The son of an elderly American man with Alzheimer’s disease approached The after he learned his father had lost tens of thousands of dollars to an Israeli binary options company.
His father’s card was charged more than a dozen times in a single day without his permission, needless to say.
A 17-year-old from Hong Kong lost $20,000 to a binary options company using his mother’s credit cards.
As soon as she realized what had happened, she initiated a chargeback, but her bank rejected the claim and seems poised to let the binary options company keep the money.
Last December, Canadian businessman Frederick Turbide took his own life after realizing that he had lost all of his savings to a fraudulent Israeli binary options firm called 23Traders.
The company continued to charge his card even after it had learned of his death and after family members had placed a stay on the card.
Such incidents aren’t supposed to happen. Under normal circumstances, if a bank notices charges on a customer’s card that deviate from the person’s normal spending habits or come from a foreign country, it will phone the cardholder to check or even freeze the card as a precaution.
How, then, do binary options companies, involved in a widely fraudulent industry that is subject to countless warnings and investigations by regulators all over the world, manage to process hundreds of thousands of payments each year from customers without setting off alarm bells in the banking industry?
Most binary options companies operate without a license, and among the minority that are regulated (in countries like Cyprus) some of the largest are owned by or were founded by individuals with felony convictions.
Why would any reputable bank facilitate payments for such an industry?
Some banks, a minority, may go along with the binary options fraudsters for the sake of profits. But in most cases the explanation, several payment industry insiders told, lies in an up-and-coming industry known broadly as “fintech.”
Fintech, short for financial technology, refers in the broadest sense to any kind of digital innovation that makes financial services more efficient, accessible or less expensive, from mobile payment apps to crowdfunding to peer-to-peer lending to companies that use big data to calculate mortgage rates.
But when it comes to the most prominent sector of the fintech industry, the payments sector, critics argue that there is a giant blind spot, a flaw in the system that has so far largely escaped the notice of banks and regulators.
These critics claim that some fintech companies, while cloaking themselves in the aura of “innovative,” scrappy startups, are in fact engaged in the time-worn practice of facilitating fraud and money laundering.
Ron Teicher, the CEO and founder of EverCompliant, an Israeli high-tech company that helps banks detect fraud, told that he believes most fintech payment processors are legitimate companies that perform a substantial service to the economy by enabling small businesses, like farmer’s market stalls or coffee shops, to obtain access to credit card payment facilities.
This is important because most customers like to pay with credit cards and businesses lose money if they can’t process them.
Nevertheless, Teicher cautioned, the rise of fintech has also inadvertently opened the door to criminals seeking to gain access to the global payments system.
How so? Because, he explained, fintech companies don’t carry out the same anti-money laundering or counter-terrorism checks on the businesses they agree to work with that a traditional bank would do.
Such checks are expensive and time-consuming, which is part of the reason some businesses can’t get access to credit card facilities in the first place.
But the unintended consequence, said Teicher, is scary.
In his company’s estimation, six to 10 percent of businesses accepting credit card payments are hiding their true identity from the banks and credit card companies that process their transactions.
The banks and credit card brands have absolutely no idea who and what these businesses are, and they don’t even know what they don’t know.
“Most people are good, so statistically, it works out,” Teicher said of the fintech payments industry. “But at the same time, the fintech companies’ lack of due diligence opens the door to terrorists, drug dealers, counterfeiters, online pharma, violent content and scammers who were previously blocked from the payments system.”
While old-time money launderers had to buy and operate a car wash, say, or a restaurant to hide the source of their cash, with the rise of e-commerce the costs and risks of money laundering have gone down.
“With e-commerce, you don’t have to buy a nail salon.
You just pay to incorporate 1,000 companies,” said Teicher, that have no real office or employees, and that exist solely on paper for the purpose of making it easier for the owners to accept payments.
“The incentive to participate in money laundering is much higher. It’s getting to be a bigger and bigger problem.”
In Israel, there are numerous “high-risk payment processors” that help hide the fraudulent nature of binary options from banks and credit card companies.
If a binary options company approached a reputable bank and asked to be taken on as a merchant, it would likely be turned down. Instead, the company approaches a fintech payment company that will help create the appearance of legitimacy to an acquiring bank.
A typical binary options company will have four or more names: 1, the brand name of the website. 2, the name of an English Limited Partnership or Scottish LP — a form of company structure that allows foreign companies to obtain legal status in the UK but that critics say is often exploited for criminal activity — that appears in the fine print on the website. 3, the name of an offshore company in a place like Anguilla that corresponds to the British company.
And finally, 4, the local name of a company where the actual offices are located, often in Israel but also in Bulgaria, Panama, South Africa and other places. This local company is usually the only one that has actual people working in it.
Every merchant, including binary options companies, that wants to accept credit card payments needs an “acquiring bank” or “merchant acquirer” to accept and underwrite them.
It is in the acquiring bank’s interest to make sure that the merchant is low risk.
The acquiring bank is also required by law in many countries to make sure it knows the true identity of the merchants’ owners and not just the identity of its stooge directors.
What some fintech companies, known as payment processors or facilitators, do for binary options companies is help them circumvent these “know-your-customer” checks.
These high-risk payment processors advertise themselves to industries like porn, online gambling, online pharma, forex and binary options. It is likely many of them know what they are doing.
But sometimes the merchant lies to the payment processor as well.
“The payment facilitator,” explained Albert James Galloni, a financial fraud investigator from the UK, “is a wholesaler of the merchant acquiring services provided by the acquiring bank.
An acquiring bank will be contacted by a facilitator who will say I’m going to recruit a number of merchants for you; however these customers will not be contracting with you, they will be contracting with us. You provide the service.”
As a result, the acquiring bank often does not have direct visibility into who the individual merchants are, nor does it perform due diligence on them. Most acquiring banks are not colluding with dodgy merchants, said Galloni, and genuinely don’t realize they’re processing payments for companies that may not be on the up-and-up.
Galloni told that the problem of fintech companies hiding the identity of the merchants they work with goes back 15 years or more.
“Ten or fifteen years ago, the cards payments industry was dominated by the banks.
The only places you could obtain a facility to process card payments was at a bank. Over the years, banks have divested, so new companies have sprung up that offer card payment services.”
The issue, explained Galloni, is that banks’ risk appetite has not really changed since that time. Their biggest concern, he said, is something called “non-delivery risk.”
“For example, if you had a bar or restaurant, the bank would see you as zero risk because someone goes there, gets a round of drinks and pays on their card. It’s over.”
On the other hand, companies like furniture makers, where you pay a deposit and get the goods 6-8 weeks later, are seen as a big risk, because during that 6-8 week period the company could fail, go bust or disappear with the money.
As a result, many high-risk businesses found it difficult to obtain credit card payment facilities. But they desperately needed those facilities, because customers wanted to pay by credit card.
That is how what Galloni calls “transaction laundering” began.
“Businesses that wanted card facilities and were willing to commit fraud would do one of two things,” he said.
Option one: Apply for the facility but lie about what their business was. Says Galloni: “They would ascertain what type of business the bank considered low-risk, and claim to be that sort of business.” For instance, businesses that are considered high-risk, like diet pill merchants or online gambling websites, would claim to be a restaurant instead.
Option two: Something known as “aggregation.” Galloni: “They would go to another business, one that already had a facility, and say ‘you can have 15 percent commission if you let me use your card machine for my payments.’”
In the beginning, said Galloni, some high-risk merchants were unsophisticated.
“They would go to a bar and say ‘put my transactions through,’ and those payments would be for $1,000 dollars at a time.
The bank transaction monitoring system would detect that something was not right, and the acquiring bank would put a stop to it.”
But over time, a whole slew of fintech companies arose, companies Galloni calls payment facilitators, whose sole purpose was to deceive, “to give the impression that the payments were for low risk items when in reality they were for high risk.”
Not all payment facilitators are deceptive, but some can be.
After the binary options payment is acquired by a merchant acquirer, binary options payments often end up in a bank account in Eastern Europe.
Their merchant acquirer may also be in Eastern Europe, although local Israeli acquirers like Isracard have acquired binary options payments as well.
Galloni said that banks in less developed countries tend to be more accepting of high-risk merchants.
“Banks in places like Eastern Europe or the Baltic states or other, more ‘traditional’ offshore jurisdictions, are very aggressive and really trying to grow their market share.
They will take on clients based outside their countries or based in an offshore place with more of a risk acceptance than one of the main banks.”
The sad truth is that a widely fraudulent industry like binary options, which is estimated to bring in up to $10 billion a year, has many beneficiaries, including fintech companies, adtech companies, banks, SEO specialists and even Google, Twitter and Facebook, which sell advertising to binary options and other dodgy industries.
Balanced against all these economic interests, the victims themselves, and those who work to expose and halt the fraud and bring the criminals to justice, are fighting an uphill battle.
Is there any hope that the global banking system will wake up and address the giant flaw in its processes, a flaw that is causing hardship and suffering to uncountable victims of scammers and criminals?
For now, the picture is bleak. The global payments system handles immense numbers of transactions, and everything is computerized.
If customers spot fraudulent charges early, they can seek a chargeback — but fraudulent firms in the binary options and other scam industries make sure that their victims sign paperwork specifically consenting to having their credit cards charged, and those small print consents are hard to challenge.
In at least one of the cases cited at the beginning of this article, for instance, the victims were unable to persuade their bank that the money they lost to a fraudulent binary options firm should be returned to them.
Nonetheless, Teicher, the CEO of EverCompliant, is optimistic, arguing that the key to closing the fraudulent hole in the global payment processing system lies in raising awareness of what is going on.
“Companies don’t necessarily make business decisions based on ethics, but they do care about their brand reputation. For instance, if it were known that a bank allows businesses to process child pornography, that would make it look bad.”
Ultimately, though, he stresses, it is the responsibility of governments to crack down through enforcement and regulation, as the government of Canada has begun to do, for instance, by pressing Visa and Mastercard to block the processing of payments for binary options.
“If there were clear regulation and enforcement, then if I were a bank, my risk would increase.
That would go a long way towards helping me make the right decision.”