Estonian crypto payment processors are a problem for retail investors and consumers in the EU. Especially those who have received a license to operate crypto payment services from the relevant Estonian regulator FIU. Thus, they call themselves EU-regulated payment processors on the website pretending to be a serious business. Unfortunately, many of these licensed crypto payment providers are scam hard-core facilitators and/or are related to scam operators. Most recently, we identified CryptoPayIn at the Financial Resident broker scam as a payment provider (read report).
Another Estonian White-label Mutation
CryptoPayIn (http://www.cryptopayin.com) is operated by Navasu OÜ, registered in Tallinn, Estonia, and established in October 2019 (register data). Since October 2020, the company works with a license to operate virtual currency services. The registered directors are Kostas Konstantinou and Anna Unukainen.
Interestingly, CryptoPayIn uses the very same white-label solution as, for example, Bitxtech (www.bitxtech.com), powered by the also FIU-licensed CryptoFactory OÜ, and XChangePro, operated by BitConvert Ltd in Malta. The XChangePro website has been offline for weeks now.
The procedures for registration and onboarding of new clients on these platforms (and most likely some others) are identical, as one can see from the screenshots below.
These platforms also have in common that they appear in numerous scams as payment facilitators – often in combination with Praxis Cashier.
Scam-victim data abuse
But back to CryptoPayIn and the processes involved in the Financial Resident broker scam. Apparently, the scam is directly connected to CryptoPayIn via API. The data submitted by the potential scam victim during registration is automatically sent to the payment processor. Therefore, you will receive a registration confirmation from CryptoPayIn when you click the payment option on Financial Resident. To make the story a bit more complicated, it it has to mentioned that CryptoPayIn is hidden behind the “TechnoPay” payment option in the Financial Resident Scam.
If you register directly with CryptoPayIn via its website, you have to go through a multi-stage verification process, including the usual KYC data (proof of ID, proof of residency). This is clean and AML compliant. Those who come via the Financial Resident scams, on the other hand, apparently do not have to register.
Special Purpose Vehicle
We know that many FIU-regulated Estonian crypto payment processors are established solely or primarily with the purpose of processing payments for “affiliated” companies (very often scams). It seems that this is also true for CryptoPayIn. In any case, the lack of social media connections points to a special purpose nature. The social media icons present on the website are actually not connected to social media accounts. Strange for a company that wants to acquire and serve customers in the field of digital currencies. It isn’t?
Call for Compliance Check
It would probably be urgent for the Estonian FIU to look at CryptoPayIn‘s operations, business practices, and compliance procedures. Wouldn’t it?