On July 13, 2016 ARIN implemented 2015-5 https://www.arin.net/policy/proposals/2015_5.html
Which codifies that IP addresses can be used outside the ARIN service region, "provided that the applicant has a real and substantial connection with the ARIN region" This phrase was selected to ensure that ARIN service region governments could take legal action against (particularly Internet fraud prevention,) the applicant in a meaningful way. Prior to that ARIN issued IPs could be used out of region so long as it was part of a contiguous network that was in part in the ARIN service region, or supported at least some customers in the ARIN service region. Prior to that ARIN resources could be used anywhere. Also, ARIN collects the business EIN (tax ID) when issuing resources to a new organization (which I believe they do check). Any merger and acquisition activity reflected in the whois records are also thoroughly reviewed based on public incorporation filings. I know neither of these directly answer your question. __Jason On Thu, Jul 12, 2018 at 3:43 PM Ronald F. Guilmette <r...@tristatelogic.com> wrote: > > In message <e8f719e6-0edc-42fc-a1d1-34faa57ba...@pch.net>, > Bill Woodcock <wo...@pch.net> wrote: > > >To my observation, ARIN does more than most organizations, but less than > >organizations that are actually mandated to perform KYC checks by > >regulatory agencies. ARIN does not, for instance, visit the premises of > >its customers to meet and positively identify their executives, which is > >a process I have to go through with respect to some banks, for instance. > > Thanks for the response, but to be clear, what I was asking about > was not on-site visits, but documentation, e.g. copies of government > issued identification documents for beneficial owners, as was mentioned > in the video. > > I definitely don't think that on-site visits are something that ARIN > should be doing... too expensive and too time-consuming. And there's > no requirement or reccomendation that incorporation agents do KYC to > that level either. (That would be total overkill in either case.) > > I'm really just (still) seeking an answer to the question I posed: > > >> Is it trivially > >> possible for persons or entities within, say, Russia, China, Iran, or > >> North Korea to obtain a U.S. shell company and then proceed to leverage > >> that in order to obtain number resources from ARIN? > > > >I suppose that depends on your opinion of what constitutes triviality. > >There are two steps there: establish a US corporation (which is very > >easy, compared with other countries) and apply for ARIN resources (and > >you already know how difficult, or easy, that is). > > So, just to put this in more concrete terms, nobody here on this list > would be particularly shocked or surprised to learn that, in 2014, at > the very height of the former Iran sanctions regime, a Delaware LLC, > formed by an Iranian national, might have approached ARIN, requesting > some IPv4 space, which ARIN then duitfully supplied in the the form > of a /19 a /20, and a /24, correct? > > And if the answer to that question is "Yes, that would not be particularly > surprising", then this would cause me to wonder further how, or if, the > ARIN legal department is able to insure ARIN's conformance to the > strictures of various international sanction regimes, both past and > present, > in the absense of any effort to require documentation of the identities > of beneficial owners of entities to which ARIN allocates number resources. > > I understand that some on this list, and elsewhere, may view these > questions > as being rather silly and/or academic, but I personally would disagree > with that view, based in no small part on the now generally accepted > view that various bad actors outside the United States invested > considerable > time and effort to covertly influence the 2016 U.S. election. > _______________________________________________ > ARIN-PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML@arin.net). > Unsubscribe or manage your mailing list subscription at: > https://lists.arin.net/mailman/listinfo/arin-ppml > Please contact i...@arin.net if you experience any issues. > -- _______________________________________________________ Jason Schiller|NetOps|jschil...@google.com|571-266-0006
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML@arin.net). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact i...@arin.net if you experience any issues.
