Venom Foundation was established in Abu Dhabi, UAE in 2022 as a Layer-0 and Layer-1 blockchain platform, positioning itself as a next-generation scalable blockchain solution. It became the first crypto foundation licensed by Abu Dhabi Global Market (ADGM), later voluntarily exited ADGM, and relocated its operations to the Cayman Islands. However, Venom is also a crypto crime story! The crypto crime story around Venom (website) unfolded between its alleged founder/investor, Alibek Garcia Isaaev, and the project’s reported links to Ilya Kligman, a Russian banker tied to major bank-fraud allegations and cross-border enforcement actions. Key points Regulatory identity confusion: ADGM confirmed Venom Foundation ADGM ceased activities and is winding down; ADGM also warned the public about unrelated “Venom” launch claims on social media (Source: adgm.com). Founder/investor opacity allegations: Investigative reporting describes Alibek (Isaaev/Issaev/Isaev) as the “mastermind” behind Venom and highlights “murky” ownership/representation issues in fundraising narratives (Source: Whale Hunting). Kligman linkage centers on litigation + capital: Russian media reporting (citing Lenta.ru) describes Kligman-controlled Adventor Management Ltd as a major investor in Isaaev projects since 2014 and outlines IP/theft allegations and multi-jurisdiction threats (Source: Рамблер/личные финансы). Kligman risk profile: Multiple Russian outlets report Kligman as wanted/linked to large banking losses and enforcement proceedings (Sources: FinTelegram, 2Банки.ру). Malta angle (Papaya): Maltese reporting says investigators suspected a hidden Russian beneficial owner behind MFSA-licensed EMI Papaya (ownership contested/opaque in public narratives). Kligman has been speculatively linked in some ecosystem reporting, but identity is not confirmed by Maltese authorities in public documents(Sources: Times of Malta). What ADGM actually put on the record In a public notice, ADGM’s Registration Authority stated that Venom Foundation ADGM is no longer conducting any activities in ADGM, having cancelled its commercial licence in February 2024 and appointed a liquidator in March 2024. ADGM added that two associated ADGM companies—Venom Blockchain Holding Limited and Venom Blockchain Holding 2 Limited—also appointed a liquidator to wind down. ADGM also warned that the ADGM entities were not associated with “recent social media announcements” about launching Venom Blockchain, explicitly flagging name/brand confusion as a public-risk issue (Source: Gulfnews). For any exchange, OTC desk, VC, payment provider, or “partner program,” this is a textbook trigger for enhanced due diligence: when the “regulated” story is used as marketing collateral, but the regulator later publishes an official notice that the licensed entity is in liquidation and not connected to ongoing launch communications. Isaaev’s role—and the “representation” red flag While ADGM’s notice does not name individuals, investigative reporting has repeatedly tied Alibek Issaev/Isaaev (spelling varies across outlets) to Venom’s behind-the-scenes control. A detailed investigation by Project Brazen’s Whale Hunting describes being introduced to Issaev as the “mastermind” behind Venom—and highlights alleged promotional misrepresentation (including an investor’s image used in press coverage despite denial of any investment). Alibek Isaev operates under multiple identities and birth dates, raising significant red flags (Source: TrinityBugle):​ Alibek Garcia Isaev (born February 27, 1971) Alibek Gasanovich Isaev (born April 27, 1969) According to multiple reports, Isaev is wanted by Interpol for murder and terrorism charges originating from Russia. An arrest warrant was allegedly issued in the UAE on November 23, 2022, in connection with fraud involving 242 million dirhams (approximately $66 million) stolen from the Russian banker Ilya Kligman (see more below). Separately, The Block chronicled the broader opacity around the much-publicized Venom-linked “$1B” venture narrative, noting the absence of expected transparency and follow-through (Source: TheBlock). None of this alone proves criminality. But from a compliance standpoint it fits a familiar pattern: credential marketing (licence/sovereign “halo”) + thin verifiable governance + aggressive ecosystem promotion, followed by corporate restructuring, silence, or jurisdictional hopping. The Kligman connection: investment capital, litigation, and an enforcement backdrop The Venom Blockchain case represents one of the most controversial chapters in the criminal career of the Russian banker Ilya Kligman, involving allegations of a $70 million loan to Alibek Garcia Isaev, subsequent legal battles in UAE courts, and competing narratives about fraud, extortion, and money laundering. The case is particularly significant because it resulted in a UAE court conviction of Kligman in absentia in December 2023, with a reported $940 million compensation order—though the reliability and enforceability of this judgment remain contested. Russian media reporting (via Rambler/finance, citing Lenta.ru) described a dispute in which Adventor Management Ltd, said to be controlled by Ilya Kligman, accused Alibek Isaaev of attempting to misappropriate intellectual property and claimed Kligman invested around $60 million into joint UAE projects since 2014, with litigation and criminal-complaint threats spanning multiple jurisdictions (Sources: Рамблер/личные финансы). Kligman’s name is not a neutral counterpart in such disputes. Russian business/legal outlets have reported him as wanted internationally and linked him to large-scale banking losses and legal actions tied to failed banks and deposit-related schemes. (Source: FinTelegram.com 2Банки.ру). The UAE Court Case: Competing Narratives The court proceedings in the UAE between Kligman and Isaev generated two entirely contradictory narratives, making it difficult to establish definitive facts: Narrative 1: Isaev’s Initial Loss (Mid-2023) According to reports from July-August 2023 (Source: TrinityBugle):​ UAE court ruled against Alibek Isaev in the fraud case Isaev was ordered to repay Kligman $100 million (the original $70 million plus interest, legal costs, and damages) Failure to repay would result in multi-year prison sentence for Isaev The escalation to $100 million reflected interest rates, legal expenses, and confrontations with organized crime networks An arrest warrant was issued for Isaev on November 23, 2022 Court documents cited: Case involving 242 million dirhams ($66 million) in fraud Additional claims bringing total exposure to $100 million Risk of deportation to Russia to face murder charges Narrative 2: Dramatic Reversal (December 2023) In a stunning reversal, reports from December 2023 claimed (Source: LARA):​ All charges against Alibek Isaev were dropped in both civil and criminal courts Ilya Kligman was found guilty and sentenced to prison in absentia Kligman was ordered to pay Isaev compensation of $940 million in damages The UAE court allegedly ruled that Kligman had engaged in “extortion, blackmail, and obstructing normal business functioning” Kligman faces prison term, potential extradition from Germany to UAE, and then to Russia Papaya Ltd (Malta) would be seized as part of asset recovery Critical Analysis: Red Flags Suggesting Disinformation Campaign 1. Source Quality Concerns: The websites publishing these reports lack established journalistic credibility: Trinity Bugle (no established reputation) Sokal Info (unknown provenance) Repost News (minimal track record) Various crypto news aggregators republishing without verification 2. Timing Coincidences: The reversal occurred precisely when Venom Foundation was facing: ADGM license challenges Executive departures (Mustafa Kheriba resignation) Public scrutiny over Isaev’s criminal background Need to restore investor confidence 3. Lack of Official Verification: No official UAE court records, ADGM statements, or law enforcement announcements confirm: The existence of the criminal conviction The $940 million compensation order Extradition proceedings from Germany Seizure orders for Papaya Ltd 4. Inconsistent Legal Framework: The UAE legal system typically does not issue criminal convictions in absentia for foreign nationals without substantial evidence of jurisdiction. The claim that Kligman—residing in Germany—would face UAE criminal prosecution without prior extradition attempts is legally implausible. Our Assessment Evidently, this is a conflict between two Russian citizens of different ethnic backgrounds: Ilya Kligman, an ethnic Jewish Russian banker with alleged connections to the ethnic Russian Tambov organized crime organization, and Alibek Garcia Isaev, a businessman of likely North Caucasian (Dagestani or Chechen) origin, over a $70 million loan dispute that escalated into competing legal claims in UAE courts. Below, we outline the individual points in the battle between Kligman and Isaaev over the credibility of the Venom scheme. Confidence Levels: ElementConfidence LevelBasisKligman provided substantial funding to IsaevHighMultiple independent sources corroborateInitial loan amount ~$70 millionMedium-HighConsistent across sources, though exact amount variesCourt case existed in UAE (2022-2023)HighRussian court documents reference caseIsaev lost initial ruling (mid-2023)MediumConsistent with earlier reporting timelineReversal: Kligman convicted, $940M compensation (Dec 2023)Low-MediumQuestionable sources, no official confirmation, implausible amountKligman used Venom for money launderingMedium-HighConsistent with established pattern, circumstantial evidence strongIsaev has criminal history of project fraudHighWell-documented across multiple sourcesVenom Foundation exited ADGM (2024)ConfirmedOfficial ADGM statements The Venom Scheme Despite its controversial origins involving fugitive Russian banker Ilya Kligman and North Caucasian entrepreneur Alibek Isaev, Venom Blockchain operates as a functional, technically capable Layer-0/Layer-1 blockchain platform as of December 2025. The project maintains 99.99% uptime, processes 150,000-200,000 daily transactions, and has attracted institutional partnerships including with the Philippines government. However, unresolved questions about beneficial ownership, the sudden ADGM exit, and a 79% price collapse from launch highs suggest ongoing regulatory, legal, and market confidence issues that warrant continued investigative scrutiny. Legal entities explicitly named in official/regulatory or first-party materials Venom Foundation (ADGM) → in liquidation; licence cancelled, per ADGM RA public notice. adgm.com+1 Venom Blockchain Holding Limited (ADGM) → in liquidation (named in the same ADGM context). adgm.com+1 Venom Blockchain Holding 2 Limited (ADGM) → in liquidation (named in the same ADGM context). adgm.com+1 VNM Vault Ltd → named as the contracting party across venom.foundation legal documents; Cayman Islands governing law/arbitration is specified. venom.foundation+1 People-of-interest overlay Alibek (Garcia) Issaev/Isaaev → described in investigative reporting as a central figure in Venom’s origin story and ownership ambiguity. Ilya Kligman → frequently referenced in adverse-media narratives around offshore banking/crypto schemes; any “ownership” or “court outcome” claims should be framed as reported/alleged unless you have court documents. (For Papaya in Malta specifically, Times of Malta reports a probe into suspected concealed Russian ownership, while public-facing ownership is contested in public debate.) Call for Information (Whistle42) FinTelegram is seeking documents and first-hand accounts related to: Venom’s true controlling persons (past and present), cap table, and treasury movements Any UAE court filings/judgments involving Alibek Isaaev/Issaev and Ilya Kligman (especially any “in absentia” criminal ruling references) Kligman’s historic crypto ventures (including Swiss Crypto Alliance AG / Crypto Alliance GmbH) and any links to Malta-based structures or nominees If you have relevant information, please submit it securely via Whistle42 (anonymous submissions welcome). Share Information via Whistle42

A Vienna court has finally shut the door on U.S. efforts to put Ukrainian oligarch Dmytro Firtash on trial – with a justification that even Austrian media now call bizarre: Firtash is said to enjoy diplomatic immunity as an “advisor” to the Belarusian mission to UNIDO in Vienna. Officially, however, Austria does not even recognise him as a diplomat. Key Points The Vienna Regional Court ruled on 4 November 2024 that Firtash cannot be extradited to the U.S., arguing he enjoys immunity as advisor to Belarus’s permanent mission to UNIDO in Vienna (Source: Kurier). Austria’s Foreign Ministry told the court that Firtash is not properly accredited, has no diplomatic ID card and is therefore not considered a diplomat (Source: Kurier). The Higher Regional Court has now dismissed the prosecution’s appeal as inadmissible after a missed deadline – making the 2024 decision final (Sources: DER STANDARD). Belarus reportedly granted Firtash this “diplomatic” function in 2021, widely seen as a move to shield him from U.S. corruption charges (Source: RadioFreeEurope). Austria has previously refused a Spanish extradition request and now effectively guarantees luxury exile in the EU to a man wanted for large-scale bribery and embezzlement (Source: Reuters). Short Narrative: Legal Aburdism With the 9 December 2025 ruling by the Vienna Higher Regional Court, the Firtash saga has entered a new phase: legal absurdism. Prosecutors’ last appeal against the 2024 non-extradition decision was thrown out on formal grounds – a missed deadline. Substantively, however, the lower court’s reasoning is what shocks observers: Firtash allegedly enjoys diplomatic immunity as an advisor to Belarus’s permanent mission to UNIDO. The anonymised ruling, reported by Kurier, states that this advisory role shields him from U.S. extradition. At almost the same time, Austria’s Foreign Ministry and Justice Ministry confirmed that Firtash is not properly accredited to UNIDO, holds no MFA diplomatic card and is not considered a person entitled to diplomatic privileges. In other words: the court treated him as a diplomat even though the Austrian state does not. Extended Analysis: Austria Does Not Recognize Firtash Under international law, members of permanent missions to international organisations enjoy immunity only if they are formally notified and accepted by the host state. Here, the host state – Austria – explicitly told the court that Firtash is not recognised as such. Yet the Vienna Regional Court still used this supposed Belarusian “advisor” status to declare extradition inadmissible. This is not a legal nuance; it is the core of the case. Belarus, an authoritarian ally of Russia, appears to have handed a fugitive Ukrainian oligarch a tailor-made role in Vienna precisely to sabotage U.S. proceedings. Austrian ministries flagged that the accreditation was defective. The court nevertheless sided with Minsk’s paper construct over its own government’s position – and then the higher court sealed the deal due to a procedural failure by prosecutors. Read the FinCrime Observer report on the Firtash Case here. The political signal is devastating. Austria is part of the EU sanctions regime against Russian and Belarusian elites and officially supports Ukraine. Yet one of Kyiv’s most notorious ex-gas oligarchs, long aligned with pro-Russian president Viktor Yanukovych and wanted for bribery and alleged embezzlement of hundreds of millions from Ukraine’s gas transit system, remains safe in Vienna behind a Belarusian “diplomatic” fig leaf. Add to this earlier refusals to extradite Firtash to Spain over money-laundering allegations, and the picture is clear: Austria has become a premium safe harbour for post-Soviet oligarchs with the right lawyers, lobbyists and – in this case – a friendly authoritarian regime willing to制造 diplomatic paperwork. Call for Information FinTelegram will continue to investigate the Firtash network in Vienna – including his Belarusian “advisor” status, his business ties, and his political protectors in Austria and abroad. We explicitly call on insiders in Austrian ministries, UNIDO-related circles, the Belarusian mission, banks, law firms and advisory shops to share information, documents or leads with us confidentially. If you have knowledge about Dmytro Firtash’s activities, his alleged diplomatic status or other oligarch safe-harbour structures in Austria, please contact FinTelegram via our whistleblower channels. Share Information via Whistle42

A U.S. federal judge in Manhattan sentenced Terraform Labs founder Do Kwon to 15 years in prison, concluding that the TerraUSD/LUNA implosion was not a bad-product accident but a fraud that wiped out roughly $40 billion in market value and devastated real victims. The sentence lands as a defining “Startup on Trial” moment for crypto’s algorithmic-stablecoin era. Key Points Sentence: 15 years, imposed by U.S. District Judge Paul A. Engelmayer in Manhattan (Source: Reuters). Criminal posture: Kwon pleaded guilty (Aug 2025) to wire fraud and conspiracy; sentencing exceeded the government’s recommendation (Source: Reuters). Core finding: the court accepted that Kwon repeatedly misled investors and that the harm was “real money,” not “paper” losses (Source: AP News). Regulatory overlap: Terraform previously faced SEC action and agreed to a $4.55B settlement framework (including an $80M civil penalty and a crypto-activity ban for Kwon). Cross-border arc: extradited to the U.S. after detention in Montenegro; South Korea still looms as a separate exposure (Source: US DOJ). Short Narrative Terraform marketed a vision: a “self-healing” algorithmic stablecoin (TerraUSD/UST) paired with LUNA, promising a decentralized financial system that could keep stability through code and incentives. In May 2022, the promise collapsed—UST lost its peg, LUNA spiraled, and the shock radiated through the broader crypto market. Prosecutors framed what followed as a deception campaign, not merely a volatile unwind, and Engelmayer’s sentence signals the court agreed with that characterization. Extended Analysis 1) What the government said was fraudulent (beyond “UST depegged”)The DOJ’s sentencing release lays out a pattern of alleged misrepresentations, including: “Stablecoin misrepresentations”: claiming Terra Protocol restored UST’s peg after a 2021 wobble, while prosecutors allege a high-frequency trading firm secretly bought large amounts to prop it up. Reserve/governance claims around the Luna Foundation Guard (LFG): prosecutors allege Kwon presented LFG as independent while controlling it, moving funds as if interchangeable, and laundering misappropriated assets. Mirror Protocol: marketing synthetic stock exposure as decentralized while allegedly retaining control and using bots to manipulate prices/metrics. Chai payments narrative: claiming real-world transaction volume on Terra while prosecutors allege transactions were processed conventionally and then “mirrored” onto the chain to simulate usage. 2) Why this became a “startup” case with classic securities/commodities hooksThis wasn’t prosecuted as “crypto is risky.” It was prosecuted as fraud + market manipulation, packaged through instruments and narratives that touched securities-like expectations and commodities theories (as reflected in the charging posture and the DOJ’s description of the conspiracy). The legal lesson is blunt: a token’s technical novelty does not immunize misstatements about mechanism, reserves, governance, adoption, or market support. 3) Sentencing signals: deterrence over “crypto exceptionalism”Engelmayer rejected both the idea that 12 years was enough and the defense’s push for a far shorter term—calling the conduct an “epic” fraud and emphasizing the scale of human harm. That judicial language matters because it frames future cases: algorithmic design failure may be tolerated; concealment of interventions, fictive adoption metrics, and governance theater is not. 4) “Startup on Trial” takeaways for founders and investors Stress events are disclosure events: a peg break, liquidity rescue, or market-maker intervention must be treated like a material incident, not PR. Governance claims must be auditable (who controls keys, reserves, and decision rights). Adoption proof must be verifiable (no synthetic “usage” narratives). Investors should treat “algorithmic stability” as marketing, unless the issuer can evidence resilience under adversarial conditions and disclose all backstops. Actionable Insight For crypto startups: build compliance like a public company before you need it—incident logs, market-structure policies, reserve/governance attestations, and a hard rule that any external “support” (market makers, loans, buy programs, stabilization trades) is tracked and disclosed with legal review. For investors: diligence the backstop reality—who can intervene, when, and with what funds—because courts increasingly treat hidden backstops as core fraud facts, not footnotes. Call for Information FinTelegram is tracking Terra/LUNA-related enforcement and the broader “Startup on Trial” pipeline. If you are a former employee/contractor, a market-structure counterparty (MM/HFT/OTC), a protocol integrator, or an affected investor with documentation on Terraform’s communications, stabilization efforts, or governance controls, share your information via Whistle42.com (anonymity available). Share Information via Whistle42

The Innsbruck Regional Court in Austria has convicted former real-estate tycoon René Benko for a second time for fraudulent bankruptcy (betrügerische Krida), handing down a 15-month suspended sentence over hidden cash and luxury items in a family safe. His wife, Nathalie Benko, was acquitted. The ruling is not final and touches only a small asset-transfer strand, not the core Signa investigations. Key Facts Verdict: 15 months imprisonment, fully suspended with a three-year probation period, plus a fine of 360 daily rates (reported at €12 each) (Source: Die Presse). Offence: Insolvency fraud / fraudulent bankruptcy (betrügerische Krida) for hiding assets from creditors in his personal insolvency (Source: DIE WELT). Acquittal for Nathalie: The jury acquitted Nathalie Benko “in dubio pro reo”; the court did not see her complicity as proven (Source: Die Presse). Facts of the case: Around €120,000 in cash and 11 luxury watches plus cufflinks and other valuables worth roughly €250,000 were stored in a safe at relatives of Nathalie, instead of being made available to the insolvency estate (Source: Reuters). First conviction: In October 2025, Benko was already sentenced to two years’ imprisonment (not final) for moving €300,000 to his mother and other asset shifts around his personal insolvency (Source: Reuters). Short Analysis With this second non-final conviction, the picture painted in FinTelegram’s earlier “Safe Full of Luxury” report is now confirmed by a criminal court: Austria’s ex-billionaire twice found guilty of stripping assets out of reach of creditors while his empire collapsed (Source: FinTelegram). For now, however, we are still in the “mini-proceedings” phase. Both convictions concern personal asset transfers in Benko’s private insolvency—relatively small amounts compared to the tens of billions in claims surrounding the Signa collapse and the roughly €300 million damage estimate currently in the WKStA files (Source: DER STANDARD). The true Signa causa—suspected large-scale fraud, breach of trust and money laundering across complex structures—is still being investigated in at least 14 separate strands by Austria’s Wirtschafts- und Korruptionsstaatsanwaltschaft (WKStA), while prosecutors in Italy (Trento anti-mafia) and Germany (Munich public prosecutor’s office) are pursuing their own high-stakes probes into alleged corruption, “mafia-like” structures and triple-digit-million fraud and embezzlement (Source: Tagesspiegel). Procedurally, the suspended 15-month sentence does not end Benko’s pre-trial detention: he remains in custody because of the risk of evidence tampering and further offences in the broader Signa complex, as stated by WKStA (Source: justiz.gv.at). The decisive question is how future indictments in the Signa strands will interact with the existing sentences when they are finally aggregated. Call for Information FinTelegram will continue to treat the Signa Case as a long-term investigation. Insiders, advisers, employees, lenders, and counterparties with information on asset shifts, foundations, side agreements, or international structures around René Benko and the Signa Group are invited to submit documents and evidence securely via Whistle42.com. Share Information via Whistle42

The dramatic U.S. seizure of the supertanker Skipper off Venezuela’s coast—personally announced by President Donald Trump and amplified by Attorney General Pam Bondi’s helicopter-raid video—is officially framed as a sanctions and counter-terrorism operation. In reality, it sits at the intersection of three fault lines: Washington’s dependence on heavy Venezuelan crude, Venezuela’s slow exit from the classic petrodollar system, and PDVSA’s growing use of USDT stablecoins and Chinese channels to move oil money outside the reach of the U.S. banking system. The Strategic Perfect Storm: Quality, Currency, and Hegemony Venezuela presents the United States with a double vulnerability that intensifies pressure on an already heavily indebted superpower. First, Venezuela produces super-heavy, high-sulfur crude grades—particularly Merey, Boscan, and Hamaca—that are ideally suited to the complex coking units of U.S. Gulf Coast refineries. As Mexican heavy crude production declines and Canadian pipeline flows remain constrained, Venezuelan barrels have become irreplaceable for optimal refinery operations and diesel output. The loss of up to 200,000–300,000 barrels per day of Venezuelan heavy crude has already tightened U.S. refinery feedstock markets, driving up costs and threatening fuel price stability—a politically sensitive issue for any administration.​ Second and more strategically threatening, Venezuela under Maduro has systematically abandoned the petro-dollar. Since 2024, state oil company PDVSA has required new customers to prepay up to 50% of spot crude shipments in Tether’s USDT stablecoin via digital wallets, with over half of all crude shipments now involving USDT payments by mid-2025. Venezuela also shifted to pricing and settling oil in Chinese yuan as early as 2017, deepening financial integration with Beijing. In September 2025, approximately 84% of Venezuela’s crude exports flowed to China—either directly or via shadowy intermediaries—paid in yuan or converted through USDT.​ This combination undermines two pillars of U.S. financial hegemony simultaneously: it deprives U.S. refiners of optimal crude while routing oil revenues outside dollar-denominated banking channels that traditionally recycle petrodollars into U.S. Treasuries.​ USDT as the New Petro-Currency Infrastructure Venezuela’s reliance on USDT represents more than sanctions evasion—it constitutes a parallel petro-currency infrastructure that bypasses U.S. control while still referencing dollar value. By July 2025, an estimated $119 million in USDT flowed into Venezuela’s private sector in a single month, with the government quietly authorizing select banks to exchange bolívars for USDT since June 2025. PDVSA uses USDT to avoid the risk that oil proceeds will be frozen in foreign bank accounts subject to OFAC jurisdiction, effectively creating a “digital dollar” market that operates outside traditional correspondent banking and SWIFT.​ This model mirrors strategies deployed by Iran and Russia, which increasingly use crypto and stablecoins to conduct sanctioned energy trade. For the United States, the danger is not nominal de-dollarization—oil is still priced in dollar-equivalent USDT—but operational de-dollarization: the flows no longer pass through New York clearing banks, no longer generate demand for U.S. Treasuries, and no longer submit to U.S. financial surveillance and enforcement. Each barrel settled in USDT marginally weakens the structural demand for dollars and Treasuries that has enabled the U.S. to sustain $35 trillion in national debt and run persistent deficits without triggering a currency or bond crisis.​ Economic Pressure on a Heavily Indebted United States The erosion of petro-dollar recycling comes at a particularly vulnerable moment. The U.S. national debt surpassed $35 trillion in 2024, having nearly doubled from $14.8 trillion a decade earlier, sustained largely by Federal Reserve quantitative easing and robust foreign demand for Treasuries—much of it driven by petrodollar recycling from oil exporters. J.P. Morgan Research estimates that each 1-percentage-point decline in foreign Treasury holdings relative to GDP (roughly $300 billion) would drive yields up by more than 33 basis points, raising borrowing costs across the economy and constraining fiscal space. If major energy exporters systematically shift settlement outside the dollar banking system, the resulting reduction in Treasury demand would exert upward pressure on U.S. interest rates, crowding out domestic investment and destabilizing state and federal budgets already stretched by deficit spending.​ Venezuela’s pivot to USDT and yuan thus threatens not only dollar prestige but the fiscal arithmetic underpinning U.S. debt sustainability. Control over Venezuelan oil—the world’s largest proven reserves—would allow Washington to dictate currency terms for a substantial share of global heavy crude supply, reinforcing structural dollar demand and shoring up Treasury inflows.​ From Sanctions Enforcement to Military Action The 10 December tanker seizure must be understood in this dual economic context. While Attorney General Pam Bondi justified the operation as enforcement against a vessel “sanctioned for its involvement in an illicit oil shipping network supporting foreign terrorist organizations,” the execution involved Coast Guard personnel, Marines, special forces, two helicopters, and Department of Defense assets—an operation of military scale and character. Trump himself declared, “We keep the oil, I guess,” a statement that frames the seizure not as law enforcement but as resource appropriation.​ Senator Chris Van Hollen characterized the seizure as evidence that U.S. military operations in the Caribbean—including over 22 boat strikes killing at least 87 people since September 2024—are not primarily about drug interdiction but about regime change by force. The tanker seizure, combined with the deployment of the USS Gerald Ford carrier strike group, fighter jet overflights of the Gulf of Venezuela, and Trump’s stated intention to conduct land strikes, constitutes a campaign of escalating military pressure aimed at restoring U.S. control over Venezuelan oil and, by extension, over the currency terms of that oil’s sale.​ Hypothesis: Strategic Resource Seizure to Counter Financial Erosion The hypothesis emerging from these dynamics is stark: the United States, facing the twin pressures of irreplaceable heavy crude needs and eroding petro-dollar flows, has escalated from economic sanctions to quasi-military resource seizure in an attempt to reassert control over Venezuelan energy and re-anchor oil transactions within dollar-clearing infrastructure. The tanker seizure is not an isolated enforcement action but a signal of willingness to use military force to defend financial hegemony when economic levers prove insufficient.​ If Venezuela—and by extension China, Russia, and other USDT-adopting energy exporters—succeeds in normalizing stablecoin settlement outside U.S. banking rails, the resulting erosion of structural Treasury demand could trigger a fiscal crisis for a United States already burdened by unsustainable debt levels. In this framing, the Skipper seizure represents not law enforcement but a new form of economic warfare: the physical interdiction of energy flows to prevent their settlement in non-controlled digital currencies, even when those currencies are nominally pegged to the dollar.

Austria’s appeals court has definitively stopped the extradition of Ukrainian businessman Dmytro Firtash to the United States, closing a decade-long case and sharpening doubts about Vienna’s willingness to confront entrenched oligarch networks. The Firtash Case On 9 December 2025, the Vienna Higher Regional Court rejected prosecutors’ appeal and confirmed a 2024 ruling: Firtash will not be surrendered to the U.S (Source: Reuters). A 2013 indictment in Chicago accuses him of orchestrating an $18.5 million bribery scheme to secure titanium mining rights in India, in breach of the U.S. Foreign Corrupt Practices Act (Source: US Indictment). He denies the charges as politically motivated. In parallel, Ukrainian and U.S. authorities accuse him of embezzling nearly $500 million from Ukraine’s gas transit system (Source: Reuters). Arrest and Extradition Procedures Arrested in Vienna in 2014, Firtash has fought extradition ever since. A Vienna court first refused the U.S. request in 2015 as partly political, an assessment that already raised eyebrows among anti-corruption experts (Source: Euronews). Later, higher courts – and the then justice minister – signalled that extradition was legally possible, before new defence motions, a 2023 reopening of proceedings and renewed rulings produced the current refusal (Source: RadioFreeEurope). A Spanish extradition request on money-laundering allegations was also rejected, leaving Firtash still in comfortable exile on the Danube (Source: The Local Austria). Firtash built his fortune as an intermediary for Russian gas and was a key sponsor of former Ukrainian president Viktor Yanukovych. cdn.csd.bg Vienna’s tolerant environment for post-Soviet capital – with willing banks, prestige lawyers and ex-ministers for hire – has long made the city attractive to oligarchs he is often grouped with. Kremayr & Scheriau+1 Concluding assessment In March 2015, Firtash hired former foreign and finance minister Michael Spindelegger to run the Firtash-funded Agency for the Modernisation of Ukraine (AMU), just weeks before an Austrian court first refused extradition (Source: en.dmitryfirtash.com). Spindelegger is a long-time associate and former university “Cartellbruder” of then-justice minister Wolfgang Brandstetter (Source: parlament.gv.at). Ukrainian politicians already criticised the AMU at the time as a project to polish Firtash’s image and fend off extradition (Source: Vorarlberger Nachrichten). According to a 2015 CIA report seen by FinTelegram, U.S. intelligence assessed that Firtash enjoyed unusually good access to Austrian judges and senior politicians; that report explicitly links the Spindelegger appointment to his extradition fight (Source: Wiener Zocker). Austrian journalist Florian Horcicka has likewise argued that bringing Spindelegger on board substantially improved Firtash’s chances of avoiding a U.S. courtroom, fitting a broader pattern of oligarchs using Vienna’s political class as legal and reputational shields (Source: Kremayr & Scheriau). This ruling therefore reinforces the picture of Austria as a jurisdiction where money, influence and revolving doors can blunt international anti-corruption efforts at the expense of Ukraine, the U.S. and the credibility of the rule of law. FinTelegram calls on insiders, advisers and officials with knowledge of Firtash’s networks in Austria and Ukraine to contact us confidentially and provide further information about his activities and protection structures. Share Information via Whistle42

Venezuela, sitting on one of the world’s largest oil reserves, is no longer just selling crude in dollars. Under Nicolás Maduro, state oil company PDVSA is increasingly settling exports in Tether’s USDT, a dollar‑pegged stablecoin, to bypass U.S. sanctions and banking controls. This shift does not end dollar influence in oil, but it moves critical flows off the U.S.‑controlled banking grid and into opaque crypto rails—posing new challenges for Washington’s already strained, debt‑laden financial hegemony.​ USDT vs Petro‑Dollar: A Sanctions‑Driven Pivot Since 2024, PDVSA has re‑engineered its contracts to require that around half of many spot crude shipments be prepaid in USDT via digital wallets, pushing new clients into crypto‑based settlement and away from traditional correspondent banking. By 2025, more than 50% of crude shipments were reportedly partially or fully paid in USDT, with stablecoin inflows of roughly 119 million dollars reaching the private sector in a single month.​ This marks a decisive break with the classic petro‑dollar model, in which oil is invoiced, cleared, and stored in the U.S. banking system and Treasuries. Venezuela still references the dollar as unit of account, but execution now occurs on blockchains rather than via banks subject to OFAC and SWIFT. The strategy serves three objectives: Sanctions evasion and asset protection: USDT payments reduce the risk that proceeds are seized in foreign bank accounts under U.S. measures.​ Parallel “digital dollar” market: Caracas resells USDT domestically for bolívars, injecting hard‑currency liquidity while bypassing official FX channels.​ Template for other sanctioned oil exporters: Russia and others are already experimenting with crypto and stablecoins for energy trade, embedding de‑dollarisation into commodity flows.​ Strategic Risk for a Heavily Indebted U.S. For the United States, the danger is less about losing the dollar as unit of account in oil, and more about erosion of control over dollar‑linked flows. If major energy exporters can routinely clear large volumes via private stablecoin issuers outside the regulated banking core, U.S. sanctions, surveillance, and—ultimately—demand for U.S. Treasuries are gradually weakened.​ Yet Venezuela’s bet is fragile. USDT is centralized: Tether has already frozen addresses linked to sanctioned Venezuelan activity, proving that Washington can still exert pressure through issuers and key compliance choke points. A single freeze event could instantly strand millions in oil revenue, underscoring the geopolitical and counterparty risk of building an oil strategy on a private stablecoin.​ Conclusion Venezuela’s move to a USDT‑denominated oil trade is a live‑fire test of how far stablecoins can chip away at the operational dominance of the petro‑dollar without replacing the dollar itself. In a world of weaponised finance and mounting U.S. debt, every barrel settled in off‑bank “crypto dollars” marginally reduces Washington’s leverage—while pushing sanctioned regimes into a precarious dependency on opaque, privately run digital dollar infrastructures. The real contest is no longer dollar vs non‑dollar, but on‑shore dollar law vs off‑shore dollar technology. Share Information via Whistle42

Austria’s fallen real-estate tycoon René Benko and his wife Nathalie Benko are facing a second indictment for fraudulent bankruptcy (betrügerische Krida). Prosecutors allege that cash and luxury assets were secretly moved into a family safe to keep them out of the insolvency estate. The case escalates Benko’s already serious criminal exposure after a first, non-final prison sentence. Key Facts Forum & timing: Second criminal trial opens today before the Regional Court in Innsbruck; Benko remains in pre-trial detention since January 2025 (Sources: kurier.at, FinTelegram). Accused: René Benko as main defendant; wife Nathalie as alleged accomplice (Beitragstäterschaft) (Source: kurier.at). Core allegation: Concealment of approx. €120,000 cash plus luxury watches, cufflinks, and jewellery worth about €250,000–370,000 in a safe at relatives’ home, thereby reducing the pool available to creditors. Legal qualification: Fraudulent bankruptcy / insolvency-related asset transfer (betrügerische Krida), with a 1–10 year sentencing range (Source: DIE WELT). First trial: In October 2025, Benko was convicted in Innsbruck and sentenced to 24 months imprisonment over a €300,000 transfer to his mother; judgment not yet final (Source: Reuters). Short Analysis FinTelegram has documented for months how the Signa collapse evolved from a corporate insolvency into a full-blown criminal complex, with creditor claims approaching €40 billion and multiple WKStA investigation strands (Source: fintelegram). The new “safe case” fits the broader pattern already highlighted in previous FinTelegram reports: targeted asset shifts, opaque family-foundation structures, and luxury items quietly removed from the reach of insolvency administrators. Here, prosecutors allege a joint plan: Nathalie is said to have organised the safe at relatives, moved cash and watches there, and even asked that paperwork be destroyed to obscure the timing around Benko’s personal insolvency filing (Source: Kurier). Legally, this second indictment is critical. If the new charges also end in a conviction, courts will have to aggregate sentences. Against the backdrop of ongoing investigations into foundations, gold transfers, and advisory networks, the Benko proceedings increasingly define how Austria handles high-profile asset stripping in mega-insolvencies. Call for Information FinTelegram will continue to follow the Benko trials and the wider Signa Crime Case. Insiders, former employees, advisers, and counterparties who have information on asset transfers, foundations, or hidden valuables around René and Nathalie Benko are invited to share documents and evidence securely via Whistle42.com. Share Information via Whistle42

Noda, which poses itself as a payments service provider, recently saw some leadership reshuffling. As is evident from LinkedIn, a number of senior leaders left Noda in October 2025 – including CEO Igor Loktev (one of the co-founders), CRO Michael Bystrov, COO Anastasija Tenca, and many others. What has happened to the payments company, and who really runs it now? Noda’s Shareholders & Key People Firstly, let’s establish Noda’s registered locations. On its website, it is stated that for the payment initiation within the UK, the company’s official name is Naudapay Limited registered in London. Meanwhile, for the tech services within the EU, it’s Noda Holdings Limited, registered in Nicosia, Cyprus. One of the directors of the UK company NaudaPay (incorporated in 2018) was former COO Anastasija Tenca, yet in October 2025, her appointment was terminated (as is evident from LinkedIn too). Currently, the director of the UK company is Irina Konstantinova, a Latvian citizen. According to LinkedIn, she’s been in that position for seven years. Meanwhile, Noda’s co-founder Lasma Kuhtarska – who appears to be the only person from the original team still at Noda – is stated as the person with significant control, with 75% or more ownership of shares. Previously, entrepreneur Dmitri Volkov was one of the major shareholders too, yet his control ceased in 2023. Leadership Shifts to the UK There are two new UK-based leadership team members – financial director Ksenia Cohen and executive advisor Alex Batlin, who recently wrote an article about what the latest AWS outage means for the payments sector. NamePositionLocationPrevious relevant experienceKsenia CohenFinance DirectorUKEYAlex BatlinExecutive AdvisorUKBitpanda, UBS There are also a few UK-based leadership jobs advertised on LinkedIn. For example, Head of Analytics, Data Analyst, AML/KYC Risk Analyst, Product Designer – which suggests Noda may be shifting more of its team to the UK. Additionally, there are rumors that the expected Managing Director will be UK-based, along with the rest of the decision-making team. Noda’s UK address is 162 Buckingham Palace Road, which appears to be a “stylish co-working space”. What Has Changed with Noda Product? Are these position and location changes normal scaling adjustments or signs of deeper restructuring? Is there any disruption to the client-facing side of Noda, and what are the key changes to Noda’s product? Noda’s offering hasn’t changed. Its products still include open banking and card payments and payouts, checkout form, no-code pages, payment links and QR codes, interactive donation buttons (Noda Prime), sign-in via bank, and data enrichment. This suggests there hasn’t been a major disruption to Noda’s product.  Noda’s open banking network covers 2,051 banks across 28 countries – 250 in Europe, and full bank coverage in the UK. In the latest LinkedIn post, Noda stated that 1.7 million new users paid with Noda in the past six months, with 60% of them returning to this payment method. Possible Motives Behind Noda’s Restructuring So, if nothing else has changed with the product, what were the reasons for Noda’s leadership team restructuring in October-November 2025? As pointed out by Noda’s co-founder in the latest interview, Noda was built as an IT company, and its current competitive advantage lies in technology and accessibility. As for the future of Noda, she said that Noda will keep its focus on the UK and European payments. It’s possible that the current restructuring is strategy-lead or to refine corporate governance, yet there were no comments about this in the interview. Share Information via Whistle42

Bitcoin wallets that interact with certain privacy protocols are increasingly treated by exchanges and analytics providers as “high-risk” – even when there is no proven wrongdoing. This reflects a wider shift: in today’s regulatory environment, mixers are no longer just a niche privacy tool, but a core AML/CTF concern. Andjela Radmilac published a nice piece on this subject recently. 1. Mixers in simple terms Mixers (or tumblers) are services or protocols that: Take in crypto from many users Shuffle or transform the funds Return coins that are harder to link to the original sender There are two broad types: Custodial mixers – an operator takes custody of coins, pools them, and sends back “clean” outputs. Non-custodial mixers / CoinJoin tools – users keep control of their keys while a protocol builds a joint transaction with many similar inputs and outputs. The goal is transaction privacy; the side-effect is that law enforcement and regulators see them as deliberate obfuscation infrastructure. 2. UTXOs and why Bitcoin is transparent Bitcoin uses a UTXO model (Unspent Transaction Outputs). Each coin you hold is one or more UTXOs with a fixed amount and a full on-chain history: Every UTXO can be traced back through each spend The entire graph of transactions is public and permanent Blockchain analytics firms cluster addresses, identify known entities (exchanges, darknet markets, mixers) and score wallets and UTXOs by their exposure to illicit activity. In other words, Bitcoin is pseudonymous but highly transparent – exactly why mixers emerged. 3. The legal and regulatory view Across major jurisdictions, the trend is clear: United States: FinCEN treats custodial mixers as money transmitters subject to full BSA AML/KYC obligations. OFAC has already sanctioned specific mixer protocols and addresses in the past. Operating or servicing a mixer without compliance can trigger criminal and sanctions exposure (Source: FinCEN). European Union: Under the new AML package and the upcoming AMLA, crypto service providers are “obliged entities.” Centralized mixers are seen as unlicensed financial intermediaries; coins linked to mixes or CoinJoin often receive high risk scores in KYT (Know Your Transaction) systems and trigger enhanced due diligence or outright blocking (Source: EU Council). Global standards (FATF): Mixers collide head-on with the Travel Rule and risk-based AML expectations. Even where there is no explicit ban, interaction with mixers is treated as a material risk factor (Source: AML Watcher). 4. Blockchain transparency and modern KYC/AML tooling Contrary to popular belief, blockchain is not a shadowy black box. From a compliance standpoint, it is often more transparent than traditional banking: Every transaction is public, timestamped, and immutable. Analytics providers (Chainalysis, TRM Labs, Elliptic, etc.) map addresses to known entities, identify obfuscation services, and generate risk scores for UTXOs and wallets (Sources: Chainalysis, yellow.com). These tools integrate directly with exchange and bank monitoring systems to: Auto-block known illicit sources (sanctioned wallets, darknet markets, ransomware addresses), Flag mixer exposure and cross-chain obfuscation, Support SAR filing and law-enforcement investigations. For law-enforcement, as one practitioner-oriented guide notes, blockchain analytics now allows officers to follow the trail from crime scene to cash-out venue in a way that is difficult to replicate with physical cash (Source: ACFS) This is exactly why mixers have attracted so much attention: they are one of the few tools that try to reverse this transparency. 5. Implications for compliance and users For compliance teams at exchanges, brokers, and custodians: Define a written policy on mixer exposure (direct and indirect). Use professional KYT / blockchain analytics, but tune thresholds and document decisions. Prefer enhanced due diligence over automatic de-banking where proportionate (proof of funds, source-of-wealth checks, ongoing monitoring). Coordinate sanctions, AML, and fraud views – mixer exposure tied to sanctioned actors is a separate category of risk. For users, the key message is simple: Blockchain is no longer an “anonymous escape hatch.” It is one of the most transparent financial systems ever built – and modern KYC/AML tools can see much more than most people assume. In this environment, using mixers purely for privacy may still be lawful in many places, but it comes with clear and growing compliance consequences. Share Information via Whistle42

The Estonian Financial Intelligence Unit (EFIU) has published a groundbreaking typology report examining nested services in virtual currency exchanges—and its findings directly corroborate FinTelegram’s long-standing compliance reporting on crypto payment processors servicing illegal online casinos. In December 2025, the EFIU released “Nested Services in Virtual Currency Exchanges,” a comprehensive analysis conducted in consultation with the U.S. Financial Crimes Enforcement Network (FinCEN). The study examined 12 nested virtual currency exchanges, tracing over nine million blockchain data points to reveal systematic AML/CFT failures, beneficial owner concealment, multi-layered nesting structures, and direct exposure to darknet markets and sanctioned jurisdictions. What Are Nested Services? Source: FIU Estonia Report: Nested Services in Virtual Currency Exchanges Nested services allow smaller crypto exchanges—often unlicensed or operating from weakly supervised jurisdictions—to conduct business through accounts held at larger, licensed host exchanges. While legitimate uses exist, the EFIU found that illicit actors exploit these arrangements to obscure transaction origins, evade customer identification requirements, and bypass AML monitoring. The structure functions like Russian nesting dolls: customer transactions pass through multiple layers before reaching their destination, each layer adding obfuscation. The EFIU identified exchanges registered as private individuals despite conducting millions in commercial transactions, entities masking their Russian origins while advertising weak KYC controls, and host exchanges providing services to previously delicensed operators. Several nested exchanges had direct on-chain exposure to ransomware, darknet markets, and sanctioned entities. Download the FIU Estonia Report on Nested Services here Independent Validation of FinTelegram’s Work FinTelegram has published multiple compliance reports documenting these exact patterns among crypto payment processors servicing unauthorized gambling operators. The EFIU’s independent investigation—conducted by a government financial intelligence unit with regulatory authority—validates FinTelegram’s investigative methodology and findings. Download the Full Compliance Report FinTelegram has prepared a detailed comparative analysis examining how the EFIU’s findings align with our published investigations. The report includes case study comparisons, red-flag indicator frameworks, unanswered regulatory questions, and professional conclusions about systemic vulnerabilities in the crypto payment processing sector. Download the Full Nested Services Comparative Analysis. Insiders: Share Your Information Securely If you have knowledge of nested service arrangements, host exchange compliance failures, or payment processor misconduct, FinTelegram’s Whistle42 platform provides a secure, confidential channel to submit information. Your insights can support regulatory enforcement and protect consumers. Share Information via Whistle42

Austrian businessman Bernd Bergmair built his fortune in the shadows of Pornhub’s parent MindGeek while victims and activists accused the group of profiting from sex trafficking and child sexual abuse material. Now, as Reuters links him to a bid for Lukoil’s sanctioned assets, new questions arise over how porn profits may be recycled into Russian oil. Background Bernd Bergmair‘s estimated net worth is estimated at approximately $1.5 to $2 billion in various reports. However, this figure should be treated with caution, as it is based on valuations of MindGeek prior to the major scandals and the sale to Ethical Capital Partners (ECP) in 2023. He held the majority of shares through a complex network of shell companies (including in Luxembourg and Cyprus). Austrian investigative platform Wiener Zocker has spotlighted a name that until recently stayed in the shadows: Austrian businessman Bernd Bergmair, long described by media investigations as the former majority owner of Pornhub’s parent MindGeek, now rebranded as Aylo (Sources: Wiener Zocker, Wikipedia). According to a recent Reuters exclusive, Bergmair has approached the U.S. Treasury about buying the international assets of sanctioned Russian oil major Lukoil, a portfolio of refineries, oil-field stakes and fuel stations worth an estimated $22 billion and managed from Vienna (Source: Reuters). From secret porn mogul to would-be oil baron Raised near Linz and later working as an investment banker at Goldman Sachs, Bergmair built a low-profile fortune via a complex network of holding companies that controlled MindGeek, the Luxembourg-based conglomerate behind Pornhub, RedTube and YouPorn. His identity as the group’s principal owner was first widely reported in 2020–21 by the Financial Times and others, prompting political scrutiny in Canada.Wikipedia+1 MindGeek/Aylo has since faced an avalanche of civil lawsuits and class actions in the U.S. and Canada. Plaintiffs allege that the company knowingly hosted and monetised non-consensual videos, including child sexual abuse material, and violated federal sex-trafficking and child-pornography laws (Sources: GovInfo, The New Yorker). MindGeek denies the allegations but has responded to public pressure by deleting unverified content and tightening uploader verification and moderation. Laila Mickelwait and the #Traffickinghub campaign A central figure in the global backlash is U.S. anti-trafficking advocate Laila Mickelwait (@LaileMickelwait), founder of the #Traffickinghub movement. Her campaign and petition accuse Pornhub/MindGeek of “enabling, distributing and profiting from rape, child sexual abuse [and] sex trafficking” (Source: traffickinghubpetition.com, NCOSE) On X, she has called MindGeek/Aylo “one of the most vile, exploitative and criminal organizations in the world” and said the harm to children and lives “shattered for profit … are incalculable” (Source: Post on X, Post on X). Mickelwait also used social media to publicly identify Bergmair as the previously hidden majority owner of Pornhub, breaking the anonymity that offshore structures had long provided him (Post on X, Post on X). Ethical Capital Partners and open ownership questions In March 2023, Canadian private-equity firm Ethical Capital Partners (ECP) acquired MindGeek and later rebranded it as Aylo. ECP, chaired by businessman Rocco Meliambro and fronted by criminal-defence lawyer and rabbi Solomon Friedman, presents itself as a compliance- and trust-and-safety-driven owner seeking to reform the company (Source: ECP). Transaction terms and seller identities were not disclosed. Public reporting and Reuters now describe Bergmair as the former majority owner, and ECP says previous owners no longer hold interests (Source: Reuters). FinTelegram has found no public evidence that Bergmair retains a stake in Aylo via ECP or related funds, but the opacity of private-equity structures leaves room for continued speculation. Key Findings on MindGeek/Aylo Legal Exposure Jurisdictional Coverage: The company and its executives face coordinated legal action across three primary jurisdictions: USA — Multiple federal district courts (California Central, California Northern, Eastern District of New York), FTC administrative proceedings, state-level actions (Utah), and related criminal prosecutions of trafficking partners Canada — Quebec Superior Court class action, federal Privacy Commissioner investigation, and ongoing regulatory oversight following private equity acquisition International — Potential exposure through corporate structure (Luxembourg headquarters, Cyprus entities, Ireland profit routing) Key Defendants Named in Litigation: Bernd Bergmair — Identified as majority owner and “over-boss” of alleged criminal enterprise in USA racketeering complaints; previously kept identity hidden; named in California and Quebec lawsuits Feras Antoon — CEO; named as co-conspirator in organized crime allegations David Tassillo — Executive; named in sex trafficking complaints Corey Urman — VP Product Management; named in Quebec class action Corporate entities — MindGeek S.à.r.l. (Luxembourg), MindGeek USA Inc., MG Freesites Ltd. (Cyprus), Aylo Holdings (current name) Allegations Pattern: All jurisdictions allege similar core violations: Hosting CSAM — Videos depicting minors in sexual abuse situations Sex trafficking facilitation — Knowing profiting from coerced/fraudulent content (especially GirlsDoPorn partnership, 2011-2019) Non-consensual content — Intimate images/videos uploaded without consent; failure to honor removal requests Deceptive marketing — False claims about content safety and moderation Financial Exposure: ActionAmountStatusCanada Class Action$600 million+Pending class certificationFTC Settlement$15 millionFinalized Sept 2025 ($5M paid immediately)US DPA (DOJ)$1.84 millionFinalized Dec 2023California SettlementsConfidentialMultiple closed (terms not disclosed)GirlsDoPorn Civil Awards$13 millionTo victims (2020) No Strafrechtliche Verurteilung (Criminal Convictions) of MindGeek/Aylo Itself: Notably, while individual GirlsDoPorn operators received federal prison sentences, no criminal conviction has been obtained directly against MindGeek/Aylo as a corporate entity. Instead, the company has used deferred prosecution agreements and civil settlements to resolve matters without formal criminal adjudication — a common corporate enforcement approach for large entities. Reputation-laundering in Nigeria? Bernd Bergmair receives the honor Doctor of Business Administration in Nigeria In November 2024, the Enugu State University of Science and Technology (ESUT) in Nigeria awarded Bergmair an honorary Doctor of Business Administration for his “achievements” and the donation of a large solar power plant to the Faculty of Management Sciences (Source: The Guardian Nigeria). The honour stands in sharp contrast to the unresolved allegations surrounding MindGeek/Aylo and its former control structure. With Bergmair now reportedly eyeing sanctioned Lukoil assets from his base in London and Vienna, questions multiply: Who are his partners and financiers? How, if at all, are past MindGeek profits being recycled into strategic energy deals? And what did key executives know and do during the years when illegal content allegedly flourished on MindGeek platforms? FinTelegram, together with Wiener Zocker, will continue to investigate. Insiders, victims, employees, bankers or advisors with knowledge of Bernd Bergmair’s structures and deals are invited to contact us confidentially via our whistleblower platform Whistle42. Share Information via Whistle42

In a brazen display of regulatory overreach, the EU has slapped Elon Musk‘s X with a €120 million ($140 million) fine under the Digital Services Act (DSA), targeting alleged breaches like misleading blue checkmarks, opaque ad disclosures, and restricted data access for researchers. This punitive strike exposes the EU’s hypocritical war on U.S. tech giants, while the bloc languishes without a single noteworthy social media platform of its own. Musk and U.S. politicians are firing back with fury, demanding sanctions and even the EU’s abolition. As FinTelegram monitors cyber-financial risks, this escalating feud signals potential market disruptions, investment chills, and geopolitical fractures in global digital finance. The EU’s Punishment: A Censorious Power Grab The fine, announced December 5, 2025, accuses X of enabling misinformation through its paid verification system, hiding ad origins that could mask foreign influence, and blocking researchers from detecting bots and propaganda networks. This isn’t protection—it’s an outrageous assault on free speech, echoing the EU’s history of hammering American innovators like Google, Apple, and Meta with billions in fines under GDPR and DMA. Yet, the EU produces zero competitive social media platforms, relying on U.S. dominance while wielding regulatory hammers to kneecap rivals. Recent “initiatives” like the Digital Decade package and AI strategies tinker at edges but offer no real revitalization—mere window dressing for a stagnant tech scene drowning in bureaucracy. Reactions:Musk and U.S. Politicians Unleash Hell Elon Musk decried the fine as “crazy” and “insane,” falsely claiming it targeted him personally, and called for targeted U.S. retaliation against EU officials—financial sanctions, no-fly lists, and more. Senator Ted Cruz (@tedcruz) branded it an “abomination” and assault on American jobs and speech, urging President Trump to impose sanctions until reversed. JD Vance echoed the sentiment, slamming EU censorship fears. Supporters on X amplified calls to abolish the EU, restore sovereignty, and even shutter X in Europe, framing the bloc as a “socialist hellscape” weaponizing fines for control. Implications for FinTelegram This clash highlights EU jealousy and impotence: punishing U.S. success without building alternatives. For cyber-financial intelligence, watch for retaliatory tariffs disrupting transatlantic investments, heightened cyber risks from platform wars, and volatile tech stocks. The EU’s tech void invites exploitation—time for bold American countermeasures to crush this regulatory tyranny. Share Information via Whistle42

FinTelegram received a “DMCA” email from Stoyan Staykov demanding the removal of two articles. The message included ID scans and screenshots, but none of the statutory details that identify a specific copyrighted work. The notice is therefore formally deficient and, in our assessment, a misuse of the DMCA intended to chill reporting. We have sent a detailed deficiency response and will not remove content absent a legally compliant notice. Why the DMCA Email Fails No identification of the specific copyrighted work (title/author/publication) allegedly infringed. No precise location of the allegedly infringing passage/image on our site. No complete contact details; government ID scans are neither required nor appropriate. Result: no valid §512(c)(3) DMCA notice. Read our reports on Stoyan Staykov here. What Staykov Wants Taken Down – The Core of Our Reporting 1) “8 Million to Panama – Alpha Fund & Canal Bank” We reviewed a board resolution of Alpha Fund AD (April 1, 2025) authorizing the subscription of 11,428,571 shares at USD 0.70 in Canal Bank S.A. (Panama)—a total of USD 8 million; to be executed via Bulgarian intermediary Faktori AD. Our red-flag indicators: offshore jurisdiction (Panama), low share price/high volume, accelerated timeline, and an external broker. Public confirmations beyond the internal resolution have not been located. By contrast, the ~9.55% stake of Alpha Fund in Wiener Privatbank SE is publicly disclosed (read our report here). 2) “The Bulgarian Investor Stoyan Staykov and His Vast Network” This piece analyzes the corporate web around Alpha Bulgaria AD (ALFB), Alpha Fund AD, and intermediary vehicles (including CREDITBOX SMLTD) spanning Bulgaria and Vienna. Patterns include sub-10% shareholdings, nominee layering, and cross-border capital flows. Several claimant accounts (e.g., Anton Erokhine; an Austrian notary) report unpaid liabilities. We clearly label items as alleged/documented, as appropriate. Beyond OSINT – What Insiders Told Us As part of our investigation, we spoke with individuals who did business with Staykov or have direct knowledge of his network. Multiple insiders allege that Staykov acts as a front man for Russian oligarchs, using Vienna/Bulgaria as operational hubs. One of these oligarchs is allegedly Oleg Boyko. These allegations are being further verified and are not based solely on open sources; our work includes internal materials and witness statements. Our Standard FinTelegram reports critically, fact-based, and law-compliant. We correct verified errors—yet we do not respond to deficient DMCA notices or pressure tactics. We do not publish ID documents and handle personal data minimally. Call for Information: If you hold documents, contracts, payment trails, or internal communications related to Alpha Bulgaria / Alpha Fund / Wiener Privatbank / Staykov, please submit them confidentially via Whistle42. Substantive evidence helps clarify the facts and exposes improper attempts to silence reporting. Share Information via Whistle42

Viennese lawyer and long-time Social Democratic (SPÖ) networker Oliver Stauber has moved from running a Social Democratic “think tank” under former chancellor Christian Kern to running KuCoin’s new EU hub in Vienna. At the same time, Austria’s FMA co-signed a paper warning that national regulators cannot effectively police global crypto platforms—then, just weeks later, granted a full MiCA licence to KuCoin, a repeat offender in major AML cases in the US and Canada. The sequence raises hard questions about political networks, regulatory capture, and how MiCA is already being bent in practice. 1. The political lawyer: SPÖ insider with his own “section” Before he was marketed as a crypto-compliance specialist, Oliver Stauber (LinkedIn profile) was a classic Social Democratic insider: He served for years as deputy federal chair of the SPÖ youth organisation (Junge Generation) and sat on the board of the association of Social Democratic lawyers (Source: Trending Topics). In 2016, he founded and chaired the SPÖ “Sektion ohne Namen (Section without a Name” in Vienna’s first district – a self-declared “think tank” and Realo counterweight to the left-wing Sektion 8 (Sources: Trending Topics, Der Standard). https://fintelegram.com/tag/christian-kernMedia such as Der Standard and Die Presse described the group as a modern, business-friendly SPÖ hub where Christian Kern’s son Niko Kern was active and where the Austrian chancellor Kern presented his “Plan A” for a modernised Austria (Source Der Standard). In other words: Stauber didn’t just “support” the SPÖ—he built his own power base inside it, positioning the Sektion ohne Namen (Section without a Name) as a bridge between party politics, consultants and business elites in Vienna’s inner city. This political profile matters because it is exactly this mix—law, lobbying, and party networks—that now underpins his role in Austria’s crypto policy ecosystem. 2. From SPÖ networker to crypto insider Over the last decade, Stauber systematically repositioned himself as a crypto and FinTech lawyer: He became Chief Legal Officer at Bitpanda, Austria’s best-known crypto platform, and managing director of its regulated entities (Source: brutkasten). He joined the FinTech Advisory Board at the Austrian Ministry of Finance, a body that helped shape the “regulatory sandbox” and wider digital-finance policy (Source: Brutkasten, Brutkasten) He co-founded and sat on the board of the Digital Assets Association Austria (DAAA), a lobbying and industry association explicitly spun out of this FinTech advisory work (Source: Brutkasten). So by the time MiCA was being negotiated, Stauber sat at a rare intersection: Political networks (SPÖ, Kern orbit, inner-city “think tank”), Regulatory networks (Finance Ministry advisory bodies, sandbox), Crypto industry interests (Bitpanda, DAAA, later KuCoin). That is precisely the profile that becomes controversial once you add his next career step. 3. KuCoin: a “repeat offender” in global AML enforcement KuCoin is not a clean slate looking for an EU home: In March 2024, the US Department of Justice charged KuCoin and its Chinese founders Chun Gan and Ke Tang with flouting US AML laws, highlighting billions in suspicious flows and failure to implement basic KYC/AML controls (Source: US DOJ). On 27 January 2025, KuCoin’s Seychelles vehicle Peken Global Limited pleaded guilty in New York federal court to operating an unlicensed money-transmitting business. KuCoin agreed to pay nearly USD 300 million in fines and forfeitures and to exit the US market for at least two years (Sources: US DOJ). The DOJ and multiple legal analyses describe extensive AML failures: no effective KYC programme, failure to file suspicious activity reports, and facilitation of over USD 5 billion in illicit transactions, including darknet, ransomware and fraud proceeds (Source: Web Publishing). On 25 September 2025, Canada’s AML authority FINTRAC announced its largest ever penalty: CAD 19.6 million against Peken Global for operating without proper registration, failing to report large virtual currency transactions and neglecting suspicious transaction reports (Source: Reuters). Add to this a CFTC enforcement action in 2024 for illegally dealing in leveraged crypto derivatives for US customers, and a New York Attorney General case for operating unregistered, and you have a platform that regulators themselves now cite as a textbook AML problem case (Source: moneylaunderingnews.com, Thomson Reuters, FinCrime Central). Download the full KuCoin Compliance Report 2025 here. It’s also widely documented that KuCoin was founded by Chinese nationals and runs through a network of entities in Seychelles, Singapore and Hong Kong—the exact type of third-country structure European supervisors describe as high-risk under MiCA (Source: Wikipedia). 4. September 2025: FMA admits national regulators are outgunned On 15 September 2025, the French AMF, Austrian FMA and Italian Consob published a joint position paper calling for a “stronger European framework for crypto-asset markets” under MiCA (Source: FMA Österreich, Ashurst). The paper’s key messages (summarised by law firm Ashurst) are telling: National MiCA supervision has led to fragmented oversight and regulatory arbitrage; CASPs are “doing their regulatory shopping all over Europe, trying to find a weak link.” The authorities explicitly call for direct ESMA supervision of “significant” CASPs, including licensing and sanctioning powers, because national regulators alone cannot effectively oversee global platforms. They warn about global platforms and third-country structures that serve EU clients via complex intra-group arrangements, undermining MiCA’s effectiveness and investor protection. In plain language:The FMA publicly acknowledges that national authorities are structurally too weak to police global crypto platforms and that regulatory shopping is a real danger under MiCA’s passport regime. 5. November 2025: FMA licences KuCoin EU anyway Just two months later, on 27 November 2025, the same FMA issued a MiCA licence to KuCoin EU Exchange GmbH in Vienna (Source: FMA Österreich). According to the FMA’s own press release, KuCoin EU is now authorised under Article 63 MiCA to: provide custody and administration of crypto-assets, exchange crypto-assets for fiat and for other crypto-assets, place crypto-assets, and provide transfer services on behalf of clients. Under MiCA’s passporting rules, that licence can become KuCoin’s entry ticket to the entire EU, even though: KuCoin has just pleaded guilty in the US, has been hit with a record AML penalty in Canada, and is still facing ongoing supervisory and civil actions. FinTelegram and investor-protection groups like EFRI have already questioned whether Austria has effectively “whitewashed a repeat offender” and turned itself into a MiCA hub for high-risk platforms (Source: FinTelegram) The FMA, for its part, has so far offered only boilerplate explanations about meeting MiCA criteria—no detailed public discussion of how KuCoin’s global AML track record was weighed against those criteria. 6. Where Stauber fits into this picture At the very moment when: national regulators warn they cannot effectively supervise global CASPs, and argue that regulatory shopping and third-country structures undermine investor protection, Austria chooses to license exactly such a platform—and the face of this move is a lawyer whose career combines: Party-political networking (SPÖ functionary, founder of the Sektion ohne Namen, close to the Kern circle), Regulatory insider roles (Finance Ministry advisory bodies, regulatory sandbox, DAAA spin-off), brutkasten+2brutkasten+2 Top positions in crypto firms (CLO and managing director at Bitpanda, now CEO of KuCoin’s EU operation in Vienna) (Source: EFRI). That combination does not prove any illegal conduct or direct political interference in the FMA’s licensing decision. But from a compliance perspective, it creates a classic appearance-of-conflict problem: The same networks that promoted a pro-innovation, industry-friendly approach in Austria’s FinTech policy now appear to have delivered a full MiCA licence to one of the most heavily sanctioned crypto platforms in the world. The same authority (FMA) that co-authored a paper about the limits of national supervision and regulatory shopping has chosen to become the home regulator of a global CASP with a recent criminal plea and record AML penalties. For investors and counterparties, the question is simple and uncomfortable: Is Austria demonstrating that MiCA can be applied rigorously to high-risk global exchanges—or is it demonstrating how political networks and regulatory arbitrage can still prevail under the new regime? At this stage, only the FMA and the KuCoin EU team know exactly how the licensing file was argued, what conditions and remediation plans were agreed, and which assessments of fitness & propriety were made in light of the US and Canadian cases. 7. What needs to happen next From a professional compliance standpoint, several steps would be needed to restore confidence: Full transparency from the FMA Publish a detailed non-confidential summary of the KuCoin EU authorisation, including how the US guilty plea, FINTRAC penalty and CFTC/NYAG actions were assessed under MiCA’s fit-and-proper and organisational-requirements tests. Clarification from KuCoin EU and its management Explain clearly how KuCoin’s group-wide AML framework has changed since the enforcement actions, what on-chain monitoring and KYC controls will be applied in the EU hub, and how governance independence from the sanctioned entities is ensured. Clear communication about conflicts of interest Disclose any past or present political advisory roles, lobbying mandates or party functions held by key KuCoin EU managers, including Stauber, that might intersect with Austrian or EU crypto policymaking. ESMA involvement Given the September position paper, ESMA should examine whether KuCoin qualifies as a “significant CASP” requiring direct supervision and whether Austria’s licensing approach is consistent with the paper’s own logic. Ashurst Without such steps, Austria risks cementing an image as Europe’s weak link: the jurisdiction that speaks loudly about regulatory shopping—then hands a passport to one of the market’s most controversial players. 8. Call for information This report is based exclusively on publicly available information and official enforcement records. It does not allege criminal conduct beyond what authorities have already established in their own proceedings, and it does not claim that any Austrian official or lawyer has broken the law. However, the sequence of events, political networks and licensing decisions raises serious questions about: the true independence of Austria’s MiCA supervision, the influence of political-regulatory insider networks in shaping crypto policy, and the concrete conditions under which KuCoin EU obtained its licence. Insiders, current or former employees of KuCoin, Bitpanda, the FMA, the Finance Ministry or related advisory bodies who can shed light on: the KuCoin EU licensing process in Vienna, Stauber’s role and contacts in that process, or internal discussions around the September 2025 MiCA position paper are invited to contact us securely via our whistleblower channels (including Whistle42) or other encrypted means. Share Information via Whistle42 Confidentiality and source protection are paramount. The integrity of MiCA supervision in Europe depends on understanding how this licence was granted—and whether political networks are already rewriting the rules before they are fully in force.

A new whistleblower case shows how brutally so-called “recovery funds” and fake AML teams now target crypto users. An email from AML@review-blockchain.com claims that a USD 28,634.17 transaction to a Kraken wallet has been frozen for “money laundering” – and demands a 20% “refundable security deposit” in ETH to a “neutral verification wallet” to release the funds. Red flags everywhere: the sender is not Kraken, not a regulated AML office, but a random domain (review-blockchain.com); the message mixes USD and ETH (at one point even promising 28,634.17 ETH – tens of millions in today’s prices); and it uses a classic pressure script: pay now or your account will be blacklisted and your money confiscated. This pattern is textbook advance-fee and recovery fraud: scammers promise a big payout or “release” of frozen funds but demand money upfront. Once paid, they disappear – victims are scammed a second time. Regulators and authorities describe these “recovery offers” as follow-on scams that specifically target people who already lost money in an earlier fraud (Sources: Investor, CFTC). Important: No legitimate exchange, AML officer, regulator or law-enforcement agency will ever ask you to send crypto to a private wallet to “verify” funds, unfreeze an account or avoid blacklisting. Verification is done via KYC documents, not by sending more money. Requests for deposits, especially in crypto, are a massive red flag. Our whistleblower is not alone. Similar emails from AML@review-blockchain.com demanding a 20% payment have already surfaced in online scam forums, indicating a broader, coordinated campaign (Source: Reddit). FinTelegram warning:Never pay upfront “security deposits”, “taxes” or “fees” to release alleged frozen funds – you will only lose more money. If you receive such an email: Do not send crypto. Contact your bank and the relevant regulator. Preserve all emails, wallet addresses and transaction data. Call for Information: If you have received messages from AML@review-blockchain.com or any “recovery fund” demanding fees to unlock crypto, please share your documents and experience with FinTelegram via our Whistle42 system or by email. Help us map and expose this global fund-recovery scam industry. Share Information via Whistle42

U.S. crypto exchange Kraken has agreed to acquire Swiss-Jersey tokenization specialist Backed Finance AG, issuer of the fast-growing xStocks line of tokenized equities and ETFs. Media outlets report that the deal is structured as a strategic acquisition to consolidate the issuance, trading, and settlement of tokenized stocks inside Kraken’s infrastructure (Source: coindesk.com). Backed’s xStocks are 1:1-backed tokens representing listed shares like Nvidia, Tesla – and Coinbase (COINx) – issued via a Jersey vehicle under a prospectus approved by the Liechtenstein FMA and framed under Swiss DLT rules (Source: Backed Finance). For Kraken, which now holds a MiCA CASP licence in the EU and multiple licences in the US, UK, Canada and elsewhere, the deal deepens its push into tokenized real-world assets (RWAs) just as the RWA market passes $30+ billion and grows roughly 10x since 2022. Contrary to some social-media spin, this is not a takeover of Coinbase itself but a takeover of the platform that issues tokenized versions of Coinbase and dozens of other stocks. The strategic question for regulators and investors: Are we watching the birth of parallel stock markets inside crypto exchanges – and under which rulebook? Opportunities – Why Kraken Wants Backed Vertical RWA stack: Kraken gains full control over the xStocks pipeline – from issuance and custody to secondary trading – plugging directly into its MiCA-regulated EU custody network and US broker-dealer arm (Source: Kraken Blog). RWA growth tailwind: Tokenized RWAs have crossed roughly $30–35 billion in value, led by private credit and Treasuries, with forecasts into the hundreds of billions or even trillions by the 2030s (Source: investax.io). 24/7 equities exposure: xStocks already offer exposure to 60+ stocks and ETFs, tradable 24/5 on Kraken and 24/7 on-chain, with self-custody and DeFi composability (Source: Kraken Blog). IPO runway: Kraken is widely seen as a pre-IPO candidate; owning a flagship tokenization business strengthens the “regulated infra + RWA” story for public markets (Source: Summit Ventures Partners). Market Impact – Tokenized Equities Go Mainstream Backed Finance has positioned xStocks as “composable tokenized securities” that are freely transferable, DeFi-compatible and multi-chain, with the underlying held by licensed custodians and each token backed 1:1 and redeemable for cash value (Source: Backed Finance). Kraken states that xStocks exceeded $10 billion in combined exchange and on-chain volume within six months of launch – remarkable traction for a 2025 product – and plans to integrate xStocks into its broader product suite, including the Krak money app. Customers may eventually hold and spend tokenized equities like any other balance (Source: Kraken Blog) This acquisition, therefore: Pushes tokenization out of the pilot stage and into a global, multi-jurisdictional platform with millions of users. Blurs the border between “crypto exchange” and “multi-asset brokerage plus RWA venue.” Raises the competitive stakes for rivals like Coinbase, Binance, Bybit and others that have also announced or tested tokenized equities offerings. investax.io+1 Tokenization of Real-World Assets – Function and Significance What tokenization does technically Representation: A legal structure (often an SPV or structured note) holds the real-world asset – a share, bond, fund unit, or property interest. Digitization: Smart contracts issue tokens that encode the economic and sometimes governance rights linked to that asset. Transfers on-chain correspond to changes in beneficial ownership off-chain. Automation: Corporate actions (dividends, coupons, buybacks), KYC/AML checks, and transfer restrictions can be automated at token level. Why this matters Liquidity & access: Fractional tokens allow smaller tickets and 24/7 global trading, particularly attractive for private credit, Treasuries and real estate – the segments already driving most of the $30B+ RWA market (Source: investax.io). Operational efficiency: Instant settlement and programmable compliance lower back-office costs and settlement risk, aligning with “same risk, same rules” principles regulators repeat in their RWA and DLT guidance. New collateral layer: Tokenized RWAs become plug-and-play collateral in DeFi and institutional repo/credit workflows, especially when paired with regulated stablecoins and tokenized MMFs. But there is a catch: tokenization doesn’t magically upgrade bad products. If the underlying security, governance or valuation is weak, the token becomes a more transparent version of the same risk – not a cure. Regulatory Context – MiCA, Securities Law and the xStocks Puzzle Kraken already positions itself as a heavily licensed player, with E-money and MiCA CASP licences in Ireland, FCA registrations and EMIs in the UK, Canadian restricted dealer status, a Wyoming SPDI, and a US broker-dealer for equities. Backed’s issuer, meanwhile, operates under Swiss DLT law, a Jersey structure approved by the JFSC, and a prospectus vetted by the Liechtenstein FMA, explicitly marketing its tokenized products only to qualified, non-US investors and excluding UK retail. Actionable Takeaways for FinTelegram Readers Institutional readers/investors: Treat tokenized equities as securities with better plumbing, not as “just another crypto token.” Due diligence must cover the entire chain: issuer SPV, custodians, prospectus, and venue licences. Compliance officers: Map xStocks and similar products into your existing securities/derivatives frameworks. Check how MiCA CASP permissions interact with MiFID II, UCITS, and national securities law for any exposure you have via Kraken or DeFi protocols. Regulators & policymakers: The Kraken–backed deal is a live test of “same risk, same rules” in RWA tokenization. Clear guidance on when a crypto venue becomes a de-facto securities exchange is overdue. Share Information via Whistle42

FinTelegram’s compliance review of LuckyWins (www.luckywins.com), a Dama N.V. offshore casino, has uncovered systematic use of deceptive payment processing schemes that disguise crypto purchases as bank deposits. The investigation reveals Kryptonim‘s continued facilitation of illegal gambling transactions despite explicit prohibitions in its terms of service, alongside participation by regulated entities MiFinity, utPay, and open banking providers Contiant and Rapidob/Skrill. The Dama N.V. Context LuckyWins operates under Dama N.V. (Curaçao registration 152125, license OGL/2023/174/0082), a company managing over 80 online casinos targeting EU jurisdictions without appropriate licenses. Dama N.V. entered bankruptcy proceedings in June 2024 following lawsuits from German and Austrian players seeking over €800,000 in unpaid winnings. However, in August 2024, the court ruled that the company was indeed not in a state of insolvency, supported by financial documents and payments to Dama’s business creditors. As a result, the bankruptcy has been overturned. Thus, LuckyWins and other Dama casinos continue operations across EU markets where such unlicensed gambling is prohibited.​ The “Fake Bank Deposit” Mechanism Our deposit testing revealed LuckyWins employs a sophisticated multi-layered payment architecture designed to disguise cryptocurrency purchases as conventional bank transfers: Layer 1: Onramper Aggregation – Deposits labeled as “bank transfer” are routed through Rillpay (Rillpay.co), a Costa Rica-registered crypto wallet infrastructure provider. Rillpay operates as an onramp aggregator similar to Onramper.com, connecting merchants to multiple crypto payment processors.​ Layer 2: VASP Processing – Rillpay directs transactions to Kryptonim sp. z o.o. (KRS 0001017630), the Polish VASP we previously exposed in our Neon54 investigation. This creates a “fake bank deposit” where players believe they’re funding casino accounts directly, but are actually purchasing cryptocurrency that Kryptonim transfers to the casino. Layer 3: Parallel Processing Channels – LuckyWins simultaneously offers deposits via utPay (Utrg UAB, Lithuania), MiFinity (FCA/MFSA-regulated EMI), and open banking through Contiant (powered by Yapily) and Rapidob.com (Skrill’s Rapid Transfer service).​ Read our Neon54 & Kryptonim report here. Critical Compliance Violations Kryptonim’s Contradiction – Kryptonim’s Terms of Service explicitly state: “iGaming and Betting: Using credit cards for online gambling, betting, or any other iGaming activities is strictly prohibited”. Yet our testing confirms systematic processing of LuckyWins deposits, consistent with player reports from our Neon54 investigation.​ Chargeback Circumvention – By converting fiat to crypto before casino crediting, these schemes eliminate players’ chargeback rights and dispute mechanisms available with direct card or bank payments. Players are left with cryptocurrency transactions rather than gambling deposits on their statements.​ Merchant Categorization Fraud – The payment flow deliberately misrepresents transaction nature, likely using false Merchant Category Codes to bypass banking blocks on gambling transactions.​ Open Banking Abuse – Similarweb analysis shows Contiant’s domain (paywith.contiant.com) processes traffic exclusively for casino sites[user report]. Yapily-powered open banking, designed for legitimate merchant payments, is being exploited for illegal gambling facilitation.​ Summary Table: LuckyWins Payment Facilitators EntityJurisdictionRoleRegulatory StatusCompliance FlagDama N.V.CuraçaoCasino OperatorLicense OGL/2023/174/0082Bankrupt June 2024​Rillpay SRLRillpay.coCosta RicaOnramp AggregatorUnregulatedUnknown beneficial ownershipKryptonim sp. z o.o.Kryptonim.comPolandCrypto VASPRDWW-649, FINTRAC M23813101Terms prohibit gambling​utPay (Utrg UAB)LithuaniaCrypto ProcessorEU VASP registrationPreviously flagged​MiFinityUK/MaltaEMIFCA 900090, MFSAOrange compliance list​ContiantUK (Yapily)Open BankingFCA-authorized PISPCasino-exclusive trafficRapidob/SkrillUKOpen BankingSkrill Rapid TransferPaysafe Group subsidiary Call for Information FinTelegram urgently seeks information from players, banking compliance officers, and payment industry insiders regarding: Documentation of LuckyWins or other Dama N.V. casino payment flows Evidence of Kryptonim, Rillpay, or open banking provider involvement in offshore gambling Internal communications regarding compliance with gambling prohibitions Details of chargeback attempts and merchant descriptor analysis Submit information confidentially via our secure Whistle42 system. Share Information via Whistle42

Following FinTelegram’s exposé on Coin Sonic UAB, the operator of illegal offshore casinos SlotsDynamite and SlotsAmigo has quietly replaced its Lithuanian payment facilitator with Yotta Pay, an unlicensed UK entity leveraging Revolut‘s open banking infrastructure. Here is our update on the payment facilitators involved in these offshore casino schemes. FinTelegram’s Impact Confirmed On 30 October 2025, FinTelegram published its compliance report questioning whether Lithuanian VASP Coin Sonic UAB was being misused to facilitate fiat payments for offshore casinos operating illegally in the EU. Following that report, Coin Sonic’s MLRO, Tsimafei Breski, sent a complaint alleging defamation—yet failed to identify any specific inaccuracy. Read the Coin Sonic report here. Our follow-up review on 3 December 2025 confirmed that our reporting has had a direct effect: Coin Sonic UAB d/b/a InstaXchange has apparently terminated its relationship with Coco Loco Holdings N.V., the Curacao-based operator of SlotsDynamite and SlotsAmigo. Player bank transfers are no longer routed to Coin Sonic‘s Banking Circle account. (Screenshot left). New Payment Facilitator: Yotta Pay Coco Loco Holdings N.V. has now engaged Yotta Digital Ltd (trading as Yotta Pay) as its replacement payment facilitator. Yotta Digital Ltd is a UK-registered micro-entity (company number 12195240), incorporated on 9 September 2019 and headquartered in Swansea, Wales. The sole director and person with significant control is Ukrainian citizen Ihor Kononko.​ Yotta Digital Ltd is not authorized by the FCA. A search of the Financial Conduct Authority’s Financial Services Register returns no entry for Yotta Digital Ltd or Yotta Pay. Without FCA authorization as a Payment Institution or Electronic Money Institution, Yotta Pay cannot legally provide payment services to UK or EU consumers.​ Traffic intelligence analysis of YottaPay.co.uk reveals that 100% of outgoing links point to oba.revolut.com—Revolut’s Open Banking subdomain. This suggests Yotta Pay operates as a technical layer routing payments through Revolut‘s open banking API infrastructure, rather than processing transactions under its own regulatory authorization.​ Payment Flow for Illegal Casino Deposits Our review identified the following deposit flow for players at SlotsDynamite and SlotsAmigo: Player initiates bank deposit at the casino Redirected through high-risk gateways such as Omerpayments.com or Zinzipay.com​ Lands on Yotta Pay’s checkout interface (YottaPay.co.uk) Payment routed via Revolut Open Banking to the recipient account This multi-layer routing obscures the ultimate beneficiary and enables unlicensed offshore casinos to accept EU player deposits through seemingly legitimate UK open banking infrastructure. Compliance Concerns Yotta Pay presents significant compliance red flags: No FCA authorization despite facilitating payment services​ Sole Ukrainian director with no disclosed compliance team​ Opaque payment routing through multiple high-risk intermediaries​ Exploitation of Revolut’s Open Banking API for gambling-related transactions​ Revolut should investigate whether its open banking infrastructure is being exploited by unlicensed payment facilitators serving illegal gambling operations. Summary: Payment Facilitator Comparison CategoryOld FacilitatorNew FacilitatorEntityCoin Sonic UAB d/b/a InstaXchangeYotta Digital Ltd d/b/a Yotta PayJurisdictionLithuaniaUnited Kingdom (Wales)RegistrationCompany code 306200594Company number 12195240DirectorGeorge AdamidesIhor Kononko (Ukrainian)Regulatory StatusVASP (not licensed for fiat payments)Not FCA-authorizedBank AccountBanking Circle Germany (DE73202208000056199298)Via Revolut Open BankingPayment RoutingVia InstantBankPayment.com / YapilyVia Omerpayments.com / Zinzipay.comCasino ClientsSlotsDynamite, SlotsAmigoSlotsDynamite, SlotsAmigo Call for Information FinTelegram invites players, insiders, and whistleblowers with knowledge of Yotta Pay, Coin Sonic, Coco Loco Holdings N.V., or related payment schemes to come forward. Information on payment flows, transaction records, corporate relationships, or compliance failures can be submitted confidentially via our whistleblower platform Whistle42. Share Informatin via Whistle42 Your information helps protect consumers and expose illegal gambling operations exploiting European payment infrastructure.

A FinTelegram Analysis of the Austrian FMA’s Rapid CASP Authorisations and What It Means for EU Crypto Regulation Executive Summary Austria’s Financial Market Authority (FMA) is aggressively positioning Vienna as a gateway to the European crypto market. With six MiCA-licensed crypto-asset service providers (CASPs)—including two exchanges with substantial regulatory baggage—the FMA has emerged as one of the EU’s most prolific MiCA licensing authorities. However, this regulatory sprint raises serious questions: Is Vienna on track to become the new “Cyprus of crypto,” or does the FMA possess the capacity to supervise globally active exchanges with histories of enforcement actions? The Austrian MiCA Licence Roster The FMA has issued MiCA authorisations to six CASPs as of December 2025[web: 95][web: 101][web: 202]: CompanyLicence DateHQ/OriginNotable IssuesBitpandaApril 2025Austria (domestic)Clean record; long-standing FMA relationshipBybit EU GmbHMay 2025Dubai/Singapore$1.5B hack (Feb 2025); DNB €2.25M fine; Russian user exposure (~20–27% of traffic)AMINA (Austria) AGOct 2025Switzerland (Amina Bank group)Regulated banking groupCryptonow GmbHOct 2025SwitzerlandFirst Swiss firm to receive Austrian MiCA licenceFIOR Digital GmbHNov 2025AustriaDomestic fintechKuCoin EU Exchange GmbHNov 2025Seychelles/Hong Kong$297M DOJ settlement (Jan 2025); Seychelles FSA rejection; founders departed Of these six licensees, only Bitpanda and FIOR Digital are genuinely Austrian companies. The remainder are foreign platforms—including two (Bybit and KuCoin) with significant enforcement histories—that have chosen Vienna as their EU regulatory gateway. The EU MiCA Licence Landscape: Is Vienna Leading? No—but Austria punches above its weight. The latest data shows Germany and the Netherlands lead in absolute CASP licence numbers: JurisdictionCASP LicencesNotable FeaturesGermany (BaFin)~12–18Largest market; established fintech hubNetherlands (AFM)~9–14Strict AML regime; early MiCA implementerMalta (MFSA)~5ESMA criticism for inadequate authorisation processesFrance (AMF)~3–6Threatening to block passported licencesAustria (FMA)6Includes KuCoin, BybitCyprus (CySEC)~2–3Revolut recently licensed Austria’s six licences place it alongside Malta and ahead of Cyprus—but the composition of those licences is the issue. While Germany and the Netherlands have licensed primarily domestic or established players, Austria has become a favoured destination for offshore exchanges seeking EU access. The Cyprus and Malta Comparison: Warning Signs The FMA’s licensing trajectory draws uncomfortable parallels to two jurisdictions with troubled crypto regulatory histories: Malta: ESMA’s July 2025 peer review criticised the MFSA for granting licences without adequately assessing material risks, including governance, conflicts of interest, and AML/CFT control. The review found Malta’s authorisation processes only “partially” met expectations. Malta has since pushed back against proposals to centralise CASP supervision at ESMA level. Cyprus: CySEC was the regulator of choice for binary options brokers during the 2010s “Cyprus era,” a period marked by widespread retail investor harm and eventual regulatory crackdowns. While CySEC has since tightened standards, Cyprus has been slower to issue MiCA licences, with Revolut obtaining approval only in October 2025. Austria’s risk: By authorising exchanges like KuCoin (convicted in the US) and Bybit (hacked for $1.5 billion, significant Russian exposure), the FMA is inviting comparisons to Malta’s permissive licensing approach—and to Cyprus’s historical role as a regulatory “light-touch” jurisdiction for questionable financial services firms. Internal and External Criticism Remarkably, the FMA itself—alongside France’s AMF and Italy’s CONSOB—has co-authored a position paper calling for strengthened MiCA supervision. The September 2025 joint statement warned: MiCA’s application is “fragmented across jurisdictions” National authorities cannot require cybersecurity certification at the authorisation stage The location of large CASPs outside the EU “weakens the reach of European regulation” Supervisory convergence “quickly reaches its limits” The three regulators proposed direct ESMA supervision of significant CASPs—a tacit admission that national authorities may lack the resources and extraterritorial reach to supervise globally active exchanges. France’s AMF has gone further, warning it may refuse to honour MiCA passports from other jurisdictions—a threat that would undermine the entire single-market framework. Verdict: Is Vienna the MiCA Hub? Partially—but for the wrong reasons. Vienna is not the EU’s largest MiCA licensing centre (that honour goes to Germany and the Netherlands), but it has become disproportionately attractive to offshore exchanges with regulatory baggage. The FMA’s willingness to license KuCoin—ten months after a $297 million US guilty plea—and Bybit—months after a $1.5 billion hack attributed to North Korean state actors—raises legitimate questions about the depth of due diligence applied. The FMA may not yet be “the new CySEC,” but its trajectory deserves scrutiny. If the Austrian regulator continues to authorise exchanges that other jurisdictions have fined, rejected, or placed on warning lists, Vienna risks becoming a regulatory arbitrage destination—precisely the outcome MiCA was designed to prevent. For lawyers and compliance professionals advising crypto firms, Austria offers speed and accessibility. For regulators concerned about investor protection and systemic risk, the FMA’s licensing record warrants close monitoring. Share Information via Whistle42