catch all” controls, requiring exporters to seek a license to sell an unlisted item if they know or are informed that a potential customer is connected to proliferation. However, governments did not supply exporters with a list of dangerous end-users. The Wisconsin Project sought to bridge this knowledge gap and began publishing a newsletter called the Risk Report.

The introductory issue of the Risk Report appeared in 1995. It contained several articles about India’s nuclear program and listed the entities helping to grow the country’s plutonium stockpile. It also described Iraq’s efforts to smuggle missile fuel and successful U.S. efforts to thwart the transfer. The aim of the newsletter was to raise awareness about how WMD programs around the world were being fueled with Western exports, some of which complied with export control laws, and to help exporters avoid such sales so as to “protect their reputations” and “know more about their customers.” Initial funding for the Risk Report was provided by several private foundations.

After several years as a paper newsletter, the Wisconsin Project decided to publish all entity profiles in electronic form, to accommodate the cumulative information about risky end users and to enable subscribers to search easily across this information. This Risk Report database was initially made available on CD and, in 2001, through a secure online interface. At this time, funding to support the Risk Report shifted from private foundations to a combination of government grants and direct “subscriptions.”

In its over 20 year history, database content has expanded to include not only profiles of entities linked to proliferation and analysis about programs of concern by the Wisconsin Project, but also descriptions of dual-use commodities, strategic trade control regulations, multilateral control lists, and government warning lists and blacklists. Data from the Risk Report is incorporated into a number of company screening systems and government risk management and targeting systems.

The Risk Report is the only comprehensive, curated database focused exclusively on proliferation that is used as a tool to manage strategic trade.

What’s in the Risk Report?

The Risk Report contains profiles of thousands of companies, government organizations, and individuals around the world linked to the proliferation of nuclear, chemical, and biological weapons, missiles, and advanced military technology. Some of these entities appear on official restricted party lists or are associated with designated entities; many do not appear on public lists but are directly contributing to proliferation or are supporting weapons of mass destruction programs.

Each entity profile is rigorously researched and carefully vetted by Wisconsin Project analysts using reliable open sources. Profiles include:

  • Identifiers – Primary names, aliases, addresses, telephone numbers, other identifying information
  • Sanctions – A summary of sanctions or trade restrictions imposed on the entity
  • Risk activity – A description of proliferation-related activities, including relevant facilities, products, and projects
  • Procurement efforts – Information about sensitive imports and exports, and efforts to acquire controlled items
  • Company information – A listing of related entities, including parents, subsidiaries, clients, and key personnel

The database also contains the full text of the U.S. and international restricted party lists, U.S. regulations governing trade in arms and dual-use goods, multilateral export control regimes, descriptions of the commodities controlled by these regimes, analysis of programs of concern by the Wisconsin Project, and additional reference material.

Learn more about Risk Report content on the Risk Report website.

Who Uses the Risk Report?

Risk Report training in Indonesia

In some 40 countries, government officials in licensing, customs, law enforcement, policy-making, and intelligence roles rely upon the Risk Report on a daily basis to help make decisions of strategic importance. Some of these countries receive access to the database through support from the U.S. State Department. The Wisconsin Project has worked with the State Department for over a decade to conduct training and provide Risk Report access to countries, in order to build their strategic trade control capacity.

Companies were the original audience for the Risk Report and continue to rely on the database to screen their supply chain, customers, and clients. Companies have come to realize the potential damage that can come from unwittingly doing business with a restricted party or an entity linked to a dangerous weapon program. The “bare minimum” version of due diligence is not enough to protect companies from such transactions, particularly when weighing costs of a bad decision: hefty fines and reputational damage.

Learn more about Risk Report users and subscriptions on the Risk Report website.

Risk Report Contributors

Wisconsin Project founder Gary Milhollin conceptualized and created the Risk Report. He served as its Executive Editor until retiring as the Project’s Executive Director in 2011. Since then, Valerie Lincy has served as Risk Report Executive Editor.

Research Associates Treston Chandler and Jonathan McLaughlin are assistant editors of the Risk Report. They vet database content produced by analysts and conduct research for the Risk Report in their respective areas of responsibility. Jonathan focuses on strategic programs in India and Pakistan, Russia’s military and missile sectors, and entities contributing to Syria’s chemical weapon and missile programs. He also monitors changes to U.S. and international export control regulations and updates this content in the Risk Report. Treston focuses on North Korea’s weapons of mass destruction programs, the entities helping North Korea evade international sanctions, and North Korean proliferation networks in Africa and Asia. He also conducts data modeling and visualization work using Risk Report data and manages IT-related tasks for the database.

Deputy Director Meghan Peri Crimmins is responsible for sanctions and export control-related content in the Risk Report. She also oversees outreach and publicity for the Risk Report.

Program Associate Rebecca Kamas is responsible for managing the Risk Report subscriber base and engaging potential users.

Valerie, Jonathan, Treston, Meghan, and Rebecca engage foreign government officials in how to use the Risk Report as part of export control capacity building on behalf of the U.S. State Department.

The Risk Report has benefited from the contribution of past Editors, including Matthew Godsey, Arthur Shulman, Jordan Ritchie, and Gerard White.