How to Trace a Russian Company's Ultimate Beneficial Owner
A reproducible OSINT workflow for unmasking the ultimate beneficial owner behind a Russian legal entity using the EGRUL registry, OGRN/INN identifiers, and cross-border corporate filings.
The unmasking problem
Russian corporate structures routinely layer nominee directors, holding companies, and offshore shells between an operating entity and the natural person who ultimately controls it. For sanctions screening, vendor due diligence, and counterparty risk, the question that matters is not who signs the contract but who is the ultimate beneficial owner (UBO).
This guide is a method, not a dossier. It describes a repeatable workflow and the public registries that support it. It deliberately contains no claims about any specific company or person — you supply the target, the workflow tells you where to look and how to record what you find with an honest confidence tag.
Every figure or identifier you recover with this method should be recorded with its source and a confidence tag. A registry extract you downloaded yourself is stronger evidence than a secondary article; a fetch that returned an error is not evidence at all.
The UBO tracing workflow
Each step names a concrete public source and the artefact you should capture before moving on.
- Resolve the entity to an OGRN and INN Start from the company name and locate its primary registration number (OGRN) and tax number (INN) in the Unified State Register of Legal Entities (EGRUL). These identifiers are the join keys for everything downstream.
- Pull the EGRUL extract The Federal Tax Service (FNS) EGRUL service returns the registered address, charter capital, directors, and direct shareholders. Save the extract; record the retrieval date.
- Map direct shareholders List every shareholder legal entity and natural person with their stake. Where a shareholder is itself a company, recurse: pull that entity's EGRUL extract too.
- Follow holding chains to the top Repeat the recursion until you reach natural persons or a foreign entity the Russian registry no longer covers. Note where the chain crosses a border — that is where the trail usually goes opaque.
- Cross the border with OpenCorporates and offshore leaks When the chain exits into a foreign holding, switch to OpenCorporates and to published investigative datasets (for example the ICIJ Offshore Leaks database) to continue the trace through offshore layers.
- Corroborate control vs. ownership Legal ownership and effective control can differ. Check for nominee patterns, management contracts, and powers of attorney that move control away from the registered shareholder.
- Record each hop with a confidence tag For every link in the chain, store the source URL, retrieval date, and a tag: CONFIRMED only for a primary registry extract you hold, REPORTED for secondary sourcing, ESTIMATE for inferred control.
Primary sources for each layer
These are the public registries and datasets the workflow above relies on. The table lists what each one is good for, not any specific result.
| Layer | Source | What it gives you |
|---|---|---|
| Russian entity | FNS EGRUL (egrul.nalog.ru) | OGRN, INN, address, directors, direct shareholders |
| Russian entity | EGRIP | Sole-proprietor registrations |
| Cross-border | OpenCorporates | Company records across many jurisdictions, officer links |
| Offshore layer | ICIJ Offshore Leaks database | Shell-company beneficial owners from leaked records |
| Sanctions overlay | OpenSanctions | Whether any node in the chain is a designated entity or person |
Method limitation: EGRUL coverage of beneficial owners is partial, and the FNS has restricted some fields for sanctioned entities. Treat any single registry as one source, not the whole truth, and corroborate control independently.
Common questions
What is the difference between OGRN and INN?
The OGRN is the primary state registration number assigned when a legal entity is created; the INN is the tax identification number. Both uniquely identify a Russian entity and are the join keys you use across registries.
Can I find the ultimate beneficial owner from EGRUL alone?
Often not. EGRUL reliably shows direct shareholders and directors, but beneficial-ownership disclosure is incomplete and the chain frequently exits into foreign holdings. You typically need OpenCorporates and offshore-leak datasets to complete the trace.
How should I record uncertainty in the ownership chain?
Tag each link by evidence strength: a primary registry extract you downloaded is the strongest, secondary reporting is weaker, and an inferred control relationship is an estimate. Never record a link as confirmed on the basis of a failed or blocked fetch.