Editorial

newsfeed

We have compiled a pre-selection of editorial content for you, provided by media companies, publishers, stock exchange services and financial blogs. Here you can get a quick overview of the topics that are of public interest at the moment.
360o
Share this page
News from the economy, politics and the financial markets
In this section of our news section we provide you with editorial content from leading publishers.

TRENDING

Latest news

Illegal Casinos: Soft2Bet, SOFTSWISS and Europe’s Hidden iGaming Infrastructure Model

Comparative Systemic Compliance Report The Soft2bet Files expose a much larger question for European regulators: when technology platforms also touch brands, customer operations, payments, offshore operators and regulated market access, can they still be reviewed as neutral software vendors? Key Takeaways The Soft2bet Files are not merely another illegal-casino story. Investigate Europe and media partners report a €600 million money trail, leaked internal files, payment statements, former-employee testimony and a network of 145 websites blacklisted in at least one European country. Soft2Bet denies wrongdoing and says the reporting misinterprets its business and corporate structure. [SN1] Soft2Bet publicly presents a deeply integrated iGaming stack. Its own materials describe turnkey casino and sportsbook technology, payments, KYC, risk management and player support. The company says it holds more than 22 licences across 12 jurisdictions. [SN2] The alleged hidden layer is the real compliance issue. The current investigation describes offshore operator vehicles, Cypriot payment companies, development entities, customer-service structures and payment providers allegedly connecting blacklisted casinos to the broader Soft2Bet environment. [SN3] Zentoria is now a critical bridge. Investigate Europe reports that a Belgian card deposit to the unlicensed Onlyspins casino was directed to Irish-registered Zentoria. That independently intersects with FinTelegram’s prior Zentoria / Spinsopotamia research and the NALMI technical evidence package. [SN4] SOFTSWISS is not Soft2Bet and must not be treated as the same network. But the comparison is compliance-relevant because SOFTSWISS also publicly operates a large modular iGaming infrastructure ecosystem and has been the subject of separate reporting about possible links between its founder environment and unlicensed casino operators. [SN5] The systemic question is now unavoidable: when a platform ecosystem combines technology, brand deployment, payments, customer operations, engineering, data and cross-border licensing structures, where exactly does the platform end and the operator begin? 1. Executive Summary: This Is Not Just a Soft2Bet Story Europe’s online gambling sector has spent years drawing a reassuring line between two categories. On one side sits the operator: the company that accepts players, holds the gambling licence and carries the regulatory burden. On the other side sits the platform provider: the supposedly neutral B2B technology company supplying software, games, wallets, CRM tools, payment integrations and back-office infrastructure. The emerging evidence around Soft2Bet suggests that this line may be far less clear than regulators, banks and payment providers have assumed. The July 2026 Soft2bet Files, led by Investigate Europe with media partners across 15 countries, describe an alleged ecosystem in which licensed brands, blacklisted casinos, offshore vehicles, Cypriot payment entities, payment intermediaries, customer-service structures and development operations appear to overlap around the broader Soft2Bet environment. The investigation reports that leaked payment records show €600 million moving between May 2020 and May 2024 from two Cypriot entities, Tranello and Tilaros, to Soft2Bet and associated companies or partners. It further reports that internal files indicate a current population of around 160 casinos, of which 145 are blacklisted in at least one European country. Soft2Bet has denied wrongdoing and said the allegations reflect an incorrect and misleading interpretation of its business and corporate structure. [SN1] This evidence does not merely raise questions about one gambling group. It raises a structural question about the European iGaming industry: Can a company still be treated as a neutral technology provider when the surrounding ecosystem appears to include brand deployment, player operations, payments, marketing, customer support, engineering and offshore casino structures? FinTelegram believes this question must also be asked — carefully and separately — in relation to other large iGaming infrastructure ecosystems, including SOFTSWISS. This report does not claim that Soft2Bet and SOFTSWISS are connected. It does not claim that they share ownership. It does not claim that the evidence against them is equivalent. The proposition is different: Different groups. Different evidence. Similar compliance architecture. 2. The Public Soft2Bet: A Regulated iGaming Success Story The public Soft2Bet story is impressive. Founded in 2016 by Uri Poliavich, the business has grown into a major European iGaming platform and operator group. Soft2Bet markets turnkey casino and sportsbook solutions, gamification technology, payment integrations, KYC services, fraud prevention, risk management and customer support. Its own public materials show that the company is not simply selling source code. Soft2Bet describes operational capabilities covering: casino and sportsbook platforms; player-account and content management; payments; a portfolio of more than 100 payment providers; KYC; AML and sanctions screening; anti-fraud systems; customer support; self-exclusion handling; payout management; and player-risk controls. In April 2026, Soft2Bet said it held more than 22 licences across 12 jurisdictions. That public footprint matters because it establishes the first part of the systemic compliance problem:Soft2Bet already acknowledges a business model extending deeply into the operational lifecycle of an online casino. This is not merely a rack in a data centre. It is infrastructure capable of touching: onboarding → KYC → payments → player account → CRM → risk → support → payouts → retention. The more operationally integrated a platform becomes, the harder it is to maintain a simplistic distinction between a passive technology vendor and the actual gambling operation. 3. The Other Soft2Bet Map The Soft2bet Files describe a second map. According to Investigate Europe, the broader historical and current environment includes or has included entities such as: Araxio Development Rabidi Tranello Tilaros Outono BrainRocket marketing and customer-service companies offshore operator vehicles and newer structures in jurisdictions including Costa Rica and Anjouan. The evidence status differs across each entity. Some relationships arise from corporate records, some from leaked banking documents, some from internal screenshots and some from former-employee testimony. That distinction is essential. But taken together, the reported pattern is highly significant. Investigate Europe says Araxio and Rabidi were used for years around offshore casino websites. The current investigation reports that separate Cypriot entities, Tranello and Tilaros, handled payments associated with casinos while the Soft2Bet name was not publicly visible at that layer. The reporters say thousands of pages of account statements then revealed direct financial relationships between those entities and Soft2Bet-related or associated companies. This is the heart of the case. The question is not simply whether two companies shared a director or whether two websites looked similar. The question is whether formal corporate separation reflected genuine operational separation. 4. Follow the €600 Million The €600 million figure requires precision. FinTelegram does not describe it as “€600 million of proven illegal revenue”. That would go beyond the evidence publicly available. The defensible formulation is: According to leaked payment statements reviewed by Investigate Europe and partner media, Tranello and Tilaros channelled approximately €600 million between May 2020 and May 2024 to Soft2Bet and associated companies or partners. Investigate Europe further reports that transfers were often described with references such as marketing services or licence agreements, and that more than €330 million went to companies owned by Uri Poliavich, including the former top holding company Outono and BrainRocket, described in the investigation as the group’s casino-development arm. The reporting also says that Tilaros, despite not being formally owned by Soft2Bet, made payments to senior people associated with the group. These are serious findings. But they also illustrate a much broader compliance failure. A legal structure can distribute activities across dozens of companies: one company owns IP; another develops code; another employs support staff; another receives casino revenue; another pays marketing invoices; another holds a licence; another presents the merchant to a PSP. The critical compliance question is not whether every entity has the same shareholder on paper. It is: Who controls the system as an operational whole? 5. The Brand Factory The Soft2bet Files suggest that the public brand portfolio may represent only one layer of the broader environment. Investigate Europe’s March 2025 investigation traced more than 140 gambling websites to Soft2Bet and found at least 114 blacklisted in one EU country at that time. The July 2026 investigation went further. It reported internal files indicating around 160 casinos, of which 145 were blacklisted in at least one European country. The leaked materials reportedly distinguish between brands described as “internal” and others that may be operated for customers using Soft2Bet technology. That distinction is fundamental. A large platform provider can legitimately power independent third-party casinos. Shared software is not evidence of shared legal ownership. But the compliance analysis changes where evidence points to: internal brand tags; shared staff; common customer operations; common payment structures; common development teams; common group communications; or money flows into related companies. The relevant model may therefore look like this: Licensed Brands↓Internal Brands↓Customer-Operated Brands↓Offshore Brands↓Mirror and Replacement Domains The legal labels may differ. The operational factory may not. 6. The Payment Machine This is where FinTelegram sees the highest systemic risk. Illegal or unlicensed casinos cannot operate at industrial scale merely because they have attractive websites. They need money rails. They need: card processing; bank transfers; e-wallets; payment gateways; acquiring relationships; merchant descriptors; settlement accounts; payout channels; and increasingly crypto infrastructure. The second Soft2bet Files instalment focuses on that layer. Investigate Europe reports that My EU Pay and Unlimit, both regulated payment firms, processed transfers within the investigated environment. The report says Tranello and Tilaros sent €543 million from My EU Pay accounts to other My EU Pay accounts linked to Soft2Bet or partners between 2020 and 2024. Crucially, the investigation reports that when Tranello’s account was opened, Soft2Bet submitted documentation stating that Tranello “belongs to the Soft2bet group.” The investigation also names or discusses payment-related exposure involving: My EU Pay; Unlimit; Paysafe/Skrill; Pgway; card networks; and other financial intermediaries. Investigate Europe expressly states that there is no evidence that the payment firms knew their services were being used in connection with blacklisted sites. That caveat matters. But so does the due-diligence question. If hundreds of millions of euros move through a high-risk gambling ecosystem, then banks, EMIs, PIs, acquirers and card networks cannot treat the underlying casino perimeter as somebody else’s problem. 7. Pgway and the Merchant-Layer Problem The Pgway findings are particularly relevant to FinTelegram’s research agenda. Investigate Europe reports that unlicensed casino deposits were routinely processed through Pgway, a company owned by an associate of Uri Poliavich. Leaked files allegedly indicate that Pgway operated within the broader group environment. A former employee claimed that redirect URLs for payment-gateway and Pgway functions were created internally at Soft2Bet. The same investigation reports that bank statements of one affected player showed more than 100 different recipient companies across her deposits, including businesses whose apparent commercial descriptions had no obvious relationship to gambling. Again, these are allegations and reported findings, not final judicial determinations. But the pattern raises the classic payment-compliance issue: Is the casino the merchant — or is the player being routed through a rotating merchant layer that separates the risky gambling activity from the entity visible to the bank and card network? That question leads directly to Zentoria. 8. The Zentoria Bridge: Where Independent Investigations Converge This is one of the most important convergence points between FinTelegram’s own work and the Soft2bet Files. Investigate Europe reports that a Belgian card-payment test at Onlyspins led to Irish-registered Zentoria. FinTelegram had already identified Zentoria in separate casino-payment rail reviews, including the Malina Casino case, where tested EU-facing payment flows exposed Zentoria Limited as a payee in card/Skrill verification screens. Read our Malina / Zentoria report here. This matters because both evidence streams rely on the same investigative method: follow the player deposit path, capture the payment screens, identify the payee or descriptor, and compare the observed merchant layer with the casino brand presented to the player. The result is a high-value convergence: FinTelegram / Malina: offshore casino deposit flow → third-party payment layers → Zentoria Limited as observed payee. Investigate Europe / Onlyspins: offshore casino deposit flow → card-payment route → Zentoria Limited as observed payee. This does not prove that Zentoria owns Malina, Onlyspins, Soft2Bet-related brands or the NALMI infrastructure. It does, however, support the narrower and stronger conclusion that Zentoria has emerged as a recurring payment-facade or merchant/payee-layer indicator across multiple offshore casino investigations. 9. Why the SOFTSWISS Comparison Matters The obvious mistake would be to write: “Soft2Bet and SOFTSWISS are the same.” They are not. There is no evidence before FinTelegram establishing common ownership or a single joint network. The correct analytical question is: Do both ecosystems expose the same structural weakness in Europe’s iGaming compliance model? FinTelegram believes the answer is yes. SOFTSWISS publicly presents itself as a major iGaming technology ecosystem. Its current website says more than 1,500 iGaming brands rely on its software and describes an integrated portfolio including casino platform, sportsbook, game aggregation and other infrastructure. It also states that its products integrate hundreds of payment methods. SOFTSWISS expressly says it does not process payments directly, but integrates payment providers into its products. That distinction must be respected. However, the wider SOFTSWISS compliance context has attracted separate scrutiny. In November 2024, German broadcaster BR reported evidence it said pointed to possible links between SOFTSWISS and dozens of casinos targeting German players without German licences. The BR investigation focused in part on N1 Interactive Ltd and Dama N.V. and described corporate, court and domain-registration indicators. BR reported that SOFTSWISS and its founder did not answer its questions. Separately, FinTelegram has been mapping the wider ecosystem around: SOFTSWISS; Dream Finance; CoinsPaid; CryptoProcessing; FinteqHub; and Coinspaid Dev. FinTelegram’s reporting is expressly risk-based and distinguishes registered ownership, documented corporate relationships, public founder roles, whistleblower allegations and unresolved hypotheses. The comparison is therefore not an accusation of identity. It is a comparison of architecture. 10. Soft2Bet vs SOFTSWISS: A Comparative Compliance Map LayerSoft2BetSOFTSWISSEvidence BoundaryPublic PlatformTurnkey casino and sportsbook infrastructureLarge modular iGaming technology ecosystemPublic / officialPublic Brand RolePublicly owns and operates licensed B2C brandsPrimarily positions as B2B technology provider powering operator brandsPublic / officialPaymentsPublicly offers payment capabilities and 100+ provider portfolioSays it does not process directly; integrates PSPs and payment methodsPublic / officialKYC / RiskPublic KYC, AML, sanctions, fraud and risk stackCompliance and integrated operator infrastructurePublic / officialPlayer OperationsPublic customer support lifecycle includes KYC, self-exclusion and payoutsPlatform infrastructure for operatorsPublic / officialOffshore Casino AllegationsExtensive current leak-based and corporate-record reportingSeparate BR reporting concerning alleged links to offshore operatorsThird-party investigationsDirect Money-Flow EvidenceCurrent reporting cites leaked statements and €600m flowsNo equivalent public €600m leak dossier identifiedMajor evidence asymmetryPayment-Orchestration LayerPgway and other payment relationships in current investigationFinteqHub publicly originated from the SOFTSWISS PSP teamPublic + investigativeCrypto-Payment LayerNot central to current comparative caseDream Finance / CoinsPaid / CryptoProcessing central to FinTelegram analysisFT risk-based analysisEngineering LayerBrainRocket described in current investigation as casino-development armCoinspaid Dev / Polish engineering layer subject of FT analysisDifferent evidence basesTechnical Cluster EvidenceZentoria bridge now intersects FT NALMI researchSeparate infrastructure and ecosystem questionsNot one common networkCurrent Evidence StrengthStrong at leak, payment-record, insider and internal-file levelBroader but more contested across infrastructure, ownership and crypto-payment questionsMust not be equated The key conclusion is deliberately simple: Different groups. Different evidence. Similar compliance architecture. 11. The Important Difference: Evidence Strength A serious compliance report must acknowledge asymmetry. Soft2Bet The current evidence appears particularly strong because the reporting combines: leaked payment statements; internal company files; internal conversations; former employees; corporate records; regulator blacklist analysis; player accounts; live payment tests; and multi-country media cooperation. That is a highly developed evidential stack. Soft2Bet denies wrongdoing and challenges the interpretation of its corporate structure. That response must be presented prominently and fairly. SOFTSWISS The current public evidential position is different. The case includes: SOFTSWISS’s own large-scale platform footprint; the 2024 BR investigation; corporate and domain indicators discussed by BR; FinTelegram’s Dream Finance / CoinsPaid / CryptoProcessing research; FinteqHub’s documented origin from the SOFTSWISS PSP team; the new Coinspaid Dev engineering layer; whistleblower allegations; and unresolved beneficial-control and infrastructure questions. This does not currently amount to the same type of consolidated leak-based money-flow case as the Soft2bet Files. FinTelegram should say so clearly. The Soft2Bet evidence currently appears stronger at the direct money-flow and internal-document level. The SOFTSWISS case is broader at the infrastructure, crypto-payment and ecosystem-control level, with several relationships and control questions remaining contested or unresolved. [SN5] [SN9] 12. Where Does the Platform End and the Operator Begin? This is the central question. Traditionally, regulators may see: Software Provider→ sells platform Operator→ accepts players PSP→ processes money Support Provider→ answers tickets Marketing Agency→ buys traffic Offshore Licensee→ operates brand Infrastructure Provider→ hosts domains On paper, these are separate functions. But what happens if the same economic ecosystem coordinates: platform development; brand launches; KYC; payments; payout management; customer support; retention; marketing; fraud systems; payment routing; server infrastructure; and offshore licensing? At that point, formal legal separation may no longer answer the real regulatory question. The more useful test becomes: Who controls the player journey? Who decides: whether a player can register; whether KYC is required; whether a withdrawal is delayed; whether a closed account is reopened; which bonus is offered; which payment route is displayed; which merchant receives the card deposit; which support team answers; which brand is launched next; which domain replaces a blocked one? That is the point where platform analysis becomes operator analysis. 13. Regulated Islands in an Offshore Ocean The architecture also exposes a weakness in Europe’s national licensing system. A group can potentially maintain: a licensed brand in Sweden; another licensed brand in Greece; another in Denmark; an Irish merchant or gambling entity; a Malta payment company; a Cyprus service entity; an Anjouan casino vehicle; a Costa Rican company; a Marshall Islands parent; and hundreds of domains accessible across borders. Each regulator may see one island. Nobody necessarily sees the ocean. That is why a platform group can appear simultaneously: licensed; award-winning; banked; sponsored; payment-enabled; and connected to unlicensed activity. This is not necessarily because one regulator failed. It may be because the regulatory architecture itself is fragmented. The compliance system reviews legal entities. The operational system functions as a network. 14. The Payment-Provider Failure For FinTelegram, payment providers are not secondary characters. They are gatekeepers. The current Soft2bet Files raise questions for: EMIs; payment institutions; banks; acquirers; card networks; e-wallets; payment gateways; and merchant-monitoring teams. A PSP onboarding a gambling merchant should understand: the operator; the beneficial owner; target markets; licensing perimeter; websites; descriptors; related brands; expected transaction volume; settlement beneficiaries; and high-risk affiliates. But the modern casino network may rotate faster than the periodic review cycle. A domain can change. A descriptor can change. A merchant can change. A payment route can change. A casino can reappear under another brand. The platform layer may remain. This suggests that static KYB is no longer sufficient for high-risk gambling. Regulated intermediaries need network-aware monitoring. 15. The Compliance Failure Is Ecosystem-Wide The question is not simply: Why did the gambling regulator not block the casino? The relevant gatekeepers include: Gambling Regulators Did they identify common platform, payment or brand infrastructure across licensed and unlicensed operations? Financial Regulators Did supervised EMIs and PIs understand the underlying gambling exposure? Banks and Acquirers Did transaction monitoring detect high-volume casino deposits, rotating merchants and unusual descriptors? Card Networks Were merchant-category and licensing controls effective? Payment Gateways Who owned the MIDs, routing logic and merchant mappings? Game Suppliers Why were licensed game products accessible on unlicensed brands in restricted markets? KYC and Fraud Providers Did account-level client structures reveal common operational control? Infrastructure Providers Did concentrated casino-domain environments trigger enhanced review? Platform Providers What controls prevented customers, internal brands or related entities from targeting prohibited markets? The systemic question is uncomfortable: If every regulated intermediary performed effective due diligence, how can a 145-site blacklisted ecosystem remain commercially functional? 16. Evidence Matrix PropositionEvidence StatusFinTelegram AssessmentSoft2Bet is a major integrated iGaming providerSELF / OFFICIALEstablishedSoft2Bet says it holds 22+ licences in 12 jurisdictionsSELF / OFFICIALCompany claim145 websites are blacklisted in at least one European country3P INVESTIGATIONReported by Investigate Europe€600m moved from Tranello/Tilaros to Soft2Bet and associated companies/partners3P / LEAKED PAYMENT RECORDSSerious reported findingTranello onboarding identified it as belonging to Soft2Bet group3P / LEAKED ONBOARDING RECORDSerious reported findingSoft2Bet denies wrongdoingDIRECT RESPONSEMust be prominently statedOnlyspins card route led to Zentoria3P / LIVE JOURNALIST TESTHigh-value independent bridgeFinTelegram observed Zentoria Limited in tested casino-payment flowsFT LIVE TEST / SCREENSHOT EVIDENCEEstablished within FinTelegram’s Malina Casino review; Zentoria appeared as payee in tested card/Skrill verification flows connected to an EU-facing offshore casino deposit.Zentoria functions as a recurring merchant/payee-layer participant in offshore casino flowsFT PATTERN EVIDENCE / MULTI-CASE OBSERVATIONStrong FinTelegram working hypothesis, supported by repeated appearances of Zentoria across casino-rail investigations. Requires PSP, acquirer, MID and settlement records for final role attribution.FinTelegram and Investigate Europe used comparable investigative methods to expose ZentoriaMETHODOLOGICAL CONVERGENCEBoth evidence streams rely on live payment-path testing, screenshots and observed payee/descriptor data rather than mere domain similarity or corporate speculation.Zentoria is a proven operator of all casinos in which it appears as payeeNOT FINALLY ESTABLISHEDIts appearance as payee/merchant-layer participant raises payment-facilitation and merchant-monitoring questions.Zentoria links Soft2Bet, Malina, Onlyspins and the NALMI environment into one ownership networkNOT ESTABLISHEDThe evidence establishes a recurring Zentoria payment-layer bridge across multiple casino investigations, not common ownership of all brands or infrastructure.Zentoria is now a central cross-case payment-facade indicatorFT ANALYTICAL CONCLUSIONStrong and defensible. Zentoria should be treated as a high-priority entity for PSP, acquirer, MID, descriptor, settlement and domain-control inquiries.Zentoria / Spinsopotamia sits in wider NALMI technical environmentFT EXTERNAL TECHNICAL DOSSIERStrong infrastructure correlation; ownership not establishedSoft2Bet controls NALMINOT ESTABLISHEDDo not claimZentoria owns the NALMI casino networkNOT ESTABLISHEDDo not claimSOFTSWISS is connected to Soft2BetNOT ESTABLISHEDDo not claimSoft2Bet and SOFTSWISS share a compliance architectureFT ANALYTICAL COMPARISONSystemic hypothesisSOFTSWISS directly processes paymentsCONTRADICTED BY SOFTSWISS PUBLIC POSITIONSOFTSWISS says it integrates PSPs but does not process directlyFinteqHub originated from SOFTSWISS PSP teamSELF / OFFICIAL HISTORICAL DISCLOSUREEstablished public linkSOFTSWISS-linked offshore-operator questions exist3P / BR + FT ANALYSISRelevant but separate evidence streamSoft2Bet evidence and SOFTSWISS evidence are equivalentFALSEExplicitly rejected 17. Regulatory Questions FinTelegram believes the following questions should now be asked. To Soft2Bet What were the precise contractual relationships between Soft2Bet, Tranello, Tilaros, Araxio, Rabidi, Outono and BrainRocket? Which of the approximately 160 brands in the leaked materials were owned, controlled, internally operated or serviced for third parties? What did the “internal” brand classification mean? Did shared customer-service or marketing teams work across licensed and blacklisted brands? Did any Soft2Bet-controlled systems determine payment routing for blacklisted casinos? What was the relationship between Soft2Bet and Pgway? Why did Soft2Bet reportedly identify Tranello as belonging to the Soft2Bet group during payment-provider onboarding? What controls prevented Soft2Bet technology or services from targeting countries without local authorisation? To Zentoria Why was a Belgian card deposit for Onlyspins reportedly directed to Zentoria? What contractual relationship existed between Zentoria and Onlyspins? Which PSP, acquirer and MID processed the transaction? Who was the settlement beneficiary? Was Zentoria acting as operator, merchant, payment facilitator, agent or another role? Was the relevant PSP informed that the underlying player was depositing at Onlyspins? To NALMI Which customer accounts controlled the relevant allocations inside 185.207.196.0/22? Were Spinsopotamia and the wider casino-domain population provisioned under one or multiple customer accounts? Did NALMI receive abuse or regulatory notices concerning the domains? Does any customer relationship connect NALMI infrastructure to Soft2Bet, BrainRocket, Zentoria or related service companies? To SOFTSWISS How does SOFTSWISS distinguish independent operators from brands under common economic control? What controls prevent platform-powered brands from targeting prohibited jurisdictions? What is the current relationship between SOFTSWISS and FinteqHub? What service, engineering or infrastructure relationships exist with Dream Finance, CoinsPaid, CryptoProcessing and Coinspaid Dev? Does SOFTSWISS conduct network-level monitoring across the brands using its technology? What action is taken where multiple operators appear to share payment, ownership or infrastructure indicators? 18. FinTelegram Assessment The Soft2bet Files may represent a turning point. For years, the iGaming industry has relied on a convenient conceptual separation: The platform supplies technology. The operator bears responsibility. That distinction remains legally important. But it cannot become a compliance blindfold. A platform capable of coordinating onboarding, KYC, payments, CRM, risk, player support, payouts and brand deployment is not merely supplying a static software product. The closer the platform moves to the player, the money and the operational decision-making, the more urgent the attribution question becomes. The Soft2Bet evidence is currently the clearest public case study of this problem because it combines alleged internal records, payment statements and operating evidence. The distinction is not that Soft2Bet has a money-flow layer while SOFTSWISS does not. FinTelegram’s work on FinteqHub, Dream Finance, CoinsPaid, CryptoProcessing and related engineering structures points to a dense SOFTSWISS-adjacent money-flow and crypto-payment architecture. The difference is evidentiary posture. The Soft2bet Files currently provide a more consolidated public leak-and-bank-record package, including reported payment statements and specific money-flow allegations. The SOFTSWISS case, by contrast, is built around platform scale, crypto-payment architecture, PSP orchestration, engineering layers, public corporate links, BR reporting and FinTelegram’s own investigations. The conclusion is not: Soft2Bet = SOFTSWISS. The conclusion is: Europe may have a platform-provider compliance problem. 19. Final Conclusion: Follow the Infrastructure, Not Only the Licence The next generation of gambling compliance cannot stop at a licence register. Regulators and financial institutions must map: ownership; infrastructure; payment orchestration; merchant descriptors; support teams; engineering; domains; replacement brands; API relationships; and settlement beneficiaries. Because the modern casino ecosystem is not a company chart. It is a network. And in a network, the decisive question is no longer only: Who owns this casino? It is: Who controls the system that keeps the casino operating? That is where the platform may end. And the operator may begin. Right of Reply FinTelegram invites Soft2Bet, Uri Poliavich, BrainRocket, Outono, Tranello, Tilaros, Araxio Development, Rabidi, Pgway, Trumia, Zentoria Limited, NALMI Limited, SOFTSWISS, Dream Finance, CoinsPaid, CryptoProcessing, FinteqHub, Coinspaid Dev, all relevant payment providers, banks, acquirers, regulators and other affected parties to provide factual corrections, context and documentary evidence. FinTelegram will review substantiated responses and update its reporting where appropriate. This report does not establish criminal liability or unlawful conduct by any named party. It distinguishes official information, third-party investigative findings, technical correlations, FinTelegram analysis and unresolved hypotheses. Call for Information FinTelegram invites current and former employees, engineers, payment professionals, compliance officers, affiliate managers, customer-support agents, PSP staff, acquirers, casino contractors and affected players to provide information concerning: Soft2Bet and related brand environments; Tranello and Tilaros; Pgway and payment routing; BrainRocket; Trumia; Zentoria and Spinsopotamia; NALMI infrastructure; SOFTSWISS; Dream Finance; CoinsPaid / CryptoProcessing; FinteqHub; Coinspaid Dev; internal brand lists; merchant descriptors; MIDs and gateway identifiers; settlement beneficiaries; replacement domains; shared operational teams; and cross-border casino-payment infrastructure. Information can be shared confidentially with FinTelegram via Whistle42. Share Information via Whistle42 Source Notes / Fact-Check Map SN1 — Soft2bet Files: €600m, 145 blacklisted sites, leaked records, internal files, former employees, and Soft2Bet’s denial. Investigate Europe says its year-long, 15-country investigation reviewed thousands of pages of leaked payment records and internal material; it reports €600 million flowing from offshore-casino-linked structures and 145 blacklisted websites. Soft2Bet denied wrongdoing and said the reporters’ interpretation of its structure was misleading. The Times of Malta independently carried the consortium findings, and BR/Tagesschau reported the German-market dimension. SN2 — Soft2Bet’s own integrated operating stack. Soft2Bet publicly markets turnkey iGaming technology and explicitly describes payments, 100+ payment providers, KYC, risk and fraud controls; its customer-support materials include self-exclusion, KYC and payout handling. In April 2026, the company said it held more than 22 licences across 12 jurisdictions. SN3 — Araxio, Rabidi, Tranello, Tilaros, Outono and BrainRocket. Investigate Europe reports that Araxio and Rabidi formed part of the offshore layer and that payment statements show Tranello and Tilaros channelling €600 million to Soft2Bet and associated companies/partners; the reporting says more than €330 million went to Poliavich-owned companies including Outono and BrainRocket. These are reported investigative findings, not final judicial determinations. SN4 — Onlyspins → Trumia / Zentoria payment tests. Investigate Europe reports that a German bank-transfer test at Onlyspins led to Trumia, while a Belgian card test asked reporters to send money to Irish-registered Zentoria. The same report says Zentoria’s licence did not cover Onlyspins. SN5 — Separate SOFTSWISS adverse-media stream. BR/Tagesschau reported in November 2024 that its analysis indicated possible links between SOFTSWISS/the founder environment and unlicensed casinos operated through N1 Interactive and Dama N.V.; BR said SOFTSWISS and its founder did not answer its questions. This is a separate investigation from the Soft2bet Files and must not be conflated with them. SN6 — Payment firms and Pgway. Investigate Europe reports that My EU Pay and Unlimit processed transfers in the investigated environment; it says €543 million moved from Tranello/Tilaros My EU Pay accounts to accounts linked to Soft2Bet or partners and that onboarding material described Tranello as belonging to the Soft2Bet group. The second report also details Pgway-related allegations and expressly says there is no evidence the payment firms knew their products were used in relation to blacklisted websites. SN7 — FinTelegram’s Zentoria/NALMI technical evidence. The uploaded External Technical Evidence Dossier reports 496 investigated domains, 495 inside the NALMI / AS213846 185.207.196.0/22 snapshot, a strict 83-domain shared-configuration cluster and multiple API/asset correlations. It explicitly warns that shared infrastructure does not prove common legal ownership. SN8 — SOFTSWISS public platform and payments position. SOFTSWISS says more than 1,500 iGaming brands rely on its software. It publicly describes a modular iGaming ecosystem and says it does not process payments directly but integrates payment providers; its site also describes hundreds of payment methods. SN9 — FinTelegram’s SOFTSWISS / Dream Finance analysis. FinTelegram’s June 2026 reports map a risk-based ecosystem around SOFTSWISS, Dream Finance, CoinsPaid, CryptoProcessing and FinteqHub; v2 adds the Polish Coinspaid Dev engineering layer and expressly separates documented ownership from allegations and unresolved control questions. SN10 — FinteqHub provenance. SOFTSWISS itself announced in 2023 that FinteqHub was developed by the SOFTSWISS PSP Team, a relevant public link for the payment-orchestration comparison. SN11 — Scale of current German exposure. BR/Tagesschau reported that a Similarweb-based analysis suggested Soft2Bet-serviced unlicensed casinos received roughly eight million visits from Germany in May 2026. This is a media analysis, not a regulator-certified traffic count. SN12 — Earlier 2025 network findings. Investigate Europe’s March 2025 investigation said it traced more than 140 gambling websites to Soft2Bet and found at least 114 blacklisted in one EU country as of February 2025. The July 2026 reporting uses a later and broader 145-site figure. SN13 — Soft2Bet’s response. The company told the investigative consortium that it takes compliance and governance seriously, denied wrongdoing and described the reporters’ interpretation of its business and corporate structure as incorrect and misleading. SN14 — The core evidence asymmetry. The statement that the Soft2Bet case is currently stronger at the direct leak/payment-record level is FinTelegram analytical judgment, based on the current Investigate Europe evidence stack versus the separate BR, public-product and FinTelegram risk-based evidence streams around SOFTSWISS. Supporting source bases:

Read More

The Xoala MiCA Question: Whistleblower Alleges Crypto Fund Freezes as Swedish EMI Faces Regulatory Investigation

Key Points A whistleblower alleges that Xoala has blocked or withheld funds belonging to multiple cryptocurrency companies. The source claims that the restrictions may be connected to the MiCA transition and alleges that Xoala had prior knowledge of the relevant regulatory changes. FinTelegram has not independently verified the allegations and has not yet received sufficient evidence to establish deliberate misconduct. The complaint nevertheless emerges against a significant regulatory backdrop: on 17 June 2026, Sweden’s Finansinspektionen disclosed an ongoing investigation into Steven AB, the licensed electronic money institution behind Xoala’s European corporate payment setup. Xoala publicly operates through a multi-jurisdiction structure involving a Swedish EMI, a Polish VASP entity, and an Isle of Man digital-asset business. Xoala’s own website refers to MiCA compliance, while the public disclosure reviewed by FinTelegram identifies a Polish VASP registration but does not specify a MiCA CASP authorisation number. FinTelegram is inviting affected crypto companies, former employees, compliance officers, banking partners, and other insiders to provide evidence. Xoala — Key Entities & Regulatory Footprint CategoryEntity / ItemKey DataRegulatory / Investigative RelevanceBrandXoalawww.xoala.comShared fintech / payments / digital-assets brandPublicly presents an integrated fiat-and-crypto offering, while services appear to be distributed across several legal entities and jurisdictions.Core EU Payments EntitySteven ABSwedish company; company no. 559026-5673Central regulated entity behind Xoala corporate payment services.Primary LicenceSteven AB – Electronic Money InstitutionSupervised by Sweden’s Finansinspektionen; institution ID 48004Critical for customer accounts, e-money issuance, payments and safeguarding questions.Current Regulatory InvestigationFinansinspektionen investigation into Steven ABPublicly announced 17 June 2026; ongoingFI is examining compliance with Sweden’s Electronic Money Act, including e-money issuance. No wrongdoing has yet been established.EU Crypto EntityXoala Digital, PolandPolish company; KRS 0001047696Presented by Xoala as an EU crypto-services entity.Polish Crypto RegistrationXoala DigitalVASP register no. RDWW-872Legacy VASP registration should not be confused with a MiCA CASP authorisation.MiCA PositioningXoala Digital Risk DisclosureXoala states that the business operates within the EU regulatory framework “including MiCA” and “within MiCA compliance”Raises questions about the precise current MiCA legal basis and authorisation status.MiCA CASP LicenceNot identified in reviewed public disclosureNo specific CASP licence number or granting EU authority identified in the Xoala disclosure reviewed by FinTelegramRequires clarification from Xoala; absence of an identified licence is not proof of unauthorised activity.Offshore / Non-EU Crypto LayerXoala IOM Limited (Isle of Man)Xoala Asia (Mauritius)Primewave Payments Limited (Canada)Offshore entitiesXoala states that “Xoala Digital” is also a trading name of this entity, creating an important entity-perimeter question.Primewave Payments Limited, Vancouver, British Columbia, Canada, is a FINTRAC-registered MSB (Registration Number C100000799). IOM Regulatory StatusXoala IOM LimitedDescribed as registered as a Designated Business in the Isle of ManNot equivalent to an EU MiCA CASP authorisation.Key Entity AmbiguityPoland vs Isle of ManMiCA/EU disclosure refers to a Polish Xoala Digital entity; general legal disclosure links “Xoala Digital” to Xoala IOM LimitedCentral transparency issue: which entity contracts with EU crypto customers and controls crypto-related services?Corporate Terms CounterpartySteven ABXoala Corporate Terms identify Steven AB as contractual party for relevant corporate accounts and payment servicesImportant for determining who legally owes customer balances and who may impose restrictions.Crypto Service ScopeXoala DigitalPublicly described as offering purchase, sale, custody and transfer of crypto-assetsBrings MiCA perimeter, custody, execution and entity-allocation questions into focus.Potential AcquisitionFDCTech / Steven ABNon-binding LOI announced in August 2025 for acquisition of 100% of Steven ABAdds governance, disclosure and due-diligence questions.Proposed Purchase PriceSteven AB acquisition$6.75 millionPublicly announced transaction value.Original Payment ScheduleFDCTech transactionFive annual instalments of $1.35 million, reportedly beginning 13 June 2026Notable because FI announced its investigation four days later; no causal link has been established.Transaction StatusFDCTech acquisitionLater SEC filing described the acquisition as “advancing” rather than clearly completedCurrent ownership and transaction completion require clarification. The Whistleblower Allegation FinTelegram has received a whistleblower submission alleging that Xoala may be withholding or restricting funds belonging to cryptocurrency companies. According to the source, multiple companies may have been affected. The whistleblower states: “We have received information indicating that Xoala may be withholding funds belonging to cryptocurrency companies, potentially in connection with the implementation of MiCA regulations. It appears that funds belonging to multiple companies have been blocked, despite Xoala allegedly having prior knowledge of the upcoming regulatory changes and their effective date.” The submission further raises concerns that the restrictions may have been imposed deliberately and with prior awareness of the regulatory transition. At this stage, FinTelegram has not independently verified: the number of affected companies; the aggregate amount of restricted funds; the duration of the alleged restrictions; whether the restrictions were imposed by Xoala itself, a banking partner, or a competent authority; whether individual anti-money laundering, sanctions, fraud, or source-of-funds concerns existed; or whether MiCA was explicitly cited as the basis for the restrictions. The allegations therefore remain unproven. Nevertheless, the submission raises legitimate questions given Xoala’s explicit positioning at the intersection of regulated payments and digital assets. A Regulated EMI at the Centre of the Structure Xoala is not a single legal entity. Its own legal disclosure states that Xoala is a trading name shared by various regulated entities. For corporate payment services, Xoala’s published Corporate Terms identify Swedish company Steven AB as the contractual entity. Steven AB, company number 559026-5673, is authorised as an electronic money institution and supervised by Sweden’s Finansinspektionen under institution number 48004. The Corporate Terms state that Steven AB operates under the Xoala trading name and provides corporate accounts and payment services. Xoala separately states that customer funds falling within its safeguarding framework are segregated in accordance with the applicable Swedish electronic-money rules. This structure makes the whistleblower allegations particularly important. If corporate fiat balances were restricted, investigators would need to establish: whether the funds represented electronic money issued by Steven AB; whether they were held in safeguarding accounts; whether the restriction originated with Steven AB; whether a correspondent or safeguarding bank imposed the measure; and whether the customer retained an enforceable right to redeem the electronic money. Swedish Finansinspektionen Is Investigating Steven AB On 17 June 2026, Sweden’s Finansinspektionen publicly disclosed an ongoing investigation into Steven AB. The regulator said it is examining whether the electronic money institution complied with Sweden’s Electronic Money Act. The investigation includes, among other matters, Steven AB’s issuance of electronic money. The regulator has not published a finding of wrongdoing. FinTelegram has found no public evidence establishing that the investigation is connected to the fund restrictions alleged by the whistleblower. That distinction is important. However, the regulatory investigation materially increases the public-interest relevance of questions concerning customer funds, electronic money, account restrictions, redemption procedures, and customer protection within the Xoala structure. The MiCA Dimension Xoala actively presents itself as a digital-asset and fiat infrastructure provider. A dedicated disclosure on its website is titled: “Xoala Digital Risk Disclosure – (MiCA / EU).” The disclosure identifies Xoala Digital as a Polish limited liability company based in Łódź, registered under KRS number 0001047696. According to Xoala, the company is entered in Poland’s Register of Virtual Currency Service Providers under registration number RDWW-872. The platform says that Xoala Digital provides services including: purchase of crypto-assets; sale of crypto-assets; custody; and transfer of supported digital assets. The same disclosure states that: “Xoala Digital operates under the regulatory framework of the European Union, including the Markets in Crypto-Assets Regulation (MiCA).” Elsewhere, Xoala states that the company operates “within MiCA compliance.” This raises an obvious regulatory-status question. A legacy Polish VASP registration is not the same thing as a MiCA CASP authorisation. In the public disclosure reviewed by FinTelegram, Xoala identifies its Polish VASP registration but does not specify a MiCA CASP licence number or identify the competent EU authority that allegedly granted such an authorisation. FinTelegram therefore invites Xoala to clarify: whether any Xoala entity currently holds a MiCA CASP authorisation; which authority issued it; the relevant authorisation number; and the legal basis on which the Polish entity currently serves EU crypto customers. Which Xoala Entity Actually Provides the Crypto Service? Xoala’s own public disclosures create a further transparency question. The dedicated MiCA/EU risk disclosure describes Xoala Digital as a Polish company. However, Xoala’s general legal disclosure states that: “Xoala Digital is a trading name of Xoala IOM Limited.” Xoala IOM Limited is described as an Isle of Man company registered with the Isle of Man Financial Services Authority as a Designated Business. This creates a fundamental perimeter question: Which entity is the actual contractual crypto service provider for an EU customer? FinTelegram believes Xoala should clarify: whether EU customers contract with the Polish entity; whether they contract with Xoala IOM Limited; what role Steven AB plays in fiat settlement; which entity controls crypto-assets; which entity executes conversions; and which entity has authority to restrict customer access to funds. These questions are directly relevant to the whistleblower allegation. A customer may perceive a single Xoala platform while legally interacting with several entities across different jurisdictions. Account Restrictions Are Not Automatically Misconduct FinTelegram stresses that account freezes or transaction restrictions imposed by an electronic money institution are not inherently unlawful. A regulated institution may be legally required to restrict activity because of: anti-money laundering concerns; sanctions; fraud suspicions; source-of-funds issues; regulatory instructions; law-enforcement requests; or incomplete customer due diligence. Xoala’s Corporate Terms provide the company with substantial compliance and risk-management rights. The same Terms also state that electronic money may generally be redeemed at par value, subject to applicable law and to checks the company is required or permitted to perform. The decisive question is therefore not simply whether funds were restricted. The real questions are: Why were they restricted? How long were they restricted? Were affected customers individually informed? Were redemption requests processed? Were customers given an orderly exit? Did Xoala continue accepting funds after deciding that a customer relationship could no longer continue? The Core Whistleblower Hypothesis The whistleblower submission becomes potentially serious if evidence establishes a recurring sequence such as: Xoala onboarded or continued servicing crypto companies; Xoala knew that upcoming MiCA-related changes would affect those companies; customer funds continued to be accepted; accounts were subsequently restricted; multiple companies were affected in a similar timeframe; funds were not returned or redeemed within a reasonable period; MiCA or regulatory transition issues were cited only after the funds had already been received. FinTelegram currently has no evidence establishing that such a systematic pattern occurred. This is precisely why additional whistleblower evidence is required. A Parallel Corporate Transaction The case has another potentially relevant corporate dimension. In August 2025, US-listed FDCTech announced a non-binding letter of intent to acquire 100% of Steven AB, trading as Xoala, for a stated consideration of $6.75 million. The announced structure contemplated five annual instalments of $1.35 million beginning on 13 June 2026. In an SEC annual filing submitted in April 2026, FDCTech continued to describe the Steven AB acquisition as “advancing,” rather than clearly completed. The timing is noteworthy but proves nothing: 13 June 2026 was the originally announced start date for the proposed annual acquisition payments; four days later, on 17 June 2026, Finansinspektionen publicly disclosed its investigation into Steven AB. FinTelegram has no evidence that the transaction and the regulatory investigation are connected. Nevertheless, the situation raises legitimate questions about: the present ownership of Steven AB; the status of the acquisition; regulatory change-of-control procedures; disclosure of material customer disputes; and whether any alleged restricted-funds cases were known during due diligence. Questions for Xoala and Steven AB FinTelegram invites Xoala and Steven AB to answer the following questions: How many crypto-related corporate customers have had accounts restricted, suspended, or terminated since 1 January 2025? What is the aggregate amount of customer funds currently subject to restrictions? How many affected customers are crypto exchanges, VASPs, CASPs, payment processors, OTC brokers, or other digital-asset companies? Were any restrictions introduced because customers lacked a MiCA CASP authorisation? Were any restrictions connected to the end of national MiCA transitional arrangements? Did Xoala continue accepting customer funds after deciding that particular crypto businesses could no longer be serviced? What is the average duration of current crypto-related account restrictions? What is the longest current restriction? Which legal entity decides whether a customer account is frozen? Are restricted fiat balances legally represented by electronic money issued by Steven AB? Are those balances safeguarded? Can affected customers redeem the relevant electronic money at par value? Does any Xoala entity currently hold a MiCA CASP authorisation? If so, which entity, authority, and authorisation number? What precisely does Xoala mean when it states that Xoala Digital operates “within MiCA compliance”? Why does the MiCA/EU risk disclosure identify Xoala Digital as a Polish company while the general legal disclosure states that Xoala Digital is a trading name of Xoala IOM Limited? Which entity is the contractual crypto service provider for EU customers? Is the ongoing Finansinspektionen investigation connected in any way to customer funds, safeguarding, electronic-money redemption, crypto customers, or account restrictions? Has the proposed FDCTech acquisition of Steven AB been completed? Were material customer disputes, restricted balances, or the Finansinspektionen investigation disclosed during the acquisition process? Preliminary FinTelegram Assessment The whistleblower allegations are serious but remain unverified. There is currently insufficient evidence to conclude that Xoala deliberately trapped customer funds or systematically used MiCA as a pretext to block crypto companies. However, the allegations cannot be dismissed as an isolated complaint without further investigation. Xoala operates a multi-jurisdiction structure combining regulated electronic money services and digital-asset activities. Its own public disclosures reference MiCA while raising questions about the precise legal entity and authorisation basis behind its EU crypto services. Most importantly, the licensed Swedish EMI behind Xoala’s corporate payment infrastructure is currently subject to an ongoing Finansinspektionen investigation concerning compliance with electronic-money law. That does not prove the whistleblower allegations. It does make them worthy of serious investigation. FinTelegram will continue reviewing the matter and invites additional evidence from affected companies, insiders, and regulatory sources. Call for Evidence FinTelegram is inviting information from: cryptocurrency companies whose Xoala accounts were restricted; former or current Xoala employees; compliance and AML officers; former executives; correspondent banks; safeguarding partners; crypto liquidity providers; OTC desks; CASPs and former VASPs; consultants involved in MiCA transition projects; and persons familiar with the Steven AB acquisition process. Particularly relevant evidence includes: account statements; screenshots of inaccessible balances; freeze notices; termination letters; redemption requests; emails with Xoala compliance teams; MiCA-related communications; requests for CASP licences; internal policies; correspondence with banks; customer complaints; and evidence showing when Xoala became aware that a particular crypto customer might no longer satisfy regulatory requirements. Sources may contact FinTelegram confidentially. Share Information via Whistle42

Read More

MiCA Enforcement Test in Estonia: Arvutitark Still Offers Crypto Payments Through Dream Finance / CryptoProcessing

A regulatory notification reviewed by FinTelegram asks Estonia’s Finantsinspektsioon to examine whether live merchant crypto payments processed through Dream Finance OÜ remain compatible with the post-1 July 2026 MiCA regime. The case could become an early test of where client protection ends — and prohibited business-as-usual begins. FinTelegram has reviewed a regulatory notification concerning the continued availability of CryptoProcessing by Coinspaid at Estonian electronics retailer Arvutitark after the MiCA transitional deadline. Dream Finance OÜ admits its CASP application remains pending and says activities have been restricted. Yet Arvutitark publicly continues to instruct shoppers to use “CoinsPaid crypto payment,” with payments processed by Dream Finance OÜ. The central question is now for Estonia’s supervisor: wind-down support or continued unauthorised merchant processing? Key Facts IssueCurrent PositionMiCA deadlineEstonia’s transitional regime ended on 1 July 2026.Dream Finance OÜ CASP statusApplication pending; no final authorisation decision disclosed.Dream Finance positionNo new clients, accounts or agreements; no expansion of existing services; restricted activity pending regulator decision.Arvutitark checkoutPublicly offers “CoinsPaid crypto payment” and redirects customers to CryptoProcessing.Processor attributionArvutitark states that payments are processed by Dream Finance OÜ.Merchant relationshipCryptoProcessing publicly promoted its partnership with Arvutitark before the MiCA deadline.Regulatory issueWhether continuing ordinary customer payments for an existing merchant is legitimate wind-down activity or prohibited business-as-usual. The Notification to Estonia’s Supervisor FinTelegram has reviewed a copy of a notification dated 2 July 2026 submitted to Estonia’s Finantsinspektsioon. FinTelegram is not identifying the sender of the notification. The submission asks the Estonian financial supervisor to investigate what it describes as suspected continued provision of crypto-asset services through Dream Finance OÜ / CoinsPaid / CryptoProcessing after the end of Estonia’s MiCA transitional period. At the centre of the notification is Arvutitark OÜ, an Estonian electronics retailer operating arvutitark.ee. According to the notification, an observed payment flow indicated that Arvutitark customers could still initiate crypto payments through CryptoProcessing by Coinspaid after the 1 July 2026 regulatory deadline. The notification asks Finantsinspektsioon to determine, among other things: whether Dream Finance OÜ, CoinsPaid or CryptoProcessing currently hold a MiCA CASP authorisation in Estonia or elsewhere in the EEA; whether a pending CASP applicant may continue processing crypto payments for existing merchants; whether the Arvutitark payment flow is compatible with restrictions imposed on unauthorised CASPs; whether other EU-based merchants continue to receive services; whether any wind-down arrangement permits live payment processing; and what supervisory measures may follow if ongoing processing is confirmed. These are questions. They are not findings of illegality. The Public Evidence: Arvutitark Still Advertises Crypto Payments The compliance issue is unusually concrete because the merchant itself publicly describes the payment flow. Arvutitark’s website currently maintains a dedicated guide titled “How to pay with crypto?” The instructions tell customers to: add products to the shopping cart; select “CoinsPaid crypto payment”; place the order; proceed to the CryptoProcessing payment environment; select a cryptocurrency; receive a wallet address and QR code; transfer the required crypto amount. Most importantly, the merchant states that the payments are processed by Dream Finance OÜ through the CryptoProcessing by Coinspaid solution. This is not an obscure historical reference buried in an archived page. It is a customer-facing payment instruction explaining how a shopper can make a crypto payment. That makes the MiCA question difficult to dismiss as merely theoretical. The Public Invoice Screenshot In a separate public development, former Dream Finance executive Frédéric Hubin published a LinkedIn post sharply attacking CryptoProcessing’s post-MiCA position. His post includes a screenshot appearing to show a live CryptoProcessing by Coinspaid invoice page for Arvutitark OÜ, hosted on the CryptoProcessing invoice infrastructure. The screenshot displays: Arvutitark OÜ as merchant; a USDC amount; a wallet address; a QR code; a payment timer; and a “Waiting for Payment” status. Hubin described CryptoProcessing as a “rogue actor in the EEA” and publicly called on Estonian and European authorities to act. The underlying public question is legitimate because the screenshot appears consistent with Arvutitark’s own published description of its crypto-payment flow. Dream Finance Admits It Has No Final MiCA Decision The timing is critical. On 30 June 2026, CryptoProcessing by Coinspaid published an update concerning Dream Finance OÜ’s MiCA application. The company stated that: Dream Finance OÜ had applied for CASP authorisation in Estonia; the application remained under review; no licensing decision had been issued; the company had restricted its active activities pending the outcome. According to Dream Finance’s own position, it does not: onboard new clients; open new accounts; enter into new client agreements; expand the scope of services provided to existing clients; or actively market regulated services. At the same time, CryptoProcessing states that it continues to support existing clients under its wind-down / continuity planning. This creates the central compliance issue. The Regulatory Line After 1 July Estonia’s Finantsinspektsioon publicly warned the market before the deadline that the old virtual-currency licence era would end on 1 July 2026. After that date, crypto-asset services in Estonia generally require a MiCA authorisation issued by Finantsinspektsioon or another competent EEA authority. The Estonian supervisor has also stated that applicants still awaiting a decision must limit their activities. ESMA’s EU-wide position is even more explicit. Its April 2026 statement said that after 1 July an entity providing crypto-asset services to EU clients without a MiCA licence must cease offering such services. Unauthorised CASPs were expected to have implemented credible wind-down plans, while national authorities were urged to act against unauthorised services and prevent unauthorised providers from continuing business-as-usual. That makes Arvutitark an important test case. The Hard Question: Wind-Down or Business as Usual? The strongest defence available to Dream Finance appears obvious: Arvutitark was already an existing merchant before 1 July 2026. Indeed, CryptoProcessing publicly promoted its partnership with the Estonian electronics retailer in 2025. Therefore, this is not necessarily a case of a new merchant being onboarded after the deadline. But that does not end the analysis. The real question is whether an existing merchant may continue allowing ordinary retail customers to initiate new crypto payments through an unauthorised CASP simply because the merchant contract predates the deadline. There is an important difference between: safeguarding existing customer assets; permitting withdrawals; transferring assets to an authorised provider; closing accounts; terminating relationships; and: continuing to process new commercial purchase transactions for a live merchant. From a compliance perspective, the latter looks much closer to ongoing merchant processing than to passive wind-down. That is an assessment, not a legal finding. Finantsinspektsioon must determine where the line falls. A Potential Contradiction in Dream Finance’s Own Position Dream Finance says it does not expand the scope of services to existing clients. Yet Arvutitark publicly instructs ordinary customers how to make crypto payments through the CoinsPaid / CryptoProcessing environment. If live payments continue to be generated, processed and settled after 1 July, regulators may need to establish: what exact CASP services Dream Finance OÜ performs; whether custody is involved; whether exchange into fiat or stablecoins occurs; whether transfers are executed on behalf of clients; who controls the payment address; who settles the merchant; whether the transaction falls within a regulator-approved wind-down plan. Without those facts, it would be premature to declare the activity unlawful. But it would be equally premature to treat a pending licence application as if it were a licence. The Hubin–Dream Finance Conflict The case also lands in the middle of a bitter and increasingly public conflict between Frédéric Hubin, a former Dream Finance executive, and the CoinsPaid leadership. Hubin has repeatedly criticised Dream Finance and CoinsPaid publicly and now describes CryptoProcessing as a “rogue actor” in the EEA. CoinsPaid, for its part, has publicly accused Hubin of participating in a coordinated smear campaign and has made serious allegations concerning his past conduct. CEO Max Krupyshev has also published personal accusations against the former executive. FinTelegram does not adopt either side’s allegations as established fact. But the confrontation matters. Hubin is not a detached commentator. He is a former insider engaged in a highly adversarial dispute with his former group. That requires caution when assessing his statements. At the same time, an adversarial source is not automatically an unreliable source — particularly where independently accessible public material appears to support the underlying technical question. In this case, the Arvutitark payment instructions, the CryptoProcessing invoice screenshot, Dream Finance’s own pending-licence disclosure, and the official post-1 July regulatory statements create a factual compliance issue independent of personal animosity. FinTelegram Assessment The Arvutitark case may become an important early test of MiCA enforcement in Estonia. The issue is not whether Dream Finance OÜ has submitted an application. It has. The issue is not whether Arvutitark was already a client before 1 July. It apparently was. The issue is whether live merchant crypto-payment processing may continue after the transitional deadline while the processor remains unauthorised, merely because the merchant relationship predates the deadline. FinTelegram’s preliminary assessment is that there is a material tension between: Dream Finance’s claim that it operates only under restricted activity and wind-down / continuity arrangements; and a public merchant flow that appears to permit normal customers to initiate new retail crypto payments. That tension deserves an explicit supervisory answer. Questions for Dream Finance / CoinsPaid / CryptoProcessing FinTelegram invites Dream Finance OÜ, CoinsPaid and CryptoProcessing to clarify: Does Dream Finance OÜ currently process live crypto payments for Arvutitark customers? Which exact legal entity receives and processes the crypto transaction? Which MiCA-defined crypto-asset services are performed in the flow? Does Dream Finance OÜ custody assets at any stage? Does it exchange crypto assets into fiat or other crypto assets? Does it execute or transfer crypto assets on behalf of customers or the merchant? Was the continuation of this merchant flow disclosed to Finantsinspektsioon? Does a formal wind-down or restricted-activity plan expressly permit such transactions? How many existing EU merchants continue to accept new customer payments through the infrastructure? What distinguishes current processing from ordinary business-as-usual activity? Questions for Arvutitark FinTelegram also invites Arvutitark OÜ to clarify: whether the CoinsPaid / CryptoProcessing option remains fully operational; whether customers have successfully completed crypto payments after 1 July 2026; which entity settles Arvutitark; whether the merchant was informed of Dream Finance OÜ’s pending MiCA status; and whether any restrictions were introduced after the end of the transitional period. Right of Reply FinTelegram invites Dream Finance OÜ, Dream Finance UAB, CoinsPaid, CryptoProcessing, Max Krupyshev, Arvutitark OÜ, Finantsinspektsioon, and other relevant parties to provide factual clarification. Any response will be reviewed in accordance with FinTelegram’s editorial standards. Call for Information FinTelegram invites merchants, customers, current and former employees, compliance officers, PSPs, banks, regulators and technical insiders to provide information concerning post-1 July 2026 processing through Dream Finance OÜ / CoinsPaid / CryptoProcessing. We are particularly interested in: successful payment receipts dated after 1 July 2026; CryptoProcessing invoice URLs; screenshots of active merchant checkouts; wallet addresses; blockchain transaction hashes; merchant settlement records; service agreements; wind-down communications; regulatory correspondence; lists of EU merchants still processing live crypto payments; internal instructions concerning post-MiCA continuity. Information can be submitted securely via Whistle42.com. Anonymous submissions are welcome. Verifiable documents and transaction evidence are particularly valuable. The question is simple: after MiCA Day One, is this orderly wind-down — or still business as usual? Share Information via Whistle42

Read More

Post-MiCA Whack-a-Mole? New Report Tracks Casino Crypto Rails From Lithuania to Poland to Georgia

FinTelegram’s new compliance intelligence report examines a striking sequence from Lithuania to Poland to Georgia — and raises a broader post-MiCA hypothesis: offshore casino ecosystems and their “Buy Crypto” payment facilitators may be adapting faster than regulators can disrupt them. Executive Briefing FinTelegram has released a new compliance intelligence report examining the apparent migration of a persistent offshore-casino crypto-conversion architecture across three jurisdictions and three successive payment brands: Lithuania → Poland → Georgia and utPay → ChainValley → Nylo. The report does not claim that the three operations share common ownership or ultimate beneficial control. No such ownership finding has been established. What the evidence does support, however, is a much stronger proposition than superficial similarity: FinTelegram has identified substantial evidence of functional succession and a strong hypothesis of operational or infrastructure continuity across the three generations of the observed casino-payment architecture. The new report is based on FinTelegram’s payment-rail reviews, historical casino-cashier evidence, public corporate and regulatory materials, and fresh July 2026 testing of Betify, where Neteller- and Skrill-labelled deposit routes led into a Nylo-hosted “Exchange order” requiring the user to agree to buy crypto and send it to a specified address. The report further incorporates FinTelegram’s test showing that the legal-policy links attached to the relevant Nylo checkout flow lead back to Nylo’s own documentation. Download the Full Report Download the full FinTelegram Regulatory Migration Report — utPay → ChainValley → Nylo This Is No Longer Merely a Nylo Story The central finding of the report is not simply that a Georgian company called Nylo LLC appears in the cashier of an offshore casino. The larger pattern is the sequence. FinTelegram previously documented utPay, operated in the Lithuanian UAB Utrg / UTORG environment, in offshore-casino Buy Crypto rails. The next generation appeared through the Polish ChainValley sp. z o.o., which occupied materially similar cashier positions and operated a comparable crypto-purchase architecture. FinTelegram then observed Nylo appearing across overlapping offshore-casino environments with a strikingly familiar structure: familiar wallet or payment brands at the casino front end; merchant-integrated redirection into a crypto-purchase flow; an exchange-order architecture; consent language requiring the user to buy crypto and send it onward; and recurring offshore-casino use cases. The report therefore distinguishes three separate propositions: PropositionFinTelegram AssessmentFunctional successionStrongly supportedOperational / infrastructure continuityStrong hypothesisCommon ownership or controlUnproven That distinction matters. A common UBO is not required to establish that one payment rail functionally replaces another. Nor does the absence of a public ownership link eliminate the possibility of shared technology, white-label infrastructure, common merchants, common aggregators, common settlement partners, contractual migration or backend continuity. The new report’s thesis is therefore deliberately narrower — and, in FinTelegram’s assessment, stronger: Nylo appears to have replaced ChainValley as a materially similar crypto-conversion node in overlapping offshore-casino cashier environments, just as ChainValley had previously emerged after the utPay era. Common ownership remains unproven, but the succession pattern warrants investigation at infrastructure, merchant-contract, wallet, settlement and beneficial-ownership level. The Regulatory Geography Is Part of the Story The jurisdictional sequence is difficult to ignore. Generation One: Lithuania Lithuania brought its MiCA transitional period to an end on 31 December 2025. The Bank of Lithuania warned providers that entities unable or unwilling to continue under the new authorisation framework had to ensure an orderly wind-down. Against that background, the withdrawal or suspension of legacy crypto-service configurations was not merely a commercial event. It occurred during a fundamental regulatory reset. Generation Two: Poland The next observed phase centred on Poland and ChainValley. Whatever the ultimate ownership position, the regulatory logic of an intra-EU migration into a jurisdiction with a different transitional timeline was obvious: regulatory pressure was not uniform across Europe, and national MiCA transition periods did not close simultaneously. Generation Three: Georgia Nylo LLC is registered in Georgia and publicly gives an address in the Kutaisi Free Zone. The new report examines the significance of a crypto-conversion function apparently moving from EU-based structures toward a non-EU jurisdiction while remaining embedded in payment journeys accessible to European casino users. The resulting pattern is: EU node under pressure → alternative EU node → non-EU node or, more concretely: Vilnius → Warsaw → Kutaisi This does not prove coordinated migration. But it makes the regulatory-displacement hypothesis impossible to dismiss as mere coincidence. The Bigger Post-MiCA Hypothesis The Nylo case leads FinTelegram to a broader working hypothesis that will guide a new series of payment-rail reviews over the coming weeks. FinTelegram Working Hypothesis The EU-facing offshore casino sector — including operators that lack the required national gambling authorisations in target markets — and the payment facilitators serving them may be proving remarkably resistant to MiCA. Rather than disappearing, high-risk “Buy Crypto” casino-funding rails may simply be changing entities, jurisdictions, merchant wrappers and execution nodes. Put differently: MiCA may be displacing the infrastructure without yet disrupting the underlying business. This hypothesis is not yet a market-wide finding. It is a research proposition arising from repeated FinTelegram observations across the casino-payment ecosystem. The concern is that a regulatory intervention against one crypto-payment node may produce the following sequence: an EU-based provider comes under regulatory pressure; the casino cashier replaces that provider; the visible user journey changes little or not at all; the same wallet brands remain available; the same Buy Crypto logic survives; the conversion node reappears under another entity or jurisdiction. The new utPay–ChainValley–Nylo report presents what FinTelegram currently considers one of the strongest examples of that potential pattern. MiCA’s First Serious Stress Test May Be the Payment Layer This matters because MiCA’s effectiveness cannot be measured only by counting authorised CASPs. ESMA stated in June 2026 that, after the end of the transitional period on 1 July 2026, unauthorised crypto-asset service providers were expected to stop onboarding new EU clients, opening new client relationships and engaging in solicitation, while taking orderly steps to wind down relevant activities. ESMA’s reverse-solicitation framework is equally important. The exception for third-country firms is narrow and turns on the client’s own exclusive initiative; it is not intended as a general mechanism for non-EU providers to access EU customers through indirect distribution structures. The Betify–Nylo flow documented by FinTelegram raises precisely this type of question. The user does not appear to enter the journey by independently seeking out a Georgian crypto provider. The observed sequence is instead: Casino cashier → Neteller or Skrill-labelled method → Nylo exchange order → consent to buy crypto → send to specified address The user begins with the apparent intention to fund a casino account. The crypto transaction emerges inside the merchant-controlled payment journey. Whether that specific construction legally falls within MiCA’s territorial perimeter depends on the precise contractual and technical allocation of roles. FinTelegram does not prejudge that legal conclusion. But the wider compliance problem is obvious: If non-EU crypto-conversion nodes can remain embedded behind EU-facing merchant cashiers, familiar payment brands and offshore gambling ecosystems, then post-MiCA enforcement must follow the transaction architecture — not merely the incorporation address. The Betify Test: Why Nylo Matters FinTelegram’s July 2026 test of Betify produced a particularly significant example. The casino cashier displayed familiar payment methods including Neteller and Skrill. After selection, the user was routed to app.nylo.pro. The Nylo page displayed an: “Exchange order.” The €20 tested transaction required consent to: “buy crypto and send it to the specified address.” In the Neteller flow, the user was also asked to accept the Terms of Use and Privacy Policy of the: “Executing Service Provider.” FinTelegram subsequently followed the legal links associated with the tested checkout and found that the relevant Terms, Privacy and AML/KYC documentation led to Nylo’s own legal-policy environment. This materially sharpens the issue. Nylo is not merely an invisible domain somewhere behind the payment stack. In the tested journey, it appears as the user-facing legal-policy endpoint attached to the exchange-order execution layer. At the same time, important questions remain unresolved: Who legally sells the crypto? Who performs the backend conversion? Is there another VASP, CASP, exchange or liquidity provider? Who selects or controls the specified destination address? Who is the economic beneficiary? Which entity performs wallet screening and crypto-specific AML controls? Under what legal basis is the service made available to EU users? These are now core questions in the FinTelegram review. The “Fake-FIAT” Problem FinTelegram uses the term “fake-FIAT rail” as an analytical description, not as a statutory legal term. It describes a transaction journey where the user appears to select a familiar fiat or e-wallet payment method for a casino deposit, while the underlying process becomes: FIAT funding → crypto purchase → onward transfer to specified address The significance is not semantic. A casino deposit and a consumer crypto purchase followed by a transfer are different transaction categories with potentially different: compliance controls; merchant classifications; dispute mechanisms; wallet-screening obligations; gambling restrictions; AML risk signals; and regulatory perimeters. The central concern is that the crypto-conversion layer may separate the visible funding instrument from the ultimate gambling purpose. Whether upstream payment institutions in fact lose visibility depends on merchant onboarding, descriptors, MCCs, metadata and monitoring systems. FinTelegram does not assume that any particular provider is unaware of the casino nexus. But that is exactly what regulators and payment institutions should now test. Our Post-MiCA Review Programme FinTelegram will use the coming weeks to test the broader hypothesis systematically. The research programme will focus on: Casino continuity. Do the same offshore casinos remain accessible to EU users after MiCA transition deadlines? Payment-method continuity. Do Neteller, Skrill, cards, bank-transfer brands and other familiar instruments continue to front Buy Crypto conversion flows? Processor migration. Are ChainValley, Nylo and other providers being replaced or supplemented by new non-EU entities? Jurisdiction shopping. Are crypto-conversion nodes moving from the EU into Georgia, offshore financial centres, free zones or other third-country structures? Reverse-solicitation reality. Are EU users independently approaching third-country crypto providers — or are casino cashiers and merchant integrations routing them there? Wallet and beneficiary opacity. Who controls the destination addresses to which the purchased crypto is sent? Technical continuity. Do supposedly independent providers share API structures, URL patterns, JavaScript bundles, telemetry identifiers, order formats, cookies, infrastructure or backend partners? Payment chokepoints. What do regulated wallets, EMIs, banks, acquirers and card schemes actually see? FinTelegram’s Preliminary View The most important lesson from the new report is uncomfortable: Regulation may be moving faster than some providers — but high-risk payment ecosystems may be moving faster than regulation. MiCA can close one authorisation route. A payment stack can change entity. A national transition period can end. A conversion node can move jurisdiction. A regulated EU provider can disappear from the visible architecture. But the casino cashier may continue operating almost unchanged. That is the hypothesis FinTelegram will now test. The question is no longer simply whether MiCA works against individual CASPs. The question is whether MiCA can prevent offshore crypto-payment infrastructure from re-entering the EU market through casino cashiers, payment wrappers, merchant integrations and non-EU conversion nodes. The utPay–ChainValley–Nylo sequence may prove to be an isolated case. Or it may be an early map of the post-MiCA underground payment market. FinTelegram intends to find out. Download the Report Right of Reply FinTelegram invites Nylo LLC, ChainValley sp. z o.o., UAB Utrg, UTORG-related entities, Betify and its disclosed operator or payment entities, Paysafe, Neteller, Skrill, the relevant casino operators, payment processors, CASPs, VASPs and regulators to provide corrections, clarifications and documentary evidence. The report expressly distinguishes between established facts, strong indicators, hypotheses and open questions. Substantiated responses will be reviewed and reflected in future updates. Whistleblower Call FinTelegram and Whistle42 are seeking information concerning: Nylo, ChainValley, utPay, UAB Utrg, UTORG, Betify, casino cashier integrations, payment aggregators, merchant accounts, Paysafe-related flows, destination crypto wallets, settlement arrangements and post-MiCA processor migrations. Of particular interest are: merchant agreements; processor onboarding files; KYB records; wallet addresses; settlement statements; merchant IDs; payment descriptors; API documentation; HAR files; casino payment configurations; internal compliance reviews; and evidence showing migration from one processor to another. Sources may contact FinTelegram or submit information confidentially through Whistle42. Share Information via Whistle42

Read More

When Others Catch Up: Investigate Europe and Times of Malta Confirm the Zentoria / Spinsopotamia / NALMI Risk Model

FinTelegram’s Zentoria compliance reporting is no longer a lonely warning shot. New investigations by Investigate Europe and Times of Malta independently reinforce the core structure already mapped in FinTelegram’s Zentoria / Spinsopotamia and the NALMI Casino Network report and the subsequent Technical Annex: an EU-facing layer, a wider offshore casino ecosystem, aggressive blacklisted brands, and payment or descriptor structures that blur the line between regulated presentation and unlicensed underlying activity. That matters for two reasons. First, it shows that the issues raised by FinTelegram are not speculative fringe claims but part of a broader investigative picture now being advanced by serious cross-border journalism organisations and established mainstream media partners. Second, it materially weakens the usual legal-threat playbook of casino operators, payment facilitators, and service providers who prefer to dismiss FinTelegram’s findings as isolated or exaggerated. Once multiple independent investigations begin tracing the same routes, the problem is no longer the messenger; it is the structure itself. Key findings Independent convergence is now unmistakable: Investigate Europe and Times of Malta substantially reinforce the same offshore gambling and payment architecture previously mapped by FinTelegram around Zentoria, Spinsopotamia, and the NALMI environment. The overlap is structural, not cosmetic: The brands, shell structures, payment entities, and regulatory themes described by these outlets materially overlap with the entities, descriptors, and domain clusters already identified in FinTelegram’s compliance reporting. Zentoria remains a critical clue: Investigate Europe’s reporting of an Onlyspins payment allegedly routed to Zentoria in Ireland aligns closely with FinTelegram’s descriptor and payment-facade narrative around Spinsopotamia and the wider casino network. Different sources, same direction: FinTelegram’s public-source technical and compliance analysis, Investigate Europe’s leaked-payment and former-employee material, and Times of Malta’s publication of the same Soft2bet Files all point toward the same broader architecture of offshore gambling operations and layered payment intermediation. Mainstream validation raises the cost of denial: When a serious outlet such as Times of Malta republishes or advances the same investigative universe, it becomes materially harder for affected operators or payment facilitators to portray FinTelegram’s work as isolated, reckless, or methodologically weak. Regulatory urgency increases: The combined reporting now points not just to risky domains or questionable descriptors, but to a broader cross-border model of offshore casino operation, payment intermediation, and regulatory arbitrage. What Investigate Europe adds Investigate Europe‘s two Soft2bet reports push the story beyond infrastructure and public-source OSINT into the money-flow, shell-company, and labour-practice layers. The July 2026 article describes a gambling network that allegedly generated more than €600 million from unlicensed casinos using predatory retention tactics, leaked payment data, former-employee testimony, court filings, and regulator correspondence. The March 2025 article documents dozens of blacklisted gambling sites connected to Soft2bet-linked entities and traces the use of Curaçao companies, Anjouan licences, trademark transfers, and cross-border corporate vehicles to sustain the network. For FinTelegram readers, the key point is that Investigate Europe independently arrived at the same broad architecture: a licensed or respectable-facing European layer sitting above a much darker offshore machinery of casino brands, payment entities, shell structures, and market-by-market evasion. What Times of Malta changes The Times of Malta report matters because it shifts the story from specialist investigative circles into a more conventional mainstream-news environment. Its article, based on the same Investigate Europe leak set, states that leaked financial records linked a Malta-based Soft2bet group and related entities to €600 million from offshore casinos blacklisted by European regulators, and describes funds moving through payment agents and corporate layers toward Soft2bet and associated companies. This is strategically important for FinTelegram. Operators and facilitators may try to dismiss a specialist compliance outlet as biased or overly aggressive. That defence becomes harder when a long-established national newspaper in an EU member state publishes substantially the same universe of facts: offshore casinos, blacklisted sites, shell-company chains, payment intermediaries, and regulatory failure to contain the model. The Zentoria overlap The overlap with FinTelegram’s Zentoria reporting is too substantial to ignore. FinTelegram had already placed Spinsopotamia and the Zentoria-facing layer inside the narrow NALMI / AS213846 – 185.207.196.0/22 casino-domain environment and had documented preserved HTML markers, shared CSPER and SEON identifiers, an 83-domain strict configuration cluster, cross-domain API dependencies, and broader application-build superclusters. Investigate Europe reaches the same theatre from a different entry point. Its Soft2bet reporting discusses brands and structures that substantially overlap with names and clusters already appearing in the FinTelegram technical evidence universe, including brands such as Boomerang, MyEmpire, Bankonbet, Rabona, Wazamba, Malina, and others associated with Soft2bet-linked or adjacent environments. It also reports a particularly important real-world payment observation: an Onlyspins deposit in Belgium reportedly routing to Zentoria in Ireland, which aligns strikingly with FinTelegram’s earlier descriptor and payment-facade narrative around Zentoria and Spinsopotamia. This is the point that should make nervous operators and service providers stop pretending that the Zentoria story was just a FinTelegram obsession. One independent outlet mapped the public infrastructure and descriptor layer. Another independent outlet reached into leaked payments, ex-staff testimony, and regulatory records. A mainstream newspaper then published the Soft2bet Files to a broader audience. The convergence is no longer deniable. Compliance takeaway The compliance lesson is blunt. Zentoria was never just about one Irish company, one domain, or one payment descriptor. The wider story is about how licensed or EU-facing entities can function as trust wrappers, payment bridges, or reputational shields inside an offshore casino architecture that is technically concentrated, commercially aggressive, and structurally evasive. Now that Investigate Europe and Times of Malta have pushed the same universe into broader cross-border and mainstream reporting, the burden shifts to regulators and payment institutions. They can no longer say the warnings came from only one outlet. The findings are converging. The names are repeating. The brands are recurring. The shell layers are visible. The payment trails are starting to surface. And the longer institutions wait, the more implausible ignorance becomes. Whistleblower call FinTelegram calls on whistleblowers, former employees, PSP insiders, acquirer staff, compliance officers, hosting and infrastructure personnel, and affected players to submit further information about Zentoria, Spinsopotamia, NALMI, Soft2bet-linked entities, offshore shell structures, merchant routing, and payment facilitators through Whistle42. Particularly valuable materials include: Merchant IDs, route IDs, acquirer mappings, and settlement-beneficiary information. Internal emails, onboarding files, compliance reviews, and risk escalations involving Zentoria, Lornioco, Spinsopotamia, Soft2bet-linked brands, or related payment entities. Cloudflare, hosting, DNS, API, or platform records identifying who controlled the relevant domains, tenants, and technical configurations. Statements, cashier screenshots, receipts, and descriptor evidence showing how deposits were routed or disguised across casino brands and payment fronts. Share Information via Whistle42

Read More

MiCA’s Offshore Back Door? Georgian Nylo Still Routes Betify Deposits Into Crypto Orders After 1 July!

One week after the EU’s MiCA transition deadline, FinTelegram’s fresh Betify review found Skrill and Neteller-labelled casino deposit routes still leading to Georgian payment gateway Nylo — where a €20 transaction becomes an “Exchange order” requiring consent to buy crypto and send it to a specified address. Nylo’s own legal documents now raise even deeper questions. 2-Minute Briefing On 8 July 2026, FinTelegram re-tested the payment infrastructure of offshore casino Betify. The result is significant for Europe’s new MiCA enforcement environment. Inside Betify’s wallet, the player is offered familiar payment methods including Neteller and Skrill. But after selecting either method, the transaction is routed to app.nylo.pro, operated under the Nylo brand. The Nylo screen does not merely show an ordinary casino deposit. It displays an “Exchange order.” For a €20 Skrill or Neteller route, the user is required to acknowledge that they agree to buy crypto and send it to a specified address. A separate consent refers to the Terms of Use and Privacy Policy of an “Executing Service Provider.” These are FinTelegram’s first-party test findings from 8 July 2026. The screenshots document the user journey but do not by themselves establish which entity ultimately executes the crypto exchange, which crypto asset is purchased, who controls the destination address, or whether the transaction was completed. That timing matters. On 23 June 2026, ESMA stated that after the MiCA transitional period ended on 1 July 2026, unauthorised CASPs should immediately stop onboarding new EU clients, opening new client relationships, and engaging in marketing or solicitation, while taking steps to wind down EU activities. MiCA Article 59 provides that a person may not provide crypto-asset services within the Union unless authorised or otherwise entitled under the Regulation. The Nylo case may therefore be more than another offshore-casino payment story. It may be a case study in MiCA’s third-country enforcement problem. Read our Nylo reports here. Key Findings 1. Betify Still Routes Skrill and Neteller-Labelled Deposits Into Nylo Crypto Orders FinTelegram’s 8 July test documented two separate €20 routes: Betify Cashier → Neteller selection → Nylo “Exchange order” → consent to buy crypto → send to specified address and: Betify Cashier → Skrill selection → Nylo “Exchange order” → consent to buy crypto → send to specified address The current Betify web presence identifies Fortuna Games N.V. as the licensed entity and the Cyprus-based Deltaprime Limited as an EEA representative or paying agent, depending on the page and domain presentation. We also found FinTelegram previously documented Nylo appearing in Betify and other offshore-casino payment stacks and developed the working hypothesis that Nylo may represent an operational successor or migration layer following Lithuania’s utPay and Poland’s ChainValley. That earlier report explicitly stopped short of claiming proven common ownership between Nylo and the UTORG/ChainValley network. The new development is different: Nylo is still visible in the casino crypto-purchase rail after the 1 July 2026 MiCA transition deadline. 2. Nylo’s Checkout Says “Buy Crypto.” Its Terms Do Not This is perhaps the most important new documentary finding. Nylo’s public Terms of Use describe a conventional-looking merchant-payment architecture. They define a “Payment Provider” as a bank, card issuer, electronic wallet provider, or similar financial service that transfers the user’s funds to Nylo’s account for settlement to the Merchant. A transaction is described as executed when the Payment Provider transfers funds to Nylo and Nylo settles them onward to the Merchant. Nylo further states that: it acts as an intermediary between users and merchants; Payment Providers transfer money to Nylo; Nylo forwards funds to the Merchant; Nylo may briefly hold funds for settlement; merchants integrate Nylo through APIs, widgets, or white-label solutions; users transact with Nylo through merchant-integrated interfaces. That is already more operationally substantive than the image of a passive software vendor. But the live Betify checkout introduces a second layer: “Exchange order” and “agreement to buy crypto and send it to a specified address.” Yet a text search of Nylo’s current Terms returned no reference to “crypto” and no reference to “virtual asset.” This creates a fundamental classification question: Is Nylo processing an ordinary merchant payment, facilitating a crypto purchase and transfer, orchestrating a third-party CASP transaction, or combining several of these functions? That distinction is not cosmetic. It determines which regulatory perimeter may apply. The discrepancy becomes more significant because FinTelegram tested the legal links embedded in the checkout itself. The Terms of Use, Privacy Policy and AML/KYC Policy links presented on the Nylo exchange-order page led directly to Nylo’s own legal documents. Accordingly, this is not merely a case where a Nylo-branded interface visibly hands the user off to separately identified crypto-provider terms. The user-facing legal framework points back to Nylo. That makes the central classification question even harder to avoid: Why does a transaction governed through Nylo’s own legal-policy layer present itself as an “Exchange order” requiring the customer to buy crypto and send it to a specified address, while Nylo’s public Terms primarily describe payment intermediation and do not clearly set out the crypto-service layer? 3. Nylo Presented as the “Executing Service Provider” The Neteller flow reviewed by FinTelegram contains a particularly important contractual element. Before proceeding with the €20 exchange order, the user is asked to confirm: “I read and agree to the Terms of Use and Privacy Policy of the Executing Service Provider.” During the 8 July 2026 test, we followed the legal links presented in the Nylo checkout. The Terms of Use, Privacy Policy, and AML/KYC Policy links led directly to Nylo’s own legal documentation. This materially changes the regulatory picture. The checkout does not merely use the Nylo domain while referring the user to clearly separate third-party crypto-provider terms. Instead, the legal-policy layer attached to the transaction points back to Nylo itself. On the tested user journey, Nylo therefore appears to be presented as the contractual and compliance-facing service provider associated with the exchange order — and, in the Neteller consent language, with the “Executing Service Provider.” That creates a much sharper question: If Nylo is the user-facing Executing Service Provider, what exactly is Nylo executing? The same transaction screen states that the user agrees to: “buy crypto and send it to the specified address.“ Yet Nylo’s public Terms, as reviewed by FinTelegram, primarily describe a payment-intermediation model in which payment providers transfer funds to Nylo for settlement onward to merchants. The Terms do not clearly explain the crypto-purchase and crypto-transfer function visible in the live checkout. This produces a significant documentary tension between: the live transaction flow, which presents an “Exchange order”; the user consent to buy crypto and send it to a specified address; the reference to an “Executing Service Provider”; and the fact that the associated Terms, Privacy and AML/KYC links lead to Nylo’s own policies. 4. Nylo Says It Performs No Direct User KYC — And Only Limited Monitoring Nylo’s own KYC/AML Policy makes the case even more sensitive. The Georgian company states that it acts “solely as a technical intermediary”, does not conduct direct KYC/AML screening of users, and leaves identity verification and AML procedures to the Payment Provider chosen for the transaction. Nylo further says it applies only “limited transaction monitoring” on a risk-based basis. This produces an obvious compliance question when the live checkout says the user is purchasing crypto and sending it onward: Who performs crypto-specific customer due diligence, blockchain analytics, destination-wallet screening, sanctions screening, Travel Rule compliance, and transaction-purpose monitoring? The fact that a payment originates through Skrill, Neteller, a bank, or another payment method does not by itself answer that question. A payment provider’s review of a fiat funding instrument is not automatically the same thing as the compliance framework required for the subsequent crypto exchange and transfer. This report does not establish that Nylo is legally required to perform each of those functions itself. That depends on the precise allocation of roles between Nylo and any undisclosed executing provider. But that allocation is exactly what remains opaque. 5. Nylo’s Own Terms Say It Generally Does Not Support Gambling Payments The Betify evidence creates an additional documentary conflict. Nylo’s Terms list illicit gambling among prohibited activities. More importantly, they add that even legal, regulated gambling transactions might be allowed only if explicitly permitted by Nylo in compliance with law, while stating that Nylo generally does not support gambling payments. Yet FinTelegram’s 8 July review showed Nylo order pages reached directly from the Betify casino cashier after selecting Neteller and Skrill-labelled deposit methods. This raises a straightforward merchant-compliance question: Did Nylo knowingly approve Betify or a Betify-related merchant for gambling transactions? The contradiction is particularly significant because Nylo’s Terms state that merchants may integrate Nylo through APIs, widgets and white-label solutions and that Nylo and the Merchant have a separate agreement governing the service. In other words, Nylo’s own contractual architecture contemplates a merchant relationship. The Nylo Compliance Contradiction Matrix Nylo’s Public Position or Checkout LanguageWhat FinTelegram Actually FoundCompliance AssessmentNylo presents itself as a payment intermediaryThe live Betify flow opens a Nylo-hosted “Exchange order” requiring the user to agree to buy crypto and send it to a specified addressThis is not the visible footprint of a simple payment gateway. The transaction presents an explicit crypto-exchange and transfer layer that demands a clear regulatory explanation.The user accepts the policies of the “Executing Service Provider”FinTelegram tested the links embedded in the checkout. The Terms of Use, Privacy Policy and AML/KYC Policy lead directly to Nylo’s own legal documentationNylo is not merely an invisible technical pipe. It is the user-facing legal-policy endpoint attached to the “Executing Service Provider” consent. The obvious question is whether Nylo itself is the executing provider.Nylo’s public Terms primarily describe merchant payment settlementThe live transaction is explicitly labelled “Exchange order” and requires consent to purchase crypto and send it onwardThe public contractual narrative and the live product flow materially diverge. Nylo must explain what legal framework governs the crypto conversion and transfer actually shown to users.No clear crypto-service role is set out in the reviewed public TermsThe checkout explicitly states that the customer agrees to buy cryptoA crypto transaction appears in the product layer without an equally clear explanation in the public legal layer. That is a major transparency and regulatory-perimeter red flag.Nylo describes itself as “solely” or essentially a technical intermediary in its AML frameworkNylo’s own legal links govern the user-facing exchange-order journey, while the transaction is hosted on app.nylo.proThe “technical intermediary” narrative becomes difficult to reconcile with Nylo’s central position in the contractual, interface and transaction architecture.Nylo says it does not conduct direct KYC/AML screening of usersThe tested flow involves the apparent purchase of crypto and onward transfer to a specified addressWho performs crypto-specific customer due diligence, sanctions screening, blockchain analytics, wallet-risk controls and Travel Rule compliance? The current user journey does not make that accountability transparent.Nylo says it performs only limited transaction monitoringThe transaction originates from an offshore casino cashier and leads into a crypto-purchase-and-transfer flowA high-risk gambling-to-crypto conversion path combined with limited monitoring raises serious questions about transaction-purpose detection, source-of-funds controls and destination-wallet screening.Nylo’s Terms state that it generally does not support gambling paymentsFinTelegram reached Nylo directly from the Betify casino cashier after selecting Neteller and Skrill-labelled deposit methodsThis is a direct contradiction requiring explanation. Either Nylo knowingly approved a gambling merchant relationship, or its merchant-control framework failed to detect the nature of the transaction source. Neither scenario is trivial.The transaction is framed through familiar payment brands such as Neteller and SkrillThe user is ultimately placed into a Nylo crypto exchange orderA user seeking to fund a casino account is routed into a crypto transaction. This raises acute questions about payment transparency, merchant classification and whether the user fully understands the economic and regulatory nature of the transaction.Nylo refers to an “Executing Service Provider”The legal links attached to that consent resolve to Nylo’s own policiesThe stronger evidentiary reading is that Nylo is presented as the relevant executing or compliance-facing service provider. If another entity performs backend execution, that entity’s role and identity remain opaque.Nylo is incorporated in Georgia and gives an address in the Kutaisi Free ZoneThe National Bank of Georgia treats fiat-crypto exchange and crypto transfers for third parties as regulated VASP activities and has expressly warned that Free Industrial Zone status does not remove registration requirementsThe Free Zone location is not a regulatory escape hatch. If Nylo performs regulated virtual-asset services, its Georgian VASP status becomes a central compliance question.Nylo operates outside the EUThe tested flow is embedded in an EU-accessible casino journey, denominated in euros and available to users reaching the cashier from EuropeBeing incorporated in Georgia does not neutralise MiCA. A third-country provider can still enter the EU regulatory perimeter where crypto services are actively distributed or solicited into the Union.A reverse-solicitation theory could theoretically be invoked by a third-country providerThe user does not independently search for Nylo to purchase crypto; the user enters a casino cashier, selects a payment method and is routed into a Nylo exchange orderOn the observed facts, a simplistic “own exclusive initiative” defence appears highly strained. The crypto relationship emerges from merchant-side routing, not from an independently initiated approach to Nylo.Nylo’s public restricted-country framework does not amount to an EU-wide blockMajor EU markets such as Germany, Austria and Italy were not identified in the reviewed prohibition list, while the live casino flow remained accessibleThe absence of effective EU-wide exclusion is difficult to square with a third-country provider seeking to stay clearly outside MiCA’s authorisation perimeter.Nylo’s relationship with the earlier utPay / ChainValley ecosystem remains unprovenFinTelegram has documented materially similar casino crypto-purchase flows, similar interface logic and a migration pattern from Lithuania to Poland and now GeorgiaCommon ownership is not established. But the operational pattern increasingly resembles regulatory displacement: the corporate shell moves jurisdiction while the high-risk casino-to-crypto function survives. Taken together, these are not minor drafting inconsistencies. They point to a deeper structural problem: Nylo’s live product architecture appears to perform — or at minimum orchestrate — a crypto exchange and transfer function that is far more substantial than the company’s public “technical intermediary” narrative suggests. The central compliance question is no longer whether an unidentified third party sits somewhere behind Nylo. FinTelegram’s test shows that Nylo itself is the legal-policy endpoint of the exchange-order journey. The burden is therefore on Nylo to explain whether it is the executing provider, a crypto intermediary, an order router, an agent for another VASP, or merely the visible front end of an undisclosed backend structure. 6. Georgia’s VASP Rules Make the Free-Zone Address Highly Relevant Nylo publicly identifies itself as: Nylo LLCIdentification Number: 412790154Registration Date: 18 February 2025Address: Kutaisi, Georgia Its more detailed legal policies give the registered address as 88 Avtomshenebeli St, Kutaisi Free Zone, Land Plot 01/298. This matters because the National Bank of Georgia defines virtual-asset services to include: exchange between convertible virtual assets and fiat currencies; transfer of convertible virtual assets; safekeeping or administration; trading-platform operation; and other specified activities. The NBG says a person providing such services for the benefit of another is a VASP and must register with the National Bank. VASPs are also AML/CFT obliged persons. The regulatory point becomes even sharper because, in October 2025, the NBG issued a public warning specifically addressing unregistered virtual-asset activity including activity conducted in Georgia’s Free Industrial Zones. It stated that providing virtual-asset services without NBG registration or another relevant financial-sector authorisation is prohibited and expressly said FIZ status does not remove the registration requirement. That warning is unusually relevant to Nylo’s disclosed Kutaisi Free Zone address. 7. The MiCA Question: A Georgian Company Cannot Simply Treat the EU as an Offshore Market MiCA Article 59 provides that crypto-asset services may not be provided within the Union unless the provider is authorised under MiCA or belongs to one of the specifically permitted categories operating under Article 60. A MiCA-authorised CASP must have a registered office in an EU Member State and effective management in the Union. Nylo LLC publicly presents itself as a Georgian company. Its website materials reviewed for this report do not disclose an EU MiCA-authorised Nylo entity. Nylo’s public Terms instead choose Maltese law and exclusive Maltese courts for disputes — a contractual choice that does not by itself constitute regulatory authorisation. The ESMA interim MiCA register page was last updated on 3 July 2026 and contains authorised CASPs as well as non-compliant entities reported by competent authorities. FinTelegram has not independently verified a MiCA authorisation for Nylo and does not assert in this report that none exists through another entity or service partner. But if the Betify transaction constitutes a crypto-asset service provided to an EU client, the authorisation chain must be identified. 8. Reverse Solicitation Looks Like a Difficult Defence on These Facts MiCA contains a narrow third-country exemption where an EU client approaches a third-country firm at the client’s own exclusive initiative. ESMA’s official guidance says this concept must be interpreted narrowly. Solicitation is construed broadly and can occur through websites, applications, affiliate campaigns and other electronic channels. The analysis is factual, and contractual disclaimers cannot override contrary facts. ESMA goes further: solicitation can occur through another person acting on behalf of or having close links with the third-country firm. Its guidelines specifically warn that an EU-regulated entity such as a payment service provider should not redirect clients to a third-country crypto provider where the redirection constitutes solicitation on that provider’s behalf. The Betify fact pattern therefore deserves close regulatory scrutiny: The user enters a casino cashier. The user chooses a familiar payment method such as Skrill or Neteller. The casino flow routes the user to Nylo. Nylo presents an Exchange order. The user must consent to buying crypto. The crypto is to be sent to a specified address. On those facts, the user does not appear to have independently searched for Nylo and exclusively initiated a relationship with a Georgian crypto provider. The user appears to have initiated a casino deposit and then been routed into a crypto-purchase flow. That does not automatically prove a MiCA breach. Among other things, the legal analysis depends on who actually provides the crypto service and whether the casino, merchant, payment provider or another party acts on behalf of the third-country provider. But it creates a serious factual obstacle for a simplistic reverse-solicitation defence. 9. Nylo Does Not Geo-Block the EU as a Bloc Nylo’s Terms contain an extensive list of prohibited jurisdictions. That list includes, among others, the Netherlands, United Kingdom and United States. However, major EU markets such as Germany, Austria and Italy are not included in the published prohibited-country list. This does not by itself prove active solicitation in those countries. But it is relevant when combined with: merchant-integrated access; actual routing from an EU-facing casino cashier; euro-denominated exchange orders; the absence of an EU-wide geoblock in the published country policy; and the narrow MiCA interpretation of reverse solicitation. ESMA’s own guidance identifies geoblocking of EU access as one precautionary measure a third-country firm can use to avoid breaching MiCA’s authorisation perimeter where EU solicitation risks exist. 10. The utPay → ChainValley → Nylo Hypothesis Remains Open — But the Post-MiCA Pattern Strengthens FinTelegram previously documented a possible migration sequence: utPay / UAB Utrg — Lithuania↓ChainValley / Chain Valley Sp. z o.o. — Poland↓Nylo LLC — Georgia The earlier investigation identified overlapping offshore-casino environments, similar app.[brand].pro checkout architecture, similar fiat-branded payment methods and the same underlying “buy crypto and send it onward” logic. It also identified a visible operational link between the UTORG environment and ChainValley, while treating the Nylo ownership link as unproven. FinTelegram’s position remains evidence-based: We have not established common beneficial ownership or corporate control between Nylo LLC and the UTORG/ChainValley network. The 8 July evidence does, however, strengthen the operational-migration hypothesis. The reason is timing. After a Lithuanian crypto rail suspended services amid MiCA pressure and ChainValley became the subject of growing scrutiny, a newly registered Georgian Free Zone company is now visible in materially similar offshore-casino crypto-purchase flows — and remains active after the EU’s 1 July 2026 MiCA transition deadline. That is not proof of common ownership. But it is precisely the type of regulatory-arbitrage pattern that supervisors should investigate. FinTelegram Assessment: MiCA’s Enforcement Battle Has Moved Offshore The Nylo case illustrates a structural weakness in Europe’s new crypto regime. MiCA can remove or constrain legacy EU VASPs that fail to obtain authorisation. ESMA has now told unauthorised CASPs to stop onboarding new EU clients and wind down their EU activity after the transition deadline. But high-risk demand does not disappear. The payment rail can move. From Lithuania to Poland. From Poland to Georgia. From a clearly branded crypto provider to a payment gateway. From a direct crypto purchase page to a casino cashier. From a visible CASP relationship to an unidentified “Executing Service Provider.” That is the real post-MiCA challenge. MiCA enforcement cannot stop at the EU corporate border. Regulators must examine how third-country crypto services are distributed into the Union through merchant integrations, offshore casinos, payment gateways, wallet brands, affiliates and regulated payment chokepoints. The Betify–Nylo flow is a near-perfect test case. The player clicks Skrill or Neteller. The player sees a €20 casino funding journey. Nylo shows an Exchange order. The user agrees to buy crypto and send it to a specified address. And the ultimate regulatory chain remains unclear. That is not a minor disclosure issue. It goes to the heart of MiCA’s territorial perimeter, reverse solicitation, VASP registration, AML responsibility, merchant due diligence and payment transparency. Compliance Questions for Nylo FinTelegram invites Nylo to clarify: Is Nylo LLC registered with the National Bank of Georgia as a VASP? If yes, under what registration number and for which services? Does Nylo itself exchange fiat into crypto, transfer crypto, or arrange either service? Who is the “Executing Service Provider” referenced in the tested Neteller flow? Which entity performs KYC, sanctions screening, blockchain analytics, Travel Rule compliance and destination-wallet screening? Does Nylo knowingly provide services to Betify or a Betify-related merchant? How does the Betify integration comply with Nylo’s own statement that it generally does not support gambling payments? Which entity controls the destination crypto addresses used in the Betify exchange orders? Does Nylo have any corporate, beneficial ownership, technology, employee, merchant, wallet or infrastructure links with UAB Utrg, utPay, Utorg OÜ, UTORG, Chain Valley Sp. z o.o. or ChainValley? Under what legal basis are Nylo-integrated crypto-purchase flows made available to EU residents after 1 July 2026? Does Nylo rely on MiCA reverse solicitation? If so, how does it reconcile that position with direct merchant-side routing from a casino cashier? Compliance Questions for Skrill and Neteller The appearance of Skrill and Neteller branding in the reviewed flow does not by itself prove that the operators of those payment methods knowingly approved Betify, Nylo or the ultimate crypto beneficiary. FinTelegram’s screenshots document the user-facing route, not the underlying contractual relationships. The relevant questions are therefore: Are these Nylo exchange-order flows authorised integrations? What merchant category and transaction purpose are visible upstream? Do compliance systems see the originating casino context? Do they see a gambling payment, a crypto purchase, or an ordinary wallet transaction? Who is the contractual merchant? Are EU country restrictions enforced? Is the destination of the purchased crypto known? Whistleblower Call FinTelegram is seeking information from payment-industry insiders, casino employees, compliance officers, former contractors, wallet providers and crypto infrastructure operators with knowledge of: Nylo, app.nylo.pro, Betify, ChainValley, UAB Utrg, utPay, UTORG, destination wallet infrastructure, merchant onboarding files, settlement accounts, executing service providers, Skrill/Neteller integrations and post-MiCA migration strategies. Particularly valuable are: merchant agreements; KYB files; wallet addresses; settlement statements; payment descriptors; internal compliance assessments; processor correspondence; Slack or Telegram communications; technical integration documents; and evidence identifying the “Executing Service Provider.” Information can be submitted confidentially through Whistle42. Share Information via Whistle42

Read More

Binance After MiCA Day One: Italy Blocked While Austria and Germany Enter the ADGM Onboarding Funnel

A FinTelegram post-MiCA test conducted on 6 July 2026 found sharply different access outcomes inside the EU. An Italian residence selection triggered an immediate “Access Restricted” message. Austria and Germany did not. Austrian & German nationals and residents were able to create a Binance.com account, enter KYC and submit identity documentation under a platform environment pointing to Binance’s regulated Abu Dhabi structure — before verification ultimately failed and deposits remained unavailable. The result does not establish successful EU onboarding. It does expose a fragmented and unresolved post-MiCA access architecture. The Key Point Five days after the end of the MiCA transitional period, FinTelegram conducted a first controlled review of Binance.com’s EU access and onboarding perimeter. The result was not a simple open-or-closed outcome. It was fragmented. When Italy was selected as the user’s residence, Binance displayed: Access RestrictedThe Binance.com platform is not available in your region When the selected residence was changed to Austria, the same front-door restriction did not appear. FinTelegram was able to create an account, receive an activation email and proceed into Binance’s identity-verification process. A German residence selection likewise did not produce the Italian-style front-door block during the initial access test. The German and Austrian tests went considerably further. FinTelegram submitted KYC information for a person who was both: an Austrian / German national; and an Austrian / German resident. The platform processed the application, displayed the Austrian country context and placed the verification into review. At the same time, the Binance interface displayed a prominent notice: “European Regulatory Information: If you have questions regarding European regulatory developments or your Binance account, our Customer Support team is available to assist.” Approximately one hour later, verification was unsuccessful. No specific reason was provided to FinTelegram. The account remained accessible, but deposits were not available. The evidence therefore supports a narrow but significant conclusion: Binance’s post-MiCA EU access controls appear fragmented: Italy is blocked upfront, while Austria and Germany can enter deeper into the onboarding architecture — with an Austrian user reaching KYC under an ADGM-based contractual framework before verification ultimately failed. FinTelegram does not conclude that Binance successfully onboarded a new Austrian EU client after 1 July 2026. That distinction is central to this report. The Regulatory Clock Has Run Out The timing matters. ESMA stated that the MiCA transitional period would end across the EU on 1 July 2026 and called on unauthorised CASPs to wind down in an orderly manner. Its public statement says such providers should, among other things, cease onboarding new EU clients and restrict their activities to what is necessary for an orderly exit. Binance entered that deadline without completing its previously pursued Greek MiCA route. On 24 June 2026, Binance announced that it had withdrawn its MiCA application with the Hellenic Capital Market Commission and would seek authorisation in another EU Member State. Significantly for FinTelegram’s findings, Binance itself said that some users might be affected depending on their country and account status. That statement now deserves close attention. Because FinTelegram’s first post-deadline test appears to show precisely such country-level differentiation. Italy: Blocked at the Front Door The Italian result was the clearest. During the tested KYC-entry journey, selecting Italy as residence caused Binance.com to display an explicit restriction message: Access RestrictedThe Binance.com platform is not available in your region This was not an inference from Terms of Use or a regulatory warning. It was a direct platform response observed and captured by FinTelegram on 6 July 2026. Evidence status: Strong Technical / Documentary Indicator. At this stage, FinTelegram does not claim to know why Italy is treated this way. Possible explanations include: country-specific Binance policy; local regulatory or supervisory constraints; legacy entity issues; internal risk classification; MiCA transition arrangements; or another legal or operational basis. Those possibilities remain hypotheses until clarified by Binance. But the observed fact is straightforward: Italy was blocked upfront in the tested journey. Austria & Germany: Account Creation and KYC Were Possible The Austrian & Germany tests produced a materially different result. After Austria was selected as the relevant country context, FinTelegram was able to: create a Binance.com account; receive an account activation code by email; access a user dashboard; enter the KYC process; submit identity information; identify the test person as Austrian / German national and resident; place the verification into an “Under Review” state. The Binance dashboard also invited the user to complete a deposit as part of the trading journey, although deposits were not actually available while verification remained incomplete. This matters because it shows that the Austrian-linked user was not rejected at the initial account-creation gate. But the evidentiary limit is equally important. After approximately one hour, the KYC verification was unsuccessful. FinTelegram received no substantive explanation establishing whether the failure resulted from: an EU/MiCA eligibility rule; a country restriction; document quality; identity matching; technical KYC controls; liveness checks; or another reason. Accordingly: Successful post-MiCA onboarding of a new Austrian or German client is not established. What is established is that a prospective Austrian & German EU user was able to open a Binance account and thus move considerably deeper into the Binance onboarding architecture than the tested Italian user. Evidence status: Strong Technical / Documentary Indicator as to account creation, KYC entry and review; Open Question as to the reason for final verification failure. The Abu Dhabi Layer: A Real Regulatory Architecture The second major finding concerns the legal architecture behind Binance.com. During the tested journey, Binance prominently informed users that Binance.com is now regulated in the Abu Dhabi Global Market (ADGM). That statement has a real regulatory basis. ADGM announced in December 2025 that the global Binance.com platform would operate through three separately regulated entities: Nest Exchange Limited Nest Clearing and Custody Limited Nest Trading Limited with distinct roles across exchange activities, clearing and custody, and broker-dealer or off-exchange services. The current Binance Terms reviewed by FinTelegram likewise identify the ADGM entities and their respective FSRA-regulated roles. The ADGM public register independently confirms, for example, Nest Trading Limited as an active ADGM financial firm with an FSP date of 5 January 2026 and Binance.com as its website. So there should be no confusion: The ADGM regulation is real. But another distinction is equally important: ADGM regulation is not MiCA authorisation and does not constitute an EEA passport. The existence of a sophisticated third-country regulatory framework therefore does not by itself answer the question of the legal basis on which a prospective Austrian or German EU resident may enter the Binance.com onboarding process after the MiCA deadline. An Austrian EU User Inside an ADGM-Based Contracting Environment This is the most significant issue arising from FinTelegram’s first test. The Terms presented in the Binance.com environment identify the three Abu Dhabi entities as part of the legal framework governing use of the platform: Nest Exchange Limited The exchange layer. Nest Clearing and Custody Limited The clearing, settlement and custody layer. Nest Trading Limited The broker-dealer and off-exchange services layer. Binance’s current Terms and ADGM’s own announcement describe these regulated functions. FinTelegram’s tested users, however, were not Abu Dhabi residents but Austrian and Germans. That creates the central Phase I question: Why can a prospective Austrian / German EU user enter an ADGM-based Binance.com onboarding funnel after MiCA Day One, while an Italian resident is blocked at the front door? At present, FinTelegram does not claim to know the answer. Three Competing Explanations The observed architecture currently supports at least three plausible explanations. Scenario A — Effective Late-Stage Regulatory Gating Binance may allow technical account creation and collection of KYC information before applying a final legal-eligibility rule. Under this scenario, the Austrian verification failure could indicate that Binance’s compliance controls ultimately prevented activation of a user it could not lawfully serve. If demonstrated, that would materially change the compliance assessment in Binance’s favour. The current evidence does not establish this explanation. Scenario B — Ordinary KYC Failure The rejection may have had nothing to do with MiCA or EU residence. It could have resulted from an ordinary KYC issue, including: identity-data mismatch; document validation; image quality; liveness; technical checks; or another onboarding-control failure. Under this scenario, another Austrian applicant might receive a different outcome. The current evidence does not exclude this explanation. Scenario C — Fragmented Country-Level EU Routing Binance may operate differentiated eligibility rules across EU Member States. Under this scenario: Italy is blocked upfront; Austria and Germany enter further into the funnel; final activation depends on additional country, entity, product or account-status rules. This scenario would be broadly consistent with Binance’s own 24 June statement that impacts may vary depending on a user’s country and account status. But consistency is not proof. Further testing is required. Why the Fragmentation Matters MiCA was designed to create a harmonised EU framework. The first FinTelegram test suggests that practical access to Binance.com may nevertheless be differentiated at Member State level. That raises several questions. 1. Is account creation itself part of the regulatory gate? If a provider should not establish new EU client relationships, when exactly is the relevant relationship formed? At: email registration; acceptance of Terms; creation of a User ID; KYC submission; KYC approval; first deposit; or first regulated service? This is a legal and factual question, not one FinTelegram resolves merely from the screenshots. 2. Why does Italy receive earlier rejection? If Italy is restricted at country selection while Austria proceeds to KYC, what regulatory or contractual distinction explains the difference? 3. Which entity would serve an approved Austrian user? Would the final client relationship remain within the ADGM architecture identified in the Terms? Or would another local or EU entity intervene? 4. Is final KYC approval functioning as a MiCA control? If so, why is that not explained transparently to the user? 5. Does product access differ? A user might theoretically be restricted from one service while still accessing another. The treatment of: spot trading; custody; Earn; staking; P2P; Futures; options; and fiat services must therefore be tested separately. Preliminary Evidence Matrix FindingEvidence statusFinTelegram assessmentItaly produced “Access Restricted”Strong Technical / Documentary IndicatorClear tested front-door restrictionAustria did not produce equivalent initial restrictionStrong Technical IndicatorDeeper access path observedGermany did not produce equivalent initial restrictionPreliminary Technical IndicatorFull KYC not yet testedAustrian-linked account createdStrong Documentary IndicatorEstablished in testActivation email receivedStrong Documentary IndicatorEstablished in testAustrian / German KYC submittedStrong Documentary IndicatorEstablished in testVerification entered reviewStrong Documentary IndicatorEstablished in testEuropean regulatory banner displayedStrong Technical IndicatorRelevant contextFinal Austrian / German verification failedStrong Documentary IndicatorEstablished in testFailure resulted from MiCA/EU rulesOpen QuestionNot establishedSuccessful Austrian / German client onboardingNot EstablishedFinTelegram does not claim itDeposit capability became availableNot EstablishedIt did not in tested accountADGM entities form current Binance.com regulatory architectureEstablished FactConfirmed by ADGM and BinanceADGM status equals MiCA authorisationNoSeparate regulatory perimeterCurrent legal basis for prospective EU accessOpen QuestionRequires clarification The Binance Statement Makes the Test More Relevant Binance’s 24 June announcement adds important context. The exchange confirmed that it had withdrawn its Greek MiCA application, would seek authorisation in another EU Member State and was contacting EU users individually. Binance specifically warned that effects might vary depending on country and account status. That means the fragmented country outcomes observed by FinTelegram cannot simply be dismissed as an irrelevant technical curiosity. They require explanation. At the same time, Binance’s statement also supports an alternative, less adverse interpretation: the company may already be implementing precisely the differentiated transition controls it told users to expect. The evidence is not yet sufficient to decide between those interpretations. What Comes Next This report is Phase I of FinTelegram’s Binance MiCA Day One review. The next stages will examine: Phase II — EU Access and Entity Mapping Controlled tests across additional Member States and identification of the precise contracting entities. Phase III — Payment Rails and Custody Fiat deposits, cards, bank transfers, third-party processors, custody and settlement. Phase IV — Product and Perimeter Review Spot, Earn, staking, P2P, Futures, derivatives and the possible MiFID II overlay. The objective is not to force the Binance case into the MEXC template. The evidence may lead somewhere different. That is exactly why the investigation matters. Whistleblower Call FinTelegram invites current and former: Binance employees; compliance officers; MLROs; KYC and onboarding staff; legal advisers; payment partners; banks; CASPs; contractors; and regulators to provide information concerning Binance’s post-MiCA EU strategy. We are particularly interested in: country restriction lists; EU onboarding rules; KYC eligibility logic; internal MiCA guidance; ADGM migration documents; contracting-entity allocation; Austria/Germany/Italy treatment; pending MiCA applications; EU payment rails; custody structures; product restrictions; and internal communications concerning the 1 July 2026 deadline. Share information securely through Whistle42. Help us map the real post-MiCA perimeter — not merely the one described in public statements. Share Information via Whistle42 FinTelegram’s assessments are editorial compliance analyses, not findings by a court or regulator. This interim review does not allege criminal conduct and does not conclude that Binance successfully onboarded a new Austrian client after 1 July 2026. All named parties are invited to submit corrections and statements.

Read More

Inside OuiTrust/Heuro’s Role in the MEXC EU Payment Ecosystem

FinTelegram has released a new Compliance Intelligence Satellite Report examining the role of French electronic money institution OuiTrust/Heuro inside the post-MiCA MEXC ecosystem. The report maps the company’s appearance in documented MEXC-related EUR deposit flows, its Hong Kong ownership layer, its crypto-facing business model and its separate position as an issuer within the MiCA Title IV e-money-token framework. The Core Finding FinTelegram’s new OuiTrust / Heuro Satellite Report focuses on one of the most consequential institutions appearing in the wider MEXC payment architecture: Heuro SAS, formerly Harmoniie SAS and before that Unirpay, trading as OuiTrust. Heuro (website) is not an unregulated payment facilitator. It is a French electronic money institution authorised by the ACPR, with e-money and payment-services capabilities and a substantial crypto-facing strategy. At the same time, FinTelegram’s documented testing placed OuiTrust/Heuro infrastructure inside a post-MiCA MEXC-related EUR deposit journey for a newly onboarded EU user. That combination is the central issue. The question is not whether Heuro is authorised as an EMI. It is. The question is: How does a French-regulated EMI appear at a critical fiat-entry point inside a user journey connected to an offshore exchange for which FinTelegram identified no disclosed MiCA CASP authorisation serving EU clients? Where Heuro Appears in the MEXC Ecosystem The Satellite Report builds on FinTelegram’s broader MEXC After MiCA Day One Compliance Intelligence Report. In post-deadline testing, FinTelegram documented a newly registered and fully KYC-verified EU retail user entering the MEXC environment and proceeding into a EUR bank-transfer journey. The tested flow included: a consent layer referring to MEXC and Harmoniie SAS dba OuiTrust; legal-material links connected to OuiTrust and Finetix; generation of an executable EUR 100 payment instruction; a French IBAN; Heuro banking details; BIC HRSAFR22XXX. FinTelegram does not claim that this test independently proved the full end-to-end settlement chain or final crediting into MEXC. That evidentiary limit matters. But the documented appearance of a French EMI’s rails inside the funding journey of a newly onboarded EU user remains highly significant. The issue is therefore not abstract accessibility. It is the practical architecture of market access. The Finetix Connection The report also examines the recurring appearance of Finetix Limited S.R.L., a Romanian company that publicly describes itself as a crypto exchange and fiat-payment gateway provider. FinTelegram previously documented Finetix-related legal materials and MEXC-associated payment indicators in relevant flows. In the Heuro context, the central unresolved question is whether Finetix acts as: a contractual client; a principal; a payment-orchestration layer; a gateway; a payee; or another intermediary. The report does not state that Heuro and Finetix are under common ownership. It does state that the precise relationship matters because customer attribution, AML/CFT responsibility, safeguarding and downstream counterparty understanding depend on it. The Hong Kong Ownership and Group-Control Layer The Satellite Report also examines the ownership and control architecture behind Heuro/OuiTrust. According to the French corporate records reviewed by FinTelegram, the immediate sole shareholder of Heuro SAS is EasyEuro Technology Limited, a Hong Kong company. This is an established fact at the immediate shareholder level. The Hong Kong layer, however, is not limited to the French EMI. UK corporate records show that EasyEuro Technology Limited also controls 75% or more of Kitakami Limited, a British company authorised by the UK Financial Conduct Authority (FCA) as an Electronic Money Institution. The result is a cross-border EasyEuro structure connecting a Hong Kong holding layer with regulated electronic-money institutions in both France and the United Kingdom. This broader structure materially changes the ownership analysis. The relevant picture is not simply: Hong Kong shareholder → French EMI but rather: EasyEuro Technology Limited (Hong Kong) → regulated UK and French financial-services entities operating within the wider OuiTrust/EasyEuro ecosystem. The corporate records also reveal a significant personnel-continuity dimension involving Dingsheng Xue. French corporate documents reviewed by FinTelegram identify Dingsheng Xue in connection with EasyEuro Technology Limited and the shareholder governance of the French Heuro/Harmoniie entity. A 2024 filing records Xue Dingsheng as acting in the capacity of legal representative of EasyEuro Technology Limited, while the same documentation identifies the Hong Kong company as the sole shareholder of Harmoniie SAS. Separate corporate documents also record Dingsheng Xue in the sole-shareholder context of the French entity. More recent Heuro constitutional documents continue to associate Dingsheng Xue with EasyEuro Technology Ltd in the shareholder context. Dingsheng Xue is also an active director of the UK group company Kitakami Limited. Taken together, the public records indicate that he is not merely a peripheral director of an unrelated British subsidiary. Rather, he appears to represent a long-standing point of personnel continuity across the EasyEuro group’s Hong Kong ownership layer and its regulated European entities. FinTelegram does not state that Dingsheng Xue is the ultimate beneficial owner of EasyEuro Technology Limited, personally controls Heuro or Kitakami, or has engaged in any misconduct. Those conclusions are not established by the public record. The compliance significance lies elsewhere. A cross-border financial-services group comprising: a Hong Kong controlling shareholder; an FCA-authorised UK EMI; an ACPR-authorised French EMI; a MiCA Title IV EMT-issuer position; and documented personnel continuity involving a Chinese national resident in France creates legitimate questions about: ultimate beneficial ownership; group governance and control; the allocation of strategic decision-making; intra-group risk management; crypto-counterparty strategy; and the relationship between the Hong Kong ownership layer and the regulated European entities. The public-source record does not fully resolve the ultimate beneficial ownership of EasyEuro Technology Limited. Heuro has reportedly stated elsewhere that its UBOs are French-resident natural persons and are duly registered within the relevant French beneficial-ownership framework. That position may be compatible with the documented Hong Kong intermediate holding structure. But the newly identified role of Dingsheng Xue makes the ownership and governance picture materially more significant than a simple offshore-shareholder disclosure. The core question is therefore no longer only who formally owns Heuro SAS. It is: Who ultimately controls the EasyEuro group, how is decision-making allocated across Hong Kong, the UK and France, and what role does Dingsheng Xue play within that architecture? These questions become particularly relevant in light of the group’s regulated payment activities, HEURO’s MiCA Title IV EMT position and FinTelegram’s documented MEXC-related payment-flow evidence. Heuro Is Also a Token Issuer The second major reason why the case matters is Heuro’s own position inside the crypto economy. HEURO SAS is not only an EMI. It is also positioned within the MiCA Title IV framework for e-money-token issuers, with HEURO connected to the company’s regulated e-money-token activity. This distinction is essential. A MiCA EMT issuer is not the same as a MiCA CASP. HEURO’s Title IV position does not authorise MEXC. It does not transfer CASP rights to a third-party exchange. And it does not cure or substitute for the MiCA authorisation status of another platform. But it changes the supervisory significance of the case. This is not a situation in which an obscure payment processor happens to touch a crypto flow. It involves a French-regulated EMI that is itself embedded in the EU’s post-MiCA token framework and whose declared strategy is connected to web3 payments, fiat on/off-ramping and exchange-related settlement. Why the HEURO Token Matters The report also examines the HEURO token. Heuro has positioned HEURO as a euro-denominated e-money token and as part of a broader exchange and settlement strategy. That creates an additional line of inquiry. Where a regulated EMT issuer promotes settlement relationships with major crypto-market participants, the quality of its: source-of-funds controls; exchange-counterparty due diligence; reserve-integrity processes; transaction monitoring; and segregation between different payment and settlement channels becomes highly relevant. FinTelegram does not state that MEXC-related funds entered HEURO reserves. No such finding is made. The question is narrower: How does a regulated EMT issuer ensure that exchange-facing settlement activity remains segregated from high-risk flows connected to platforms without disclosed EU CASP authorisation? That is a legitimate compliance and supervisory question. The MEXC Link Raises the Stakes The relevance of Heuro’s appearance cannot be separated from MEXC’s broader regulatory record. The MEXC master report documents: post-deadline EU onboarding; no disclosed MEXC MiCA CASP authorisation for EU clients; multiple public regulatory warnings; and the Seychelles FSA’s identification of the MEXC operator in an unlicensed-operations context. Against that background, the appearance of regulated European infrastructure becomes particularly important. For a bank, EMI, PSP, CASP or acquirer, the central questions include: Was MEXC’s authorisation status assessed? Was its regulatory history reviewed? Was Finetix risk-rated? Who is the legal customer? Who receives the funds? Who controls downstream settlement? Which institution owns the AML/CFT responsibility at each step? These are not theoretical questions. They determine whether the post-MiCA perimeter works in practice. The Paytend Lesson The Satellite Report also places the Heuro findings in the historical context of changing MEXC-related payment rails. Earlier FinTelegram investigations documented other regulated intermediaries around MEXC-linked flows, including Paytend Europe UAB, whose Lithuanian EMI licence was later revoked following serious AML/CFT, monitoring and governance findings by the Bank of Lithuania. FinTelegram does not claim that MEXC was the unnamed high-risk customer referenced in that enforcement case. No causal link between MEXC-related flows and Paytend’s licence revocation is established. The relevance is structural: regulated payment institutions can face severe consequences where their understanding, monitoring and governance of high-risk flows are found inadequate. FinTelegram Assessment The OuiTrust/Heuro case is analytically significant precisely because the institution is regulated. Its stronger regulatory standing does not make the MEXC-related evidence irrelevant. It makes the questions more important. FinTelegram’s assessment is deliberately narrow but firm: The documented appearance of OuiTrust/Heuro infrastructure inside MEXC-related EU payment journeys warrants enhanced regulatory and counterparty scrutiny. The significance of the case is increased — not reduced — by Heuro’s status as an ACPR-authorised EMI and by HEURO SAS’s position within the MiCA Title IV EMT framework. This is not an allegation of criminal conduct. It is a compliance question about where a regulated French financial institution sits inside a high-risk offshore-exchange ecosystem. And it is a question that can be answered with documents. Download the Satellite Report FinTelegram is making the full OuiTrust / Heuro Satellite Report available for download. The report contains: legal and regulatory identity; ownership structure; key persons; MEXC-related payment evidence; Finetix connections; HEURO token analysis; MiCA Title IV perimeter analysis; risk assessment; right-of-reply framework; and detailed questions to management and supervisors. Download the OurTrust / Heuro Satellite Report here. Whistleblower Call FinTelegram invites current and former employees, compliance officers, MLROs, contractors, banking partners, PSPs, CASPs, acquirers, users and counterparties with information about. Help us map the infrastructure behind the market. Share Information via Whistle42 FinTelegram’s risk assessments are editorial compliance classifications and not findings by a court or regulator. The report does not allege criminal conduct by any named entity or person. All named parties are invited to provide corrections, documents and statements for incorporation into future versions.

Read More

MEXC Compliance Report: Inside the Post-MiCA Payment Relay Keeping EU Access Alive

A newly released FinTelegram Compliance Intelligence Report documents how MEXC continued to onboard a new EU retail user after the MiCA transition deadline — while payment and onboarding flows connected the offshore exchange environment to Romanian, French, Australian and MiCA-authorised Irish service layers. A separate reader-friendly Compliance Briefing summarises the key findings. The Key Point FinTelegram has released its new MEXC After MiCA Day One Compliance Intelligence Report, together with a shorter MEXC Compliance Briefing for readers seeking a concise overview of the case. The central finding is stark. According to FinTelegram’s documented live testing, a new EU retail user was able to register with MEXC on 1 July 2026, complete advanced KYC including EU identity and address verification, receive functional account access and proceed toward fiat and crypto funding routes. This occurred after the end of the MiCA transitional period and against the background of ESMA’s clear expectations that unauthorised crypto-asset service providers cease onboarding new EU clients and restrict remaining activity to an orderly wind-down. FinTelegram has identified no publicly disclosed MiCA authorisation for a MEXC operator serving EU clients. The report therefore places MEXC under FinTelegram Radar Status: Black — Active EU Onboarding Watch / Payment Rails Watch / MiFID II Derivatives Watch. The Payment Relay Behind the User Journey The report goes substantially further than asking whether MEXC itself holds a MiCA licence. Its core contribution is the reconstruction of the service and payment architecture appearing around the MEXC user journey. FinTelegram’s testing documented a multi-layer environment involving: Finetix Limited S.R.L., a Romanian company that publicly describes itself as a crypto exchange and fiat payment gateway provider. Finetix-linked legal materials and a MEXC-associated card descriptor appeared in tested flows. Heuro SAS / Harmoniie SAS dba OuiTrust, a French ACPR-authorised electronic money institution. A tested EUR bank-transfer route generated a concrete payment instruction using a French IBAN and Heuro banking details. Ocean Wave Fintech Pty Ltd, an Australian company whose public corporate history includes the former names MEXC Australia Pty Ltd and MXC Tech Pty Ltd. During the tested journey, the EU user encountered a service-provider change referring to an Australian jurisdiction and received account-related communications. Legend Trading / Legend Financial Ireland Limited, whose Irish entity is MiCA-authorised. A separate MEXC-related buy-crypto flow triggered a Legend account application and onboarding communications. The report does not allege that these entities are under common ownership or that their appearance in the transaction architecture proves wrongdoing. The compliance question is different — and more important: How can a non-EU exchange with no publicly disclosed MiCA authorisation continue to offer a functioning EU-facing onboarding and funding journey through a layered network of third-party providers? Why This Matters After MiCA The MEXC case illustrates what FinTelegram considers one of the central enforcement challenges of the post-transition MiCA market. An authorisation regime is only as effective as the infrastructure surrounding it. Where an offshore exchange can continue to accept new EU users while fiat funding, onboarding, settlement or conversion functions are provided through European payment institutions, crypto service providers or third-country entities, the regulatory perimeter becomes an infrastructure question — not merely an exchange-licensing question. The report therefore examines not only MEXC, but also the obligations and exposure of institutions appearing in the chain. For regulated banks, EMIs, PSPs, CASPs, acquirers and payment facilitators, the relevant questions include: Has the institution assessed the MiCA status of the underlying crypto platform? Who is legally the client at each stage of the flow? Who receives the fiat and who delivers the crypto? Is the regulated provider acting independently, as an on-ramp, as a payment intermediary, or as a bridge into the offshore exchange environment? What enhanced due diligence has been conducted in light of MEXC’s public regulatory history? Where exactly does the regulated service end and the MEXC service begin? A Regulatory History That Cannot Be Ignored The findings arise against a significant adverse regulatory background. The full Compliance Report reviews public warnings and enforcement actions involving MEXC-branded operations across multiple jurisdictions, including the United Kingdom, Belgium, Australia and Seychelles. Of particular significance, the Seychelles Financial Services Authority publicly identified MX Global Ltd as the operator of the MEXC platform and stated in May 2026 that the entity had been carrying on virtual-asset services without the required authorisation under Seychelles law. The report also examines the earlier role of Paytend Europe UAB in MEXC-related payment flows. Paytend later lost its Lithuanian EMI licence following serious AML/CFT and internal-control findings by the Bank of Lithuania. FinTelegram expressly notes that the Lithuanian regulator did not identify MEXC as the unnamed high-risk customer referenced in the Paytend enforcement findings and that no causal link between MEXC-related flows and the licence revocation has been established. The relevance of the Paytend case is therefore structural: payment-layer institutions can face severe supervisory consequences where high-risk-customer handling, monitoring and governance fail. Reverse Solicitation Looks Like a Difficult Defence MEXC or involved intermediaries may argue that EU users approach services on their own initiative or that specific transaction steps are performed independently by regulated third parties. The full report examines these possibilities. FinTelegram’s assessment is that a reverse-solicitation explanation appears difficult to reconcile with the cumulative pattern observed: EU user acceptance, EU identity and address verification, functional account activation, available deposit routes and embedded third-party payment or CASP layers. Website accessibility alone is not the issue. The issue is the architecture as a whole. Two Publications, Two Audiences To make the findings accessible to both specialist and general readers, FinTelegram is releasing two documents: MEXC Compliance Report The full master report provides the detailed regulatory framework, evidence methodology, entity analysis, payment-rail reconstruction, legal and compliance assessment, risk matrix, open questions and stakeholder right-of-reply framework. Download Compliance Report MEXC Compliance Briefing The shorter four-page briefing presents the essential findings in a reader-friendly format and explains why the case matters for the future enforcement of MiCA and the supervision of crypto-related payment infrastructure. Download Compliance Briefing Whistleblower Call FinTelegram invites current and former employees, compliance officers, MLROs, contractors, payment processors, banks, acquirers, CASPs and users with information about MEXC, Finetix, Heuro/OuiTrust, Ocean Wave Fintech, Legend Trading, Paytend, OSL Pay or related fiat and crypto flows to contact us confidentially through Whistle42. We are particularly interested in contracts, payment-flow documentation, merchant and acquirer records, compliance assessments, onboarding arrangements, internal communications, settlement structures and regulatory correspondence. Share information securely. Help us map the infrastructure behind the market. FinTelegram’s Radar Status and risk assessments are editorial compliance classifications and not findings by a court or regulator. The report does not allege criminal conduct by any named entity. All named parties are invited to provide corrections and statements for incorporation into updated versions.

Read More

THE $2.3 BILLION CONFLICT MACHINE: How the Trump Family Turned America’s Crypto Presidency Into a Compliance Nightmare

Official disclosures show extraordinary crypto income. Reuters estimates at least $2.3 billion in Trump-family crypto profits. Outside investors lost billions. Meanwhile, the same administration reshaped crypto policy, dismantled parts of the enforcement architecture and pardoned prominent crypto figures. This is no longer a “bad optics” story. It is a systemic conflict-of-interest case. By FinTelegram | Financial Intelligence & Compliance Report | 4 July 2026 Executive Warning Let us begin with the distinction that matters. FinTelegram is not alleging that Donald Trump has been convicted of bribery, market manipulation, insider trading or a criminal quid pro quo in connection with his family’s crypto ventures. He has not. The White House denies conflicts of interest. Trump says he is not involved in managing his finances. World Liberty Financial rejects allegations of misconduct in its dispute with major investor Justin Sun. And Trump’s latest annual financial disclosure was certified by an ethics official as compliant with applicable laws and regulations, subject to the filing’s comments. But that is precisely why this case is so disturbing. The Trump crypto story exposes a compliance architecture in which legal formalities, presidential exemptions, private token economics, foreign capital, regulatory discretion and political power coexist inside one extraordinarily profitable ecosystem. From a financial-crime and governance perspective, this is a nightmare. The Hard Number: Crypto Has Become a Presidential Profit Engine On 30 June 2026, the U.S. Office of Government Ethics made President Donald Trump’s certified annual financial disclosure available. The filing covers 2025 and runs to 927 pages. Reuters calculated that Trump reported more than $1.4 billion in income from crypto-related ventures, making digital assets his dominant disclosed income source for the year. Reuters further estimates that the Trump family has generated at least $2.3 billion in profits from crypto ventures since Trump returned to the presidency. The official filing itself contains numbers that would trigger an emergency conflicts review in almost any serious financial institution. Among them: CIC Digital LLC, linked to NFT and meme-coin licensing, disclosed approximately $635.1 million in royalties from a licensing agreement involving Celebration Coins. Trump-linked World Liberty structures disclosed $236.25 million in net proceeds from token-sale distributions in one entry, alongside multiple additional crypto-wallet distributions. A Trump-linked entity disclosed $65.625 million in net proceeds from a sale of equity in WLF Holdco. Another Trump-linked structure disclosed $196.875 million in net proceeds from capital contributions and Class C units connected to Stablecoin Holdco. The disclosure also identifies a wallet holding 15.75 billion World Liberty governance tokens, valued in the filing at more than $50 million. These are not numbers invented by political opponents. They sit inside the President’s own official disclosure architecture. And they produce the central compliance question of this report: How can the head of the U.S. executive branch remain the economic beneficiary of a crypto empire operating in the very sector his administration regulates, supervises, prosecutes, de-prosecutes and politically promotes? 1. The Scandal Is Not One Payment. It Is the Architecture. A conventional corruption investigation looks for a payment and a favor. The Trump crypto ecosystem is more difficult — and, from a compliance perspective, potentially more dangerous — because the conflict is structural. Trump entered his second presidency while retaining economic exposure to business interests placed into trust arrangements. His official disclosure identifies the Donald J. Trump Revocable Trust and states that Trump is its sole beneficiary in connection with major holdings. Reuters reported that while Trump’s children oversee the businesses, the President remains the beneficiary of assets receiving income. At the same time, the Trump administration pursued a sweeping pro-crypto agenda. The administration issued its January 2025 digital-assets executive order, created a Strategic Bitcoin Reserve and U.S. Digital Asset Stockpile, and Trump signed the GENIUS Act establishing a federal framework for payment stablecoins. The SEC created a dedicated Crypto Task Force and subsequently dismissed multiple inherited crypto-enforcement cases; the Justice Department dismantled its National Cryptocurrency Enforcement Team and narrowed crypto-prosecution priorities. None of those actions is automatically improper. A president is entitled to pursue crypto-friendly policy. Regulators are entitled to change enforcement priorities. Congress is entitled to legislate. The compliance problem is the simultaneous private economic exposure. The President was not merely an ideological supporter of an industry benefiting from his policies. His own disclosure now shows that crypto was generating extraordinary income for structures connected to him. That distinction is devastating. A bank would not accept the argument that a senior executive may decide policy affecting a market while remaining the beneficial owner of businesses generating hundreds of millions from that same market because “the strategy is good for the industry.” That is not a control. That is the absence of a control. 2. Reuters Found the Brutal Asymmetry: The Family Wins, Investors Lose A major Reuters investigation published on 9 June 2026 examined four Trump-family crypto complexes: World Liberty Financial, the $TRUMP meme coin, ALT5 Sigma — now AI Financial Corp. — and American Bitcoin. Reuters concluded that the Trump family generated at least $2.3 billion in profit from these ventures while more than one million outside investors had accumulated approximately $2.3 billion in net losses by the end of April 2026. The news agency’s methodology used corporate filings, blockchain data, market prices and transaction analysis. Companies and representatives challenged aspects of the methodology, including the treatment of realized and unrealized losses. That symmetry is almost too extraordinary to believe: Trump family: approximately $2.3 billion profit.Outside investors: approximately $2.3 billion net loss. This does not prove fraud. But it is a screaming investor-fairness red flag. Reuters found a recurring economic pattern: the Trump family often contributed little or no identifiable personal capital to the ventures while receiving exceptionally favorable token-sale economics, licensing income or equity interests. In its World Liberty analysis, Reuters said the disclosed arrangement directed the lion’s share of specified token-sale proceeds toward Trump-linked interests; it estimated Trump-family World Liberty earnings above $1.4 billion under its methodology. World Liberty disputes the characterization of WLFI as a conventional investment and has challenged Reuters’ loss analysis. This is where FinTelegram’s compliance assessment becomes severe. A politically connected sponsor with privileged economics, minimal downside and enormous upside is already a related-party risk. A sponsor whose ultimate beneficiary is the sitting President of the United States is a PEP-risk event of the highest conceivable order. 3. World Liberty Financial: The Ultimate Related-Party Conflict? World Liberty Financial is not merely another crypto startup with a celebrity endorsement. It sits at the intersection of: a sitting U.S. President; his family; token investors; stablecoin economics; foreign counterparties; a regulatory administration controlled by that President; and an application by a related World Liberty entity for a U.S. banking charter. Reuters reported that World Liberty’s disclosed economics allocated 75% of specified net token-sale revenues to a Trump-linked entity under the relevant arrangements. The President’s own 2026 disclosure records hundreds of millions of dollars across World Liberty-related token distributions, equity-sale proceeds and stablecoin-holding structures. From a compliance perspective, three questions follow immediately: First: Who were the ultimate beneficial owners behind the largest token purchases and capital contributions? Second: Which buyers were foreign PEPs, sovereign-linked entities, state-backed funds, sanctioned-risk counterparties or persons with pending regulatory interests before the U.S. government? Third: What controls ensured that presidential policy decisions were insulated from the economic interests of the President as beneficiary? The public record does not provide satisfactory answers to all three. And in compliance, opacity plus political power plus private financial benefit is not neutrality. It is risk concentration. 4. The Justin Sun Case Is More Important Than It Looks Justin Sun is not a conventional retail victim. He is a billionaire crypto entrepreneur, founder of the Tron ecosystem and a sophisticated market participant. That makes the World Liberty dispute more revealing, not less. Sun became one of World Liberty’s most important financial backers. Reuters reported that he initially purchased $45 million of WLFI tokens, later accumulated a portfolio of roughly four billion tokens, and had become publicly associated with the project. Then the relationship exploded. In April 2026, Sun sued World Liberty Financial in federal court in California. He alleged that the venture had illegally frozen his WLFI holdings, stripped voting rights and secretly introduced mechanisms capable of restricting token transfers. His lawsuit also alleged that World Liberty threatened to “burn” his holdings. World Liberty rejected the claims as meritless and alleged misconduct by Sun. In May 2026, World Liberty countersued, accusing Sun of defamation and improper token activity; it said its ability to freeze tokens had been disclosed in the Terms of Sale. The dispute remains contested. FinTelegram makes no finding on which party will prevail. But the compliance issue is brutal: How can a politically connected token venture retain extraordinary economic benefits for insiders while apparently possessing — according to the parties’ own dispute — mechanisms capable of freezing a major investor’s assets? Sun alleges secret and unilateral control. World Liberty says the contractual power was disclosed and that Sun’s conduct justified action. Either way, a sophisticated compliance framework should require: predefined and transparent freeze criteria; independent decision-making; documented evidentiary thresholds; separation between commercial disputes and financial-crime controls; an appeals mechanism; conflict checks; and board-level oversight independent of economically interested insiders. The central point is not that Justin Sun deserves sympathy. Investor fairness is not reserved for sympathetic investors. And the identity of the ultimate politically exposed beneficiary makes arbitrary or selectively enforced restrictions especially dangerous. 5. The Sun Sequence Creates a Separate Regulatory-Integrity Red Flag The Justin Sun story contains another uncomfortable layer. The SEC sued Sun and related entities in 2023, alleging unregistered crypto-asset offerings, manipulative wash trading and undisclosed celebrity promotion. Sun denied wrongdoing. After Trump returned to office, the SEC litigation was paused while the parties explored resolution. In March 2026, the matter was resolved through a settlement involving a $10 million payment, without admissions of wrongdoing. Meanwhile, Sun had become a major financial backer of the Trump family’s World Liberty venture, with his investment reportedly rising to $75 million. Let us be precise. There is no publicly established proof that Sun’s World Liberty investment caused the SEC pause or settlement. FinTelegram does not allege such a quid pro quo as fact. But any competent anti-bribery or public-integrity officer would flag the sequence for enhanced review: Major investment into a sitting President’s family-linked venture → pending federal enforcement exposure → change in administration → enforcement pause → later settlement. The compliance question is not whether a prosecutor can already prove corruption beyond reasonable doubt. The compliance question is whether the arrangement creates an unacceptable appearance of purchased influence. It plainly does. And the later collapse of the Sun–World Liberty relationship makes the architecture even stranger: a major investor whose regulatory position generated enormous conflict concerns ultimately became an adversary alleging unfair treatment by the very venture he helped finance. That is not governance. That is a case study. 6. The $5 Million “Super Node” Problem: When Access Becomes a Product In March 2026, Reuters reported that World Liberty had developed a so-called Super Node structure under which participants locking up approximately $5 million in tokens could receive preferential access to business-development personnel and executives. Reuters reported that earlier materials identified Trump family members on World Liberty’s team page before changes were made; World Liberty said the program did not promise access to government officials or members of the Trump family and rejected suggestions of improper influence. Again, the compliance issue lies in the architecture. Under the relevant revenue economics reported by Reuters, a $5 million token purchase could indirectly generate substantial proceeds for Trump-linked interests. Reuters calculated that, under the 75% arrangement, approximately $3.75 million of such a purchase could flow toward Trump-family-linked economics. Now place that beside the identity of the ultimate beneficiary. The President of the United States. Even without any explicit promise of government access, this structure creates extreme pay-to-play optics. For a PEP-screening team, the question would be obvious: Why is a commercial crypto structure connected to a sitting President selling a premium tier whose attraction includes privileged access while the President remains economically exposed to the ecosystem? “Trust us” is not an adequate answer. 7. The $TRUMP Dinner: A Global, Pseudonymous Access Market The $TRUMP meme coin added an even more spectacular conflict. In 2025, top holders of the token were offered access to a dinner involving Trump. Reuters reported that investors spent roughly $148 million acquiring the coin in pursuit of attendance and that the top 25 participants accounted for more than $111 million in holdings under its analysis. Justin Sun emerged as the largest publicly identified holder associated with the event. This was not a normal campaign fundraiser operating under ordinary donor-disclosure rules. It was a globally tradable crypto asset. That distinction creates an extraordinary AML and foreign-influence problem because token holders can participate through wallets, intermediaries and exchanges across multiple jurisdictions. Reporting at the time identified substantial international participation and raised questions about the identities behind major positions. The compliance nightmare is obvious: A financial asset linked to presidential private economics can simultaneously function as a mechanism through which large holders compete for proximity to the President. Whether technically lawful or not, this is precisely the kind of structure a serious institution would classify as critical PEP, influence-trading and source-of-funds risk. 8. Foreign Money: The UAE–MGX–USD1–Binance Triangle The foreign-influence dimension may be the most dangerous part of the entire case. In May 2025, the Abu Dhabi-backed investment firm MGX announced that it would use World Liberty’s USD1 stablecoin for a $2 billion investment in Binance. MGX later said it selected USD1 after evaluating relevant factors and that Binance had requested the use of crypto. Reuters reported that the transaction placed a Trump-linked stablecoin at the center of one of the largest crypto deals of the period. The surrounding context is extraordinary. Binance had previously pleaded guilty in the United States to failures involving anti-money-laundering controls and paid approximately $4.3 billion in penalties and forfeiture. Founder Changpeng Zhao, known as CZ, pleaded guilty to violating U.S. anti-money-laundering requirements, served a prison sentence and later received a presidential pardon from Trump in October 2025. Binance, CZ’s lawyers and MGX denied that the USD1 transaction was connected to the pardon, and Reuters said it could not establish such a connection. That denial matters. So does the sequence. A Trump-family-linked stablecoin facilitates a $2 billion transaction involving Binance. The Trump administration controls federal executive power. The President later pardons Binance’s convicted founder. No proven quid pro quo has been established. But from a compliance perspective, that is not the end of the analysis. It is the beginning. Any bank seeing such a sequence involving an ordinary foreign PEP would launch an enhanced review covering: ultimate beneficial ownership; source and destination of funds; sovereign links; regulatory requests; pending criminal matters; lobbying contacts; intermediary relationships; and any direct or indirect benefit to the PEP. Why should the standard be lower because the PEP is the President of the United States? 9. The Reported UAE Equity Deal Raises the Stakes Again The Wall Street Journal reported in early 2026 that a UAE-linked investor group had agreed to invest $500 million for a 49% interest in World Liberty, with the transaction linked to Sheikh Tahnoon bin Zayed Al Nahyan’s orbit. The Washington Post also reported on the transaction and its conflict implications. U.S. lawmakers subsequently called for scrutiny, including a CFIUS review. The White House and World Liberty rejected suggestions of improper conduct. Trump’s official 2026 disclosure does not publicly identify the counterparty in the relevant entries, but it records $196.875 million in proceeds connected to capital contributions and Class C units in Stablecoin Holdco and $65.625 million in net proceeds from an equity sale involving WLF Holdco structures. Those figures are noteworthy, although FinTelegram does not claim the public filing alone proves the identity of the payer. This is exactly why beneficial-ownership transparency is indispensable. When foreign sovereign-linked money can enter a venture economically benefiting a sitting President, the absence of full counterparty transparency becomes a national compliance problem. 10. The Pardon Pattern Cannot Be Ignored Trump did not merely promise the crypto community a friendlier regulatory environment. He delivered symbolic and concrete interventions. On 21 January 2025, Trump granted a full and unconditional pardon to Ross Ulbricht, founder of the Silk Road marketplace. The pardon fulfilled a prominent campaign commitment to parts of the crypto and libertarian communities. In March 2025, Trump pardoned BitMEX figures including Arthur Hayes, Benjamin Delo, Samuel Reed and Gregory Dwyer following criminal cases involving Bank Secrecy Act and AML-control failures. In October 2025, he pardoned Changpeng Zhao, the Binance founder whose conviction arose from failures to maintain an effective anti-money-laundering program. A President has constitutional pardon power. Exercising it is not automatically corrupt. But the compliance context is unprecedented: the same President and his family were simultaneously building a multi-billion-dollar private crypto fortune. That creates a profound problem of regulatory moral hazard. When the political authority promoting an industry, changing enforcement priorities and pardoning major industry figures is also the economic beneficiary of a crypto empire, every discretionary act becomes contaminated by the conflict question. That is not partisan rhetoric. That is basic governance analysis. 11. The OGE Certification Does Not Solve the Problem — It Exposes It Here is perhaps the most intellectually important point. Trump’s 2026 financial disclosure contains an ethics certification stating that, based on the information in the report, the filer was in compliance with applicable laws and regulations, subject to comments. The filing also records a 45-day extension and late filing fees relating to transactions not previously reported on periodic transaction reports. Critics should not hide that certification. FinTelegram highlights it. Because it reveals the real scandal: The American legal framework may be too weak to treat the President like the conflicted PEP he plainly is. Reuters quoted former acting OGE head Don Fox explaining that presidents and vice presidents are outside the ordinary statutory conflict regime that applies to executive-branch employees, and that previous presidents generally managed conflicts as though they were constrained by such norms. This produces what FinTelegram calls the Presidential Compliance Paradox: A structure can be formally disclosed and survive existing legal rules while remaining completely unacceptable under serious financial-sector conflict-of-interest standards. That distinction is essential. Legal compliance is a floor. It is not proof of ethical integrity. It is not proof of investor fairness. It is not proof of regulatory independence. And it certainly is not proof that a conflict does not exist. FinTelegram Compliance Risk Matrix Risk DimensionRatingFinTelegram AssessmentConflict of Interest10/10 – CriticalPresident remains economically exposed to an industry directly affected by executive policyPEP / Foreign Influence Risk10/10 – CriticalForeign and sovereign-linked counterparties interact with Trump-linked crypto structuresRegulatory Independence10/10 – CriticalPolicy, enforcement priorities and private economic exposure coexistInvestor Fairness9/10 – CriticalReuters identified extraordinary sponsor/investor asymmetry; Justin Sun dispute intensifies concernRelated-Party Governance10/10 – CriticalFamily structures receive exceptional economics while ultimate beneficiary holds public powerAML / Source-of-Funds Transparency9/10 – CriticalGlobal token purchases and wallet structures complicate beneficial-owner visibilityPay-to-Play / Access Risk10/10 – CriticalMeme-coin dinner and premium-access structures create unprecedented monetized-access opticsMarket-Conduct Risk9/10 – CriticalPolitically branded tokens, asymmetric economics and massive investor losses demand independent reviewAnti-Bribery / Quid-Pro-Quo Appearance10/10 – CriticalMultiple sequences would trigger EDD in any serious PEP environmentProven Criminal LiabilityNot EstablishedPublic evidence reviewed does not prove a criminal quid pro quo by Trump Overall FinTelegram Rating: RED / CRITICAL — 9.7 out of 10 This rating is an analytical compliance judgment, not a criminal verdict. The FinTelegram Verdict: This Structure Is Indefensible Our conclusion is severe. Donald Trump’s crypto empire represents one of the most extreme conflict-of-interest structures ever attached to a modern democratic head of government. The problem is not that Trump supports crypto. The problem is not that his children do business. The problem is not even that he is rich. The problem is the closed loop: Private crypto profit → presidential policy power → weakened enforcement pressure → pardons and regulatory discretion → foreign and industry money → token appreciation and transaction income → more private crypto profit. Not every arrow in that loop proves causation. But together they create an architecture no serious compliance officer should approve. Reuters’ June 2026 investigation places the economic asymmetry in brutal numerical terms: at least $2.3 billion in estimated Trump-family crypto profits against approximately $2.3 billion in net losses among more than one million outside investors at the examined date. Three weeks later, Trump’s own official disclosure confirmed that crypto-related ventures had generated more than $1.4 billion in reported 2025 income for the President. This is no longer about “optics.” It is about whether a democracy can permit its head of government to remain economically exposed to a speculative financial ecosystem while his own administration determines that ecosystem’s regulatory weather. A compliance officer approving an equivalent structure for a bank CEO would likely be called before the board within hours. The President of the United States should not be held to a lower standard. What a Serious Compliance Remediation Would Require FinTelegram believes a credible remediation framework would require, at minimum: First, genuine divestment or a genuinely independent qualified blind trust. A revocable family trust in which the officeholder remains the economic beneficiary is not equivalent to economic separation. Second, mandatory documented recusals. Decisions materially affecting crypto regulation, enforcement targets, stablecoins, banking charters or counterparties with business links to Trump-family ventures should be subject to an independently published conflict process. Third, complete beneficial-owner transparency for major token buyers and strategic investors. Particularly for foreign PEPs, sovereign-linked entities and persons with matters pending before U.S. authorities. Fourth, an independent World Liberty conflicts committee. No token freeze, burn, restriction or exceptional investor action involving a major holder should be controlled solely by economically interested insiders. Fifth, forensic disclosure of related-party economics. Token-sale allocations, licensing arrangements, stablecoin reserve economics, equity transfers and promotional compensation should be independently audited. Sixth, a regulator firewall. Any agency action involving a material Trump-family counterparty should receive independent ethics review. Without such controls, the system rests on personal assurances. And personal assurances are not compliance. Call for Information Do you have information about Trump-linked crypto ventures, World Liberty Financial, USD1 reserve economics, major WLFI buyers, foreign investors, beneficial owners behind strategic transactions, token-freeze mechanisms, regulatory contacts or related payment flows? FinTelegram welcomes confidential information from insiders, compliance officers, financial institutions, investors, regulators and counterparties. Submit information securely through Whistle42. Documents, wallet addresses, transaction records, internal emails, contracts and compliance assessments are particularly valuable. Share Information via Whistle42 Editorial note: This report is based on official U.S. financial disclosures, regulatory and government records, court-related reporting and investigations by established news organizations, including Reuters. Allegations are identified as allegations. Analytical conclusions are FinTelegram’s own.

Read More

Zentoria: SoloCheck Flags Irish Gambling Front as High-Risk While Marshall Islands Parent Holds the Keys!!

A new SoloCheck credit report confirms that Zentoria is a thinly capitalised Irish gambling vehicle with a zero credit limit and above‑average failure risk – fully controlled by an offshore parent in the Marshall Islands. FinTelegram has obtained and reviewed a current SoloCheck.ie credit report on Zentoria Limited, the Irish gambling company at the centre of our Zentoria / Spinsopotamia / NALMI investigations. The verdict from SoloCheck is blunt: Zentoria scores 52 out of 100 – “Caution Advised” – with a red‑flag credit limit of €0. In other words, an independent commercial risk engine now treats Zentoria as a company to which unsecured creditors should not extend credit. SoloCheck’s model puts Zentoria’s probability of failure at 2.6%, compared to an Irish company average of 1.5% – roughly 1.7 times higher risk than the broader market. For a newly formed gambling entity in a high‑risk sector, whose name already appears in a complex offshore casino and payment cluster, that elevated failure probability is more than a statistical footnote. It is a clear warning sign. Read more on Zentoria here. Offshore parent: Lornioco Limited (Marshall Islands) The most striking ownership detail remains the same: Zentoria is 100% owned and controlled by Lornioco Limited, a company incorporated in the Marshall Islands. Zentoria’s 2024 financial statements identify Lornioco as both parent and ultimate parent, and record a small receivable from the parent together with a formal letter of support used to justify the going‑concern assumption. From a compliance perspective, this combination is explosive: An Irish gambling company with industry code 9200 – Gambling and Betting Activities, zero revenue, a loss of €32,184, and negative net assets of €31,184 in its first reported period, yet fully owned by an offshore parent in a secrecy‑friendly jurisdiction, on whose support it depends for survival. This is not the profile of a robust, independently capitalised bookmaker. It is the profile of a licensed front company, thinly financed, whose real control and funding sit offshore. SoloCheck’s risk view matches the thin balance sheet The SoloCheck report reproduces Zentoria’s weak numbers with forensic clarity: Current assets: €9,629 (cash €8,629 + €1,000 receivable from Lornioco). Current liabilities: €40,813. Net current assets / net assets: −€31,184. Current ratio / quick ratio: both 0.24, indicating that short‑term liabilities are more than four times short‑term assets. SoloCheck’s commentary highlights exactly the risk factors that FinTelegram has already flagged: low or negative net worth, high reliance on short‑term creditors, younger companies in high‑risk sectors, and financial losses under current conditions. Against these criteria, the system assigns Zentoria a €0 credit limit and places it in the bottom ~15% of peers in its gambling industry and economic sector. Fits the bigger Zentoria / Spinsopotamia / NALMI picture This financial and credit‑risk profile dovetails with the wider story FinTelegram has already built around Zentoria: Our Compliance Intelligence Report and Technical Annex mapped Spinsopotamia.com and the Zentoria‑facing layer into the narrow NALMI / AS213846 – 185.207.196.0/22 casino-domain environment, with preserved HTML, shared CSPER/SEON configuration, a strict 83‑domain cluster, and cross‑brand catalogue links.fintelegram+1Zentoria_Spinsopotamia_Technical_Annex.docx+1 Subsequent updates documented how the Spinsopotamia front descriptor abruptly moved into a global HTTP 403 “Access denied” state and later to a GoDaddy parked page, consistent with a rapid retreat from a compromised front end rather than a routine rebranding exercise. Seen together, these strands – offshore parent, thin Irish balance sheet, high technical correlation with a concentrated casino infrastructure, and post‑exposé shutdown of the Spinsopotamia descriptor – reinforce a single conclusion: Zentoria looks far more like a risk‑laden front vehicle in a larger gambling/payment architecture than a conventional, transparent Irish operator. Compliance takeaway: follow the offshore parent and the flows For regulators, FIUs, PSPs, acquirers, banks, wallet providers and infrastructure operators, the SoloCheck report shifts the centre of gravity. Zentoria’s weak numbers, high failure probability and €0 credit limit suggest that the real story is not the Irish wrapper but the offshore parent, group funding, and payment flows behind it.Zentoria-Financial-Statements-2024.pdf+1 Key questions now include: Who ultimately owns and controls Lornioco Limited (Marshall Islands)? How is Zentoria funded, and through which accounts and instruments? Which casino and payment flows previously routed through the Spinsopotamia/Zentoria façade have migrated elsewhere since the front descriptor was shut down and parked? Which PSPs, acquirers and wallet providers have been onboarding or processing for this structure under the comfort of “Irish company, gambling licence” while the balance sheet and credit‑risk tell a very different story? FinTelegram will continue to press these questions and invites regulators and PSPs to obtain provider‑side records, group‑level financials, and beneficial‑ownership information that go beyond the thin Irish filings now publicly available.fintelegram+1Zentoria-Financial-Statements-2024. Share Information via Whistle42

Read More

Google Loses Final EU Appeal: €4.1 Billion Android Fine Becomes Big Tech Compliance Landmark

Google and Alphabet have lost their final appeal before the EU’s top court over the record Android antitrust fine. The €4.125 billion penalty confirms Brussels’ long-standing view that Google used Android licensing, pre-installation requirements and ecosystem control to protect its search dominance. For Big Tech, the ruling is another warning that platform power is no longer merely a business model — it is a compliance risk. €4.1 Billion Android Fine Becomes Big Tech Compliance Landmark The European Court of Justice has dismissed the appeal brought by Google and its parent company Alphabet in the long-running Android antitrust case, confirming the €4.125 billion fine imposed by the EU after the General Court reduced the original €4.343 billion penalty in 2022. The case goes back to the European Commission’s 2018 finding that Google abused its dominant position by using Android-related restrictions to protect and strengthen Google Search. At the heart of the case was not Android as software, but Android as a distribution machine. According to the Commission’s case theory, manufacturers could obtain access to the Play Store only if they pre-installed Google Search and Chrome; they were restricted from selling devices with non-approved Android variants; and revenue-sharing arrangements were linked to not pre-installing competing search services. The Commission described these practices as a single and continuous infringement aimed at protecting Google’s search advertising business at a time when mobile internet usage was becoming strategically decisive. Google’s defense narrative has always been familiar: Android, it argued, created choice, innovation and a free operating system for manufacturers, developers and users. That argument did not carry the day. The EU courts essentially treated pre-installation and default positioning as powerful competition levers. The logic is simple but important: in digital ecosystems, user inertia and “status quo bias” can be just as commercially decisive as formal exclusivity. The Advocate General’s earlier opinion had already emphasized that competitors could not realistically offset the advantage created by Google’s pre-installation strategy and network effects. This is therefore more than a legacy Android case. It confirms the EU’s broader enforcement philosophy: dominant digital platforms cannot use control over operating systems, app stores, browsers, search functions or advertising rails to lock in adjacent markets. In FinTelegram terms, this is an ecosystem-control case — the same structural issue now shaping enforcement under the Digital Markets Act, app-store investigations and adtech proceedings. The ruling also lands in a wider enforcement pattern. Google has faced several major EU competition cases, including the Google Shopping fine and the 2025 €2.95 billion adtech fine over alleged abusive practices in online advertising technology. The Android ruling now strengthens the Commission’s position in future disputes over self-preferencing, default settings, app-store terms and data-driven market power. From a compliance perspective, the message is brutal but clear: free products are not free from competition law. A platform may offer a service at no direct monetary cost and still abuse dominance if it uses contractual architecture, defaults and ecosystem dependency to foreclose rivals. For Big Tech, the old playbook — bundle, default, scale, monetize — is now an enforcement trigger in Brussels. Google says it already adapted its agreements after the 2018 decision and remains focused on openness and innovation. That may be true operationally, but legally the damage is done. After eight years of litigation, the Android case has become a landmark warning: in the EU, dominance is tolerated; engineered dependency is not. Key Data ItemDetailsCompanyGoogle LLC / CaseGoogle AndroidEU case referenceAT.40099 / C-738/22 POriginal Commission fineApprox. €4.343 billionFinal confirmed fineApprox. €4.125 billionCore allegationAbuse of dominant position through Android-related restrictionsMain conductPre-installation of Google Search and Chrome, anti-fragmentation restrictions, revenue-sharing conditionsLegal basisEU abuse of dominance rules, Article 102 TFEUCompliance meaningDefault settings, bundling and ecosystem control are high-risk practices for dominant platforms FinTelegram Takeaway This ruling is a compliance earthquake disguised as an old antitrust case. The EU has confirmed that Big Tech dominance is not illegal by itself — but using that dominance to hardwire market outcomes through defaults, bundles and ecosystem dependency can become a multibillion-euro liability. Whistleblower Call FinTelegram invites insiders, former employees, competitors, app developers, device manufacturers and adtech professionals with relevant information about Big Tech platform practices, app-store restrictions, default settings, advertising technology or digital market abuse to contact us confidentially via Whistle42. Share Information via Whistle42

Read More

Unzer Appoints Isabelle Bénard As Chief Product & AI Officer — AI Push After Compliance Reset

Berlin-based payment and commerce platform Unzer has appointed Isabelle Bénard as its new Chief Product & AI Officer (CPAIO). According to the company, the newly expanded role combines responsibility for Unzer’s product strategy with oversight of its artificial intelligence agenda. Bénard joins Unzer from Mirakl, where she served as Chief Product Officer. Her previous career stations include Amazon France, Global Fashion Group, SSENSE, and Lightspeed. Unzer says she will lead the product organization and drive the integration of AI across product development, merchant services, compliance, fraud prevention, onboarding, customer support, and software development. The appointment comes at an important moment for Unzer. The company is no longer merely trying to sell itself as a payment processor, but as a broader unified commerce platform combining payments, software, and financial services. According to the announcement, more than 90,000 merchants across Europe now use Unzer’s solutions. For FinTelegram readers, however, the appointment should also be viewed against Unzer’s broader history. FinTelegram has previously reported on Unzer’s financial turbulence, restructuring efforts, and BaFin-related compliance issues, including the earlier special audit and customer-onboarding restrictions at Unzer E-Com GmbH. In October 2024, Unzer announced that BaFin had ended the special monitorship and fully lifted the onboarding ban after the company invested heavily in compliance and governance improvements. More recently, FinTelegram also covered the broader Operation “Chargeback” context involving former actors around the German payment industry and former Unzer/Heidelpay founder Mirko Hüllemann. Unzer itself has stressed in public reporting that the relevant matters concerned former employees and legacy business relationships, not its current management. The presumption of innocence applies. The Bénard appointment therefore sends a clear message: Unzer wants to shift the narrative from legacy compliance remediation to product innovation, data, and AI-driven merchant services. CEO Robert Bueninck framed AI as no longer an “experiment or side project,” but as part of how Unzer builds products, makes decisions, and supports merchants. From a compliance-intelligence perspective, the key question will be whether Unzer’s AI push strengthens risk controls — merchant onboarding, transaction monitoring, fraud detection, and compliance workflows — or mainly serves as another fintech growth narrative. In high-risk payment environments, AI can be a powerful compliance accelerator. But without strong governance, explainability, and auditability, it can also become a black box. FinTelegram will continue to monitor Unzer’s repositioning from a once-troubled payment processor into an AI-enabled unified commerce platform. Share Information via Whistle42

Read More

MEXC Update: The Finetix–OuiTrust–Ocean Wave–Legend Trading Payment Relay Exposed!

FinTelegram’s MiCA Day One test suggests that MEXC not only continued to accept EU users, but operated a multi-layer third-party onboarding and payment-routing model designed to keep fiat access functional despite no disclosed MiCA CASP authorisation. Key Takeaways FinTelegram’s live test on 1 July 2026 shows that a KYC-verified EU user could access MEXC fiat deposit and crypto purchase flows. The MEXC deposit process routed the user through multiple third-party layers, including Harmoniie SAS dba OuiTrust / Heuro, Ocean Wave Fintech Pty Ltd, Legend Trading, and Finetix. During the MEXC bank-transfer flow, a French IBAN at Heuro / OuiTrust was presented for payment. MEXC automatically triggered account creation with Ocean Wave Fintech Pty Ltd, an Australian company whose historical ABN records show earlier names including MXC Tech Pty Ltd and MEXC Australia Pty Ltd. Another MEXC flow triggered an account application with Legend Trading. A card payment verification screenshot showed the descriptor “Finetix*mexc.com”, strengthening the hypothesis that Finetix acts as a central MEXC-linked EU-facing payment orchestration layer. FinTelegram does not currently allege that MEXC, Heuro / OuiTrust, Ocean Wave, Legend Trading and Finetix are under common ownership. The structure requires further whistleblower evidence and regulatory clarification. FinTelegram keeps MEXC at Radar Status: Black under its MiCA/MiFID-II Perimeter Radar. Radar Classification Update FieldUpdated AssessmentPlatformMEXC (www.mexc.com)EU user statusKYC-verified EU resident and nationalMiCA statusNo disclosed MEXC MiCA CASP authorisation identified in the tested flowFiat accessBank transfer, card and third-party rails observedKey payment layersFinetix, OuiTrust / Heuro, Ocean Wave Fintech, Legend TradingHeuro / OuiTrust roleFrench EMI / IBAN and SEPA rail layerOcean Wave roleAustralian service-provider layer; former names include MEXC Australia Pty Ltd and MXC Tech Pty LtdLegend roleThird-party crypto/fiat gateway; European contracting entity appears to be Legend Financial Ireland LimitedFinetix roleAppears to be central payment orchestration / merchant-descriptor / contractual gateway layerCore riskContinued EU-facing onboarding and fiat access after MiCA Day OneRadar StatusBlackWatch TypeActive EU Onboarding Watch / Payment Relay Watch / Jurisdictional Arbitrage Watch / Payment Facilitator Risk Watch The Core Finding FinTelegram’s first MiCA Day One MEXC report showed that MEXC continued to onboard EU users on 1 July 2026. This update goes further. The newly documented flow suggests that MEXC did not merely leave its platform open to EU users. It appears to have embedded a multi-layer payment relay that routes an EU customer through a chain of third-party service providers while keeping the MEXC trading and deposit experience functionally available. The architecture observed by FinTelegram can be summarised as follows: EU user → MEXC onboarding → MEXC fiat deposit / buy crypto flow → third-party account creation or consent → Finetix / OuiTrust / Heuro / Ocean Wave / Legend Trading layers → EUR or card payment → crypto or fiat crediting into MEXC environment. That is not an orderly wind-down pattern. It looks like an operational fiat-onramp stack. MiCA Day One: Why This Matters ESMA’s message for 1 July 2026 is clear. Unauthorised CASPs must immediately stop onboarding new EU clients, refrain from opening new client relationships or accounts, cease marketing and solicitation, and limit services to actions necessary to sell, transfer, reallocate or close positions. Custody may continue only for the period strictly necessary to complete an orderly exit. ESMA also reminds non-EU CASPs that they cannot provide MiCA services to EU clients or solicit EU clients, except under the narrow reverse-solicitation regime. MEXC’s own support materials, however, still describe EUR online bank-transfer deposits as available to verified KYC users from supported countries and list many EU/EEA jurisdictions, including Austria, Belgium, France, Germany, Ireland, Italy, Lithuania, Luxembourg, Malta, Poland, Romania, Spain and others. The same MEXC page states that fiat deposit limits are up to €20,000 per transaction and €200,000 daily. (MEXC) MEXC’s User Agreement lists several prohibited jurisdictions, including the United States, United Kingdom, Canada, mainland China, Singapore and others, but the reviewed prohibition list does not name the EU or EEA as such. The User Agreement also expressly refers to risks associated with transactions in digital assets and their derivatives. (MEXC) That is the legal tension: MiCA says no unauthorised EU-facing onboarding; the MEXC ecosystem still appears to deliver fiat and crypto access to EU users. Evidence Layer 1: The OuiTrust / Heuro Consent Layer FinTelegram’s MEXC bank-transfer test first presented a consent screen requiring the user to accept terms involving MEXC and Harmoniie SAS, trading as OuiTrust. The same screenshot indicated links to OuiTrust and Finetix legal materials. OuiTrust’s legal page states that OuiTrust is the trading name of Harmoniie SAS, a French simplified joint stock company registered in Paris, headquartered at 1 Rue de la Bourse, 75002 Paris, and authorised by the French ACPR as an electronic money institution under licence number 17478. (OuiTrust) TheBanks.eu profile for Heuro SAS, doing business as OuiTrust, states that Heuro is an electronic money institution authorised and regulated by the Banque de France, offering multi-currency IBAN accounts, debit cards, e-money tokens, international transfers, foreign exchange and white-label cards. It also lists BIC HRSAFR22 and clarifies that Heuro is not a bank and does not participate in deposit-guarantee schemes, though it must safeguard customer funds under applicable EMI rules. (thebanks.eu) Heuro’s own website describes Heuro as a “leading web3 payment service provider in Europe” and states that Heuro SAS is an electronic money institution authorised by the ACPR / Banque de France. It also highlights stablecoin-related liquidity and “100% backed” reserves. (HEURO) This role is therefore critical. Heuro / OuiTrust may be a legitimate French EMI, but an EMI licence is not a MiCA CASP authorisation for MEXC. The key question is whether a French regulated payment institution is facilitating fiat access to an offshore crypto exchange that has no disclosed MiCA authorisation for EU users. FinTelegram has previously reported on the MEXC–Heuro–Finetix rail and highlighted Heuro’s strongly international and Asian-linked background. The existing evidence does not prove that Heuro and MEXC are commonly owned or directly affiliated. That question requires whistleblower information, contractual documentation and regulatory clarification. (FinTelegram) Evidence Layer 2: The Heuro French IBAN After the consent stage, the MEXC flow generated an order for a €100 bank transfer. The payment screen showed a French IBAN, BIC HRSAFR22XXX, bank name Heuro, and the Paris address corresponding to the OuiTrust / Harmoniie public legal footprint. FinTelegram will not publish the full IBAN or reporter-specific details for privacy and security reasons, but screenshots are on file. From a compliance perspective, this matters because the user was not merely reading a MEXC article or browsing a landing page. The platform generated a concrete bank-transfer order for an EU resident, in euros, through a French EMI rail, inside the MEXC deposit process. That is difficult to reconcile with a no-new-EU-business posture. Evidence Layer 3: Ocean Wave Fintech — The MEXC Australia Link The most striking new element is Ocean Wave Fintech Pty Ltd. During the MEXC bank-transfer process, a “Service Provider Change Confirmation” appeared, stating that the service currently in use would be provided by “Ocean Waves,” that the authorised jurisdiction would be Australia, that Australian laws and regulations would apply, and that clicking confirm would allow continued normal use of services provided by Ocean Waves. The same screen stated that the services would no longer be governed by the European regulatory framework (Screenshot left). Shortly thereafter, FinTelegram received emails from Ocean Wave Fintech Pty Ltd confirming account creation and a deposit request. Public Australian ABN history shows that Ocean Wave Fintech Pty Ltd is not an unrelated new name. The ABN history for ABN 59 638 473 211 shows the current name Ocean Wave Fintech Pty Ltd, preceded by Ocean Waive Fintech Pty Ltd, preceded by MEXC Australia Pty Ltd, preceded by MXC Tech Pty Ltd. The entity is an Australian private company with ASIC ACN 638 473 211. (abr.business.gov.au) This is a major finding. MEXC appears to have routed a KYC-verified EU user into an Australian service-provider layer whose own corporate history includes the MEXC name. The compliance question is obvious: Is Ocean Wave Fintech a genuine independent third-party service provider, or a renamed MEXC-linked entity used to relocate EU customer relationships outside the European regulatory framework? FinTelegram does not yet answer that question. But the corporate-history link makes the Ocean Wave layer a priority investigation target. Evidence Layer 4: Legend Trading FinTelegram also tested the Bank Transfer option under MEXC’s buy-crypto flow and observed “Legend Bank Transfer.” The user was required to accept Legend Trading terms and data sharing, and then received an email titled “MEXC via Legend Trading” concerning an application to a fiat trading account. Legend Trading’s Terms of Use state that European users contract with Legend Financial Ireland Limited, trading as Legend Trading, while rest-of-world users contract with Legend Trading Inc. in Delaware. (legendtrading.com) This layer must be handled carefully because Legend Financial Ireland Limited appears to be MiCA-authorised. The AMF white list states that Legend Financial Ireland Limited is licensed under MiCA in Ireland and authorised to provide services in France under freedom of services, with authorised services including exchange of crypto-assets for funds and exchange of crypto-assets for other crypto-assets. (amf-france.org) Legend itself announced that Legend Financial Ireland Limited had received CASP authorisation from the Central Bank of Ireland and presented Legend FXN as a regulated stablecoin-to-fiat settlement platform for European banks, EMIs, payment institutions and other institutions. (legendtrading.com) This creates a different, but equally important, issue. If a MiCA-authorised CASP is embedded in a MEXC fiat flow, regulators and compliance officers must ask: What is Legend’s role? Is it merely providing an independent regulated exchange service? Is it onboarding the customer as its own client? Does it transfer value or liquidity into MEXC? Does it know that the platform context is MEXC? What due diligence has it conducted on MEXC’s EU authorisation status? A MiCA-authorised gateway cannot simply become a regulatory bridge for a non-authorised offshore exchange without raising perimeter, outsourcing, conduct and client-disclosure questions. Evidence Layer 5: Finetix Appears As The Connecting Layer The Finetix evidence has now become stronger. First, Finetix’s own website states that it is a Romania-based crypto exchange offering “secure fiat payment gateway services to customers across European jurisdictions.” (finetix.net) Second, Finetix’s Terms of Use identify the counterparty as FINETIX LIMITED S.R.L., registered in Bucharest, Romania, with registered number 51736231. The same terms define digital-asset transactions as purchases or sales of digital assets through its services, including crypto-fiat and fiat-crypto transactions. They further state that Finetix provides a platform to buy digital assets using approved fiat currencies or sell digital assets for supported fiat currencies through partnered payment institutions. (finetix.net) (finetix.net) Third, the Finetix terms state that Finetix acts as principal in each digital-asset transaction, while also relying on partnered payment institutions and third-party providers for wallets and liquidity. (finetix.net) Fourth, FinTelegram’s screenshots show a card payment verification descriptor “Finetix*mexc.com” during a MEXC crypto purchase attempt. Taken together, this supports a strong working hypothesis: Finetix appears to operate as a central EU-facing payment orchestration, merchant-descriptor and settlement bridge for MEXC-related fiat flows. However, FinTelegram should still avoid the overstatement that Finetix is “the operator of MEXC in the EU” unless additional contractual, corporate or regulatory evidence emerges. The stronger formulation is: Finetix appears to be a central contractual and payment gateway layer in the MEXC EU fiat stack. Whether Finetix is also the de facto EU operator of MEXC crypto services remains a key question for regulators and whistleblowers. The Payment Relay Model Based on FinTelegram’s live test, the MEXC EU fiat flow appears to include at least four operating modes: FlowObserved LayerCompliance QuestionOnline bank transferMEXC + OuiTrust / Heuro + Finetix referencesIs a French EMI facilitating MEXC fiat inflows for EU users?Service-provider changeOcean Wave Fintech Pty LtdIs MEXC shifting the contractual service relationship to an Australian former MEXC entity?Bank-transfer crypto purchaseLegend TradingIs a MiCA-authorised Legend entity acting as an on-ramp into MEXC?Card purchaseFinetix*mexc.com descriptorIs Finetix the merchant/payment facilitator for MEXC card purchases? This is the pattern FinTelegram calls the MEXC Payment Relay. It is not simply outsourcing. It looks like a sequential regulatory relay: MEXC remains the user-facing platform, while specialised third parties appear at different points of the fiat transaction chain. Regulatory Assessment The central legal issue is not whether every individual payment provider is regulated somewhere. Heuro may be an EMI. Legend may be MiCA-authorised for specific services. Ocean Wave may be an Australian entity. Finetix may have Romanian corporate status and contractual terms. The question is whether the combined structure enables MEXC to keep serving EU users without MEXC disclosing a MiCA CASP authorisation. From a MiCA perspective, the problematic pattern is: EU resident and national completes MEXC KYC. MEXC allows fiat deposit and crypto purchase flows. The user is routed through multiple payment and crypto gateways. The flow includes a French EMI IBAN, an Australian service-provider switch, a Romanian Finetix layer and an Irish/US Legend gateway. No clear MEXC MiCA-authorised EU legal entity is disclosed in the observed customer journey. No clear wind-down, restriction or no-new-EU-business warning is presented. That is why this case is now more than an “offshore exchange access” issue. It is a regulatory-arbitrage and payment-facilitation issue. FinTelegram Assessment MEXC appears to have built a post-MiCA regulatory relay for EU users. The user enters through MEXC, is KYC-approved as an EU resident, sees EUR bank-transfer and card options, is routed through a French EMI rail, pushed toward Australian and Irish third-party account relationships, and exposed to Finetix-linked payment descriptors — while no MiCA-authorised MEXC entity is disclosed. FinTelegram does not allege, at this stage, that MEXC, Heuro / OuiTrust, Finetix, Ocean Wave and Legend Trading are commonly owned or controlled. Nor does FinTelegram allege that Heuro or Legend have intentionally facilitated regulatory avoidance. The evidence does, however, show that their infrastructure appears in live MEXC fiat flows for an EU user after MiCA Day One. The key question for regulators is therefore: Which entity is responsible for ensuring that a KYC-verified EU resident is not onboarded into MEXC’s crypto services after MiCA Day One without a disclosed MiCA CASP authorisation — MEXC, Finetix, OuiTrust / Heuro, Ocean Wave, Legend Trading, or nobody? Updated Radar Status FinTelegram updates the MEXC case as follows: FieldStatusRadar StatusBlackPrimary Watch TypeActive EU Onboarding WatchAdditional Watch TypesPayment Relay Watch / Jurisdictional Arbitrage Watch / Payment Facilitator Risk Watch / Third-Party Onboarding Watch / MiFID-II Derivatives WatchKey EvidenceEU KYC approval, fiat deposit flow, French Heuro IBAN, Ocean Wave automatic account creation, Legend Trading account application, Finetix*mexc.com descriptorRegulatory FocusMiCA authorisation, payment-facilitator due diligence, reverse solicitation, client disclosures, outsourcing, AML/CFT, data sharing Questions To MEXC FinTelegram invites MEXC and all relevant MEXC-related entities to answer: Which legal entity provides MEXC services to EU users after 1 July 2026? Does any MEXC entity hold a MiCA CASP authorisation in the EEA? If not, why can a KYC-verified EU resident still access fiat deposit and crypto purchase flows? What is the contractual relationship between MEXC and Finetix? What is the contractual relationship between MEXC and Ocean Wave Fintech Pty Ltd? Why does the MEXC flow tell EU users that services will be provided under Australian jurisdiction by Ocean Wave? Why does Ocean Wave’s corporate history include MEXC Australia Pty Ltd and MXC Tech Pty Ltd? What is the role of OuiTrust / Heuro in MEXC EUR deposits? What is the role of Legend Trading in MEXC bank-transfer crypto purchases? Does MEXC consider these services reverse-solicited by EU users? Questions To Finetix FinTelegram invites Finetix Ltd S.R.L. to answer: Is Finetix a contractual partner, payment facilitator, merchant-of-record, liquidity provider or settlement agent for MEXC? Why does a card transaction show the descriptor Finetix*mexc.com? Does Finetix process fiat inflows for MEXC EU users? Has Finetix assessed whether MEXC holds a MiCA CASP authorisation? Does Finetix onboard users directly or indirectly through MEXC? Which payment institutions does Finetix use for MEXC-related EUR flows? Has Finetix notified Romanian or EU regulators of the MEXC relationship? Questions To Heuro / OuiTrust / Harmoniie SAS FinTelegram invites Heuro, OuiTrust and Harmoniie SAS to answer: Does Heuro / OuiTrust provide IBAN, SEPA, e-money or payment services for MEXC-related flows? Is Finetix a client, partner or intermediary of Heuro / OuiTrust? Has Heuro / OuiTrust assessed MEXC’s MiCA authorisation status? Does Heuro / OuiTrust permit its EMI rails to be used for crypto exchange inflows? Does Heuro / OuiTrust consider MEXC-related users to be its customers, Finetix’s customers, MEXC’s customers or someone else’s customers? Has Heuro / OuiTrust notified the ACPR or Banque de France of the MEXC-related flow? Is there any ownership, funding, management or commercial link between Heuro / OuiTrust and MEXC or MEXC-related entities? Questions To Ocean Wave Fintech Pty Ltd FinTelegram invites Ocean Wave Fintech Pty Ltd to answer: What is the relationship between Ocean Wave and MEXC? Why did Ocean Wave previously operate under the names MEXC Australia Pty Ltd and MXC Tech Pty Ltd? Does Ocean Wave provide services to EU users routed through MEXC.com? Does Ocean Wave consider EU users to fall outside the European regulatory framework after accepting the service-provider change? Is Ocean Wave registered with AUSTRAC for digital currency exchange services? Does Ocean Wave conduct its own KYC, AML and sanctions screening, or rely on MEXC? Does Ocean Wave hold or control customer fiat or crypto assets? What happens if a user rejects the service-provider change? Questions To Legend Trading FinTelegram invites Legend Trading and Legend Financial Ireland Limited to answer: Does Legend provide services to MEXC users through embedded MEXC flows? Is MEXC an authorised partner or third-party platform of Legend? Does Legend onboard EU users directly when they initiate a MEXC bank-transfer crypto purchase? Does Legend transfer crypto or fiat liquidity into MEXC wallets or accounts? Has Legend assessed whether MEXC is MiCA-authorised? Does Legend consider its MiCA authorisation to cover transactions initiated through MEXC? Does Legend report MEXC-related activity to the Central Bank of Ireland or other competent authorities? Right Of Reply FinTelegram invites MEXC, MX Global Ltd, MEXC Trading Platform, Finetix Ltd S.R.L., Harmoniie SAS / OuiTrust / Heuro, Ocean Wave Fintech Pty Ltd, Legend Trading, Legend Financial Ireland Limited, Skrill / Paysafe and all relevant payment facilitators, banking partners and legal representatives to provide a factual statement on the MEXC EU fiat deposit and crypto purchase flow, MiCA status, contractual relationships, customer onboarding, payment routing, data sharing, AML/CFT controls and client-asset protection arrangements. Call For Information FinTelegram invites whistleblowers, former employees, compliance officers, payment professionals, EMI staff, banking partners, regulators, developers, customer-support agents, acquirers, PSPs and users with information about MEXC, Finetix, OuiTrust / Heuro, Ocean Wave Fintech, Legend Trading, Skrill / Paysafe, EU fiat rails, MiCA onboarding or payment-routing arrangements to contact FinTelegram via Whistle42. Share Information via Whistle42

Read More

MiCA/MiFID-II Perimeter Radar: MEXC Still Onboards EU Users On MiCA Day One

FinTelegram’s live test on 1 July 2026 indicates that MEXC continues to onboard EU residents, approve advanced KYC, enable crypto deposits and present fiat deposit options despite no disclosed MiCA CASP authorisation. Key Takeaways FinTelegram successfully registered and completed advanced KYC as an EU resident and national on MEXC on 1 July 2026. MEXC emails confirmed identity and address verification and granted a 24-hour withdrawal limit of 200 BTC. The MEXC platform presented fiat deposit options and crypto deposit functionality to the newly verified EU user. FinTelegram observed no prominent MiCA restriction, wind-down notice, operator disclosure or EU regulatory status notice on the tested MEXC onboarding path or in the received emails. MEXC’s own User Agreement does not list EU Member States as prohibited jurisdictions, while MEXC’s country-support page lists several EU countries as available for app distribution. MEXC’s own news portal has carried MiCA content stating that firms without a MiCA licence can no longer legally serve EU users after 1 July 2026. FinTelegram classifies MEXC as Black / Active EU Onboarding Watch under the MiCA/MiFID-II Perimeter Radar. Radar Classification FieldFinTelegram AssessmentPlatformMEXC (Mexc.com)Public legal counterpartyUser Agreement refers to “MEXC Trading Platform”; no clear EU legal entity identified in the tested onboarding flowEU AccessConfirmed by FinTelegram live test on 1 July 2026Advanced KYCConfirmed with EU ID and EU address; screenshots on fileMiCA CASP StatusNo disclosed MiCA CASP authorisation identified by FinTelegramESMA Register StatusESMA publishes authorised CASPs in its Interim MiCA Register; FinTelegram did not identify a disclosed MEXC authorisation in MEXC’s public materialsServices observedAccount opening, advanced KYC, wallet/deposit access, crypto deposits, fiat deposit optionsDerivatives layerMEXC markets futures/derivatives services; potential MiFID-II / CFD relevancePayment rail issueFinetix / OuiTrust / Heuro / third-party fiat rails require enhanced scrutinyPrior regulatory contextSeychelles FSA action; Belgian FSMA order; Paytend licence revoked after AML/CFT failuresRadar StatusBlackWatch TypeActive EU Onboarding Watch / Payment Rails Watch / MiFID-II Derivatives Watch Why This Case Matters This is the third case in FinTelegram’s MiCA/MiFID-II Perimeter Radar after Hyperliquid and Dream Finance / CoinsPaid. Hyperliquid is the on-chain perps perimeter case. Dream Finance / CoinsPaid is the restricted-activity payment-processor case. MEXC is different again: it appears to be the offshore exchange that simply continues as before. Read our MiCA / MiFID II Perimeter Radar reports here. On 1 July 2026 — MiCA Day One — FinTelegram tested MEXC from within the EU as an EU resident and national. The result was striking: registration was possible, advanced KYC was completed, identity and address verification were approved, and the account received a 24-hour withdrawal limit of 200 BTC. Screenshots of the verification emails are on file. The MEXC platform also presented fiat deposit routes and crypto deposit functionality. FinTelegram observed deposit options including bank transfer, debit/credit card, P2P options and third-party providers. According to the tested flow, the bank-transfer route again pointed to the previously reported payment-rail pattern involving the Romanian Finetix and the French OuiTrust / Heuro layer. Screenshots are on file. This is not a theoretical perimeter question. This is active onboarding. MiCA Day One: No Authorisation, No New EU Clients ESMA’s position is clear. After the end of the MiCA transitional period on 1 July 2026, unauthorised CASPs must immediately stop onboarding new EU clients, refrain from opening new client relationships or accounts, cease marketing and solicitation, and limit services to actions necessary to sell, transfer, reallocate or close positions. Custody may continue only for the period strictly necessary to complete an orderly exit. ESMA also reminds non-EU CASPs that they cannot provide MiCA services to EU clients or solicit EU clients, except under the narrow reverse-solicitation regime. Clients of unauthorised CASPs do not benefit from MiCA safeguards, including protections for client assets. That makes the FinTelegram test highly relevant. If a new EU user can register, complete KYC and access deposit functionality on 1 July 2026, this is not wind-down. It looks like onboarding. Read our MEXC reports here. The Irony: MEXC Publishes MiCA Warnings While Continuing EU Access MEXC’s own news portal has carried several MiCA-related articles. One MEXC article states that MiCA becomes fully enforceable across the EU on 1 July 2026 and that crypto firms without a MiCA licence can no longer legally serve EU users. Another MEXC-hosted article says that all crypto firms offering services within the EU must obtain a CASP licence by 1 July 2026 and that, after the deadline, unlicensed companies are legally required to cease operations in the bloc. A further MEXC-hosted ESMA-warning article states that unlicensed platforms must begin winding down, communicate with customers and that users should verify legal status in ESMA’s MiCA register. In other words, MEXC’s news desk appears to understand MiCA. The onboarding engine apparently did not get the memo. The Missing EU Restriction MEXC’s User Agreement lists prohibited jurisdictions as North Korea, Cuba, Sudan, Iran, Mainland China, Singapore, the United States, the United Kingdom, Hong Kong, Russian-controlled regions of Ukraine and Canada. EU Member States are not listed in that prohibited-jurisdiction clause. The same User Agreement states that the agreement is concluded with “MEXC Trading Platform” and that services may be provided by MEXC or affiliated companies, but the reviewed text does not provide a clear EU-authorised legal entity. The User Agreement also places responsibility on users to inform themselves about restrictions in the country from which MEXC is accessed, while MEXC reserves the right to impose additional restrictions at its discretion. That is not a MiCA compliance framework. It is a liability-shifting framework. MEXC’s app-support page also lists several EU Member States — including Belgium, Bulgaria, Croatia, Cyprus, Czechia and Denmark — as available on App Store and Google Play. App-store availability is not the same as regulatory authorisation, but it reinforces the absence of a clear EU access block. The Legal-Entity Problem MEXC’s legal structure remains opaque. Its User Agreement names “MEXC Trading Platform,” not a clearly identified EU-authorised corporate entity. The global licensing picture is not reassuring. The Seychelles FSA issued a public statement in May 2025 stating that MEXC Global Ltd had been struck off and automatically dissolved, and that it had never held authorisation under the Seychelles VASP Act. More recently, the Seychelles FSA stated that it had identified MX Global Ltd as the entity operating the MEXC platform without the required licence under the Seychelles VASP Act. The FSA said MX Global Ltd had never been issued any licence or authorisation to conduct virtual asset activities in or from Seychelles and that no licensing application had been received from the company or any other applicant affiliated with the MEXC platform. This matters for MiCA. A platform serving EU users must be able to identify the authorised legal entity, the competent authority, the scope of services and the passporting status. MEXC does not appear to do that in the tested EU onboarding journey. The Belgian Warning: MEXC Was Already On The EU Radar MEXC was already in regulatory trouble in Belgium. In July 2024, the Belgian FSMA ordered Mexc Global LTD to cease providing custodian wallet services in Belgium and to cease distributing to Belgian retail clients financial products whose return depends directly or indirectly on virtual money. The FSMA stated that Mexc Global LTD was offering such services from the Seychelles in breach of Belgian law. This is highly relevant to the MiCA/MiFID-II Radar. MEXC is not only a spot exchange. Its platform prominently includes futures and derivatives-related offerings, and its User Agreement expressly refers to risks associated with transactions in digital assets and their derivatives. For EU retail users, this creates a dual perimeter problem: MiCA for crypto-asset services such as trading, custody, exchange and transfer services. MiFID II / CFD product-intervention rules for futures, derivatives or financial products linked to crypto-assets. The Belgian FSMA order already anticipated this problem before MiCA Day One. The Payment-Rail Problem: Finetix, OuiTrust / Heuro And The EMI Layer FinTelegram has previously reported on MEXC’s EU fiat rails, including the Romanian Finetix Ltd S.R.L., the French OuiTrust / Heuro layer, and earlier Lithuanian Paytend Europe UAB routes. FinTelegram’s February 2026 report described a “Euro-Asian shadow rail” in which SEPA Instant transactions were processed through HEURO SAS, doing business as OuiTrust, and Finetix Ltd S.R.L., while standard SEPA transfers previously involved Paytend Europe UAB with Finetix acting as named payee. OuiTrust’s own legal materials state that OuiTrust is the commercial name of Harmoniie SAS, registered in Paris, and that Harmoniie SAS is an electronic money institution authorised by the French ACPR under licence No. 17478. Read our OuiTrust reports here. That EMI status does not make MEXC MiCA-authorised. A French EMI may be authorised for payment services or e-money services, but it cannot launder the regulatory status of an unauthorised crypto exchange. If an EMI facilitates fiat inflows for a non-MiCA-authorised CASP that actively onboards EU users after 1 July 2026, the EMI’s own AML, outsourcing, merchant-risk and governance framework becomes a legitimate supervisory question. Paytend: The Previous Rail Failure The payment-rail risk is not hypothetical. The Bank of Lithuania revoked the licence of Paytend Europe UAB after identifying serious and systematic violations related to business-relationship monitoring, transaction monitoring, AML/CFT risk management and internal controls. The central bank also stated that Paytend had provided incorrect information about its business relationship with a high-risk customer. FinTelegram had previously reported that Paytend was part of MEXC’s European payment-rail infrastructure and that Paytend’s continued facilitation of MEXC-related Euro deposits raised compliance and governance concerns. The lesson for current payment facilitators is obvious: supporting an offshore crypto exchange without clear MiCA authorisation is not merely a technical payment-processing relationship. It is a regulatory-risk transmission channel. FinTelegram Evidence Box FinTelegram’s 1 July 2026 live test produced the following evidence, with screenshots on file: EvidenceObservationRegistrationEU resident and national could register on MEXCAdvanced KYCEU ID and EU address were submitted and approvedVerification emailMEXC confirmed identity verification and a 200 BTC 24-hour withdrawal limitAddress verification emailMEXC confirmed approval of address verificationEmail footerMEXC emails included links such as Support, Markets and Trade FuturesFiat deposit screenMEXC presented fiat deposit options, including bank transfer, card, P2P and third-party providersCrypto depositsUSDT and other crypto deposits appeared availableMiCA noticeNo prominent MiCA authorisation, restriction or wind-down notice observed in the tested flowLegal entity disclosureNo clear EU-authorised operator identified in the tested flow FinTelegram Assessment MEXC is no longer just a perimeter case. On MiCA Day One, MEXC appears to be an active EU onboarding case. The regulatory contradiction is stark. MEXC’s public content acknowledges that MiCA requires authorisation for EU services after 1 July 2026. ESMA says unauthorised CASPs must immediately stop onboarding new EU clients. Yet FinTelegram’s live test indicates that MEXC accepted a new EU user, approved advanced KYC, enabled account functionality and presented deposit options. This is the reason FinTelegram classifies MEXC as: Radar Status: BlackWatch Type: Active EU Onboarding Watch / Payment Rails Watch / MiFID-II Derivatives Watch The key compliance conclusion: If a non-MiCA-authorised offshore exchange accepts a new EU customer, verifies EU identity and address, and enables deposits on 1 July 2026, this is not orderly wind-down. It is apparent continuation of EU-facing crypto services. The payment-rail layer makes the case even more serious. Any regulated EMI, PSP, agent, processor or banking partner facilitating fiat inflows to MEXC after MiCA Day One should be expected to demonstrate enhanced due diligence, legal-perimeter analysis and senior-management accountability. Questions To MEXC FinTelegram invites MEXC and all relevant operators, affiliated companies and legal representatives to answer the following questions: Which legal entity operates MEXC for EU users? Does any MEXC-related entity hold a MiCA CASP authorisation in the EEA? If yes, which competent authority issued it and for which services? If no, why were new EU users able to register and complete advanced KYC on 1 July 2026? Why did MEXC approve an EU resident and national for a 200 BTC daily withdrawal limit on MiCA Day One? Why were fiat and crypto deposit options displayed to a newly verified EU user? Does MEXC consider its EU access to be based on reverse solicitation? Has MEXC implemented any EU wind-down or migration plan? Why does MEXC’s User Agreement not clearly identify a MiCA-authorised EU legal entity? Are futures, perpetuals or derivatives available to EU users after 1 July 2026? Questions To Payment Facilitators FinTelegram invites Finetix, OuiTrust / Heuro, MoonPay, Mercuryo, Banxa, relevant card acquirers, banking partners and other payment facilitators connected to MEXC deposit flows to answer: Are you currently facilitating fiat deposits or withdrawals for MEXC users in the EEA? Which legal entity is your contractual counterparty? Have you verified MEXC’s MiCA CASP authorisation status? Have you conducted a post-1 July 2026 legal-perimeter assessment? Do you accept MEXC-related flows for newly onboarded EU users? What AML/CFT and sanctions controls apply to MEXC-related flows? Have you notified your competent authority of the relationship? How do you ensure that EMI or payment-service authorisation is not used to facilitate unauthorised crypto-asset services? Right Of Reply FinTelegram invites MEXC, MX Global Ltd, MEXC Global Ltd, MEXC Trading Platform, Finetix Ltd S.R.L., OuiTrust / Heuro / Harmoniie SAS, MoonPay, Mercuryo, Banxa, Legend Trading and all relevant representatives to provide a factual statement on MiCA status, EU onboarding, legal-entity responsibility, payment-rail relationships, derivative products, KYC controls, wind-down arrangements and client-asset safeguarding. Call For Information FinTelegram invites current and former employees, users, compliance officers, payment processors, EMIs, PSPs, acquirers, banking partners, regulators, market makers, affiliates and insiders with information about MEXC, Finetix, OuiTrust / Heuro, Paytend, Legend Trading, EU fiat rails, crypto deposits, derivatives access or MiCA Day One onboarding to contact FinTelegram via Whistle42. Share Information via Whistle42

Read More

MiCA/MiFID-II Perimeter Radar: Dream Finance, CoinsPaid And CryptoProcessing Enter The Restricted-Activity Zone

Dream Finance OÜ, the Estonian operator behind CryptoProcessing and CoinsPaid, says its MiCA CASP application remains under review. The group has restricted active operations — but the disclosure gap between CryptoProcessing and CoinsPaid raises fresh compliance questions. Key Takeaways Dream Finance OÜ confirms that its MiCA CASP authorisation application in Estonia remains under review and that no final licensing decision has been issued. The company says it has restricted active activities: no new clients, no new accounts, no new client agreements, no expansion of services and no active marketing of regulated services. Dream Finance UAB in Lithuania is disclosed as having temporarily suspended all crypto-asset related services. CryptoProcessing pages now include MiCA restriction language, while the public CoinsPaid homepage reviewed by FinTelegram does not appear to display a comparable MiCA wind-down or restriction notice. FinTelegram classifies the case as Red / Restricted Activity Watch under its MiCA/MiFID-II Perimeter Radar. Radar Classification FieldFinTelegram AssessmentLegal EntityDream Finance OÜ, Estonia; Dream Finance UAB, Lithuania; Dream Finance US LLC; Dream Finance Processing Inc.BrandsCoinsPaid, CryptoProcessingMiCA CASP StatusApplication pending in Estonia; no final decision disclosedLegacy LicenceEstonian FVT000166 still referenced on CryptoProcessing pagesEU AccessRestricted according to CryptoProcessing disclosures; public-facing sales funnels require monitoringLithuaniaDream Finance UAB disclosed as temporarily suspendedMiFID-II RelevanceLow based on disclosed payment/crypto-processing model; MiCA/CASP relevance is highPayment-Rail RiskHigh — crypto payments, fiat conversion, merchant settlement, iGaming verticalDisclosure GapCryptoProcessing carries restriction language; CoinsPaid homepage reviewed by FinTelegram does not appear to carry equivalent prominent noticeRadar StatusRed / Restricted Activity Watch Why This Case Matters This is the second case in FinTelegram’s MiCA/MiFID-II Perimeter Radar after Hyperliquid. Hyperliquid is the on-chain perps and DeFi perimeter case. Dream Finance is different. It is the crypto payment-rail case. Read our Hyperliquid MiCA / MiFID II Perimeter Analysis here. The Dream Finance group matters because it sits at the intersection of crypto payments, merchant processing, crypto-to-fiat conversion, wallet infrastructure, OTC/exchange services and high-risk industries such as iGaming, Forex and cross-border e-commerce. CryptoProcessing’s own website presents itself as a crypto payment processor that allows merchants to accept and exchange Bitcoin, stablecoins and more than 20 cryptocurrencies, and invites businesses to request a demo. This is precisely the type of business model that MiCA was designed to bring into a harmonised EU authorisation regime. MiCA Day One: Pending Is Not Authorised On 1 July 2026, the Estonian transitional period ended. Estonia’s Finantsinspektsioon and Financial Intelligence Unit made the position clear: companies without authorisation by 1 July must cease or limit their activities, may not accept new clients, may not open new accounts and may not actively market services to EEA clients. Estonia also stated that only Lightspark Payments Europe AS had so far received a CASP authorisation from Finantsinspektsioon, while other providers may operate cross-border only if authorised in another EEA state. ESMA’s EU-wide statement is equally clear. Unauthorised CASPs must immediately stop onboarding new EU clients, refrain from opening new accounts, cease marketing and solicitation, and limit services to what is necessary to sell, transfer, reallocate or close positions. Custody may continue only for the period strictly necessary for an orderly exit. That is the regulatory frame for Dream Finance. A pending application is not a MiCA authorisation. It may support the company’s explanation of why it is in a restricted transitional posture, but it does not create market access. Dream Finance OÜ: Application Pending, Activities Restricted CryptoProcessing published a company update on 30 June 2026 stating that Dream Finance OÜ had submitted an application to Finantsinspektsioon for authorisation as a CASP under MiCA. The company disclosed that the application remains under review, that no licensing decision has been issued and that the authorisation status remains subject to the regulator’s final determination. The update further states that Dream Finance OÜ has restricted its active activities pending the outcome of the application. According to the company, it does not onboard new clients, open new accounts, enter into new client agreements, expand the scope of services provided to existing clients or actively market regulated services to clients in the EEA or elsewhere. That is an important admission. In MiCA terms, Dream Finance is no longer presenting itself as fully authorised for new EU business. It is presenting itself as an applicant in a restricted-activity phase. CryptoProcessing also says existing clients may request withdrawal or transfer of assets or terminate their contractual relationship, and that client assets remain segregated from the company’s own assets under applicable safeguarding arrangements. The Legacy Licence Problem: FVT000166 CryptoProcessing’s Legal Hub still lists Dream Finance OÜ with Estonian company number 14783543, VAT number EE102212301 and Licence No. FVT000166. That licence was a legacy Estonian virtual-currency service-provider authorisation. It is not, by itself, a MiCA CASP authorisation after 1 July 2026. This is not a semantic issue. It is the core of the new EU regime. The ESMA Interim MiCA Register consists of CSV files including authorised crypto-asset service providers and non-compliant entities, and ESMA states that the register is updated and republished at regular intervals. ESMA’s MiCA page shows the latest listed update as 26 June 2026 and explains that the register data is provided by national competent authorities. The practical compliance question is therefore simple: Does Dream Finance OÜ have a MiCA CASP authorisation — or only a pending application and a legacy Estonian FVT licence? Based on Dream Finance’s own disclosure, the answer as of publication is: application pending, no final decision disclosed. Follow our MiCA MiFID II Perimeter Radar here. Lithuania: Dream Finance UAB Suspended The Legal Hub also lists Dream Finance UAB in Lithuania. Its important notice states that the Lithuanian entity has temporarily suspended all crypto-asset related services, including onboarding of new clients, execution of transactions and conclusion of new agreements. It further states that the website is maintained solely for mandatory legal information, regulatory disclosures and contact details for former clients, counterparties and competent authorities. This is significant because Lithuania was one of the EU’s busiest crypto registration hubs before MiCA. For Dream Finance, Lithuania appears to have moved from operational base to suspended entity. Estonia then became the critical MiCA licensing gate. The Multi-Entity Structure CryptoProcessing’s contact page states that the CoinsPaid and CryptoProcessing brands are operated by Dream Finance OÜ and lists other group entities: Dream Finance UAB in Lithuania, Dream Finance US LLC in Delaware with a FinCEN MSB registration number, and Dream Finance Processing Inc. in Canada with a FINTRAC MSB registration number. The same page contains a footer notice stating that Dream Finance OÜ’s CASP application remains under review by EFSA/Finantsinspektsioon and that the company has restricted its activities pending a final decision. It also states that references to Dream Finance OÜ products or services are informational only and do not constitute an offer, solicitation or invitation to obtain regulated services. This multi-entity structure is precisely why the MiCA Radar approach is necessary. MiCA authorises specific legal entities for specific services. A brand is not authorised. A US MSB registration is not a MiCA authorisation. A Canadian MSB registration is not a MiCA authorisation. A legacy Estonian FVT licence is no longer enough for new EU crypto-asset services. The CoinsPaid Disclosure Gap The disclosure picture becomes more interesting when comparing CryptoProcessing and CoinsPaid. The CryptoProcessing ecosystem now carries MiCA application and restriction language on several pages, including the company update, contact page and footer disclosures. The public CoinsPaid homepage reviewed by FinTelegram, however, presents the group as blockchain-based payment infrastructure for global commerce, highlights the Coinspaid ecosystem, and includes calls to action such as “Book a call,” “Get in touch,” “Become a partner” and “Book a free demo with an expert.” The reviewed page did not show a comparable prominent MiCA application, restriction or wind-down notice in the parsed website content. FinTelegram does not claim that CoinsPaid is actively onboarding EU clients through that page. But the discrepancy matters. Where one brand page says activities are restricted and another brand page continues to present a commercial sales funnel without a similarly visible MiCA restriction notice, compliance teams should ask whether the restriction is implemented consistently across the entire group. The issue is not just legal wording. It is user journey, merchant funnel, affiliate funnel and actual onboarding control. Why The Merchant-Rail Layer Is High Risk CryptoProcessing’s website explicitly targets merchant categories including travel, real estate, marketing, e-commerce, luxury goods, Forex and iGaming & Gambling. It also states that customers pay in crypto, the processor can convert it to fiat and send funds to the merchant’s bank account. That business model may involve several MiCA-relevant services: exchange of crypto-assets for funds, exchange of crypto-assets for other crypto-assets, transfer services, custody or safeguarding of crypto-assets, wallet infrastructure, and potentially operation of payment and settlement workflows. For high-risk merchants, the compliance questions multiply. Crypto payment rails used by iGaming, Forex or offshore e-commerce merchants can create elevated AML, sanctions, chargeback-substitution, source-of-funds, consumer-protection and regulatory-arbitrage risks. From 1 July 2026, any such EU-facing payment rail must be tested against the new MiCA authorisation perimeter. Recent Governance Signal: MiCA Licensing Specialist On Board On 23 June 2026, CryptoProcessing announced that Jelena Zolotenko had joined the Management Board of Dream Finance OÜ. The announcement highlighted her background in risk management, compliance and AML, and stated that her focus would be MiCA, including driving the application process through to approval. This suggests that Dream Finance understood the seriousness of the MiCA licensing challenge. But the timing is notable. A board-level MiCA licensing appointment days before the transition deadline does not change the current regulatory status. It may improve the application path, but it does not convert “pending” into “authorised.” FinTelegram Assessment Dream Finance is not an offshore-only mystery platform. It is a visible European crypto payment group that has now publicly acknowledged the decisive MiCA fact: its Estonian CASP application remains under review, and active activities have been restricted. That is a materially better disclosure posture than pretending that a legacy licence is still enough. However, the case remains a Red Radar issue because: The group does not disclose a final MiCA CASP authorisation. The Estonian legacy licence FVT000166 is still visible on CryptoProcessing pages. The Lithuanian entity has suspended crypto-asset services. The group’s business model covers crypto payments, exchange, wallet and merchant settlement functions. The public CoinsPaid homepage reviewed by FinTelegram does not appear to carry the same prominent MiCA restriction notice as CryptoProcessing. The group targets or historically targeted high-risk merchant verticals including iGaming, Forex and global e-commerce. FinTelegram’s conclusion: Dream Finance has entered the MiCA restricted-activity zone. Until Finantsinspektsioon grants a CASP authorisation, the group should be treated as a pending applicant, not as an authorised EU crypto-asset service provider. Right Of Reply FinTelegram invites Dream Finance OÜ, Dream Finance UAB, Dream Finance US LLC, Dream Finance Processing Inc., CoinsPaid, CryptoProcessing, Max Krupyshev, Jelena Zolotenko and all relevant representatives to provide a factual statement on MiCA authorisation status, restricted activities, EU client handling, merchant onboarding, safeguarding arrangements and the disclosure gap between CryptoProcessing and CoinsPaid. Call For Information FinTelegram invites current and former employees, compliance officers, merchants, PSPs, banks, acquirers, casino operators, regulators, lawyers and insiders with information about Dream Finance, CoinsPaid, CryptoProcessing, MiCA applications, merchant onboarding, iGaming payment rails or post-MiCA wind-down practices to contact FinTelegram via Whistle42. Share Information via Whistle42

Read More

MiCA Day One: FinTelegram Launches The MiCA/MiFID-II Perimeter Radar

Tracking crypto platforms, DeFi protocols, payment processors and trading venues that may fall inside the EU regulatory perimeter after 1 July 2026. Key Takeaways From 1 July 2026, the EU’s MiCA transitional period ends across the European Economic Area. Legacy national VASP registrations are no longer sufficient for EU-facing crypto-asset services. Unauthorised CASPs must stop onboarding new EU clients, stop opening new accounts and stop active EU marketing. Perpetual futures and similar leveraged crypto derivatives may fall under MiFID II and CFD product-intervention rules, not merely MiCA. FinTelegram is launching a MiCA/MiFID-II Perimeter Radar to monitor crypto firms, DeFi protocols, payment processors and trading venues active at the EU regulatory boundary. The New EU Crypto Test: Authorisation, Wind-Down Or Regulatory Breach On 1 July 2026, Europe’s crypto market enters its hard-regulated phase. MiCA’s transitional period ends across the European Economic Area, and the old crypto-registration era is over. The new test is simple, at least for centralised crypto firms: where is your MiCA CASP authorisation? ESMA has made the post-transition position clear. Unauthorised crypto-asset service providers must act diligently and protect clients; non-EU CASPs cannot provide MiCA services to EU clients or solicit EU clients; clients of unauthorised providers do not benefit from MiCA safeguards, including protections for client assets. ESMA also invites clients to verify whether their provider is authorised under MiCA in the ESMA Register and to act promptly if this is not the case. This is not only a licensing event. It is a market-access event. Why FinTelegram Is Launching The Radar For years, crypto firms operated through a patchwork of national VASP registrations, offshore entities, payment affiliates, wallet interfaces, custody providers and “technology” companies. Some had strong compliance structures. Many did not. Some used national AML registrations as quasi-passports. Others relied on offshore entities while still serving EU customers through web interfaces, apps, APIs, affiliates, influencers or merchant-processing rails. That era is now being tested. FinTelegram is therefore launching the MiCA/MiFID-II Perimeter Radar — a recurring investigative compliance format tracking crypto platforms and related infrastructures that may fall within the EU regulatory perimeter after 1 July 2026. The Radar will focus not only on classical exchanges such as Binance, MEXC, OKX, Bybit, Bitget or KuCoin, but also on crypto payment processors such as CoinsPaid/CryptoProcessing, DeFi trading protocols, DEX frontends, wallet-integrated trading services, token-listing venues, crypto casino payment rails and on-chain derivatives platforms. Read our Hyperliquid Perimeter Radar Analysis here. The Radar Methodology Each case will be assessed under a consistent framework: Radar FieldKey QuestionLegal EntityWhich legal entity is responsible for EU-facing services?EU AccessCan EU users access the service via website, app, API, wallet or third-party frontend?MiCA StatusIs there a disclosed MiCA CASP authorisation?PassportingHas the authorised entity passported services across the EEA?Service ScopeDoes the service include custody, exchange, trading-platform operation, transfer, placement or advice?MiFID-II LayerAre there perps, leverage, CFDs, options, futures or other derivative-like products?Reverse SolicitationIs EU access genuinely client-initiated, or is there active solicitation?Frontend / InterfaceWho controls the interface, API, listings, order routing and user access?Custody / ControlWho controls wallets, collateral, liquidations, client assets or settlement mechanics?DisclosureAre users clearly informed about EU regulatory status, restrictions and risks? Each Radar case will receive a FinTelegram classification: ClassificationMeaningGreenAuthorisation status disclosed and verifiableAmberUnclear perimeter, pending authorisation or partial restrictionsRedEU access plus no disclosed authorisation or unclear regulatory frameworkBlackActive EU onboarding/marketing despite no authorisation or prior warnings MiCA Is Not The Whole Story: The MiFID-II Layer The Radar will not stop at MiCA. Many of the most important crypto products are not simply “crypto-assets” under MiCA. They may be financial instruments or derivatives under MiFID II. This is especially important for perpetual futures, leveraged synthetic products and crypto CFDs. ESMA warned in February 2026 that products marketed as perpetual futures or perpetual contracts may provide leveraged exposure to underlying values, including crypto-assets, and are likely to fall within the scope of national CFD product-intervention measures where they meet the CFD definition. Those measures include leverage limits, mandatory risk warnings, margin close-out, negative balance protection and restrictions on monetary and non-monetary incentives. ESMA’s guidelines on the conditions and criteria for qualifying crypto-assets as financial instruments also stress a substance-over-form approach and technological neutrality: similar activities and assets should be subject to the same rules regardless of their technological form. That is why FinTelegram calls this the MiCA/MiFID-II Perimeter Radar — not merely the MiCA Radar. The DeFi Defence: Narrow, Not Automatic Many on-chain projects will argue that MiCA does not apply because they are decentralised, non-custodial or protocol-based. MiCA does contain a decentralisation carve-out: where crypto-asset services are provided in a fully decentralised manner without any intermediary, they should not fall within the scope of the Regulation. But this is a narrow exception, not a magic formula. If there is a website, app, brand, team, foundation, frontend operator, listing process, API layer, fee structure, governance mechanism, referral system, market-maker arrangement or identifiable control point, the analysis becomes more difficult. The Radar will therefore ask a practical question: When does a “protocol” become a regulated service? The First Radar Cases FinTelegram’s first watchlist will include the following categories: On-chain perps platforms — Hyperliquid and similar infrastructures. Offshore exchanges — MEXC, Binance global structures and comparable venues. Crypto payment processors — CoinsPaid, CryptoProcessing, Dream Finance and merchant rails. EU-branded exchange groups — firms claiming or implying EU access via complex group structures. Wallet-integrated trading services — wallets offering swaps, perps or routed trading. DEX frontends and aggregators — interface versus protocol perimeter. Crypto casino payment rails — CASP, gambling, AML and payment-risk overlap. Token-listing venues and launch platforms — admission-to-trading and market-integrity risks. Follow our MiCA / MiFID II Perimeter Radar FinTelegram Assessment MiCA Day One is not the end of the crypto story in Europe. It is the beginning of a new enforcement phase. For serious firms, MiCA provides legal certainty, passporting and a regulatory framework for growth. For weakly governed structures, offshore platforms, nominal EU shells, legacy VASP operators and “protocol-only” narratives with centralised control points, MiCA creates a cliff. From 1 July 2026, FinTelegram’s core question will be: Who provides the service, to whom, from where, through which legal entity, under which authorisation — and with what protection for clients? The Radar will not declare firms illegal merely because their structure is complex. But it will identify regulatory perimeter risks, request clarification, and monitor whether EU clients are being served without an appropriate MiCA, MiFID-II or other financial-services framework. Right Of Reply FinTelegram invites all firms, protocols, foundations, trading venues, wallet providers, payment processors and service providers included in the MiCA/MiFID-II Perimeter Radar to provide factual statements on their authorisation status, legal-entity structure, EU client access, passporting arrangements, reverse-solicitation position, wind-down measures and client-asset protection framework. Call For Information FinTelegram invites current and former employees, developers, compliance officers, market makers, affiliates, payment processors, lawyers, regulators, users and insiders with information about EU-facing crypto platforms, DeFi protocols, payment processors, casino payment rails or post-MiCA wind-down practices to contact FinTelegram via Whistle42. Share Information via Whistle42

Read More

MiCA/MiFID-II Perimeter Radar: Hyperliquid And The EU’s On-Chain Perps Problem

Hyperliquid may become one of the most important post-MiCA perimeter cases in Europe: spot trading raises MiCA questions, while perpetual futures may trigger MiFID-II derivatives concerns. Key Takeaways Hyperliquid is a leading on-chain trading ecosystem combining spot markets and perpetual futures. Its spot layer may raise MiCA CASP questions if EU users are served through an identifiable interface, operator or intermediary. Its perpetual futures layer is potentially even more sensitive because perps may fall under MiFID II and CFD product-intervention rules. MiCA’s decentralisation carve-out is narrow and applies only where services are provided in a fully decentralised manner without any intermediary. FinTelegram classifies Hyperliquid as Red / Perimeter Watch pending clarification of EU access, legal-entity responsibility, MiCA status and MiFID-II framework. Why Hyperliquid Is The First Radar Case As MiCA’s transitional period ends on 1 July 2026, most compliance attention is focused on centralised exchanges and legacy VASP operators. But the harder question is not Binance or MEXC. The harder question is Hyperliquid. Hyperliquid is not simply a classical crypto exchange. It is an on-chain trading ecosystem with spot markets, perpetual futures, wallet-based access, API infrastructure and a strong DeFi narrative. That combination makes it a prime test case for the EU regulatory perimeter after MiCA Day One. The issue is not whether Hyperliquid is innovative. It clearly is. The issue is whether innovation changes the regulatory analysis when EU users can access spot trading and leveraged perpetual futures through a recognisable ecosystem. Follow our MiCA / MiFID II Perimeter Radar Radar Classification FieldFinTelegram AssessmentEntityTo be clarifiedEU AccessTo be tested and monitored after 1 July 2026MiCA CASP StatusNo disclosed MiCA CASP authorisation identified by FinTelegram as of publicationSpot LayerPotential MiCA CASP perimeter issuePerps LayerHigh MiFID-II / CFD relevanceDeFi DefencePossible, but not conclusiveRetail Investor RiskHighRadar StatusRed / Perimeter Watch MiCA Day One: The Authorisation Test ESMA has made clear that clients of unauthorised CASPs, whether EU or non-EU entities, do not benefit from MiCA safeguards, including protections for client assets. ESMA also reminds non-EU CASPs that they cannot provide MiCA services to EU clients or solicit EU clients, including in a business-to-business context. The official ESMA Interim MiCA Register contains a file for authorised crypto-asset service providers and a file for non-compliant entities. The register is updated weekly, with the latest version on ESMA’s MiCA page dated 26 June 2026. For centralised exchanges, the question is therefore straightforward: is the relevant legal entity authorised as a CASP, and for which services? For Hyperliquid, the question is more complex: is there a regulated service provider at all — and if yes, who is it? The DeFi Defence: Protocol Or Service? MiCA contains a decentralisation carve-out. Where crypto-asset services are provided in a fully decentralised manner without any intermediary, they should not fall within the scope of the Regulation. That is the likely defence for many on-chain protocols. But it is not an automatic shield. If there is an official interface, a brand, documentation, API infrastructure, referral structure, fee layer, governance mechanism, listing process, front-end control or a foundation-like coordination structure, regulators may ask whether the service is really provided in a fully decentralised manner without any intermediary. For Hyperliquid, the key perimeter question is therefore: Does the user interact only with neutral, permissionless code — or with an organised trading venue delivered through identifiable control points? The Spot Layer: MiCA Questions Hyperliquid’s spot layer may raise MiCA questions if EU users can access crypto-asset trading through a frontend or interface controlled, operated or materially influenced by identifiable persons or entities. Under MiCA, relevant crypto-asset services can include custody and administration of crypto-assets, operation of a trading platform for crypto-assets, exchange of crypto-assets for funds, exchange of crypto-assets for other crypto-assets, execution of orders, placing of crypto-assets, transfer services and related advice or portfolio management. A protocol may not need a licence merely because smart contracts exist. But a service provider that operates or controls an interface, facilitates trading, controls listing access, maintains order-book infrastructure or actively serves EU users may face a different analysis. For FinTelegram, the spot-layer questions are: Which legal entity, if any, is responsible for the EU-facing Hyperliquid interface? Is any Hyperliquid-related entity authorised as a MiCA CASP? Is the spot trading layer offered to EU users after 1 July 2026? Are new EU users able to connect wallets and trade? Are EU users informed that the service is not MiCA-authorised, if no authorisation exists? Does Hyperliquid rely on reverse solicitation, full decentralisation, or another perimeter argument? The Perps Layer: The MiFID-II Problem The more difficult issue is Hyperliquid’s perpetual futures layer. Hyperliquid’s own documentation describes its contract type as linear perpetual with one unit of the underlying spot asset, and states that its contract specifications include no address-specific restrictions. Hyperliquid’s funding documentation further explains that funding rates for crypto perpetual contracts are used to keep the contract price close to the underlying asset price, that payments are made between long and short sides, and that funding on Hyperliquid is designed to closely match the process used by centralised perpetual exchanges. This is highly relevant for EU regulation. ESMA warned in February 2026 that derivatives marketed as perpetual futures or perpetual contracts may provide leveraged exposure to underlying values, including crypto-assets, and are likely to fall within the scope of CFD product-intervention measures where they meet the CFD definition. ESMA’s guidelines on crypto-assets as financial instruments also emphasise a substance-over-form approach and technological neutrality. Crypto-assets or arrangements that provide synthetic exposure, performance-linked returns or future-value exposure may require assessment under MiFID II. The FinTelegram conclusion is therefore straightforward: MiCA may govern the crypto-service layer. MiFID II may govern the derivatives layer. Hyperliquid potentially sits in both conversations. The EU Access Test The decisive practical question after 1 July 2026 is access. FinTelegram will monitor whether EU users can: access the official Hyperliquid interface from EU IP addresses; connect a wallet from the EU; trade spot crypto-assets; open or maintain perpetual futures positions; use leverage or margin; interact through APIs or third-party frontends; avoid KYC or jurisdiction controls; receive referral incentives or fee rebates; access EU-facing community, influencer or marketing channels. Reverse solicitation is not a mass-market business model. If EU users are systematically enabled, targeted, referred, incentivised or supported, a mere disclaimer may not be enough. Why This Matters For Retail Investors The risk is not theoretical. Perpetual futures are complex, leveraged instruments. They can generate rapid losses, liquidation events and margin stress. If such products are accessed by EU retail users outside an authorised MiFID-II or CFD-compliant framework, investor-protection concerns become obvious. ESMA’s February 2026 warning is therefore important: where perpetual futures meet the CFD definition, firms must consider CFD product-intervention requirements including leverage limits, mandatory risk warnings, margin close-out, negative balance protection and restrictions on incentives. The on-chain format does not remove the economic substance of the product. Questions To Hyperliquid FinTelegram invites Hyperliquid, the Hyper Foundation, relevant contributors, frontend operators and ecosystem representatives to answer the following questions: Which legal entity, if any, is responsible for the Hyperliquid frontend, API and EU-facing user access? Does any Hyperliquid-related entity hold a MiCA CASP authorisation in the EEA? Does Hyperliquid consider its spot trading infrastructure outside MiCA because it is fully decentralised without an intermediary? Does Hyperliquid consider its perpetual futures outside MiFID II and CFD product-intervention rules? If so, why? Are EU users blocked, restricted or allowed to trade after 1 July 2026? Are new EU users able to connect wallets and trade spot or perps through the official interface? What controls prevent EU retail users from accessing leveraged perpetual futures? Who controls listings, margin rules, funding mechanics, liquidation logic, risk parameters and frontend access? Are third-party frontends or APIs used to provide access to EU users? Does Hyperliquid rely on reverse solicitation for EU users? FinTelegram Assessment Hyperliquid is not merely a DeFi success story. From an EU regulatory perspective, it may become one of the most important post-MiCA perimeter cases. Its spot layer may raise MiCA CASP questions. Its perpetual futures layer may raise MiFID-II and CFD product-intervention questions. Its DeFi narrative may be relevant, but only if the service is truly provided in a fully decentralised manner without any intermediary. FinTelegram does not allege that Hyperliquid is unlawful. We classify it as a Red / Perimeter Watch case because the combination of EU accessibility, on-chain spot markets, perpetual futures, leverage exposure and unclear authorisation framework deserves close regulatory scrutiny. The key question for Europe is no longer whether a product is “centralised” or “decentralised.” The key question is: Who provides the service, who controls the access layer, and who protects the EU user? Right Of Reply FinTelegram invites Hyperliquid, the Hyper Foundation, frontend operators, contributors, market makers, ecosystem developers and legal representatives to provide a factual statement on MiCA status, MiFID-II analysis, EU user access, jurisdiction controls, legal-entity responsibility and investor-protection measures. Call For Information FinTelegram invites users, developers, market makers, former contributors, compliance officers, regulators, lawyers and insiders with information about Hyperliquid’s EU access, frontend controls, referral structures, API use, market-maker arrangements, legal entities or regulatory analysis to contact FinTelegram via Whistle42. Share Information via Whistle42

Read More

MiCA Day One: Estonia Pulls The Plug On The Old Crypto Licence Era — No Licence, No EU Clients!

On 1 July 2026, the European crypto market enters its hard-regulated phase. Strictly speaking, MiCA did not “start” on that day. The Markets in Crypto-Assets Regulation has already applied in stages. But 1 July 2026 marks the end of the transitional shelter for legacy crypto-asset service providers. From this date, the message across the European Economic Area is brutally simple: no MiCA CASP authorisation, no EU crypto business. Estonia has now delivered one of the clearest regulatory signals. On 30 June 2026, Finantsinspektsioon and the Estonian Financial Intelligence Unit announced that, from 1 July, crypto-asset services in Estonia may only be provided by companies holding a MiCA authorisation issued either by Finantsinspektsioon or by another EEA supervisory authority. The old FIU virtual-currency service-provider licence records will be cancelled on 1 July. Estonia: From Crypto Licence Factory To Regulatory Cleanup Estonia is not just another Member State in this story. For years, Estonia — together with Lithuania and, later, Poland — was one of Europe’s most popular crypto registration hubs. The Estonian FIU’s own numbers tell the story: there were 641 valid virtual-currency service-provider licences when the FIU began cleaning up the sector in mid-2021. By the start of 2026, only 36 valid licences remained. FIU head Matis Mäeker stated that AML documentation alone was not enough; supervision also had to cover safeguarding of client assets and cyber resilience. That is the essence of MiCA. The old national VASP model was mainly an AML gate. MiCA is a full financial-market regime covering authorisation, governance, client-asset protection, conduct rules, outsourcing, ICT resilience, prudential requirements, and supervisory accountability. The Estonian statement is also operationally clear. Companies without authorisation by 1 July must cease or limit their activities to protect clients. They may not accept new clients, open new accounts, or actively market services to clients in the EEA. Providers still in the application process must restrict activities until a final decision is made. Clients must be clearly informed how services will be terminated or limited and how they can withdraw or transfer assets. According to the Estonian announcement, only Lightspark Payments Europe AS has so far received a MiCA crypto-asset service provider (CASP) authorisation from Finantsinspektsioon. Crypto services can also be provided in Estonia by AS LHV Pank and the investment firm Lightyear Europe AS, while several providers may operate cross-border under authorisations from other EEA countries. ESMA’s EU-Wide Message: Wind Down, Do Not Pretend The Estonian announcement follows the European Securities and Markets Authority’s public statement of 23 June 2026. ESMA told unauthorised CASPs to wind down EU activities in an orderly manner while safeguarding clients. Unauthorised providers must stop onboarding EU clients, stop opening new accounts, stop marketing and solicitation, and limit services to what is strictly necessary to sell, transfer, reallocate or close positions. Custody may continue only for the period strictly necessary for an orderly exit. ESMA also stressed a crucial point for offshore and multi-entity crypto groups: non-EU entities cannot provide MiCA services to EU clients or solicit EU clients, except under the narrow reverse-solicitation regime. ESMA further reminded the market that CASPs may not outsource or delegate certain services, notably custody, to unauthorised entities. This is important because many crypto groups operate through a brand layer, an EU entity, offshore processing entities, software companies, custody providers, and payment affiliates. MiCA does not license a brand. It authorises a specific legal entity for specific services. A group cannot launder regulatory status through a logo. The Dream Finance / CoinsPaid / CryptoProcessing Test Case This brings us to Dream Finance OÜ, the Estonian entity behind the CoinsPaid and CryptoProcessing brands. As of the latest public review, CryptoProcessing’s own “Legal Hub” page states that the CoinsPaid and CryptoProcessing brands are operated by Dream Finance OÜ, registered in Estonia, and still refers to Licence No. FVT000166. The same page lists other group entities, including Dream Finance UAB in Lithuania, Dream Finance US LLC in Delaware, and Dream Finance Processing Inc. in Canada. That is precisely the regulatory issue. An Estonian FVT licence was a legacy virtual-currency service-provider licence issued under the old FIU regime. It is not, by itself, a MiCA CASP authorisation. If Dream Finance OÜ has not obtained a MiCA authorisation from Finantsinspektsioon or another EEA competent authority by 1 July 2026, the old Estonian licence reference is no longer a passport to serve EU clients. The CySEC EEA CASP register also shows Dream Finance OU, with approved trade name CoinsPaid and services including exchange and custody-type activities, but this appears to reflect the pre-MiCA EEA/national-regime listing rather than evidence of a new MiCA authorisation. For Dream Finance, CoinsPaid and CryptoProcessing, the compliance questions are therefore straightforward: IssueCompliance QuestionEstonian legacy licenceHas Dream Finance OÜ obtained a MiCA CASP authorisation, or is it still relying on FVT000166?EU client onboardingHas onboarding of new EU clients and merchants stopped unless a MiCA authorisation exists?Merchant processingAre EU-facing merchants, including high-risk iGaming merchants, being processed by an authorised CASP entity?Custody and walletsWhich legal entity provides custody, wallet, transfer and exchange services after 1 July?Group entitiesAre US, Canadian, Lithuanian, Polish or other affiliates involved in EU service delivery without their own authorisation?OutsourcingAre regulated functions outsourced to unauthorised entities, especially software, custody, wallet or transaction-processing layers?Client communicationHave clients and merchants been informed clearly about licence status, wind-down, migration and asset-withdrawal procedures? In the post-1 July world, “registered in Estonia,” “licensed by the FIU,” “operated by a European company,” or “application pending” are no longer sufficient answers. The relevant question is: which legal entity is MiCA-authorised, by which authority, for which services, and in which countries has it passported those services? Other Regulators Are Sending The Same Signal Estonia is not alone. ESMA’s statement has triggered a coordinated regulatory chorus across Europe. France’s AMF stated that any provider not authorised under MiCA must have implemented its wind-down plan by 1 July 2026. The AMF also warned that MiCA protections apply only to the authorised EU legal entity, not to affiliates or entities authorised outside the EU. Austria’s FMA published a similar notice, reminding consumers that clients of unauthorised providers do not benefit from MiCA protections, particularly regarding safeguarding of client funds and crypto-assets. Spain’s CNMV stated that from 1 July only providers holding the required authorisation may operate in Spain. Providers without authorisation must implement client migration plans allowing clients to withdraw funds and transfer crypto-assets. Cyprus had already warned CASPs operating under the national framework that continuation beyond 1 July 2026 requires the relevant MiCA authorisation; providers not applying by the national deadline had to submit a wind-down plan. Poland is particularly important. On 23 June 2026, the Polish KNF stated that the MiCA transitional period ends on 1 July 2026 and referred to ESMA’s wind-down expectations. The KNF also cited a Polish tax-administration notice clarifying that entry in the Polish virtual-currency activity register is not a MiCA authorisation and will not entitle firms to conduct virtual-currency activity after 1 July, either in Poland or abroad. Even more striking: the KNF noted that, due to the lack of Polish implementing legislation, no Polish public authority had yet been designated as the competent MiCA authority, except for e-money token activity. Lithuania moved even earlier. Lietuvos bankas warned that Lithuania’s transitional period would end on 31 December 2025 and that, after that date, accepting new clients, custody of crypto-assets, or providing other crypto-asset services without a MiCA licence would be illegal financial activity. The Lithuanian central bank also pointed to possible criminal-law consequences and website blocking. The Compliance Consequence For Payment Processors And iGaming Rails For crypto payment processors such as CoinsPaid/CryptoProcessing, the MiCA cliff is not theoretical. It affects the core business model. Crypto payment gateways typically combine merchant onboarding, wallet infrastructure, crypto-to-fiat exchange, crypto-to-crypto exchange, custody or control of client assets, transfer services, transaction monitoring, and settlement. Several of these activities fall squarely within MiCA’s CASP perimeter. The risk is even higher where the merchant base includes online casinos, offshore gaming operators, high-risk e-commerce, affiliate networks, or entities serving EU consumers through complex payment rails. Banks, PSPs, acquirers and compliance teams should no longer ask whether a crypto processor has a “registration.” They should ask for the MiCA authorisation, service schedule, passporting evidence, outsourcing map and client-asset safeguarding arrangements. From 1 July 2026, a legacy crypto registration becomes a red flag if it is used as a marketing substitute for MiCA authorisation. FinTelegram Assessment The Estonian announcement is the symbolic end of Europe’s old crypto arbitrage model. Estonia once attracted hundreds of crypto firms with a light-touch licensing ecosystem. The FIU then spent years cleaning up the damage. MiCA now finishes the job at EU level. For serious providers, MiCA creates legal certainty and passporting. For weakly governed structures, offshore processors, nominal EU entities, and legacy VASP operators, MiCA creates a cliff. For Dream Finance OÜ, CoinsPaid and CryptoProcessing, the key issue is immediate and factual: unless a MiCA CASP authorisation exists and is clearly disclosed for the relevant legal entity and services, the Estonian FVT licence reference should no longer be treated as sufficient for EU-facing crypto services after 1 July 2026. This is not a technical paperwork issue. It is a market-access issue. No MiCA authorisation. No new EU clients. No active EU marketing. No regulatory grey zone. Call For Information FinTelegram invites current and former employees, compliance officers, merchants, PSPs, banks, acquirers, casino operators, regulators and insiders with information about Dream Finance, CoinsPaid, CryptoProcessing, Coinspaid Development, SoftSwiss-linked payment infrastructure or post-MiCA crypto payment rails to contact FinTelegram via Whistle42. Share Information via Whistle42

Read More

SoftSwiss / Dream Finance Compliance Report v2.0: The Coinspaid Dev Engineering-Layer Update!

FinTelegram has released v2.0 of its SoftSwiss / Dream Finance Compliance Intelligence Report, expanding the original dossier with a major new structural development: the emergence of Coinspaid Development sp. z o.o. in Poland as the legal entity behind the newly separated Coinspaid Dev engineering layer. The v2 update is now available for download. Download: [SoftSwiss / Dream Finance Compliance Report v2.0 – PDF] Download: [SoftSwiss / Dream Finance Compliance Report v2.0 – PDF] The new version updates FinTelegram’s risk-based analysis of the SoftSwiss / Dream Finance / CoinsPaid / CryptoProcessing / FinteqHub ecosystem and focuses on a key question that has become even more important: Who controls the engineering, IP, infrastructure, wallet, settlement and compliance-tooling layer behind CoinsPaid / CryptoProcessing? From v1 to v2: Why This Update Matters In the first version of the report, FinTelegram identified a central ownership and control issue. The Estonian operating entity Dream Finance OÜ, which operates the CoinsPaid and CryptoProcessing brands, publicly records Alexander Horst Riedinger as shareholder and beneficial owner. At the same time, founder-level materials, litigation materials, whistleblower accounts and adverse-media reporting pointed to the broader Ivan Montik / SoftSwiss founder ecosystem as relevant to the control analysis. FinTelegram treated this carefully in v1: registered ownership, alleged beneficial ownership, public founder roles, whistleblower claims and FinTelegram hypotheses were kept separate. The v2 update does not abandon that discipline. It strengthens it. The new Polish Coinspaid Development sp. z o.o. structure does not, by itself, disprove the Estonian register entry naming Riedinger as beneficial owner of Dream Finance OÜ. However, it adds a new and highly relevant register-level signal: Ivan Montik appears in public Polish company-data sources as a beneficial-owner entry of Coinspaid Development sp. z o.o., while the company’s shareholders are listed as Bitcapital Ltd, PrimeFuture Ltd and WRU Investments Ltd. Those shareholder names are not new to FinTelegram’s SoftSwiss / Dream Finance mapping. They have already appeared in the broader SoftSwiss / Montik / founder-circle ecosystem. This is why v2 matters. The Key v2 Update: The Polish Engineering Layer Public reporting describes Coinspaid Dev as the engineering team behind the infrastructure powering Coinspaid Solutions, now separated from Coinspaid as a dedicated engineering brand. The public narrative is straightforward: after more than a decade of building blockchain payment infrastructure, the engineering function is stepping out as a separate infrastructure and development brand. According to public reporting, Coinspaid Dev claims: more than 120 engineers; more than 11 years of blockchain infrastructure experience; infrastructure across more than 20 blockchain networks; expertise in distributed systems, backend architecture, cybersecurity, cloud infrastructure, data analytics and payment-infrastructure engineering. Coinspaid’s own public positioning also emphasizes that it is not merely a crypto-payment processor, but a blockchain infrastructure provider backed by a broad product ecosystem and a dedicated R&D and software-development team. This changes the compliance lens. A 120+ engineer infrastructure unit is not a small technical support department. It suggests a substantial technology layer. Whether this layer served only CoinsPaid / CryptoProcessing or also supported the broader SoftSwiss ecosystem is a key question for regulators, banks, PSPs and counterparties. The Polish Entity: Coinspaid Development sp. z o.o. Public Polish company-data sources identify the new entity as: Coinspaid Development sp. z o.o.KRS: 0001228357NIP: 7831949638REGON: 544257545Registered office: Poznań, PolandRegistration date: March 2026Share capital: PLN 5,000 The listed shareholders are: ShareholderReported holdingBitcapital Ltd40%PrimeFuture Ltd40%WRU Investments Ltd20% Public company-data sources also list Ivan Montik as a beneficial-owner entry for Coinspaid Development sp. z o.o. For FinTelegram, this is the most important new v2 signal. It does not necessarily answer who owns Dream Finance OÜ. But it does show that the newly separated engineering layer around Coinspaid Dev is tied to the same SoftSwiss / Montik founder and holding-vehicle ecosystem that FinTelegram has already mapped in earlier reporting. Riedinger Register Layer Meets Montik Engineering Layer The core issue in v2 can be summarized as follows: Dream Finance OÜ remains the documented Estonian operating entity behind CoinsPaid / CryptoProcessing, with Alexander Horst Riedinger appearing as the registered beneficial owner. Coinspaid Development sp. z o.o., however, introduces a separate Polish engineering and infrastructure layer in which Ivan Montik appears as a beneficial-owner entry. That distinction matters. The question is no longer only: Who owns the licensed operating entity? The question is also: Who controls the technology, infrastructure, IP, wallet systems, settlement logic, R&D, payment modules and compliance tooling on which the operating entity depends? For regulated crypto-payment and iGaming-adjacent infrastructure, that distinction is material. A registered operating entity may hold the licence. But the operational control layer may sit elsewhere — in software, infrastructure, access rights, IP ownership, engineering contracts, wallet systems, settlement scripts, transaction-monitoring tools, and production-environment control. That is the v2 issue. Why the 120+ Engineers Matter The claimed 120+ engineer headcount is a significant signal. If Coinspaid Dev were only a narrow internal support function for CoinsPaid / CryptoProcessing, such a headcount would raise questions. It appears more consistent with a broader infrastructure role across a wider ecosystem. FinTelegram does not claim, as an established fact, that every Coinspaid Dev engineer worked for the wider SoftSwiss group. That would require employment records, service agreements, project documentation and organisational charts. However, the scale of the engineering unit supports a legitimate compliance question: Was Coinspaid Dev already functioning as a broader engineering and infrastructure layer for the SoftSwiss / CoinsPaid ecosystem before its public separation? This question is particularly relevant because SoftSwiss is not merely a passive investor story. SoftSwiss is a major iGaming software and casino-platform ecosystem, while CoinsPaid / CryptoProcessing operate crypto-payment infrastructure. The intersection of casino technology, payment processing, wallet systems, crypto settlement and compliance tooling is exactly where engineering control becomes compliance control. MiCA Context: Why Timing Matters The timing of the Coinspaid Dev split is also relevant. Dream Finance UAB in Lithuania has been publicly presented as having suspended crypto-asset-related services, including onboarding, transaction execution and new agreements. At the same time, the operating focus remains on Dream Finance OÜ in Estonia, which continues to be listed with the older Estonian virtual-asset authorisation FVT000166. This is important because the MiCA regime changes the compliance logic for crypto-asset service providers in the EU. FinTelegram does not claim that the Coinspaid Dev split was caused by MiCA. That would require internal documents or regulatory correspondence. However, the timing makes the split MiCA-relevant. If a crypto-payment ecosystem is moving from Lithuanian suspension toward an Estonian operating base while simultaneously separating a Polish engineering layer, regulators and counterparties should ask: is Coinspaid Development sp. z o.o. a material outsourcing provider? does it control production systems? does it own or maintain payment-processing code? does it manage wallet, key, settlement or blockchain-connectivity systems? does it provide transaction-monitoring or compliance tooling? was this structure disclosed to relevant regulators or counterparties? how does it fit into MiCA, DORA and operational-resilience expectations? These are standard compliance questions, not accusations. CoinsPaid / CryptoProcessing as Part of the SoftSwiss-Linked Ecosystem The v2 update also strengthens FinTelegram’s existing assessment that CoinsPaid / CryptoProcessing are functionally embedded in the SoftSwiss / Ivan Montik founder ecosystem. Public materials identify Ivan Montik as SoftSwiss founder and as a founder-level figure linked to CoinsPaid and Merkeleon. SoftSwiss itself has publicly described Montik as founder and as adviser / mentor at CoinsPaid. Coinspaid Dev now adds a further link: the Polish engineering entity’s shareholder and beneficial-owner signals point back to the same founder and holding-vehicle environment. This does not, by itself, prove a single consolidated legal group or common equity ownership of every entity. But it does materially strengthen the conclusion that the CoinsPaid / CryptoProcessing infrastructure cannot be assessed in isolation from the broader SoftSwiss-linked ecosystem. What Changed in v2.0 v2 UpdateCompliance SignificanceCoinspaid Development sp. z o.o. added as a new entityEstablishes a separate Polish engineering / infrastructure layer behind Coinspaid Dev.Ivan Montik appears as beneficial-owner entry in public Polish company-data sourcesAdds a new register-level signal linking the CoinsPaid engineering layer to the SoftSwiss founder ecosystem.Bitcapital Ltd, PrimeFuture Ltd and WRU Investments Ltd listed as shareholdersConnects the Polish engineering entity to holding-vehicle names already relevant in FinTelegram’s SoftSwiss / Montik mapping.Coinspaid Dev claims 120+ engineersSuggests a substantial infrastructure function, potentially broader than a narrow CoinsPaid support team.Engineering, IP and operational-outsourcing risk addedRaises new questions about production systems, wallet logic, R&D, compliance tooling and operational resilience.MiCA context expandedPlaces the Polish engineering split alongside Dream Finance UAB’s Lithuanian suspension and Dream Finance OÜ’s continued reliance on the Estonian VASP authorisation.Ownership analysis refinedSeparates operating-entity ownership from engineering-layer control and avoids overstating either. What v2 Does Not Assert FinTelegram does not assert that the Polish Coinspaid Dev structure proves criminal wrongdoing. FinTelegram does not assert that the Riedinger register entry for Dream Finance OÜ is false. FinTelegram does not assert that Coinspaid Development sp. z o.o. was created because of MiCA. FinTelegram does not assert that Coinspaid Dev serves every SoftSwiss-related entity unless contracts, internal records or service documentation prove that relationship. The v2 report does assert that the new Polish engineering-layer structure materially changes the compliance analysis and strengthens the need for regulators, banks, PSPs and counterparties to look beyond the operating entity and examine the infrastructure-control layer. Key Questions for Regulators and Counterparties FinTelegram believes the following questions now require answers: What is the legal relationship between Dream Finance OÜ, Coinspaid Solutions, CoinsPaid / CryptoProcessing and Coinspaid Development sp. z o.o.? Does Coinspaid Development sp. z o.o. own, develop, maintain or operate any software used by CoinsPaid / CryptoProcessing? Does the Polish entity control production systems, wallet infrastructure, key-management systems, blockchain nodes, settlement logic or transaction-monitoring tools? Are Bitcapital Ltd, PrimeFuture Ltd and WRU Investments Ltd merely passive shareholders, or do they exercise influence over the engineering and infrastructure layer? How does Ivan Montik’s beneficial-owner entry in the Polish entity relate to his public SoftSwiss and CoinsPaid founder roles? Was the engineering-layer separation disclosed to relevant regulators, PSPs, banks or counterparties as a material outsourcing or operational dependency? Does the structure have implications for MiCA readiness, DORA operational resilience, AML/CFT controls and customer-asset safeguarding? Does Coinspaid Dev support only CoinsPaid / CryptoProcessing, or does it serve the broader SoftSwiss / iGaming infrastructure ecosystem? Right of Reply FinTelegram again invites SoftSwiss, Stable Aggregator Limited, Dream Finance OÜ, Dream Finance UAB, CoinsPaid, CryptoProcessing, Coinspaid Dev, Coinspaid Development sp. z o.o., FinteqHub, Ivan Montik, Max Krupyshev, Alexander Horst Riedinger, Bitcapital Ltd, PrimeFuture Ltd, WRU Investments Ltd and any relevant representative to provide a factual statement. We are particularly interested in clarification on: the ownership and control of Coinspaid Development sp. z o.o.; the relationship between Coinspaid Dev and Dream Finance OÜ; any service agreements between Coinspaid Development and CoinsPaid / CryptoProcessing; whether Coinspaid Dev provides services to the broader SoftSwiss ecosystem; ownership of IP, source code, wallet infrastructure, payment modules and compliance tools; MiCA, DORA and outsourcing-disclosure implications; whether the Polish engineering structure changes the operating model previously disclosed to counterparties or regulators. FinTelegram remains prepared to publish concise, factual and non-defamatory right-of-reply statements and to correct demonstrably inaccurate factual assertions. Call for Information FinTelegram invites current and former employees, engineers, contractors, compliance officers, payment providers, PSPs, acquirers, banks, regulators and insiders with knowledge of Coinspaid Dev, Coinspaid Development sp. z o.o., Dream Finance OÜ, CoinsPaid, CryptoProcessing, SoftSwiss or related entities to provide information. We are particularly interested in: employment-transfer records; engineering-team structure; IP assignment agreements; software-development contracts; source-code ownership records; production-access controls; wallet and key-management documentation; settlement-system architecture; transaction-monitoring and compliance-tooling documentation; outsourcing agreements; MiCA / DORA readiness documents; regulatory correspondence; service agreements between Coinspaid Development and Dream Finance / CoinsPaid / CryptoProcessing / SoftSwiss-related entities; evidence showing whether Coinspaid Dev served only CoinsPaid or the wider SoftSwiss ecosystem. Information can be submitted securely via Whistle42.com. All submissions will be treated confidentially. Anonymous submissions are welcome, but documents, contracts, screenshots, emails, registry extracts, technical diagrams, code-ownership records, payment data and other verifiable evidence are especially valuable. FinTelegram Assessment The Coinspaid Dev split is not a cosmetic update. It is a structural event. It moves the investigation from the question of who owns the operating entity to the deeper question of who controls the infrastructure. In modern crypto-payment ecosystems, infrastructure is control: code, wallet systems, settlement rails, compliance engines, APIs, access rights and operational dependencies can be as important as share registers. Version 1 of the SoftSwiss / Dream Finance Compliance Report identified the ownership divergence. Version 2 adds a new engineering-layer signal. Share Information via Whistle42

Read More

Showing 1 to 20 of 158 entries

You might be interested in the following

Keyword News · Community News · Twitter News

DDH honours the copyright of news publishers and, with respect for the intellectual property of the editorial offices, displays only a small part of the news or the published article. The information here serves the purpose of providing a quick and targeted overview of current trends and developments. If you are interested in individual topics, please click on a news item. We will then forward you to the publishing house and the corresponding article.
· Actio recta non erit, nisi recta fuerit voluntas ·