The Council of Europe’s Economic Crime and Cooperation Division continues to assist Bulgarian authorities in increasing their capacity to employ modern tools in operational and strategic analysis for anti-money laundering and countering the financing of terrorism (AML/CFT).
Building on an initial training session on open-source intelligence (OSINT) delivered in December 2023 to the staff of the Financial Intelligence Unit (FIU), an advanced training programme on how to use OSINT more effectively for AML/CFT operational and strategic analysis was conducted in Sofia on 8-9 October 2025. This two-day training, organised at the beneficiaries’ request, expanded its target group beyond the FIU to include also members of law enforcement and prosecution services.
The event brought together 25 practitioners from different national authorities, engaging financial intelligence analysts, investigators and prosecutors in a diverse and dynamic setting that promoted constructive exchanges, mutual learning and national inter-agency cooperation.
The training’s targeted contents and hands-on format helped consolidate participants’ prior knowledge and deepen their practical skills, while also bringing in new perspectives for reflection and proper integration of OSINT in the respective institutions’ processes.
The first day focused on operational OSINT skills, showcasing the use of OSINT tools for red flags identification, threat detection and risk mapping at national and regional level. It also reviewed the main legal and operational foundations for the use of OSINT by AML/CFT authorities, drawing attention to the key conditions and safeguards to be applied in practice. Interactive scenario-based exercises encouraged participants to identify indicators, develop operational objectives and formulate actionable recommendations for different simulated situations and analytical requests.
The second day advanced into strategic analysis, demonstrating how OSINT can be leveraged to assess higher-level threats and risks arising from global and regional geopolitical drivers. Specific OSINT analysis techniques such as thematic coding were explored in detail and applied in practical exercises. OSINT analytical frameworks for selected typologies such as cryptocurrency-related money laundering were also discussed. A final integrated simulation exercise combined operational and strategic analysis, with different groups assigned distinct analytical tasks to mirror real-world AML/CFT scenarios and demonstrate how tactical, operational, and strategic levels interact in practice.
The hands-on approach applied throughout the training sessions effectively helped participants shift their mindset from tactical case-level analysis to operational-level insights, and ultimately to strategic-level analysis. The initiative thus contributed to strengthening Bulgaria’s institutional capacity to use OSINT more effectively across all levels of AML/CFT operations, while fostering enhanced cooperation among financial intelligence, law enforcement, and prosecutorial authorities.
This event was organised within the framework of the Technical Support Instrument (TSI) project on “Enhancing the capabilities for risk-based AML supervision and financial intelligence in Bulgaria”, funded by the European Union and the Council of Europe, and implemented by the Council of Europe.