A man from Montreal, Samy Bensaci, who allegedly stole US$50 million in Bitcoin from US residents, was arrested in Victoria, British Columbia, and removed to Ontario for prosecution, where he has since been released on bail, reportedLa Presse today.
The theft of $50 million happened during 2018 and 2019, according to the La Presse story, and involved several victims, all but one of whom are American. All the victims were attendees of the Bitcoin conference Consensus in 2018 in New York City. Allegedly, a Vancouver man was SIM swapped out of $2.3 million, possibly from Bensaci.
Bensaci was released pending a trial in Toronto on certain conditions, including that he refrain from using computer devices and owning or trading Bitcoin or other digital currencies. He faces charges of unauthorized computer use and identity fraud. He has not been charged with laundering the proceeds of crime.
What is a SIM Swap?
A SIM swap is a type of hacking fraud where a person communicates with a cellular service provider, impersonates a cellular account holder and convinces them to change the SIM card associated with a cellular device so that the hacker can gain control of the victim’s data.
When a SIM swap occurs, the cellular phone of the victim goes black and the fraudster then controls the data, and can text, call and interact as if they were the victim.
How Does SIM Swaps work with Bitcoin?
With respect to digital currency wallets, because some service providers use 2FA on cellular phones, it allows hackers access to steal digital currencies by changing the 2FA on the cellular phone when prompted. The hackers then can gain access to Bitcoin wallets and quickly transfer the digital currencies to Trezors under their control.
Technically, the theft of digital currencies from an exchange is always from the pooled wallet of the digital currency exchange although the victim’s account is debited from the exchange to reflect the loss, or it may be from a hard wallet with no third party intermediary involved.
One of the first SIM swaps to be litigated was the theft of US$81 million from Bitcoin investor Michael Terpin, who won a US$75.8 million civil judgment in California against 21-year-old Nicholas Truglia who SIM-swapped Terpin’s cellular phone and stole over US$23 million from Terpin’s digital currency wallets that held coins from three ICOs.
In all, Truglia is alleged to have stolen over US$81 million in crypto currencies via SIM swaps from various people and to have used the money to live a life of luxury, renting a penthouse in Manhattan, buying a US$100,000 Rolex diamond-embedded watch and to have booked private jet trips.
Laundered Funds Through Digital Currency Exchanges
Truglia was charged with impersonating numerous individuals to SIM swap them and was also sued civilly by Michael Terpin for the theft of his crypto currencies. It was alleged in that pleading that Truglia laundered millions of dollars in proceeds of crime from stolen digital currencies through Coinbase, Gemini and Binance.
A McLaren Sports Car, Private Jets, Stash of Cash
One of the deponents in the civil litigation that resulted in the Truglia judgment is a private jet broker who deposed that Truglia had no job during the time he knew him, and shortly after the SIM swap, had over US$72 million in crypto currencies on various wallets and a stash of US$100,000 in US cash chilling on his coffee table for spending money.
Shortly after the SIM swap, Truglia allegedly made plans to buy a US$250,000 McLaren sports car. Allegedly, Truglia’s Twitter account was Nick @erupts – that account holder took to Twitter to brag about stealing US$24 million, and posted images of the US$100,000 diamond watch and private jet trips.
It seems that some of the “Bin Ladens of Lebanon” are living in Canada.
Let’s go back a month ago to December 3, 2019. On that day, a man named Ali Kourani was sentenced to 40 years in prison in New York for terrorism-related activities. Kourani is deeply connected to the highest ranks of the Hezbollah, and hence to the Iranian regime. Not only is his family the Bin Ladens of Lebanon, as he himself said, but his brother is “the face of the Hezbollah” in southern Lebanon.
Ali Kourani was a sleeper agent for the Hezbollah’s foreign nation unit, called the Islamic Jihad Organization (“IJO“) or “Unit 910”, tasked with procuring weapons and gathering intel in foreign countries on potential targets for Hezbollah terrorist attacks. The IJO is operated by Hassan Nasrallah, the Secretary-General of Hezbollah, who reports directly to Ayatollah Ali Khamenei, the Supreme Leader of Iran.
When he joined the IJO, Kourani knew that Nasrallah had a direct pipeline to the leader of Iran. He told the FBI that, and more, including that he knew the IJO did “black ops” for Iran.
Kourani was born in Lebanon. When he was 16, he attended a Hezbollah-sponsored military training camp in Lebanon. He was allowed to attend a Hezbollah military camp, he told the FBI, because being related to Haider Kourani, the Hezbollah’s Chief of Military Security for southern Lebanon, opened doors for him.
At the camp, he was trained to use and fire weapons that included rocket propelled grenade launchers, AK-47 assault rifles, an MP5 submachine gun and a PKS machine gun (a Russian-made belt-fed weapon).
In 2003, he visited the US to attend university and graduated with a degree in Biomedical Engineering and later, an MBA.
In 2008, he returned to Lebanon and during that trip, was personally recruited into the IJO unit by Sheikh Hussein Kourani. Sheikh Kourani was a significant person in Lebanon and Iran, considered to be one of the key figures in the founding of Hezbollah and although Lebanese, was buried in the holy city of Qom, Iran, after his death in September 2019.
When he joined the IJO, Kourani was set up with a handler in charge of assigning missions to him and to debrief him. Kourani communicated with his Hezbollah handler using coded emails. In Lebanon, his relatives acted as his contact point to connect with the Hezbollah for meetings.
One of the IJO’s first instructions to Kourani was to apply for US citizenship and become a dual national. Dual nationality allows operatives to avoid travel scrutiny. Kourani was also instructed to obtain a US passport card so that if his passport was seized, he could switch to his other nationality passport to enter Canada to then enter the US by land using his passport card.
In 2008, Kourani did as instructed by the Hezbollah and applied for US naturalization. In his immigration application, he made material false statements that neither he nor his family were associated with a terrorist organization, and further than he had not participated in military training with a terrorist group. In 2009, he was issued a US passport.
From 2008 until 2015, Kourani was with the IJO as an operative in the US. During that time, he assisted the Hezbollah with surveillance and gathering intel to prepare for potential future attacks against the US. Some of the targets Kourani surveilled included JFK Airport and law enforcement facilities in New York City, including the Federal Plaza in Manhattan.
He also: (a) searched for suppliers in the US who could provide weapons to the Hezbollah; (b) identified individuals affiliated with the Israeli Defence Force that the Hezbollah could recruit or target for violence; (c) gathered information on security at airports in the US; and (d) sought to develop relationships in China to buy ammonium nitrate to be used as an explosive precursor chemical.
Kourani’s handler was responsible for Hezbollah undercover operatives in Canada and the US.
Kourani was charged and convicted of several offences including providing material support to a terrorist organization, receiving military training from a terrorist organization, conspiracy to possess, carry, and use firearms and destructive devices in relation to crimes of violence, and making and receiving funds to and from Hezbollah.
Now back to December 3, 2019.
That was the day Kourani was being sentenced in New York.
At his sentencing hearing, Justice Hellerstein asked Kourani several questions including why he had taken photos of the Fort Washington Armory beside a major hospital in Manhattan. His lawyer replied that he took the photos because the Hezbollah wanted to be ready with a response if the US attacked Iran.
Why Iran wishes to target a major hospital in Manhattan (the Columbia University Irving Medical Center), and how, was never asked of Kourani or answered but what seems clear from the reply, was the key role Hezbollah dual national operatives play in western countries to supply information to Iranian intelligence in preparation of the furtherance of harming other countries.
Kourani’s lawyer had one final request for Justice Hellerstein – to place him in a federal prison in upstate New York to serve his time. Why? Because he has a wife and two children who are Canadian citizens and live in Canada.
As to Kourani’s request to serve his sentence in northern New York, close to his children in Canada – Justice Hellerstein said no.
How the family known to be the Bin Ladens of Lebanon, or part thereof, with deep connections to the Hezbollah and to the Supreme Leader in Iran, came to acquire Canadian citizenship from Lebanon, or to be able to retain it, is unknown.
As for Haider Kourani, the man whose name opened doors for Ali Kourani to attend a Hezbollah military training camp when he was 16? He has a brother named Mahmoud Youssef Kourani who was also convicted of terrorism related offences in the US and was sentenced to 4.5 years in jail for transferring funds to Haider Kourani for the Hezbollah.
You can read more here from Matthew Levitt, a terrorism expert, on the activities of the Hezbollah agents in the US and Canada, including on another Kourani brother convicted of terrorism who is part of Hezbollah, and of Nemr Ali Rahal, a Hezbollah operative, who entered the US from Canada with military-grade explosives residue on his passport.
In what will be the most significant change to anti-money laundering law in the US since the Bank Secrecy Act, the US is considering two separate bills that, if passed, would require disclosure of the shareholders of private companies – the ILLICIT CASH Act and the Corporate Transparency Act, H.R. 2513.
ILLICIT Cash Act
The first, the Improving Laundering Laws and Increasing Comprehensive Tracking of Criminal Activity in Shell Holdings (ILLICIT CASH) Act, was introduced by Senator Mark Warner in September 2019.
If passed, the bill would require the disclosure of shareholders of private entities to the US Department of the Treasury when an entity is formed. It would also require disclosure of changes of shareholders within 90 days of such changes taking effect to the Treasury Department. Failures to report would be an offence, punishable by a term of imprisonment of up to four years. Information filed on shareholders of private companies would be made available to law enforcement agencies and in that way, has privacy protection for shareholders because the bill does not contemplate a public registry of shareholder information.
The bill also has interesting provisions with respect to foreign financial institutions, specifically it requires foreign banks to provide authentic bank records to US agencies and to comply with US subpoenas for money laundering investigations. Foreign banks, including those known for lax AML compliance that are unresponsive to US law enforcement agencies seeking financial information, would be subject to fines in the US, which would impact their correspondent capabilities.
In Canada, for example, anecdotally, bank records from China of wealthy politically exposed persons provided for immigration purposes, are often not authentic or complete and immigration laws do not require the submission of financial records be by affidavit evidence from China.
Accommodates Future AI for AML
The bill, importantly, recognizes the need for financial crime investigations expertise and would fund a federal team of financial crime investigators for money laundering investigations in respect of private corporations in particular, who are trained and have the expertise in respect of disclosure of shareholders of private companies. It has other modern technology provisions that allow for AML sharing of anonymized suspicious activity reports for machine learning datasets.
Includes Bitcoin& China
It also is forward-thinking in that it contemplates creating expertise in respect of comprehending how money moves from China to the US, and would include Bitcoin and all other digital currencies in the law.
SEC Limitation Periods Extended
It also would allow the SEC to pursue disgorgement of proceeds of crime derived from securities fraud for up to five years, and authorize the SEC to pursue restitution for investors for up to twelve years, a move that would impact the many ICO issuers who issued tokens and digital currencies in violation of securities legislation.
Position of Lawyers
US lawyers, specifically members of the American Bar Association, are not in favour of the bill on the grounds that it may erode privilege and confidentiality, and place an unfair burden on lawyers that do transactional work (real estate or M&A transactions).
Corporate Transparency Act
The second bill, passed by the US House, called the Corporate Transparency Act, also requires the disclosure of shareholders of private companies when formed but the obligation to disclose changes to shareholders would be on an annual basis. The person or company that incorporates private companies, and acts as agents of record for them (e.g., most law firms), would be required to make filings to disclose the identity of shareholders. This will either force law firms out of the business of forming corporations or force law firms to be reporting agents of corporate information. Often shareholder information of private companies is available (and is neither confidential or privileged in many cases), depending in large part on what are called the constating documents and local corporate law. In other words, it is not accurate to state that privilege and confidentiality are at risk by virtue of the proposed legislation. Law firms can elect to exit providing formation of company services to avoid being part of the reporting regime.
Failures to report, including by lawyers, would be an offence, punishable by a term of imprisonment of up to three years. Information filed on shareholders of private companies would be made available to law enforcement agencies and in that way, also has privacy protection for shareholders because the bill also does not contemplate a public registry of shareholder information. Lawyers in the US are also not supportive of this bill either for the same reasons as set out above.
Legal versus Beneficial Shares
The disclosure of shareholders of private companies is often referred to as “beneficial ownership,” a term that is not legally accurate because private (and public) companies have both legal and beneficial shareholders, and the movement for visibility on the identity of shareholders of private companies is driven by the need for disclosure of primarily legal shareholders, not beneficial shareholders.
The difference is this –> a legal shareholder is the person (natural or legal) on a share certificate who holds or owns shares. A beneficial shareholder (also a natural or legal person) is the person who is the beneficiary of the shares. Sometimes the two are not the same. For example, brokerage firms in a private placement are often on a securities registry beneficially for often 20 or 30 shareholders of a private company. When companies undertake financings and pledge shares in connection therewith, those shares are beneficially held by a bank or an investor but the corporate records don’t show that – they show the legal shareholder only.
End of Sale of Shell Companies
One thing both or either of the bills would likely do is immediately end the practice by law firms of the sale of shell and shelf companies for upwards of $200,000 each, and it would end the problem of minute and corporate records books doctoring that was highlighted in the movie “The Laundromat.”
A few weeks ago in China, several digital currency exchanges announced that they were suspending trading or shutting down operations altogether, leaving the recovery of potentially hundreds of millions of dollars of funds with those exchanges up in the air, and this after approximately US$3 billion went missing from two initial coin offerings (“ICOs“) in China this summer.
The shut downs came after several government agencies in China issued notices and warnings about the risks of digital currency exchanges and of ICOs over the past few weeks.
The agencies also announced several investigations into exchanges. So far, there are reports that over 500 people in crypto have been arrested in China in this latest crack down.
Multiple government agencies issue warnings
The first government warning was from the Autonomous Region of Inner Mongolia in Northern China, on November 11th by the Ministry of Industry and Information Technology, which issued notice that it was investigating, inspecting and “cleaning up” mining operations in the region. More here, and earlier first reported here.
In 2018, a number of foreign mining operators set up shop in Inner Mongolia and it now accounts for about 2% of the global mining. That’s not a lot for China, which accounts for 60% of the global mining. The government of Hong Kong told me in 2015, that China’s dominance over mining was once over 80%, and thus it is steadily declining. China is a preferred location, not because of electricity, but because of the infrastructure and ease with which mining can be launched in China.
The first was to warn the public about fraudulent misrepresentations being made by some exchanges who were selling coins on the allegation that they were backed by, or associated with, China’s central bank, the People’s Bank of China.
The People’s Bank of China has not issued, endorsed or backed any digital currencies with the private sector.
The second warning the next day was more of a reminder that online trading platforms, such as exchanges, must be registered and approved by provincial governments in China, and it informed the public that Beijing had not approved any exchanges and in essence if there were any in Beijing, they were not legal.
On November 18th, the China Banking and Insurance Regulatory Commission, a federal agency which regulates financial services, issued a notice about illegal fund-raising for Blockchain projects, which it described as fund-raising that is not registered and cautioned against fake Blockchain projects.
That came at the same time as Guo Shuqing 郭树清, the Community Party Secretary for the People’s Bank of China and Chairman of the Commission, gave a speech in Jiangxi (郭樹清：拆解影子銀行 遏制房地產泡沫化) in which he said that the Commission was cracking down on shadow banking and illegal online financial activities within China.
A crack down on shadow banking in China is important in crypto because shadow banking includes financial transactions done outside the system, such as through exchanges.
On November 22nd, the Shanghai headquarters of the People’s Bank of China issued a notice that it was cleaning up payments and settlement companies that provide services for international transactions to residents of China that are unauthorized.
The notice essentially reiterated that in China, buying digital currencies could involve illegal sales or the illegal issuance of securities, and could involve financial fraud or pyramid schemes. It informed the public that in Shanghai alone, the People’s Bank of China had shut down 13 ICOs and 10 exchanges.
It cautioned against hype related to Blockchain companies and said that its investigations were ongoing.
And finally, on November 22nd, the Shenzhen Financial Supervision Bureau issued a warning about the risks of online finance that included digital currency financial transactions, as illegal activities that would be “dealt with seriously.”
In China, the criminal law allows for terms of incarceration for life for violations of federal law involving financial transactions, and so the repercussions can be severe in China.
RMB22 billion missing
China has issued warnings and undertook a crack down in 2017 and people are left wondering what’s different this time.
What’s different this time is that, in addition to multiple agency action across China, more than 500 people were arrested for digital currency fraud in connection with exchanges and ICOs, with losses for 2019 alone, estimated to exceed RMB22.6 billion in China.
According to the news website Shanghai Securities News, the Office of the National Internet Financial Risk Special Rectification Group confirmed that law enforcement agencies have been active across China, closing down exchanges, mining operations and ICOs.
This was further confirmed by the 2019 Financial Stability Report for China published by the People’s Bank of China at the end of November which stated that 173 digital currency exchanges in China has been shut down by the government since 2018.
You might be wondering why now – why there was such activity in the last few weeks in China over digital currencies and digital currency exchanges?
There are many reasons for that.
The first is that China has quite advanced research, including academic research, and advanced government investments into Blockchain technology and before the government begins to release its projects to the public, it needed to clean up the ecosystem and get rid of businesses operating outside of the law.
Partly, that is just for the adherence to the rule of law but also, when unlicensed or unlawful businesses are allowed to operate with lawful ones, it creates an anti-competitive business environment, which is unfair and which the law is designed to prevent and it also creates uncertainty among the public.
So the move is designed to reestablish the rule of law in the crypto space, clean the slate and allow for a fresh start in China for businesses in the Blockchain space.
The other part, though, was that China was rocked by several digital currency schemes that, as China put it, caused significant damage to the financial order.
The first scheme which caused damage to the financial order was an ICO called Plus Token, which, it appears, was a Ponzi scheme (and may well be China’s largest Ponzi scheme involving digital currencies).
The Plus Token was sold online and at events in China, Korea and Hong Kong. It was headquartered in Yancheng in the province of Jiangsu, and it is believed that upwards of US$3 billion was allegedly taken by six employees – Chen Bo, Yuan Yuan, Ding Zanqing, Peng Yixuan, Wang Renmi and Dong Jianhua.
The six employees fled to the Republic of Vanuatu in June 2019. The Vanuatu government confirmed that four of them had acquired citizenship in advance, which would suggest that there was an exit strategy that was planned.
The six were subsequently arrested in Vanuatu by Chinese officials and removed to Mainland China in July. Plus Token then filed for bankruptcy.
And this is kind of interesting – allegedly, before fleeing, one of the employees inserted Hex code into a Bitcoin transaction that said: “Sorry, we have run” but there is no confirmation that that is accurate, especially since it was not written in Mandarin.
Wave Field Super Community
The second scheme, Wave Field Super Community, was a wallet and exchange service for digital currencies which went dark on June 30th in China, after an alleged hack.
But some people have done some casual tracing and remarked that all the digital currencies in its wallets had been transferred out before the alleged hack, suggesting that there was nothing to hack. It had hundreds of thousands of customers and they are allegedly out over US$150 million.
CEOs disappear from China
Following these events in the summer, the government of China decided to act.
As described above, it led a coordinated strategy of published warnings to the public and arrests to signal a change in approach. After the publication of the warnings, several digital currency exchanges shut down or were faced with situations where their CEOs disappeared.
Idax CEO allegedly missing with cold wallet of customer assets
One of those exchanges that was facing a disappearing CEO was Idax, one of the largest in China.
It announced online on November 29th, that its CEO had disappeared on November 26th, a week or so after the warnings started to be published.
The CEO is Lei Guorong. He owns over 17 companies in China. Idax is a Mongolian company that has been in operation since 2014. It had an office in Shanghai, and operated as an exchange without authorization in China.
The CEO kept the digital currencies of all of the customers in a cold wallet which he controlled and sometime around the time of his disappearance, employees said they were unable to access any of it, implying that all of the consumer funds disappeared when the CEO disappeared.
However, several weeks before the disappearance of the CEO of Idax, its employees were responding to consumers in writing that, because of congestion from an overload of withdrawal requests, they were unable to process withdrawals, knowing that those statements were untrue.
Idax had statements on its website that were also untrue, including that it was supported by the government of Mongolia to conduct its digital currency business.
Idax was the 24th largest exchange and it said that it processed over US$700 million in volume. It had its own ICO, that is now worth nothing.
BISS exchange employees arrested
Another exchange called BISS was reported to have been raided by the police in Beijing and several employees, as well as its CEO, were allegedly arrested and are in remand pending an investigation for participating in an illegal exchange.
The exchange is up but not operating. Its website alleges that it was based in the Cayman Islands but it was in China. It also had an ICO that is now worthless.
Three other exchange CEOs allegedly disappeared
The media in China have reported that the CEOs of three additional digital currency exchanges recently disappeared with the USB sticks that hold the digital currencies of their customers.
Another digital currency exchange in China notified its consumers that, without their consent, it was converting their digital currencies into its own exchange ICO; in other words, it was cashing out the Bitcoin and more valuable digital currencies owned by its customers and replacing them with its own exchange coin, so that the exchange keeps the valuable liquid digital currencies and consumers get illiquid less valuable exchange coins, the legality of which seems highly questionable and seems to be an illegal conversion.
Social Media Crackdown
And finally, you may have heard that Binance and Huobi’s Weibo accounts were closed or that their offices were allegedly raided in Shanghai around the time of the warnings that were issued by several government agencies in China. In fact, there was a bit of a Twitter storm involving Binance because it was reported that Binance’s Shanghai office had been raided, which Binance denied.
So, what did happen?
Well Binance’s co-founder said on Weibo that China came to them in advance of the November crackdown, and that they were no longer in China by the time the warnings were issued and the crackdown started. For Binance, it seem like they were given a heads up, which is entirely possible if a company has a good relationship and a transparent dialogue with Chinese government officials.
I’ve heard the same thing from a China digital currency exchange actually located in Canada.
Many tech and AI companies from China continue to have a presence in China for survivability, revenues and access to Chinese tech university talent while operating in secondary offices under the radar in Canada. All they do is bring in the tech and AI talent from China and the crypto space is no different.
In summary, what is the outlook for China?
It looks like the landscape in China has changed for digital currencies and exchanges, as well as for mining. China has put the community on notice that it’s has zero tolerance for crypto activities that are pursued outside of regulation.
For Canada, which is a recipient of vast sums of digital currencies imported into the country from China in violation of currency control laws, we will likely see an uptick in transactions that move money out of China to Canada, and then it may subside and move underground.
I don’t think we’ll see a large impact on mining, because Inner Mongolia was not a large center of mining operations to begin with.
With respect to prosecutions, China does not publicize all of its criminal trials and so we are unlikely to have much information on the prosecutions of those arrested in this wave of crackdowns.
Interestingly, though, under Chinese criminal practice, if those who are being prosecuted return the digital currencies back to the government, they face much less severe sentencing, so we may see some of the US$3 billion that is missing make its way back into China through crypto transactions on the Blockchain for sentence reduction.
But I think there’s more to come from China on the law enforcement side mostly involving exchanges, and if so, it will happen before the Chinese New Year.
The US Attorney for the SDNY, together with the FBI yesterday announced the arrest of Virgil Griffith, a cryptocurrency advisor, in connection with technical services he allegedly provided to educate the Democratic People’s Republic of Korea (“North Korea”) on sanctions avoidance and money laundering. Griffith was the subject of a criminal complaint filed on November 21, 2019, that was unsealed upon his arrest.
The US Attorney General alleges that Griffith provided highly technical information knowing that it could be used to help North Korea launder money and evade sanctions, and in so doing, put the US financial system at risk. Part of that technical education allegedly took place at something called the Pyongyang Blockchain and Cryptocurrency Conference that was held in North Korea.
He was denied permission to travel to Korea but went anyway
The sanctions in respect of North Korea are in respect of concerns over the proliferation of weapons of mass destruction and terrorism. The unsealed criminal complaint says that it is unlawful for US citizens to travel to North Korea, and despite that, Griffith went there after being denied permission by the US government to do so, and outright disobeyed instructions from the US State Department.
It is alleged that Griffith informed attendees at the Conference that Blockchain and digital currencies could be used to achieve independence from the financial system and circumvent it, including discussions in respect of mining digital currencies.
Allegedly he acknowledged sanctions avoidance
The FBI extracted his cell phone information and therein, he is alleged to have said that the interest of North Korea in his expertise was probably sanctions avoidance and later, sent digital currencies to North Korea despite sanctions in place.
Griffith was a math and science whiz, who, according to this article, considers himself a super hero in the computer sphere, who has invented a number of technical firsts.
Blockchain used to defeat the rule of law
The concern of digital currencies and mining being used for sanctions avoidance is not new but has been growing recently. For example, there are concerns that Iran (through mining) and a self-proclaimed state in the Ukraine (the PRIZM coin owned by Aleksei Muratov), may be engaged in sanctions avoidance, as well as Venezuela (the Petro coin). The Petro coin uses NEM, which is supported in Canada in terms of transactions by a Vancouver digital currency exchange, which would allow sanctioned transactions to be cashed out in Canada. Venezuela said it sold $5 billion of the Petro coin around the world and then its ICO website went dark and remains offline.
The US government has, on several occasions, issued guidance and advisories, and expressed concerns to the digital currency ecosystem about the use of digital currencies to circumvent the rule of law, including sanctions law and has also put the community on notice that the sandbox days of ignoring the rule of law are over.
The Kharon Brief has an interesting article here about Aleksei Muratov (Алексей Муратов), also spelled Aleksey Muratov, a Russian foreign national who is on the US OFAC sanctions list here, who founded, launched and owns an initial coin offering called PRIZM.
More surprisingly still, despite sanctions law, correspondent banking law, and bank contractual arrangements that prohibit dealing in assets, however indirectly, of OFAC sanctioned persons, or of using the financial system in respect of those assets, PRIZM is listed on a few digital currency exchanges around the world. Not only can a person buy PRIZM on those exchanges, other exchanges have website posts that encourage the public to buy Bitcoin or Ether through them to enable them to buy PRIZM, irrespective of the law.
He’s also chairman of the Donetsk People’s Republic, which the Ukraine says is a terrorist organization
Muratov is the Central Executive Committee chairman of the Donetsk People’s Republic, a self-declared sovereign state seeking independence from the Ukraine. The Ukrainian government says the organization is a terrorist organization. According to an official investigation conducted in the Netherlands, Donetsk People’s Republic operatives fired the missile that downed the Malaysian Airlines flight MH-17, killing 283 passengers on board.
The PRIZM coin has a white paper for investors. It explains that the purpose of its digital currency is to move money anywhere in the world. It promises returns of up to 9.9% for mining via “proof of steak” (presumably they mean “proof of stake” and not the meat product). The coin is popular and does have a Blockchain explorer, which shows peers validating transactions – most have IPs from Russia, Kazakstan and Germany. Its Instagram account promises that by using PRIZM, a user can avoid financial crime laws altogether – it says no identity is collected or required, and it is completely anonymous. It goes so far as to say its transactions are also anonymous and a user can move money anywhere on the planet in seconds.
PRIZM’s promoter is the founder of the defunct WEX exchange, which has US$450 million allegedly missing
PRIZM is being promoted by Dmitriy Vasilyev, the Russian national who co-founded the World Exchange Services (WEX) digital currency exchange in Singapore, where the AML laws are lax. The WEX rose from the ashes of the BTC-e digital currency exchange, shut down by the FBI in conjunction with the Canadian darknet site AlphaBay. At that time, they launched an ICO, the WEX ICO, possibly to acquire users from the former BTC-e. More recently, Vasilyev was arrested in Italy in connection with WEX. The WEX ICO is no more.
The other co-founder of WEX, Alexei Bilyuchenko (who was an admin of BTC-e), alleges that WEX lost US$450 million because Russian agents from the Federal Security Service forced him to hand over the Trezors holding all of the pooled digital currencies of the exchange and of its customers, as well as the passwords. Part of what he alleges doesn’t make sense because he also alleged that it would take two weeks to transfer the digital currencies in the Trezors to the Russian agents. It doesn’t make sense because if a person has the Trezors with the passwords, he or she has the digital currencies.
PRIZM is tied to anti-vaxxers
The PRIZM coin has a political agenda, beyond the fact that its founder is a leader of the separatist Donetsk People’s Republic. The PRIZM coin is promoted as an “activist” coin on its social media accounts, affiliated with an organization called Change The World (CTW). It is an anti-vaxx organization, calling for an end to all vaccinations globally. Proceeds from buying PRIZM coins go to anti-vaxxers. They also support the Donetsk People’s Republic.
PRIZM founder says ICOs can bypass sanctions and joins ceremony burning US currency
That PRIZM may have been created in part to move money to avoid sanctions is suggested from comments Muratov has made. For example, on Twitter below, he suggests digital currencies can be used to bypass US sanctions. He also runs PRIZM mining farms, creating his own stash of PRIZM coins that he can convert to Bitcoin or cash out on any exchange.
In another possible sanctions statement, people from CTW with Muratov (in the grey hooded jacket), held a ceremony for PRIZM which involved the burning of US dollar bills; whether fake or real is unknown.
And a few months ago, an orthodox priest blessed PRIZM.
Both groups (PRIZM coin and CTW) held a black tie ball for their so-called activists in Russia, and used pictures of Hollywood movie stars and a famous model in the video to suggest they attended the ball (and ergo support PRIZM). None of the movie stars or models in their video attended the event.
Ties to Ponzi scheme called MMM
News articles that interviewed Muratov allege he is a nuclear engineer and was the Head Engineer of the Kursk Nuclear Power Plant in Russia for ten years, a post he left to go into politics at 24-years-old, which would mean he was the head of the nuclear plant’s engineering at 14-years-old, which means he entered university at 6-years-old.
In Russia, he was the deputy of the Kurchatov City Duma and later moved to India where he was associated with a Ponzi scheme called Mavrodi Mondial Moneybox (MMM). He was arrested in India in 2013 in connection with MMM. Allegedly, Russian consular officials in India assisted him to flee to Russia to avoid prosecution for MMM.
MMM was a Russian Ponzi scheme that had three or more iterations. The first iteration was started in the 1990s by a Russian named Sergey Mavrodi, as an investment fund that promised returns of 3,000% to investors. Investors lost over US$1 billion (equal back then to 1/5 of the central bank’s reserves) but despite the losses, part of the Russian population continued to support Mavrodi. Mavrodi admitted MMM was a Ponzi scheme but said it was, in his view, a virtuous one. Here, after he is released from prison, he admitted that Russian investors were illiterate and did not know what they were giving money to him for, and that he put most of the money in beneficial ownership arrangements (in shares of other corporations held in the names of other persons for him) and had no intention of paying the US$1 billion back.
The Mavro ICO
The later iterationinvolved Bitcoin payments. It launched after the death of Mavrodi. It had its own digital currency called the Mavro (named after Mavrodi). One Bitcoin was equal to one Mavro. To acquire Mavro coins, a member had to first help another person by sending them Bitcoin, and once a person sent Bitcoin, he or she would get an equal amount of Mavro sent to a wallet plus 30%. And if they promoted MMM on social media, they could earn more Mavro. Many of the Ponzi participants had accounts on BitcoinTalk where they solicited payments in Bitcoin. The Mavro appears to have been capable of being used for nothing and in essence, it would appear that members were just sending Bitcoin away to strangers and getting nothing in return except access to a wallet that held a certain balance of Mavro coins.
At its peak, the iteration of this MMM scheme circulated more than US$150 million dollars a day. The scheme was a a zero-sum investment model, in which one person’s loss was another’s gain. The Ponzi scheme took money from victims in over 80 different countries, mostly from India and Indonesia but transactional analysis showed that much of the funds stayed in Indonesia, suggesting the funds are parked there and scientists found that a large portion of the proceeds of crime from the Ponzi scheme went through digital currency exchanges.
Muratov does not downplay a role in MMM or his admiration for Mavrodi. They are promoted on the CTW blog here, which alleges that MMM and Mavrodi were responsible for the growth of digital currencies in the world and the blog promises to continue the work of Mavrodi with MMM.
MMM is starting a new iteration with a new website for the coin, with a promotional video explaining how the Mavro coin was founded by Mavrodi after his incarceration, and extolling the virtues of MMM. It’s basically a commercial about how Mavrodi was a hero for taking a US$1 billion from Russians under the MMM banner and how the Russian government stole all the money (so Mavrodi couldn’t pay anyone back).
The theory that the Russian government is allegedly forcibly taking assets when they go missing is a new recurring theme advanced by some Russian digital currency people (Mavro coin; WEX coin; WEX exchange), who seem to be interconnected.
Financial crime risks
Despite the heightened financial crime risks arising from, among other things: the sanctions listing; the connection to a separatist state engaged in terrorist-related activities blowing up critical infrastructure for political purposes; the downing of MH-17 that killed hundreds of people; the ties to the MMM Ponzi scheme; the ties to BTC-e, AlphaBay and WEX; PRIZM continuing the work of Mavrodi with MMM; and the ability to use PRIZM to send money to any person anywhere irrespective of whether they are on a prohibited list, a digital currency exchange in Canada posted guidance showing how it will conduct financial transactions for users to buy and sell PRIZM.
Canadian ICO founder arrested; investors all over the world may be out at least $80 million
A Canadian from Montreal, Quebec, named Aziz Com Mirza, was arrested in Dubai on October 27, 2019, and is chilling in the Al Awir jail, on allegations of running a Ponzi scheme. Mirza founded a Canadian initial coin offering (“ICO”) which has since gone offline and investors of the digital currency say they are unable to get their investment back. According to information Mirza himself released, he got US$60 million from pre-ICO sales alone.
The ICO, called HabibiCoin, was pitched by Mirza as the first digital currency in the world created by the rules of Islamic finance, and was marketed specifically to the Muslim community in the US, Europe, Canada and the Middle East. Mirza called it the “Bitcoin of the Middle East”.
It was sold to the public online for $0.05 a coin from April 2018 until December 2018. It accepted Ether for payment and it also paid promoters to pump it on Telegram, Twitter and Instagram, which is a scheme common in the ICO space whereby people act in an investor relations capacity, encouraging the public to send investment funds and are paid commissions in return for investments they successfully pump. Such pumping of investments, even ICOs, is contrary to the anti-fraud and anti-touting provisions of the federal US securities laws and related rules.
According to Mirza, funds raised from the HabibiCoin would be used to buy and develop real estate and thus by owning HabibiCoin, investors would own a real estate interest presumably managed by Mirza that would pay them 15% – 25% commission on their investment (see Howey Test here and how this fits in the investment contract matrix).
The Com Man promised the coin would never go down. It went to zero
The white paper represented that the HabibiCoin was “asset backed”, e.g., backed by existing real estate, which Mirza represented, made it “more stable” than others. He promised investors in the white paper that the price of the HabibiCoin could never go down in value because of its alleged asset-backed nature.
But the HabibiCoin did go down – it is now worth $0.
It appears that the Ether sent to buy HabibiCoin by investors was never converted into the so-called HabibiCoin, and nor was the digital currency listed on any exchange. Mirza represented in the white paper that upon investing, an investor could see in his or her Habibi wallet, the amount of coins invested. That didn’t happen either – there was no Habibi wallet created.
To sell the ICO, Mirza alleged he was a serial entrepreneur but this article says he is a serial scammer (see this article in the Gulf News) with over 50 investors who went public with stories of how they were duped into giving Mirza money for the ICO and for various alleged Ponzi schemes.
Investment clubs to ‘get rich quick’ ended in quick devastation for investors
One of the schemes was an investment club operated by Mirza and allegedly his brother, Rafaqat Mirza, aka Rocky. Over 300 investors say they were duped into investing £5,000 each and another 1,200 say they invested between £15,00 and £25,000 each, to join the club to learn how to get rich quick.
Instead, they say they went broke quick and the £20 million raised under that networking scheme evaporated partly allegedly into a shell company controlled by a third Mirza brother in Dubai.
A shell company is a corporate entity set up by corporate lawyers in what are called money laundering havens, where financial institutional compliance is known to be lax, such as Dubai. In a shell, the directors, officers and shareholders are fake to enable the corporate entity to open a bank account to move money without traceability back to controlling persons.
Where did the millions go?
Where did the money go?
Aziz Com Mirza was at least transparent about that it seems. He took to Instagram and painstakingly showed the world his lavish spending lifestyle before his account went dark.
Some of the money appears to have gone to allow him to live in the expensive 160 story luxury Burj Khalifa condo building in Dubai. Some of the money went towards diamond watches, a garage full of the world’s most expensive fast cars, and private jet trips.
Tracing the money on social media
I can show you where some of the money appears to have gone according to the Com Man’s social media trail, below.
One of the world’s most expensive buildings – here is a short video of Aziz Com Mirza driving visitors to his home in Dubai:
3. Fast supercars – here he is in one of his Ferraris explaining that ‘dream chasing is nothing more than the science of chasing your dreams’. Investors paid him millions of dollars to hear investment catch phrases like that and learn how to be rich like him:
But one Ferrari wasn’t enough. Here are three in his garage in Dubai:
And why stop there – he also has Bentleys and Rolls Royces:
4. And then there are trips on yachts and private jets:
5. And wait, he has a horse called Sultan:
Dreams of making the world a better place
Aziz Com Mirza wrote on Instagram that he had developed an “inner superhero”. In addition to soliciting funds for his ICO and network clubs, he solicited funds to allegedly feed millions of starving people in India every year. I heard from one Canadian who gave him thousands of dollars to feed the poor. He explains, below, from the comfort of a US$500,000 Rolls Royce how he wants to leave the world better than he found it:
There are three other Canadians who helped sell, promote or pump the HabibiCoin; one of them is good friends with a Toronto ICO founder and a Toronto anti-money laundering outfit that sells online forms for compliance.
Mr. Mirza has been arrested and charged only at this stage.
I’m working on Part 2 and 3 of The Com Man which will cover the activities of the other Canadians involved in the fund-raising activities.
A number of people kindly sent me information for this story and if you have information, please reach out, especially if you have any of the Ether wallet addresses where investments from the public were sent. The Com Man is part of my financial crime textbook in the works.
The president of Iran, Hassan Rouhani, delivered a speech over the weekend in Iran alleging massive corruption by senior government officials, and claimed that over $700 million is gone that was under the control of the Minister of Petroleum, Bijan Namdar Zangeneh, and a further $2 billion is unaccounted for in foreign countries in another case. He also alleged that the powerful judiciary in Iran is sweeping evidence of corruption by high ranking government officials (politically exposed persons) under the rug.
In his speech, Rouhani talked about the case of Babak Zanjani, who was convicted of laundering $2.7 billion out of Iran, some of it in Bitcoin and sentenced to death in 2016. Not only has Zanjani not been executed but Iranian foreign nationals subsequent to his sentence, shared pictures of him allegedly spotted in Istanbul and Dubai. The $2.7 billion missing is supposedly about 20% of the amount Zanjani removed to other countries. He would never disclose where the money was parked. Zanjani was closely tied to the Islamic Revolution Guards Corps and moved money, in part, for them. Zanjani had ties to Sajjad Alijani, a Bitcoin dealer in Iran. In 2012, he denied he moved money for the Iranian government but in 2016, admitted that was what his business was.
Rouhani accused the government of doing nothing to repatriate the funds Babak Zanjani removed from Iran as a PEP and is doing nothing to pursue another case where $947 million is missing.
His speech was quite unusual, given that the Iranian regime does not usually attack internally. This week, the US Department of Treasury sanctioned IRGC commander Mohammad Bagheri and the new head of the judiciary, Ebrahim Raisi, whose job is allegedly to address massive corruption by PEPs in Iran who have removed funds to other countries.
It’s probably no secret that Iranian PEPS move their money and families to Vancouver, Canada, partly because Canada is a sanctions avoidance safe haven arising from the fact that Canada has not staffed its sanctions enforcement capabilities and there is a belief among some banks that correspondent banking rules do not make them subject to US sanctions law in respect of US dollar transfers.
Interpol convened an emergency meeting a few weeks ago during its annual congress in Chile, to address information about how the Ndrangheta became the world’s largest and most powerful transnational criminal organization, and address strategies to counter their continued position of power.
With operations in 30 countries, and its controlling families in Toronto, the Ndrangheta has become the main drug trafficking organization in the world, with ties to Mexican and Columbian drug cartels. For quite a number of years, the Ndrangheta have controlled shipping ports in a number of countries to enable drug movements.
Italian journalists traveled to Toronto, Italy and Hong Kong to explore the growth of the Ndrangheta globally (a clip here), which is available to read on the La Republica website here (paywalled).
Canadians among top users of seized darknet drug and weapons site
The Italian Guardia di Finanza has arrested three individuals in Italy who are alleged to have operated the darknet site on TOR called the Berlusconi Market.
The Berlusconi Market had over 100,000 illegal goods and services listed for sale such as illegal drugs, fake ID products, guns, explosives, child pornography, stolen credit card numbers and stolen bank account credentials. Its three main countries of customers were US, Canada and Australia. It accepted only Bitcoin, Monero and Litecoin for payment.
Canada is one of the leading jurisdictions for the operation and use of darknet marketplaces, and appears to be the only country in the world with a digital currency exchange (in Vancouver) that facilitates Bitcoin trades on TOR for users in any country in the world, including Iran, irrespective of sanctions.
One of the top vendors, for example, on the Berlusconi Market was a vendor named “ming-dynasty” in Canada.
Teenage computer engineering student was darknet mastermind
The Berlusconi Market was shut down by the police. Its mastermind was allegedly a teenage computer engineering student named Luis di Vittorio, who is 19-years-old.
In May 2019, Italian police arrested a prolific user of the site and seized 2.2 kg of cocaine, ketamine, and MDMA and 41 Bitcoin. The user was also an admin on the Berlusconi Market, which led to the arrest of the other admins.
In addition to Luis di Vittorio, Giannicola Ruscino and Gianluca De Martino were also arrested on allegations that they are the co-owners of the site. Berlusconi Market processed $2 million in transactions per year, a low amount compared to the Canadian owned darknet site that operated for several years in Quebec.
Money laundering “bank drop” services for sale
The Berlusconi Market even listed for sale the services of vendors all over the world who would conduct what are called “bank drops”, which are money laundering services whereby the proceeds of crime are dropped in bank accounts for a third party for a commission in order to obfuscate the source and the movement of funds.
As the investigation unfolds, it will be interesting to see who in Canada offered for sale or bought “bank drop” money laundering services. Considering the connection to Italy, it may be safe to presume those services were Toronto-area based.
Bitcoin digital currency exchange used by darknet site seized
During the operation, commercial premises of a digital currency exchange were seized in Barletta, Italy, which the admins presumably used to buy and exchange Bitcoin. Darknet operators and its users ultimately must exit out through a digital currency exchange in order to cash out and so they tend to have several accounts at multiple digital currency exchanges to spread the risks across countries and areas. One of those is always, according to known typologies, in their real name.