Was Payvision an accomplice to the scammers?

GPay contract

Was Payvision an accomplice to the scammers?

For over four years, we have meticulously examined criminal files to decipher the operations of Barak and Lenhoff´s criminal organization and the involvement of Payment Service Providers (PSPs) in these schemes. In recent months, as we collected information for the ongoing civil proceedings against Payvision and Deutsche Bank, we have finally managed to outline the responsibilities and the extent of liability of the involved PSPs.

The respective rules of the Payment Directive 2015/2366 (PSD 2)

 Article 79 (2) of the Payment Directive 2015/2366[1] (PSD 2) provides that  if conditions set out in the payer’s framework contract are met, the payer’s account servicing payment service provider (PSP) may not refuse to execute an authorized payment order.

Accordingly, national laws that implement Payment Directive rules permit the rejection of payment transactions under very strict conditions: The Payment Service Provider is required to refuse execution only if there is a reasonable suspicion of criminal activity.

Suppose a Payment Service Provider (PSP) processes payment transactions despite having reasonable and justified suspicions of criminal activity and failing to report them to the appropriate authorities. In that case, he risks being accused of aiding and abetting. The suspicion must be based on clear, undeniable evidence for criminal activities to qualify as reasonable and justified.

 

The resulting liability for the PSPs!

In about all  european jurisdictions there is a clear rule that in all cases in which a damage was caused by several parties, i.e. in where each individual contributed to the entire damage in some form of conduct, there is joint and several liability if there is intent.

Payment Service Providers (PSPs) that process transactions for fraudulent websites risk being held liable for the full losses of the victims if courts are persuaded that they had reasonable and justified suspicions of criminal activity.

When Payvision chooses to refund only the card payments processed for Barak and Lenhoff, as is currently the case, it implies acknowledgment of the fraud. However, they do not accept entire liability for the losses the victims incurred, encompassing card payments and bank transfers made to the scammers.

In our civil lawsuits against Payvision, we are seeking compensation for the total damages incurred by individual victims. We firmly believe that Payvision, particularly Rudolf Booker, was fully cognizant of the fraudulent activities carried out on Barak and Lenhoff´s fraud websites serviced by Payvision. Consequently, we are requesting compensation not only for the card payments but also for bank payments.

Payvision was fully aware of the fraud!

Court documents from criminal proceedings present comprehensive evidence that Payvision facilitated the processing of card payments for websites operated by Barak and Lenhoff for over four years. To start trading, each victim had to activate a trading account; this had to be done with a card payment. This initial card payment enabled call center representatives to contact the victims, enticing them to make further deposits through cards or bank transfers. The deposit method largely varied according to regional preferences; for instance, British individuals tended to make card payments, whereas Germans, Austrians, and Swiss were more inclined towards bank transfers for substantial deposits.

Our arguments for Booker´s collaboration with Barak and Lenhoff are based on the following evidence.

The results of DNB´s on-site audit of Payvision in summer 2020:

The Dutch Financial Supervisory Authority (De Nederlandsche Bank) report on the results of an on-site audit of Payvision was leaked to the renowned Dutch business newspaper FD (Het Financieele Dagblad) in autumn 2022. The newspaper reproduced parts of the DNB report in two articles on 14 October 2022.

The DNB report stated that an on-site inspection of the defendant had found.
– that Payvision – under the leadership of Rudolf Booker – had seriously violated the Sanctions Act, the Financial Supervision Act, and the Dutch Money Laundering and Terrorist Financing Act (Wwft) from 2015 to 2020;
– Payvision wilfully ignored that fraud signals and that Payvision wilfully failed to subject some of its customers to the legally required checks
– Customer checks and compliance with anti-money laundering regulations were systematically neglected.

A criminal investigation regarding Payvision and Rudolf Booker is pending in the Netherlands.

An example: Gpay ltd, merchant for xtraderfx and cryptopoint

DNB´s report described in detail what happened in early 2018 when Barak wanted Payvision to onboard Gpay Ltd – a British newly setup shell company  in charge of the  fraud website cryptopoint.com:

Joris Greeuw – senior employee in the UK compliance department of Payvision – requested Payvision´s management as early as January 2018 to reject the merchant GPAY Ltd (merchant for the card payments for the  Barak´s cryptopoint/xtraderfx websites) due to a lack of transparency. The FD reproduces it in the newspaper article of October 14, 2022, as follows:

Reject due to the lack of transparency

At this point, explicit reference is made to Article 14 (4) of the 4th Money Laundering Directive 2015/849[1] EU, according to which obliged entities – if they are unable to comply with the customer due diligence obligations referred to in Article 13 (1)[2] subparagraph 1 letters a, b or c (identification of the beneficial owner) – may not carry out a transaction via a bank account, may not establish a business relationship, may not carry out transactions and must terminate the business relationship and consider submitting a suspicious transaction report to the FIU in relation to the customer in accordance with Article 33.

[1] https://lexparency.de/eu/32015L0849/ART_14/

[2] https://lexparency.de/eu/32015L0849/ART_13/

However, Payvision decided – contrary to its legal obligations – to nevertheless take Gpay Ltd on board “for business reasons”.

The first FCA warning for Gpay ltd showed up!

On May 14, 2018, the British Financial Conduct Authority (FCA) issued the first of a series of warnings regarding “Gpay Ltd trading as Cryptopoint”[1]  due to numerous fraud reports from victims.

[1] https://www.fca.org.uk/news/warnings/gpay-limited-trading-cryptopoint

First warning Cryptopoint

We need to terminate them asap!

According to the DNB report, this warning was also noticed by Payvision´s compliance department in Great Britain, which led to their demanding the rapid termination of their business relationship with Gpay Ltd (“we need to terminate them asap”). The FD report summarizes the events as follows:

We need to terminate them asap

Booker told his team that" he was informed about all issues with Gpay"!!

Nevertheless, Rudolf Booker (the CEO) decided to deal with the situation completely differently. According to FD´s report:

he is informed about all issues

On July 19, 2018, the blocked accounts were unblocked, and just a few days later, on July 24, 2018, a new card processing contract with new (disadvantageous conditions) was concluded between Payvision and Gal Barak covering most of his fraud websites (xtraderfx, cryptopoint, safemarkets, and goldenmarkets).

Interestingly, Gal Barak, who was not listed as the CEO or a beneficial owner of any companies mentioned in the new processing contract, personally signed the agreement himself.

Details about the new card processing contract dating July 24th, 2018:

At the time the new card processing contract was entered into on 24 July 2018 covering the websites as mentioned above, there were already further warnings from European financial supervisory authorities regarding the domains attributable to Gal Barak due to the unlicensed offering of economic instruments to private individuals:

  • On April 9, 2018, the British financial regulator[1] issued a warning against Barak’s AlmaMarket Ltd, UK and website www.safemarkets.com for offering unlicensed financial services;
  • On 30 March 2018, the Austrian Financial Market Authority[2] issued an investor warning regarding the platform Optionstarsglobal with the operating company New Markets S.A. (Optionstarsglobal ) Novasage Chambers, Level 2 CCCS Building, Beach Road, Apio Republic of Samoa and pointed out that the company is not authorized to provide banking transactions or investment services requiring a license in Austria.
  • On May 25, 2018, the British FCA[3] issued a warning against the fraudulent website goldenmarkets.
  • On 25 June 2018, the British FCA[4] issued a public investor warning against the BARAK system Optionstarsglobal because unlicensed financial services were being offered to British citizens and fraud reports had already been received.

[1] https://www.fca.org.uk/news/warnings/almamarkets-limited-t-safemarkets

[2] https://www.fma.gv.at/new-markets-s-a-optionstarsglobal/

[3] https://www.fca.org.uk/news/warnings/golden-markets

[4] https://www.fca.org.uk/news/warnings/option-stars-global

The reselling contract with Uwe Lenhoff dating end of July 2018

But Booker was not only busy entering a new card processing contract with Gal Barak at the end of July 2018, but due to the high transaction volumes produced by Gal Barak, Booker also pushed Uwe Lenhoff to sign off on a reselling contract finally and to bring more customers like Gal Barak to Payvision.

According to the transactions report provided by Booker to the Austrian law enforcement agency in May 2019, in total, Payvision processed more than € 75.610.779,01 mio from Sept. 2016 until January 2019 for Barak´s websites (Gpay Limited only accounted for € 37,5 Mio).

Gpay amount of money transferred

According to seized documents the contract was signed, and commission for Lenhoff was calculated – reg. actual payouts no information is available.

A convicted criminal, numerous warnings, and extensive fraud complaints nothing impressed Booker!

Lenhoff had already ensured in early 2016 that the fraud websites of Gal Barak used Payvision´s gateway and acquiring services. At that time, Uwe Lenhoff had already been convicted twice by  German courts for severe fraud.

 In addition, numerous warnings from the supervisory authorities had been issued for Lenhoff´s websites (processed by Payvision since 2015)  Option888, xmarkets, Tradovest, Tradeinvest90, etc.

  • For example, the Austrian Financial Market Authority (“FMA”) warned[1] on November 25, 2017, about Capital Force Ltd’s offer to purchase the fraud website Option888.
  • On March 23, 2018, the German supervisory authority BaFin[2] ordered the immediate suspension and winding up of Capital Force Ltd.’s so-called financial commission business, known as “Option888.”
  • On March 30, the Austrian Financial Market Authority (“FMA”) warned about New Markets S.A., Republic of Samoa, operating officially the fraud website optionstarsglobal.com
  • On May 21, 2018, the UK Financial Conduct Authority (FCA) warned[3] against the offer by Capital Force Ltd. for the scam website Option888.
  • On May 21, 2018, the UK Financial Conduct Authority (FCA) issued a warning[4] against Capital Force Ltd.’s offer to sell the scam website Zoomtrader.
    • On June 13, 2018, the Austrian Financial Market Authority issued a warning[1] against the offer by Celestial Trading Ltd, /Tradovest.
    • On 11 July 2018, the German Financial Supervisory Authority (BaFin”)[2] warned against the unlicensed offering of the trading platform xmarkets, operated by Celestial Trading Ltd.

At this time, Payvision – as the one within the card systems to discuss chargeback requests and fraud complaints with the merchant – had already received extensive fraud reports as part of the chargeback procedure; AK Vorarlberg had already filed criminal complaints with an Austrian prosecutor against Uwe Lenhoff’s fraud platforms on behalf of several injured parties in 2016 and adequately asked for chargebacks with the issuers of the victims in Austria about the ongoing criminal proceedings ( AZ 2 UT 87/16).

A convicted criminal, numerous warnings, and extensive fraud complaints, nothing prevented Booker from pushing for new business in the fraud industry!

Did Booker willfully miscode the card transactions?

If Booker was aware of the fraud,  he actively contributed to the scam by purposefully miscoding the transactions.

Despite the evidenced knowledge of Payvision’s compliance department regarding Barak´s unlicensed offerings of financial instruments to consumers (as warned by the supervisory authorities), Booker used the Merchant Categorie Code 6211 (licensed brokers) for the card processing contract entered into in July 2018 for the websites safemarkets, goldenmarkets, xtraderfx (the website cryptopoint.com had been renamed to xtraderfx already beginning of July 2018).

wrong MCC

Purpose of the Merchant Catgegorie Code (MCC)

The findings from a customer due diligence on the type of business activity are also the basis for the acquirer’s determination of the merchant category code for a merchant’s transactions. The merchant category code designates the products of a website and is decisive for the issuers (credit card institutions of the payer) when checking whether transactions are legal (transaction is approved) or illegal (transaction is declined) according to the regional legal provisions.

 

The definition of the merchant category code “6211” in the VISA card network relevant here  in the VISA Merchant Data Standards Manual[1] requires licensing of the authorized merchant by a financial supervisory authority in compliance with the provisions of the MiFID regulations in Europe.

[1] https://usa.visa.com/content/dam/VCOM/download/merchants/visa-merchant-data-standards-manual.pdf

licensed business

Payvision had already been using the dealer category code 6211 since 2013 for the execution of transactions on the fraud websites of Barak and Lenhoff or the predecessor fraud organization of NOVOX Capital Ltd. and thus claimed for each individual transaction in the authorization request to the issuers that it would be payments for licensed securities (financial) service companies. However, in contrast to Novox Capital Ltd., none of the authorized dealers of Gal BARAK and Uwe Lenhoff onboarded by Payvision from 2015 up to January 2019 had a license to offer financial instruments in Europe to retail investors.

 

By using this false code with each single card transaction (“miscoding”), Payvision on purpose falsely created the impression that the merchant was an organization under the supervision of a supervisory authority, with a deposit protection model, a certified complaints procedure and that there were therefore no prohibited transactions.

 The contractual terms and conditions of the card companies prohibit their contractual partners from carrying out illegal transactions (see point 1.5.1.4. of the VISA Core Rules and Visa Product and Service Rules and 5.2.1.2. of the VISA Core Rules and VISA Product and Service Rules. Accordingly, the acquirers – like Payvision are obliged to carry out a corresponding extensive customer due diligence of their customers to ensure that no illegal transactions are carried out.

Since the providers of binary options and cryptocurrencies are classified as high-risk customers, Payvision was obliged to inspect the license or registration of the merchant with the competent financial supervisory authority in accordance with the statutory requirements (Enhanced  Due Diligence), as set out in more detail in the EBA guidelines and also in accordance with the rules of the card companies.

 

Payvision had to resort to this means because the card companies do not provide a merchant category code for unlicensed offers of financial instruments such as binary options on crypto products and CFDs to retail investors (because they are simply prohibited).

Through the intentional miscoding, which is internationally referred to as “transaction laundering” and constitutes a blatant fraud against the financial institutions participating in the card systems and their customers, Payvision enabled the merchant – which was a pure shell company – to carry out card transactions in the first place and thus made it possible to cause such significant damage of several hundred million euros to European private investors.

Payvision's role in enticing victims to make more and larger deposits.

However, the scammers used Payvision not only to open trading accounts (a card payment always had to be made). To entice the victims to make more and larger deposits, the scammers repeatedly paid out small (fictitious) winnings to the victims, causing them to gain confidence and transfer large sums of money.

These “Ponzi payments” (so-called  Ponzi schemes, in which the profit payments are also always made from the money of the new fraud victims) were paid out by Payvision on instructions from Gal Barak and Uwe Lenhoff. Payvision just deducted them from the credit balances of the payment accounts held with ING Bank NV and Deutsche Bank. Here, too, the fraud organization exploited the complexity of the card systems for its purposes; the payment could generally not be traced back to a consumer without further investigation by the issuer due to the lack of a precise specification on the credit card statement.

According to the court files, this critical “fraud service” was only provided by Payvision to the scammers. We could not identify any other Payment Service Provider who provided this service to Barak and Lenhoff.

Summary

Therefore, we are firmly convinced that Payvision/Booker acted as an accomplice to the scammers since 2015 so they are liable for the full loss of the victims.

The information presented strongly supports our decision to target Payvision and Booker actively. We understand it will require significant effort to contend with the ING Group and its costly, clearly unprincipled legal team. However, it is pretty apparent what has transpired (and by the way, was already confirmed by DNB).

Rather than declining to process fraudulent payment transactions and alerting the authorities about their findings, Booker actively supported the scammers. Consequently, Payvision/Booker is complicit in aiding and abetting large-scale cybercriminal organizations that have defrauded thousands of trusting consumers across Europe. Payvision was legally obligated to halt the fraud; they facilitated the scammers’ activities instead.

The fraud had devastating impacts on many victims, exacerbating their disadvantage, vulnerability, and inequality. Some of the victims suffer long-term mental and physical trauma, and some even commit suicide.

Additionally, to our knowledge, Booker remains active in the payment industry and is still at large. Neither the Dutch Central Bank (DNB) has banned him, nor does the Dutch prosecutor seem to believe that any action is necessary to safeguard European retail consumers.

So stay safe out there!