A Canadian has been charged in the US with being an ISIS fighter, as well as providing material support to ISIS and producing, editing and disseminating ISIS material for approximately five years. He is alleged to be the narrator in some of the more gruesome ISIS videos of beheadings.
The Canadian, Mohammed Khalifa, was captured overseas by the Syria Democratic Forces in January 2019, and was recently transferred to the US. The Affidavit in support of the criminal complaint which sets out the allegations, is here.
Khalifa is also alleged to be aka Abu Ridwan Al-Kanadi and Abu Muthanna Al-Muhajir. The Affidavit in support of the criminal charges deposes that Khalifa swore an oath of allegiance to ISIS’ former leader, al Baghdadi (now deceased). He is alleged to have sent emails to a number of relatives, explaining that he went to Syria to do jihad (e.g., kill people). He said in a media interview that his work with ISIS, including the decision to travel to Syria to join ISIS, was done knowingly.
With respect to ISIS’ beheadings of aid workers and journalists, Khalifa essentially said that “a kuffar is a kuffar” and being a journalist or aid worker does not change their kuffar blood.
A kuffar is a derogatory term to refer to a non-believer.
The videos and PR material that Khalifa worked on were studio-quality with offensively-crafted content intended to recruit like-minded persons to renounce citizenship and join ISIS and/or commit terrorist acts in their home countries, and to shock and instill fear.
This tweet (below) which links to an ISIS video of a very young boy murdering an adult with the caption “kuffars are gonna rage”, appears to capture the essence of the media and PR machinery of ISIS.
The Syrian Defense Forces which captured Khalifa is comprised of members of the Kurdish People’s Protection Group, including the YPJ, the all-female division that played a material part in the defeat of ISIS. The YPJ was responsible for the capture of many of the men of ISIS and took control of them pending international resolution on the prosecution of terrorist foreigners in Syria and Iraq.
Other terrorists with ISIS have been sent to the US for redress in respect of the harm they caused as members of a terrorist group, and in those cases, there were legal issues raised in respect of the use of MLATs and the so-called prosecution by MLAT legal theory which is unlikely to arise in this case.
A lot has been written about Ponzi schemes, but did you know that the Ponzi scheme seems to have had its genesis in Canada? Since this December is the 101st anniversary of the conviction of Charles Ponzi, its probably a good time to explore the Canadian side of the world’s most famous securities fraudster.
Ponzi scheme defined
What is a Ponzi scheme?
There is no settled definition of a Ponzi scheme but the most relied upon definition is a financial fraud that induces investment by promising returns, usually in a short time period, from an allegedly legitimate business venture where proceeds from new investors are funnelled to previous investors from the alleged business venture, cultivating the illusion of legitimacy and inducing further investment (Donell v. Kowell, 533 F.3d 762 (9th Cir. 2008)). Ponzi schemes are presumptively insolvent from inception, as a matter of law.
CarloPonzi immigrates to US
Charles Ponzi was born in 1882, in Italy as Carlo Pietro Giovanni Guglielmo Tebaldo Ponzi. He immigrated to the US in 1903, landing in Boston.
Once in the US, he moved from job to job, unable to stay with one employment for very long. Possibly as a sign of things to come, he was fired from a job as a waiter after he was caught shortchanging customers when they paid their bills.
Ponzi moves to Canada
In 1907, he moved to Montreal, Canada, after learning that another Italian immigrant in Boston named Luigi Zarossi, had moved to Montreal and was running his own bank, the Banco Zarossi. Ponzi changed his name to Carlo Blanca, tracked down Zarossi in Montreal, and convinced him to give him a job as a teller at the bank. Ponzi was quickly promoted to bank manager.
Zarossi and Ponzi operated the bank more like an investment company than a deposit and savings institution. They solicited deposits from Italian immigrants, promising them 6% interest on deposits, when other banks were paying significantly less. They also offered remittance services to Italian immigrants, facilitating the sending of funds from Montreal to Italy.
Early Ponzi affinity-based fraud
The bank ostensibly grew as an increasing number of immigrant Italian customers opened accounts and left funds on deposit, but its growth and success was an illusion because instead of sending out remittances and managing customer deposits, the funds were going into Zarossi’s pocket. In the early days, when customers came to make withdrawals of their principal plus the 6% in promised returns, Zarossi and Ponzi repaid them with money from newer customers (the Ponzi scheme in operation). Word got around the Italian immigrant community that they made good on their promises and that generated more customer deposits into Banco Zarossi.
And thus Ponzi learned from Zarossi how to master what we now call affinity frauds, through existing social networks. In that case, the social network was the Italian immigrant community. By targeting Italian immigrants, Ponzi and Zarossi had instant trust and proximity to the victims. Ponzi also learned in Canada, how to master the type of fraud that would later bare his name.
All Ponzi schemes have to collapse at some point because of the fact that they are insolvent from inception and in 1908, the Banco Zarossi was collapsing because depositors could not be paid back. Zarossi took off to Mexico with a suitcase full of cash. Ponzi blamed Zarossi for the scheme and the disappearance of customer funds. One bank employee committed suicide and another disappeared, presumably killed.
A few months later, Ponzi forged a cheque of a former customer of the bank, made out to himself using a third name, “Charles Ponsi”, and cashed it. He was caught and charged under that name.
He was convicted and sentenced to a term of incarceration of three years in Quebec, under another fake name, Charles Bianchi. While in prison, he wrote to his mother in Italy and explained that he was working as an assistant to a warden at a Canadian prison, hence his address at the St. Vincent-de-Paul prison.
In 1911, he was released from prison.
Ponzi returns to the US
That year, Ponzi decided to return to Boston and within a week of his release from prison, he crossed the border into the US with 5 Italians whom he was attempting to smuggle into the US illegally. He was charged, convicted and sentenced in the US to a term of incarceration of two years.
Ponzi was released after 25 months, and after his release, he took odd jobs for a number of years in New York City, Alabama and Florida.
In 1917, he returned to Boston and took a job as a store clerk. He met his future wife, Rose Gnecco, on a streetcar, and they were married in 1918. Ponzi took over a grocery business owned by his father-in-law and managed to run the business into the ground in less than a year.
Ponzi’s coupon scam
Broke, with mounting debts, Ponzi tweaked the Montreal formula pulled off with Zarossi and went into business for himself in Boston, selling Italian immigrants shares of a business (in the form of notes that evidenced the securities) that allegedly provided arbitrage opportunities over the discrepancy in prices of International Reply Coupons (“IRC“).
IRCs still exist – they are physical pieces of paper with a certain monetary value attached to each one – in the 1920s, the amount was about 5 cents.
Ponzi told investors that he was buying IRCs overseas and cashing them in the US, where the rates were better, making an alleged profit on each IRC purchased.
Ponzi promised investors a return of 50% in 90 days. When investors sought to cash out, Ponzi sweetened the deal to keep them on, promising them a 50% return in 45 days. Similar to the Montreal banking scam, he used money from new investors to pay out the old. The first few customers were paid back with the promised returns, to convince future investors that the scheme was legit.
Pulling in millions per week
Ponzi was wildly successful luring in investors to give him money. By March 1920, people were lining-up down the street where his office was located, to drop off cash to invest. He was pulling in US$1 million per month. By June, 1920, he was pulling in US$1 million per week and was sitting on a fortune.
But it was a scam. For one thing, if the investments were legitimate, it meant that Ponzi was buying IRCs in Europe and having them shipped, physically, to the US where they would be cashed out. According to the US Postal Service, it would have required ships the size of the Titanic to be filled up with IRCs for it to be true. For another thing, it would have required a large number of employees and agents all across Europe to buy and ship the IRCs to the US, which Ponzi did not have.
As the money rolled in, Ponzi began to spend on a lavish lifestyle, moving to a 12-room mansion, buying luxury watches, the latest fashionable clothing, and luxury cars. The Boston Globe reported that he had a massive imported scotch collection in the cellar of his mansion that was worth more than the house itself. It could be that Ponzi intended to sell it, because in January 1920, the Volstead Act came into force, ushering in prohibition. In December 1920, however, when the receiver published the assets of Ponzi’s company and of Ponzi’s personal estate, the scotch collection was absent.
By July, 1920, Ponzi claimed to be worth US$8 million, about US$110 million today. He was so flush with cash, he bought a bank in Boston.
Then towards the end of July 1920, an investor in Boston filed a lawsuit for US$1 million against Ponzi, for an alleged debt and the Boston newspapers ran a story about it.
Run on the bank
That caused a flood of customers to visit Ponzi and ask for their money back, and for investigators to start to ask questions. There was a run on Ponzi’s company and the bank Ponzi acquired, for over a week during the first week of August.
During that time, Ponzi made numerous untrue statements to keep the con alive. For example, he fabricated a telegram to show a reporter that a fictitious bank in Canada called Levtur Canadian Bank, was sending him US$7,000,000. He did, however, pay investors who lined up back their principal during that first week but not without suggesting that they were going to lose out on big returns by cashing out early.
During the run on the money, Ponzi alleged that he had a secret winning formula to make money, and that a French organization had offered him US$10 million for his “secret”. He also informed investors and reporters that he had more than enough money in banks all over the US to pay every investor back.
His ego was not small for he once told the crowds swarming his office that he was the 3rd greatest Italian in the history of the world.
On August 12, 1920, the Boston Globe revealed that Ponzi was a former convict from Canada, who was tied to a previous similar scheme at the Banco Zarossi in Montreal, and had been convicted in Canada and the US for various offences.
The next day, Ponzi was arrested. The US Attorney General’s early calculations estimated that he owed investors US$5 million, equal to US$40 million today.
Ponzi was charged with mail fraud.
After he was arrested and in order to deflect, Ponzi gave a certified statement to the Court alleging that a number of other people were responsible for the loss of investor funds, outright lying. The US Federal Court ruled, as a preliminary matter, that Ponzi was a one-man fraud show. Mr. Justice Morton called Ponzi’s statement blaming others for his actions “false and fraudulent”.
In the criminal complaint, the US federal government alleged that Ponzi falsely represented to investors that his company was in a position to repay them their investment funds whereas in truth, he was not in a position to repay each investor; it was also alleged that he fraudulently represented that he was in the business of trading in IRCs, which enabled his company to make large returns of profits, knowing that that was untrue.
On August 15, 1920, the Boston Globe published a story in which the US Postal Service was quoted as explaining that from 1907 to 1920, the value of all IRCs issued in the entire world was only US$1,349,235, and therefore Ponzi could not have bought US$5 million worth of IRCs and the scheme could not be legitimate.
Several banks collapsed in the aftermath of Ponzi’s arrest and tens of thousands of investors received only 30 cents for every dollar invested.
Ponzi was convicted on federal charges of mail fraud and later, he was convicted on state charges of fraud. He was released from jail in 1934, and deported to Italy.
How did Ponzi and Madoff do it?
A number of academic studies in criminology have drawn parallels between Ponzi, Bernie Madoff and other Ponzi schemers to explain how come people fall victim to Ponzi schemes. Madoff was an American fraudster and financier who ran the largest Ponzi scheme in history, worth about US$64.8 billion in 2009.
Among the common features between Ponzi schemers, are that they are ‘trust violators’. They inspire trust among investors to such an extent that investors fail to apply rational decision-making or to conduct due diligence before investing, and then the fraudsters breach that trust.
Using social network analysis, academics have looked at the exploitative and deleterious effects of socially embedded networks and transactions used by Ponzi and Madoff, finding that both excelled at constructing and maintaining socially embedded networks for proximity between them and the victims, in essence perpetrating sophisticated affinity frauds.
Because this type of fraud is carried out through embedded networks, investor education programs advising investors to be weary of “too good to be true” investment schemes tend not to be effective.
Ponzi and Madoff both relied on culture, religious, social and family connections to launch their frauds, and those close knit groups remained oblivious that they were being defrauded until the very end.
The same is true of the Bulgarian-based OneCoin and the Canadian HabibiCoin founders from Montreal, both of whom used networks tied to Islamic finance and MLM techniques, and of Miami-based Scott Rothstein, who used the legal community, to run Ponzi schemes that were affinity-based. Finico, the alleged Ponzi scheme using Tether in Russia, is another recent example of using Islamic finance and affinity groups to scam investors.
Another well-known Ponzi scheme orchestrated by Sergey Mavrodi in Russia used affinity techniques to lure in poor investors en masse by projecting himself as the little guy against the state. In later iterations, Mavrodi (and those who continue his Ponzi scheme) used MLM techniques to lure in investors in Nigeria, India and Indonesia, and later, using the fake promise of the alleged financial freedom allegedly achievable by the fake Mavro Coin and Blockchain.
You can read about the Mavrodi scheme and its ICO iteration here, and watch their video promoting the Mavro Coin to investors on YouTube.
 A sine qua non of any Ponzi scheme is the repayment to one or more investors by the fraudster. To be a Ponzi scheme, the scheme must, therefore, have evidence of the manufacturing of returns to investors from other investors’ contributions. A fraudulent scheme that takes investor funds in violation of securities law, or which is a financial fraud with no legitimate business venture underlying the activities is not a Ponzi scheme if new investor funds are not used to issue “returns” or a payment to at least some investors.
The source of information in respect of Charles Ponzi was primarily from news articles published by the Boston Globe from 1920 – 1922, whose reporters interviewed Ponzi contemporaneously with the operation, end and prosecution of his Ponzi scheme.
The Securities and Exchange Commission (“SEC“) has filed a complaint against several Vancouver individuals involved in the microcap space, calling them “foreign actors” and accusing them of attacking the US capital markets and US investors using various alleged securities fraud schemes. The SEC says that over US$1 billion in illegal stock sales occurred under the control of a handful of Vancouver individuals in less than a decade.
It’s believed to be the first time that the SEC has used such language and referred to Vancouver market participants as foreign actors attacking the US financial markets.
So while on its surface, this SEC case is about alleged pump and dump schemes allegedly perpetrated by alleged secret control persons in the corporate law sense, it is also about the take down by US law enforcement of professional service providers, more particularly “company service providers”.
Connected cases tied to Vancouver
This SEC complaint ties into earlier SEC enforcement actions against other people in the capital markets, some but not all of which are connected to Vancouver (see, for example, SEC v. Carrillo et. al., SEC v. Basic et al. and SEC v. Knox).
The Canadian defendants in this case are Frederick Sharp, Zhiying Chen, Courtney Kelln, Mike Veldhuis, Paul Sexton, Jackson Friesen, Graham Taylor and Avtar Dhillon. The microcaps whose shares were manipulated, says the SEC, include a Vancouver Bitcoin company called Evolution Blockchain Group Inc., OncoSec Medical Incorporated, Arch Therapeutics Inc. and Vitality Biopharma Inc.
The SEC is seeking a permanent injunction against the defendants, enjoining them from violating the Securities Act and Securities Exchange Act, as well as other relief including disgorgement.
Company service providers
The SEC alleges that Sharp, Chen and Kelln worked at one company (“Sharp Co.”) which provided corporate registry services (e.g., known as “company services providers” under the FATF Recommendations as part of DNFBPs).
“Company services providers” provide services that involve incorporating and maintaining private companies domestically, and arranging for such services offshore with other company services providers in offshore jurisdictions. Company service providers, materially, control corporate records and they not only create the paperwork to evidence the officers and directors of private companies, they control its anonymity (or not).
The FATF Recommendations require that such persons be registered under AML law but Canada decided to exempt the regulation of company service providers under the Proceeds of Crime (Money Laundering) Terrorist Financing Act because they took the position that company service providers were not material in the money laundering ecosystem in Canada.
Threema and secret communications; secret control persons; secret promoters
The SEC alleges that Sharp Co. employed the use of cellular phones it called “xPhones”, which were cellular devices which operated on an encrypted network. That network appears to be Threema, which promises a guarantee of encryption of messaging. Sharp Co. also, the SEC alleges, acted as what appears to be an unregistered money services business, exchanging funds and moving funds around for clients.
Dhillon is described as a super control person and an insider, who appears to have controlled the control persons.
The SEC says that they used a paid promoter named William Kaitz. He allegedly promoted the stock of the issuers that the control persons allegedly dumped after such stock had been pumped up to artificially high prices. He is also alleged to have concealed the identity of the entity that paid for the stock pumping services. Sharp Co. allegedly provided Kaitz with one of the xPhones for what they believed would be secret communications.
James Bond culture
The defendants had a thing for James Bond.
The leader of Sharp Co., Fred Sharp, used the code name “Bond”, as in 007 for himself, and described his firm’s services as comprehensive and which included payment processing, loans, private placements and “keeping clients out of jail.” He appears to have written a book of fiction in 2003 and has an IMDb profile. The Facebook page of one of his children has “007” as part of the profile name. Sharp’s company services provider entity was called Corporate House, operated out of Vancouver. It was one of the largest clients from Canada of Mossack Fonseca, the law firm in Panama that melted down after the Panama Papers.
The SEC alleges that Sharp found front people and front companies for the scheme. One such front person was his wife’s tennis coach in Vancouver.
Along the James Bond theme, the SEC says that Sharp set up a secret accounting system called “Q”, allegedly to track the proceeds from the illegal sales of securities. Q also allegedly tracked the fees and commissions payable to Sharp Co. for alleged obfuscation and other professional facilitator services. The encrypted communications and Q were hosted on servers in Curaçao because Sharp believed that Curaçao was beyond the reach of US law enforcement. He was wrong – pursuant to an MLAT, the FBI obtained mirrored copies of Q and the xPhone communications from Curaçao.
The SEC alleges that from Vancouver, Sharp’s associate Kelln, hired a number of lawyers – not of the issuers but of the Vancouver nominee shareholders – who allegedly wrote false opinion letters opining that shares of the microcap issuers were unrestricted, when they were not.
One of the issuers, Evolution Blockchain Group (formerly Garmatex Holdings Ltd.), did a pivot from allegedly making bras and allegedly being a supplier of fabric to the global brand ASICS, to become a Blockchain company during the ICO hype. It is headquartered, and during the relevant time operated from, Vancouver even though incorporated in Nevada. Its president is or was a geologist in Ontario named Lawrence Stephenson. Although allegedly supplying fabric for bras and ASICS, no material contract was filed on Edgar or Sedar.
According to its filings on Edgar, it bought a Bitcoin gambling payments website and Bitcoin gambling software from Canada, from 10604496 Canada Inc., whose shareholders are disclosed on Edgar as including Dominic Dos Santos, Bradley Rowe, Naeem Kassam, Randy Bunka, Deam Stambolich, Tony Marziliano, Richard Lonsdale-Hands, Crystal Casey and Junior Kofi Ofori. The assets were purchased in April 2018, although the company was only incorporated a few months earlier.
Drive Coin ICO
Evolution Blockchain also launched an ICO from Vancouver called “Drive Coin” (as in driving a vehicle), and provided online crypto lending, according to its website.
A boiler room in Colombia cold calling to sell stock
According to the SEC, at the beginning of March 2017, one of the secret control persons of Evolution Blockchain paid a boiler room operator in Medellin, Colombia, to call US investors to promote the stock of Evolution Blockchain. They also launched an email campaign to promote the stock and then hired a promoter in Canada to pump the stock.
When the stock was shooting up, the issuer filed a press release on Sedar stating that it was unaware of anything that could account for the increase in its market activity. That pump and dump, the SEC says, resulted in US$7 million in illicit proceeds just for the one secret control person but that same person collected US$75 million from the fraudulent trades of securities over the course of nine years, says the SEC.
Another stock that was allegedly sold at the Colombian boiler room was PureSnax International Inc., now IQST, which is an issuer in Florida that allegedly sells FinTech, Blockchain, and electric vehicle services, as well as operates a digital currency exchange, it says. Previously, it allegedly manufactured healthy snacks according to its Edgar filings with one or more Canadian, but reported having no employees or facilities. The other is Oroplata Resources Inc., now American Battery Metals Corporation (ABML), a lithium battery issuer.
The documentary (clips below) by 60 Minutes Australia shows the busting of a boiler room that sold fake securities listed in the US to victims in several countries. In the documentary, the cold callers blame victims of securities fraud for the thefts, calling them “stupid.”
This is called neutralizing – neutralizing theory is used by scholars to explain how securities fraud and other financial crime criminals rationalize their conduct by blaming others for criminal acts they commit. For example, both Charles Ponzi and Bernie Madoff neutralized to law enforcement (and in their own minds) to deflect blame to others for their schemes.
But it isn’t what the boiler room promoters say in the 60 Minutes documentary, so much as their attitude towards the harmed investors that is different.
Watch this clip below from 1:44 to 1:50.
And then watch this part below from 14:54 to 15:40.
In the documentary, one of the interviewees characterizes boiler room securities fraud activities as transnational organized crime, and says that whistleblowers of securities fraud have been killed.
That is true – over ten years ago, David Bains, who was a reporter in Vancouver, reported about a British Columbia issuer listed on the OTCBB, run and promoted by organized crime, where, he reported, five people were killed in Vancouver by organized crime for reporting to regulators that the issuer was engaged in a pump and dump scheme. Fast forward to today and one of those capital market participants is publicly active in the Vancouver microcap space as an executive of at least two issuers, according to Sedar filings.
Fake expertise to pump the stock
Lawyers at the American Bar Association (“ABA“) wrote an excellent law review article looking at penny stock fraud perpetrated against Americans, including from foreign issuers (most of which are in Canada) and, with respect to the creation of fake documents similar to the allegations in this SEC case, the ABA wrote that professional facilitators who work in the microcap pump and dump space who prepare documents for issuers that involve misrepresentations, do so “fully aware of the corporate fiction they are creating”.
The ABA went on to describe a troubling practice of fraudsters who use the names of people who are well-educated and with credentials to give themselves credibility and respectability without the knowledge or consent of such persons.
Bitcoin people, particularly, have often used the names and likenesses of lawyers, law firms, and large global advisory firms without the knowledge or consent of the persons or the firms.
Both the SEC and the OSC have taken regulatory action against Canadian capital markets participants who have expropriated the names or likenesses of individuals without their consent or knowledge on the basis that it is a type of fraud on the market.
Supporting the ABA finding that the fraudulent use of someone’s name happens frequently, a recent case brought to our attention involved a case whereby an issuer in Vancouver took the names of experts of another company and without the knowledge or consent of the individuals involved, posted their likenesses and names on the issuer’s website, alleging they were consultants and/or advisors of the issuer (which was not true) and raised money from US investors relying upon that misrepresentation.
A few years ago, a Bitcoin issuer in Vancouver used the logo of a US federal law enforcement agency on its website and in its pitch deck, without the knowledge or consent of the US federal law enforcement agency, to raise money from investors and only ceased to do so after the US federal agency communicated with the issuer to request they remove the US government logo.
And just yesterday, a Vancouver microcap issuer listed on the OTCBB, whose stock is being promoted via email newsletters as a company that “literally could SAVE LIVES!” by a promoter put the logos of the US Special Operations Command, NATO, the US Department of Defense and the US Marines on its website and in its pitch deck to investors, alleging that each of those agencies were tied to the issuer. According to its Sedar filings, the issuer does not have one direct contract with any US military agency or with NATO.
SEC whistleblower program
With respect to the Sharp and Dhillon case, if there is a silver lining, it may be that some parts of this SEC and DOJ action arose, in part, because of a filing by an American pursuant to the SEC whistleblower program in the US, which speaks to the effectiveness of the program, as well as the trust that it has among the public in its handling of cases that result in helping to protect the integrity of the US capital markets, and this case may be the catalyst that convinces lawmakers to adopt effective trust-based whistleblower laws in Canada where no one is at risk for being a securities law whistleblower.
If you are interested in other boiler rooms cases connected to Canada, you can read this story here about Canadians who ran a boiler room scheme, whom US law enforcement prosecuted, and also refer to the CFTC and OSC cases against Canadians who ran alleged binary options scams from Israel that used boiler rooms to sell the securities.
In 1988, Madam Justice Southin, as she then was, was judging a massive pump and dump case involving microcap issuers that was orchestrated in Vancouver, United Services Funds (Trustee of) v. Lazzell  B.C.J. No. 743, 28 B.C.L.R. (2d) 26.
Although 33 years old, the case should be required reading for capital markets participants for an understanding of the unique typologies of the architecture of pump and dump schemes carried out in British Columbia.
Some issuers in British Columbia have no interest in getting a business going
In the reasons for decision, Madam Justice Southin describes British Columbia promoters as follows, writing (paraphrased):
‘There is a world of difference between the practice of persons promoting a company in which they invest their own money and which they truly intend to make into a successful business and the practice of persons promoting stock as it appears to be carried on by some people in British Columbia. Some promoters have no interest in getting a business going. Their only interest is running up the price of the stock and unloading it on others.’
And so there you have it.
In 1988 and continuing to today, in Vancouver, the game may not always be about running a successful business in the capital markets for some people – it’s about earning revenues from pumping stocks and dumping them on innocent investors.
In this case, Madam Justice Southin quoted a song about the Vancouver capital markets called “Howe Street” that she appears to have heard in a Vancouver theatre about an investor who invested on a tip from a Vancouver stock promoter and got “screwed” when the promoter skipped town.
You may be wondering how they do it – how have they done it for decades?
9 not-so-easy steps to perpetrate securities fraud
Madam Justice Southin describes in the reasons for decision of the case, how such frauds on the market are perpetrated in nine not-so-easy steps:
Control persons operate behind the scenes who call the shots – they never appear on the documents for securities law disclosure purposes so that a securities regulator doesn’t necessarily know that they are involved;
Using beneficial ownership structures and aliases, the control persons obtain control of the issued and outstanding shares;
Appoint what Madam Justice Southin termed a “tame board of directors”, whom she called “monkeys”;
Issue press releases and periodic required disclosure documentation to give the impression of corporate success as well as file material information (or as Madam Justice noted, not file material information that ought to be filed);
Line up a brokerage house “related in spirit to the monkeys”, she wrote, to feed stock through, without questions being asked;
Use a jurisdiction with an under-funded agency with oversight over brokers that lacks resources to detect unusual dealings on the market;
Use Toronto secret undisclosed powerful promoters in the mix whose names never appear in print, who handle or cause to be handled, all of the administrative work for a group of microcap issuers such promoters are promoting;
For some of the issuers, line up mining claims on certain properties which she noted, as is usual with such companies, won’t amount to anything; and
The control persons, as undisclosed insiders, pay to have the stock promoted and cash out when it is high, never filing as insiders.
Liability on other directors of issuers for hidden insiders
In United Services Funds, the defendants were found liable for, among other things, acting as undisclosed insiders. Madam Justice Southin noted that under the Securities Act of British Columbia, the “law considers that investors have a right to know who has control and who is an insider…which are material matters.” (See from paragraph 5 onwards in this article in respect of the role of transparency and disclosure in securities law for issuers, enacted to replace caveat emptor in the public company realm).
She went on to discuss the liability of all directors of issuers in British Columbia who acquiesce in respect of such conduct.
She held that while not every director of every issuer in British Columbia who knows that the material provisions of the Securities Act are being breached by the issuer and/or another person (in this case, a hidden person ostensibly unconnected to the issuer), are themselves guilty of an offense, if their silence in respect of statutory breaches is an act of assistance or their silence in respect of the stock price shooting up for no legit reason tied to a breach of the Criminal Code of Canada is of assistance, such directors may be liable for losses in pump and dump schemes.
In the United Services Funds case, the directors were indeed held liable for losses suffered by investors by the wrongful conduct of the hidden undisclosed insiders and control persons. Their silence was a breach of their duties as directors under the corporate legislation and their silence assisted wrongful conduct to continue.
In essence, where she got to as a matter of the law of acquiescence, was that a breach of corporate law by the on-paper directors led to the not-on-paper hidden control persons being able to commit securities law offenses and enabled Criminal Code violations, and ergo, those on-paper directors were liable for the conduct of the not-on-paper hidden control persons.
Dusting off key 33-year-old case
While United Services Funds remains the law in British Columbia in respect of the liability in the capital markets of directors of microcap issuers who acquiesce or remain silent in the face of market manipulation and hidden control persons, the case seems to have remained buried in the law books.
It might be a good time to dust it off and use it because this is one of the most important cases in securities fraud litigation in Canada.
The case is valuable not just in respect of understanding the unique typologies of the architecture of pump and dump schemes carried out in British Columbia to this day, but also for acquiescence law applied to hold directors of issuers in British Columbia accountable to investors who suffer losses tied to material breaches of the Securities Act, who invest in microcap companies believing that they are investing in a viable enterprise.
Be a real director or be a monkey and get ready to pay
If there is a take-away from this case, it may well be that the message from the Supreme Court of British Columbia is that a person can be a director of an issuer and speak up for compliance with the law when it comes to insiders and hidden control persons, or such a person can be a monkey and get ready to pay investors some serious coin for their losses if things go wrong.
Two months ago, the Alberta Securities Commission (“ASC“) issued an order permanently banning two individuals it called “scoundrels” from the capital markets permanently, together with an issuer that operated a pump and dump scheme.
The individuals are Cem Can (“Can“), a Turkish foreign national, and Charles Michael Miller. The issuer is Bluforest Inc. (“Bluforest” or the “issuer“). The order flows from an ASC decision rendered in August 2020, here. Bluforest’s shares were listed on the OTC Markets in the US, and it was a reporting issuer in Alberta pursuant to 51-105.
The decision is an interesting example of the preparatory nature of securities fraud and the extent to which such activities are organized and transnational.
To illustrate, we created a data set of the legal and natural persons involved in Bluforest Inc. and subsequently converted the data to a geo network, below. It provides a visual representation of the transnational nature of the case.
The ASC decision covers the period of time from late 2010 to November 2013, and is closely related to a superseding indictment of numerous Canadians in the US for money laundering and securities fraud as part of a FATCA case.
Superseding indictments in the US
That superseding indictment was filed in the EDNY in July 2015, charging Cem Can and several Canadians from British Columbia – Gregg Mulholland, Philip Kueber, Paula Psyllakis and Brian De Wit – as well as an American Robert Bandfield, and two natives of the Bahamas, Rohn Knowles and Kelvin Leach, with various criminal offences, including securities fraud and some for money laundering.
The superseding indictment alleged that Mulholland, Can, Bandfield, Kueber, Psyllakis, De Wit and Godfrey, among others, created shell companies and opened numerous bank accounts which were used to move over US$500 million in proceeds of crime. Mulholland was alleged to have fraudulently manipulated the shares of more than 40 issuers and moved US$300 million in proceeds of crime into accounts he controlled.
Although many of the indicted were from British Columbia, they were situated in places like Belize, Nevis and Panama. The US government alleged that they created numerous shells with nominee directors and officers to conceal the legal ownership of the shells, acquired controlling interests in shares of pubcos, hired promoters to pump the share prices artificially, and exited when the share prices were high. The defendants owned, operated or worked at companies, including Legacy Global Markets S.A., Unicorn International Securities LLC, and IPC Corporate Services LLC, which were the vehicles allegedly used to perpetrate the fraud.
An undercover agent met with Can and others in the tax havens and was told, among other things, by Can that he knew a way to secretly pay “consultants” in stock manipulation schemes. The indictment explains how Mulholland allegedly made US$21 million in proceeds manipulating the trading of one issuer.
Several of the defendants were arrested. Mulholland was arrested when his flight from Vancouver landed in Phoenix, Arizona. He and Bandfield proceeded through the criminal trial process together and joined each other’s motions, ultimately both agreeing to plead guilty and go through sentencing and forfeiture together.
Mulholland pled guilty to money laundering and is serving a 12-year sentence of incarceration at a medium security prison in California, followed by a three year term of supervised release with special conditions. He asked to enter a prison-run drug abuse program while incarcerated. As part of a deal for a lesser sentence, he pled guilty and agreed to forfeit assets from the proceeds of his criminal activities, including forfeiting a private jet, homes in West Vancouver, California and Whistler and funds and securities held in bank accounts and brokerage firms in several tax havens.
Bandfield also pled guilty, served his sentence and is now released.
Kueber pled guilty and appears not to have entered the federal prison system which may mean he was sentenced to time served in remand.
De Wit and Psyllakis appear to have remained in British Columbia. It is not known whether the US government has an arrest warrant out for either of them that would be acted upon if they entered US air or land space, or if the US government has commenced extradition proceedings, or abandoned the case against them.
Can returned to Turkey. He may be in Istanbul or Antalya. According to an old news report which relied upon statements appearing in an Alberta Court judgment, he allegedly had ties (could be merely tenuous ties) to organized crime (the Calgary Hells specifically) in connection with an earlier capital markets deal gone sour that involved organized crime.
It is not known what happened to the other indicted individuals or entities.
Against that backdrop, the ASC looked into Bluforest, which involved some of the same individuals and entities, including Legacy Global Markets S.A., Unicorn International Securities LLC, and IPC Corporate Services LLC, Can, Godfrey, Bandfield and De Wit.
The president and CEO of Bluforest was Charles Miller but Can actually directed the affairs of the issuer. The SEC ultimately revoked its listing on the OTC Markets for failures to file.
The business activities of Bluforest appear to have been an illusion that existed on paper only. Bluforest alleged in one paid promotion to investors that it owned 135,000 hectares of forest in Ecuador called El Juval worth US$695 million and not only that, allegedly, it had carbon offset credits from that land equal to the same amount, US$695 million.
In another paid promotional campaign, it alleged to have US$700 million in assets and US$698,875,000 in property for developing carbon assets. However, at that time it only had $43 in the bank. And only $17,000 in actual assets. One of the material issues with respect to the issuer was how this happened when the issuer had an independent auditor responsible for the accuracy of its financial disclosure.
Can purchased the shares of Bluforest, and through nominees, maintained control of, and acted as its secret operating mind. In order to do that, he caused to be issued, numerous shares to various corporate entities in which he controlled. Two of the material entities were Mainland Investments Ltd. and North American Investments Inc.
He used a number of the same nominees including Branislav Jovanovic and Talal Fouani, who acted for some time upon his directions. The issuer operated effectively as a one-man show by Can, who exclusively called all the shots even though on paper, he had no role with the issuer in the corporate sense.
In respect of payments from the issuer from funds raised, the ASC found that substantial sums of money were directed by Can to be sent to a select group that included his company, Mainland Investments Ltd., and other entities he controlled, as well as to lawyers he instructed, including Faiyaz Dean, Scott Lawler, Norman Anderson and Diane Dalmy, and to various stock promoters.
Analyzing the case from a data perspective
We created a first layer network analysis of the Bluforest actors, shown below. The data shows a number of things:
The large dark central blue node is Bluforest Inc.
The red node is Cem Can.
The orange nodes are a type of service provider.
The light blue nodes are others, such as known shareholders, directors, officers, alleged debt holders, promoters, etc.
Interpretation of data:
The dandelion shape on left side depicts a normal functioning issuer relationship between the issuer and shareholders; the issuer and service providers; the issuer and directors / officers.
The right side of the dandelion breaks off and shows a clear disruption – a disfunction – in the issuer. The affairs of the issuer are blown out and form a tangled web.
You can see that the disfunction is tied to the red node, a few orange nodes; and several light blue nodes.
In the image below, we took the same data set and plotted it along one axis and it becomes more clear that information flows in respect of the issuer’s affairs went through only a few people. In a normal functioning issuer, the officers are the one source of all activities in the capital markets.
Alleged debt for shares
One of the most interesting aspects that the ASC decision focused on was the use of alleged debt settlement agreements to issue free-trading shares for alleged consulting services. In one instance, the issuer took an alleged debt of US$60,000 allegedly owed to Can’s company, North American Investments Inc., and re-paid the lenders consideration of $200 million to settle the debt, paid in shares of the issuer.
In order to ensure the shares were free-trading and avoid the hold period, a lawyer named Scott Lawler issued a closing opinion to the transfer agent to remove the restrictions.
The ASC found that the explanations given as to how US$60,000 became $200 million were “nonsensical”.
The ASC staff believed that the invoice underlying the alleged US$60,000 debt was fake, which the ACS panel took as meaning that no actual services were provided. In other words, $200 million in shares were obtained for no consideration.
Subsequently, the issuer completed a second series of debt settlement arrangements where shares were issued to settle alleged debts. In the second instance, there was an alleged debt of $90,000 and 100 million shares were issued to the lenders to pay out that debt. The ASC calculated that the transfer meant that the issuer, with alleged net assets of $695 million, transferred 97% of that value for $900,000.
A lawyer named Faiyez Dean wrote the opinion letter in respect of removing restrictive legends, enabling the 25 million shares to be issued to entities controlled by Can and Charles Miller as free-trading. The ASC found that the issuer deliberately mischaracterized the shares as a proposed resale of shares earlier acquired from Bluforest in order to justify the removal of restrictions, and held that the deals were intended to deprive the shareholders of their economic interest in the issuer.
The ASC found the share issuances for alleged debt settlement deals were in furtherance of a pump and dump scheme, and together with the false opinions, diluted other shareholders and concentrated control secretly with Can and Charles Miller.
The ASC also found that there were issues with the alleged forestry deals announced by the issuer.
When Bluforest announced that it had entered into a series of forestry-related agreements in Ecuador, it represented that they were arms length in the disclosure record, when in fact they were non-arms length. Despite the forestry-related deals that were touted as being so valuable, the ASC found that they were not pursued and the agreements and rights thereunder appear to have expired over time, if they existed at all. Those deals were what was supporting the issuer’s valuation.
Paid promoters promoted
The ASC found that Can hired, indirectly, a number of promotional companies to aggressively promote the issuer across various mediums. Over time, the share price went from $0.25 to $6.19, and was artificially increased as a result of paid promotional activities. Eric Cusimano and Jamie Boye were among the paid promoters that Can hired using his own companies, to promote the issuer’s stock.
Cusimano and Boye were indicted in the US in connection with paid promotional activities in the capital markets and pled guilty in that case.
At the end of the day, because Bluforest was just a business that looked good on paper to investors while there was nothing behind the curtain when it was pulled back to substantiate its share price, or valuation, it crumbled apart.
The ASC found that Can and Charles Miller were centrally involved in virtually all aspects of the pump and dump scheme and played significant roles in the secret control of the issuer and manipulation of its shares in the capital markets. IPC Corporate Services LLC, Unicorn International Securities LLC, and Legacy Global Markets S.A., were some of the offshore vehicles used by Can and others to receive shares of Bluforest and the proceeds from the sales of shares.
The ASC called the Bluforest pump and dump scheme “a deplorable form of securities fraud.”
Typologies of pump and dumps
This decision is also useful from the perspective of typologies that can be gleaned that raise red flags for potential capital markets fraudulent activities.
The alleged past ties of Cem Can to organized crime wasn’t explored but perhaps should not be discounted as a risk factor of the prospect of organized crime infiltration in the life cycle of some issuers.
Two of the largest securities fraud cases occurred in Canada and involved Mafia figures.
In the first, Russian crime boss Semion Mogilevich caused the pumping of the stock of a Canadian issuer he controlled, YBM Magnex, which lost investors over US$1 billion. In the second, deceased Canadian Costa Nostra leader Vito Rizzuto and one of his associates, allegedly came to control a series of Canadian stock promotion newsletters owned by Canadian Eric Van Nguyen, which allegedly were material in the loss to investors of an estimated US$3 billion in connection with several issuers that were pump and dump schemes orchestrated from Canada.
Mogilevitch and Van Nguyen remain wanted US fugitives. Mogilevitch is in Russia. Van Nguyen allegedly went from Montreal to Toronto. Some experienced securities investigators in the private sector believe, based on their investigations, that Van Nguyen is behind several recent paid promotions of several issuers in Canada, including several being pumped to investors right now in real time.
The Securities and Exchange Commission (“SEC“) filed a civil complaint against 5 American promoters of the Blockchain protocol known as BitConnect this week. Investors from around the world lost over US$2 billion with BitConnect. The SEC alleges that the defendants conducted an unregistered offering and sale of securities in connection with its native coin and lending program.
BitConnect is iconic with GenZs literally the world over – not in a good way – rather because of the memes created of a promoter allegedly named Carlos Matos, who was the public face of BitConnect.
BitConnect is similar to OneCoin – same formula using some elements of MLM. Like OneCoin, the BitConnect folks issued an initial coin offering (“ICO“), and like OneCoin, they alleged that there was a Blockchain protocol behind it. The ICO was called the BitConnect Coin (“BCC“). You can read about OneCoin here.
The SEC says that BitConnect also created a lending platform (in much the same way as many DeFi platforms do now), and promised holders of Bitcoin and other digital currencies 40% monthly interest for depositing their holdings for lending purposes. BitConnect was not licensed or authorized anywhere to provide online lending services to consumers, or be deposit-taking. Those who sent fiat or Bitcoin to BitConnect for ostensible lending, lost their money.
Eventually, in early 2018, the State of Texas issued a cease and desist order to BitConnect. One of the paid promoters, Trevon Brown, posted on social media, a message to the world not to let a US government shut them down. When the State of North Carolina issued its own cease and desist order, BitConnect sent one of its promoters 200 Bitcoin as a retainer for a securities lawyer (now equal to US$7.4 million). In the following weeks, BitConnect shut down operations.
The SEC says that the ICO promoters earned significant commission from touting investing in BCC or using the lending platform, as follows: Joshua Jeppesen earned US$2.6 million; Craig Grant earned US$1.3 million; Michael Noble earned US$730,000; Ryan Maasen earned US$475,000; and Trevon Brown earned US$480,000.
The founder of BitConnect is an Indian foreign national, whom the SEC declined to name.
The SEC is seeking various forms of relief against the defendants including an order permanently enjoining the defendants from violating US federal securities law and the payment of penalties.
The Securities and Exchange Commission (“SEC“) filed a complaint in the Southern District of New York this week against RenovaCare, Inc. (the “Company“) and Harmel Rayat (“Rayat“) alleging that material misrepresentations were made in the disclosure material filed by the Company, and that the Company used a secret paid promoter to pump its stock and lied about it.
RenovaCare is an issuer in British Columbia but is listed in the US on the OTC Markets. Rayat is a Canadian who resides in Vancouver, and is one of the original shareholders of the Company, its director and its majority shareholder. There are two previous SEC enforcement actions involving Rayat and others, one in 2000, (here) and the other in 2003 (here); one involved §17(b) violations, which is part of what is alleged in the SEC’s latest complaint.
The SEC is not specifically alleging a pump and dump occurred with RenovaCare per se. Rather, the SEC is alleging that a pump occurred in conjunction with other securities violations but that a brokerage firm stepped into prevent a dump involving one or more of the key actors.
Since the filing of the SEC complaint, the stock price reacted on the OTC Markets.
How securities lawworks
Skip this part if you know that caveat emptor does not apply in modern securities law, and the capital markets.
By way of background, the Securities Act and the Securities Exchange Act were enacted following the 1929 stock market crash and the Great Depression that followed. The securities acts safe-guard the capital markets and investors by requiring a system of mandatory public disclosures in place of caveat emptor.
The disclosure-based regulation that, as a fundamental principle replaced caveat emptor, is based on trust – it commences from the proposition that in exchange for the privilege of being able to list a stock to the public, and take money from investors who become shareholders, all the actors in the system will be honest and provide the requisite fulsome disclosure. It presumes no information asymmetry from issuers or their advisors. It also assumes that so long as investors have fair access to accurate fulsome material information, they can intelligently assess the risks of a stock and make an informed decision to buy or sell. Disclosure, therefore, is required episodically whenever securities are offered to the public, periodically thereafter, and whenever material events occur.
The private sector actors who are entrusted in respect of the capital markets are those who earn fees and other compensation from capital markets activities and control the content and distribution of disclosure and include lawyers who draft all of the securities disclosure material; auditors who pass on the financial condition of issuers for capital markets participants; an issuer’s directors and officers; significant shareholders; brokers; listing exchanges; underwriters; and securities trust agencies (the “Capital Markets Trustees“).
From time to time, Capital Markets Trustees can and do breach the public trust, in a number of ways including by participating in the drafting of documents containing untrue information, negligently or deliberately. Investors who rely upon such information are lured into making investments without informed consent and with asymmetric information which may be untruthful. All of the Capital Markets Trustees enter the capital markets understanding that they assume responsibilities for their part of a larger puzzle to protect the integrity of the capital markets through, inter alia, adequate, truthful and timely disclosures.
With respect to promoters, it is lawful to use stock promoters and to pay them but it is unlawful to have secret paid promoters for the reasons articulated above.
Medical claims about a skin gun
RenovaCare’s three founders, according to its Sedar filings, appear to have been Kundan Rayat, Jasbinder Chohon and Harmel Rayat.
For decades it was and remains, a development stage company with no revenues. A few years ago, it began to represent that it was developing a medical gun called a skin gun, for treating skin burns.
In mid-2017, the SEC says that the Company prepared and disseminated false information. For example, in its Form 8-K, news releases and paid promotional content, the SEC says that the Company stated that it had filed with the FDA, a 510(k), and that the FDA could soon approve its skin gun, which was untrue. As at that date, the Company had not filed a 510(k) with the FDA.
A secret paid promoter
The SEC says that the Company used a secret paid promoter called StreetAuthority, apparently owned by a longtime friend of Rayat in Austin, Texas, whom the SEC did not name.
The latter published a so-called independent report in which it described a case study involving the Company’s skin gun where a burn victim with what looks like severe burns on his or her arm, was promoted as having been cured in three days using the skin gun.
The promoter published before and after pictures in the report of the burn victim’s alleged cure by the skin gun in three days. The after picture of the burn victim show his or her burn was healed and the skin returned to normal after those three days. According to the NHS, a mild burn heals in 14 days.
The SEC says that the victim’s skin remained discoloured for over a year. Moreover, the SEC says that the photos in the before and after series were, for lack of a better word, disingenuous in that the before photo was not the arm of the burn victim and the after photo was actually taken five years after the victim sustained a serious burn, not three days after.
Alleged false statements
The SEC alleges that part of the disclosure record of the Company during the relevant period, contained materially false statements or was misleading in the way it was drafted and presented in the disclosure documentation, and that the Company engaged in acts designed to defraud investors.
With respect to Rayat, the SEC alleges that he aided and abetted the commission of the unlawful securities law conduct.
Among other things, the SEC alleges that Rayat devised a deceptive payment scheme to hide that StreetAuthority was a paid promoter. StreetAuthority was required to disclose its payments from the Company but failed to do so.
The SEC says that StreetAuthority touted the Company highly, claiming that the burn gun was a “revolutionary wound-healing device,” encouraging investors to buy the Company’s stock, promising investors they could hold it for “10, 20x, even 40x gains.”
The SEC says that the Company executives were questioned by the OTC Markets about paid promotional activities and lied, denying having used a paid promoter.
A reporter here reported that in a recent annual financial statement, in one fiscal year, the Company disclosed that it spent $309,503 on R&D, whereas its executives were paid $453,488 during the same period.
Over ten years earlier, in 2007, David Bains wrote (here), about Rayat and trying to get his foot in the door of his opulent offices in Vancouver.
It didn’t go so well – they asked him to remove his foot from their opulence.
The touting biz
A number of securities law academics looked at the role of promoters (also called touters) across Germany in cases of pump and dumps that manipulated the market.
Working with two agencies, the researchers were able to obtain data sets of issuers, Capital Markets Trustees and victims of pump and dump schemes over a set period of time in Germany. The findings with respect to Canadian promoters (touters) in the study are interesting – the data showed that although Canada has 1/10th the population of the US, Canada not only, per capita, breeds more promoters, it breeds more promoters on a pure numerical basis that were active in the relevant time period of the study in the capital markets in Germany.
Another academic study conducted for a mathematics thesis looked at the economics of promotions and promoters. The study found that promoters are raking in US$122,600 per issuer they tout, and earn between US$1,000,000 to US$10,000,000 per year promoting issuers – one earned US$8,000,000 in its first year of business.
With access to justice becoming a growing problem in Canada, as more people and companies become unable to afford to litigate, or be litigated against, lawyers and governments are turning to technology to find ways to bring down the costs of litigation and of prosecution. Covid-19 has forced us to accelerate the use of technology in our courts with virtual hearings, and much of the practice of litigation has moved to remote environments.
Those are not the only changes taking place in respect of litigation and technology. In order to remain competitive and increase client value, litigators are using new technologies, including legal analytics, which is growing in popularity in major litigation centres.
Analytics capabilities and tools are available in an increasing variety for various aspects of the litigation process. Technology that maps out decision trees for clients is one such example of a solution provided by a magic circle firm. Its legal tech enables clients to tap into firm databases where simple predictive AI assesses the viability of commencing litigation before deciding to proceed, helping to make litigation more cost effective and providing a broader service to clients.
Another powerful analytics tool is the network analysis branch of network science.
Although used historically and primarily by law enforcement and the intel community for mapping and dismantling terrorist and organized crime networks, network analysis technology is an ideal tool for almost any aspect of the legal process.
Network analysis identifies key players, and gatekeepers, highlights subgroups within a network and identifies individuals who call the shots. It can be used to prove or disprove a set of facts during an investigation or a trial, and as a tool for deeper analysis. Because it can be deployed to prove or disprove a set of facts, its benefit applies to defense or plaintiff counsel.
It can also be a powerful litigation analysis tool particularly for M&A deals where the network and the activities are transnational and involve hundreds of actors. Network analysis also reveals previously unobserved associations of actors within a network and identifies gaps to prioritize investigation efforts.
Centrality of actors
Network analysis uses concepts of centrality (i.e., degree, closeness, betweenness and eigenvector), brokers and density. These are mathematical determinations used to measure things like network typology, degree centrality and influence of certain actors over outcomes.
But it does more than that. The data can be used to calculate links, the strength of relationships, weakness in organizational infrastructure, money movement routes, and much more.
For example, the evidence in connection with a group of individuals, companies, and firms engaged in M&A deals involving suspected bad conduct might involve 500 different nodes and relationships by the time an investigation has concluded. Among the maze of 500 nodes and relationships, the litigator or enforcement agency needs to find out who the key actors are.
All networks have certain key actors. They control something of value – the documents, bank accounts, financings, connections, information or the process – which gives them power in the network to drive an outcome.
If the actors in the network have a criminal or fraudulent intent, the key actors act in furtherance of that goal. Sometimes only a few actors have a criminal or fraudulent intent in a network and network analysis reveals that as well because it can reveal breakages from the network by non-bad actors who break away from the network and disassociate. Bad actors only use people they trust in the commission of bad acts and a break-away actor demonstrates something about the functioning and activities of the network for further inquiry.
In financial crime or fraud cases, key actors tend to be the ones who financially profit the most from network activities. Using betweenness in network science against the network data, can reveal deeper and more accurate information about aspects of a case that lead to financial benefits by tracking linkages from actors to financial intermediaries.
Data preparation, inputs
Two legal persons that we looked at presented with typologies of being potentially problematic. A network analysis showed that they had connections in 8 countries but interestingly but only one professional gatekeeper used by both. A concentration of control in one gatekeeper is an important reveal from network analysis.
Mapping out their combined network took a long time because, in this case, analysts had to research and identify, as well as verify, the accuracy of over 314 legal and natural persons and plot the connections between them.
Ultimately, we created the network below (which is anonymized for this purpose).
In the network above, the two legal persons are the two blue nodes.
The red nodes represent the key group that directed the activities of both companies.
The one purple node in the centre between the two legal persons represents a professional gatekeeper which the key red node group appears to have used.
Identity of co-offenders
The yellow nodes in the network are what can be used for betweenness centrality; applying that analysis led to one central figure through which many of the activities flowed. Interestingly, it also led to a third legal person with co-offenders, demonstrating that network analysis has an added benefit – one case of network analysis can lead to revealing co-offenders which can lead to identifying other cases in which the natural persons are involved.
In the non-anonymized version of the network, all the nodes are identified and labeled and ergo, an analyst or the ultimate client knows at a glance who is connected to whom and how the network functions.
Using network analysis as a litigation or investigation tool requires data accuracy and standardization of raw data to conduct legal and criminal analysis and yield a network result that can be relied upon. Standardization also ensures that when analysts exchange analytical products for a case, which happens from investigator to regulator, law firm or enforcement agency, the data has the same meaning and is interoperable.
Once verified data sets are entered consistent with criminal analysis standards for network science, and parties use network analysis tools to identify the structure and control of a network engaged in alleged wrongful conduct, law enforcement, a regulatory body or a litigant can use the intel to disrupt the network by focusing on the key decision-makers and thereby, prevent problematic actors from future harm.
According to the Twitter account of a Bitcoin investor, the DeFi platform called DeFi100, that is listed on Binance, posted a notice on its website earlier today that it scammed its investors and that there was nothing the investors could do about it.
“Ha ha. All you moon boys have been scammed. Fuck you moon boys,” it also reads.
The Twitter account user says that DeFi100 ran away with US$32 million. The website is now dark.
No party has confirmed whether the notice on the website is accurate but its odd that the website is now dark.
It’s not the first time that digital currency platform owners have posted a notice online confessing they took funds from investors.
In 2019, the six owners of the ICO called Plus Token in China stole over US$4 billion from customers. Just before fleeing, they inserted Hex code into a Bitcoin transaction that said: “Sorry, we have run”.
It was China’s largest digital currency Ponzi scheme.
The Plus Token was sold online and at events in China, Korea and Hong Kong. It was headquartered in Yancheng in the province of Jiangsu. The six employees were Chen Bo, Yuan Yuan, Ding Zanqing, Peng Yixuan, Wang Renmi and Dong Jianhua.
Four of them fled to Vanuatu in June 2019. The Vanuatu government confirmed that four of them had acquired citizenship in advance, which would suggest that there was an exit strategy planned.
They were subsequently arrested in Vanuatu by Chinese officials and removed to Mainland China in July. China hunted the other suspects in other countries as well, and went to Cambodia, Vietnam and Malaysia and other undisclosed countries and picked up 27 fugitive members of the PlusToken team. In all, 82 employees of PlusToken were arrested and prosecuted.
On September 22, 2019, Chen, Ding and Peng were sentenced for organizing and leading pyramid schemes. They and other defendants received sentences ranging from two to 11 years. Their WeChat messages between them played a material role in the prosecution.
The hunt for Faruk Fatih Özer’in, aka Özer, a Turkish foreign national, may be over. Özer ran a large digital currency exchange in Turkey called Thodex. He fled Turkey in April and US$2 billion of money from its customers is apparently missing, or inaccessible. In the CCTV footage below, he is seen arriving at the Istanbul Airport and going through customs on the day he fled. Where is the US$2 billion? Perhaps on a Trezor in his bag.
Özer turned up in Albania and appeared on CCTV footage checking into a hotel after fleeing Istanbul. From Albania, he issued a statement alleging that the allegations against him were baseless and that he was in Albania on business and would return to Istanbul in a few days. That was over a month ago, and he is not likely coming back to Turkey voluntarily.
Then on May 15, 2021, the Turkish police announced that they were authorized to enter Albania and capture him. Özer was on an Interpol Red Notice list but he has since been removed from that list, which may mean that Turkey has captured him.
Turkey arrested 62 employees of the exchange in respect of whom they believed played a part in facilitating the loss of the US$2 billion. Özer and Thodex denied any money was missing on Twitter, and Özer did the same on his Instagram account. He deleted all the content from his Insta except the message below and the photo of him in a Ferrari.
Özer’s brothers and sister, Güven Özer, Zuhal Özer and Serap Özer, who appear to have run the exchange with him, were arrested in Turkey, as well as the exchange’s accountant who allegedly cooked the books, and the software developers who worked on the exchange and created allegedly false UIs for customers so that they would believe that the balances they were seeing online were legitimate, when in fact according to the police, there was no money in crypto or fiat behind the balances reflective on the UI customers saw online.
It’s not the first time that software developers and accountants in connection with digital currency exchanges have been arrested or prosecuted. Accountants usually control access to banking and ultimately make the decisions to move customer money – for good or for bad purposes. They perform a financial gatekeeping function for digital currency exchanges in respect of customers funds.
According to Turkish news, the Turkish government asked Albania to prosecute any Albanians who assisted Özer after the collapse of the exchange.