• What does mean to be data-driven & how does that differ from intelligence?

• Why dashboards and descriptive reports aren’t enough

• Integrating analytics, intelligence and operations into one coherent function.

• Lessons learned from restructuring, building platforms, and changing decision-making culture

• Providing insights into the structure and setup of intelligence teams

• Delving into how to get traction and embed with regulatory functions

• Sharing learnings and benchmarking activities as the function evolves

• How do you translate field-based observations into a systemic regulatory approach

• How to bring inspectors, case officers and compliance staff into the design of risk models

• How can regulators overcome a “captain’s pick” culture and gain trust in model outputs

• Keeping models fresh: building feedback loops, retraining, incorporating qualitative intel

• Building effective partnerships between the frontline and analytics teams

• How AI-enabled OSINT technologies can improve intelligence-led investigations in an anti-corruption environment

• The risks associated with the procurement and deployment of AI-enabled OSINT technologies in an anti-corruption environment

• Procurement and governance considerations for the use of AI-enabled OSINT technologies in an anti-corruption environment

• Understanding the role the Regulatory Intelligence Handbook plays in strengthening modern regulatory practice

• Delving into why regulatory intelligence matters, how it supports effective risk-based regulation, and what makes it distinct from other analytical functions

• Providing insight into the opportunities for better decision-making, collaboration, and system stewardship across the public sector

• Why are metrics important?

• Lessons for introducing metrics: Building a regulatory KPI from scratch and the behaviour you are trying to change vs the metric you are actually measuring

• What to do once you’ve established the metric and how to get the best outcomes

• What moves the dial: Identifying drivers of regulatory compliance

• Understanding the elasticity of behaviour of the regulated

• How do you decide where to invest your resources and what drives the metric

• Why VGCCC adopted a risk-based, intelligence-led regulatory model and the transition journey

• Learn how VGCCC restructured people, processes, and technology to transition to an intelligence-led, risk-based regulatory approach.

• Understand the steps taken to close data gaps, create feedback loops, and disseminate actionable intelligence across the organization.

• Shifting people, culture & capability: Lessons from transitioning an existing workforce to risk-responsive ways of working, including capability gaps, cultural resistance, and practical change management.

• Navigating the cultural challenges of shifting workforce mindset, upskilling staff, and measuring real regulatory impact, beyond compliance metrics

• What regulators get wrong about hiring?

• How to build capability, and why technical skills matter more than sector experience.

• What is the journey like when building it from scratch?

• Moving beyond operational metrics (inspections, complaints, fines) into outcome-based reporting

• Using data to demonstrate impact (e.g., harm reduction, avoided homelessness, improved consumer protection)

• How to build performance stories that resonate with ministers, media, and the public

• How do we tell our story better?

• How can we navigate enduring threats through preventative action and system level thinking

• What are some of the other indicators we can name and measure over time, where the scale of the problem and threat change as opposed to elimination

• Taking intelligence and data and turning it into targeted

• How can regulators leverage technology as a tool for improvement vs replacement

• Building a culture of innovation and using AI ethically

• People Process Technology: embedding change in the organisation

• How can we use data effectively to achieve better outcomes

• AI in Regulatory Practice: Real Implementation Case Studies

• Roadblocks to adoption and lessons learned

• Moving from tactical, investigation-support intelligence to proactive, ROI-driven compliance targeting

• How regulators decide who to target, where the biggest regulatory return lies

• Translating risk scores and models into frontline action

• Hear how the Aged Care Quality and Safety Commission have embedded the use of analytics and intelligence in regulatory decision-making

• Learn from the challenges and opportunities faced by the Commission as they implemented these changes, during a once-in-a-generation reform process

• An overview of the development of the Commission's Regulatory Strategy and operating model, including aligning the use of analytics and intelligence to decisions at the strategic, operational and tactical level

• Understand how analytics and intelligence tools and services have supported the shift from reactive to proactive regulation

• How the ATO leverages its large data repository to identify candidate populations, profile behaviours, and patterns indicative of illegal phoenixing and support frontline enforcement with tactical intelligence.

• Exploring the use of data, analytics, and visualisation to tell the story

• Governing data sharing across the Phoenix Taskforce: navigating legislative constraints, privacy, ethical considerations, and custodianship obligations when supporting state and federal partner agencies.

• How we continue to be future focused to combat illegal phoenix activity.

• Strategic intelligence in practice: Annual environmental scanning to identify sector-wide regulatory risk priorities and inform agency strategy

• Tactical and operational intelligence integration: Tip-off reports and translating intelligence into prioritization, case selection, and regulatory treatment across the organization

• Lessons from ASQA’s maturity journey: What worked, what didn’t, and how other regulators can design an intelligence blueprint at different stages of maturity

• How Natural Language Processing (NLP) was applied to years of inspection and audit reports to identify recurring compliance issues

• How analytics enabled inspectors to move to data-backed regulatory conversations, improving consistency, confidence, and targeting of regulatory engagement

• Practical lessons for regulators at any data maturity level: What worked, what didn’t, and how agencies with limited analytics capability can start extracting meaningful insights from unstructured regulatory data

Workshop Overview

As regulators continue to adopt intelligence led and data driven operating models, the ability to systematically collect, validate, and interpret publicly available information has become a core capability.

Modern Open Source Intelligence (OSINT) has evolved well beyond ad hoc online searches. It now underpins risk identification, strategic intelligence, operational targeting, and evidence based regulatory decision making.

This workshop presents a contemporary and defensible OSINT framework tailored to regulatory, compliance, and integrity environments. It focuses on how open data, digital identifiers, and publicly accessible records can be transformed into structured intelligence outputs that support prioritisation, investigations, and proactive regulatory action.

Participants will be introduced to a disciplined approach to OSINT that emphasises:

• Triangulation across digital identifiers (email, username, phone)

• Verification and corroboration of sources

• Separation of fact from analytical judgement

• Structured reporting scripts for large language models to amplify and automate OSINT collection and analysis

In a digital environment shaped by paywalls, platform restrictions, and increased detection of online activity, the workshop also addresses how to adapt collection methods to remain lawful, ethical, and discreet.

You will leave with practical tradecraft, AI powered workflows, and a curated suite of tools that can be immediately applied within government and regulatory contexts.

Key Takeaways

• A repeatable OSINT workflow suitable for regulatory and investigative settings

• Practical techniques for building defensible, data driven intelligence products

• Clear guidance on ethical, lawful, and proportionate collection practices

• A curated spreadsheet of 100+ verified OSINT tools and resources, mapped to specific use cases

• Ready-to-use prompt frameworks and structured reporting templates for immediate operational application