Corvus
Investigationa9cc104a
Investigation Colophon · Methodology · Provenance

About this investigation

Full audit trail of how this report was produced — target identification, analytical techniques applied, tools that ran, gaps recorded, and the schema and skill versions used. Reproducibility is a forensic posture.

Confirmed Target · Type: Org

RTX Corporation

US defense and aerospace prime contractor formed by the April 2020 UTC-Raytheon merger; HQ Arlington, Virginia; NYSE: RTX. Parent of Raytheon Company and Pratt & Whitney.

    § 01

    Investigation Metadata

    Provenance
    Investigation ID
    a9cc104a-cc99-4a88-b945-f3638bd95a49
    Created
    2026-06-16 05:07:00.24
    Recon Started
    Recon Completed
    2026-06-16 06:27:24.79 · 80m 24s
    Analysis Completed
    2026-06-16 07:05:00 UT · 25m 0s
    Total Duration
    105m 24s · within 60-minute walltime budget
    Wave Budget
    20 enabled tools × multiplier 2 = 40 tool calls per wave
    Stopping Rule M
    3 consecutive empty calls · fired in Wave 5
    Artifact Location
    [redacted]
    § 02

    Analytical Methodology

    Structured analytic techniques · ICD 203
    KACApplied

    Surfaced HIGH-sensitivity assumptions around (a) the unextracted 8-K EX-99 exhibits as the source-of-truth for penalty / monitor / commodity facts (kj_003) and (b) the inferred boundary between FCPA Qatar conduct and AECA / ITAR conduct as two distinct conspiracies rather than overlapping. Both surfaced assumptions are LOW-confidence and become confidence-limiting factors on downstream judgments dependent on monitor identity or penalty quantum.

    ACHApplied

    Generated two competing hypotheses to explain the converged enforcement footprint: H1 systemic multi-decade compliance failure (recidivism from 2001 In Re Raytheon Securities through 2024 DPA + Peneycad + Johnson FCA); H2 isolated incidents that matured in the same window by coincidence. H1 retains lower weighted inconsistency given the 1999-2024 span and the cross-business-unit concentration (defense electronics + engines + government contracts). H2 retained as the alternative inside kj_001.

    PremortemApplied

    Failure modes considered: (a) the 8-K exhibits when extracted reveal significantly smaller penalty / narrower monitor scope, weakening kj_003 expectation of materiality; (b) the OpenSanctions crime.traffick flag is replaced/relabeled upstream, removing the misreading risk in kj_005; (c) the Ekambram plaintiff dismisses on the pleadings, weakening the kj_002 'live exposure' inference. None of these failure modes invalidates the leading ACH hypothesis; all are confidence-limiting on specific judgments.

    Red HatApplied

    Adapted to legal-regulatory exposure rather than cyber attack surface — the recon evidence base captured no infrastructure / subdomain / credential / endpoint exposure. Red Hat instead surfaced six vectors describing how plaintiff bars, foreign procurement counterparties, competitor engine providers, FOIA litigants, and journalists can leverage the existing public exposure against RTX. Vector r_01 (expanded derivative theory) is the strongest by Admiralty-weighted evidence.

    § 03

    Coverage

    Schema v1.0
    41
    Entities
    47
    Relationships
    33
    Evidence
    7
    Judgments
    14
    Timeline
    0
    Geo
    Confidence Distribution · Key Judgments
    5 · High
    2 · Moderate
    High · multi-source, no surviving alternativesModerate · KAC stress or ACH marginLow · sparse base or explicit caveat
    § 04

    Tools Engaged

    20 enabled · 11 fired · 5 gap
    cl_dockets2
    cl_recap1
    cl_recap_document1
    cl_search5
    cl_citation_lookup1
    federalregister_search5
    sec_edgar_search3
    govinfo_search1
    codex_baseline11
    documentcloud_search0
    muckrock_requests0
    documentcloud_searchgap
    muckrock_requestsgap
    sec_edgar_searchgap
    govinfo_searchgap
    usaspending_search_awardsgap
    § 05

    Tool Gaps

    5 methodology steps could not run
    documentcloud_search
    Methodology step · wave_5_adversarial_sweep · Cloudflare 403 hard block on egress IP 185.213.155.239 on initial attempt; tool not registered in worker process on re-run. FOIA-corpus surface unmapped (kj_007).
    muckrock_requests
    Methodology step · wave_5_adversarial_sweep · Cloudflare interactive JS challenge 403 on initial attempt; tool not registered in worker process on re-run.
    sec_edgar_search
    Methodology step · wave_5_8k_exhibit_extraction · Not in W5 allowed tool list — RTX 8-K EX-99.1 through EX-99.4 exhibit content (penalty amounts, monitor identity, DDTC consent terms) and 10-K FY2024 legal proceedings section unextracted (kj_003).
    govinfo_search
    Methodology step · wave_5_court_record_pull · Not in W5 allowed tool list — UTC-Raytheon merger Final Judgment retrieval and FAA rulemaking docket FAA-2023-2237 full comment record not executed.
    usaspending_search_awards
    Methodology step · wave_5_contract_modification_check · Not in W5 allowed tool list — search for DoD/DLA contract modifications or cost-recovery actions against P&W/IAE LLC following FAA AD compliance requirements not executed.
    Integrity Hash
    sha256:524e0b1d70efe3dddd28987d77ca08b5c68ca500d8de055575c9ce1179fa5b94