Five Years of Silence: EFRI Demands DNB Report – for the Scam Victims and the StabIR License Review
In September 2020, the Dutch financial supervisory authority, De Nederlandsche Bank (DNB), finalised a supervisory report on Payvision B.V. That report—according to official sources—confirmed serious and structural AML breaches, directly linked to Payvision’s role in processing fraudulent investment schemes across Europe.
To this day, DNB has refused to hand over that report—not to the public, not to the victims, and not to EFRI. By citing vague “confidentiality reasons,” DNB continues to deny justice to thousands of defrauded victims. EFRI has gone so far as to launch a public petition urging DNB to release the report. More than 700 people have signed — yet DNB has shown no response.
This refusal has persisted for nearly five years—even in court proceedings.
The 5-year rule: secrecy ends, truth must follow
European case law has made it clear: supervisory confidentiality is not unlimited.
In the landmark Baumeister case (C-15/16), the European Court of Justice ruled that supervisory information under professional secrecy laws must be disclosed where the public interest outweighs confidentiality, especially if the information is already known to the public or if the alleged violations are serious.
In Malamud (C-588/21 P, 2024), the Court reaffirmed that even initially protected documents lose secrecy after time, especially when transparency and legal redress are at stake.
According to EU Commission guidance, the five-year mark is decisive:
“After five years, information is generally considered historical. Exceptions must be specifically justified.”
End of September 2023, that threshold will be crossed.
The report is central to the WAMCA class action against Payvision and ING
EFRI is preparing a WAMCA (Dutch collective claim) procedure against Payvision B.V. and ING Bank N.V. on behalf of hundreds of victims defrauded by binary option and crypto scammers.
Payvision BV—now closed—was the main payment facilitator behind dozens of criminal schemes. Payvision B.V. — now closed — was the main payment facilitator behind dozens of these criminal operations. The company was supervised by DNB since 2012 and operated with full regulatory approval.
ING Bank N.V. was the owner and Payvision’s account servicing payment service provider in laundering the stolen funds during the relevant period
It was Payvision B.V. that enabled Barak – the Wolf of Sofia – and Lenhoff to scam more than €200 million from unsuspecting victims between September 2015 and January 2020. Without Payvision, their fraud at that scale would not have been possible.
The DNB supervisory report is directly relevant to the liability of both institutions.
Without access to the report, victims are denied their full rights under Dutch civil law.
With it, they gain a critical tool to prove the violation of duty of care over the years and systemic compliance failures.
MFSA must explain why it licensed StabIR without this report
Meanwhile, in Malta, StabIR Ltd., an EMI licensed by the Malta Financial Services Authority (MFSA), is being run by former senior employees of Payvision. Gijs op de Weegh, the CEO and official beneficial owner (?), was one of the top executives responsible for Payvision during the AML breaches.
EFRI has written to the MFSA, demanding:
That the MFSA requests the DNB report, and
Reassess StabIR’s EMI license in light of the well-documented practices of Payvision between 2015 and 2020, which facilitated large-scale financial fraud.
We reject the idea of off-the-record meetings or non-transparent internal reviews.
The public and the tens of thousands of scam victims have a right to know.
Our summary!
Payment fraud has become a serious social threat across Europe.
One of the main reasons is the lack of effective supervision and enforcement of existing AML rules.
Tens of thousands of consumers are losing their life savings — while national supervisory authorities look the other way.
It’s time for justice.
It’s time for real oversight and regulatory accountability.
And it’s time to stop protecting banks from justified claims.
A Word to DNB’s New President
Let us hope that the new President of the Dutch Central Bank (DNB), Olaf Sleijpen, finally remembers that one of the core duties of a European financial authority is to protect consumers — as clearly stated in EU law (see the recitals of PSD2) — and not to shield banks from legal scrutiny and accountability. Klaas Knot seemed far more concerned with protecting the “stability of the financial system” than with protecting European citizens — or ensuring proper oversight of payment institutions under his watch.
What is next?
EFRI will file a renewed request for the DNB report in the coming days, based on EU legal precedents and the five-year limit on confidentiality.
We will also continue to publicly document and challenge any licensing decisions — such as that of StabIR — that ignore known regulatory failings.
Victims deserve the truth.
They deserve access to the documents.
And they deserve justice
