VSquare experts analysed around 300 crypto companies registered in Estonia and Lithuania and found dozens of cases of fraud, money laundering, sanctions evasion and illicit financing of criminal organisations.
Partners of the European media initiative in the scope of the investigation were:
- Delfi (Estonia);
- Siena (Lithuania);
- Fronstory.pl (Poland);
- Paper Trail Media, Der Spiegel and ZDF (Germany);
- Der Standard (Austria).
The Estonian government established a licensing regime for virtual asset service providers in 2017. But marketed as innovative and novel, the structure metastasized into the Wild West of firms operating in the country, leading to a huge flow of illicit funds through the European Union, journalists concluded.
\n
“The term ‘license in the EU’ has been used as an argument by international fraudsters who used the jurisdiction to engender trust in their illegal operations. As a result, over the last six years Estonia has hosted 1,644 licensed crypto firms, roughly one for every 800 residents,” they noted.
\n
In many cases, the firms were led by people who, in accordance with AML requirements, held positions such as directors or AML officers without the necessary qualifications and experience. Analysts identified among them a taxi driver with heavy debts, a welder banned from business, a person with social housing and an unemployed plumber. Collectively this quartet occupied roles such as director or AML officer in 60 companies.
\n
“I was just a front. I did not handle transactions and did not know which millions passed through there,” admitted Sergey Bezrodny, an unemployed plumber from Tartu.
\n
Yet the man was the former head of 24 international cryptocurrency companies.
The Estonia-registered digital asset exchange Garantex in April 2022 was sanctioned by the Office of Foreign Assets Control (OFAC). According to the regulator, the platform conducted transactions totaling over $100 million related to illicit entities. Among the latest were the Russian hacker group Conti and the darknet marketplace Hydra.
Researchers found that the exchange helped finance through crypto the Russian paramilitary group Rusich, which has fought in Ukraine since 2014 and became one of the pillars for the creation of the Wagner Group.
Through the banking system, such a structure would have faced difficulties due to strict anti-money-laundering rules and SWIFT sanctions against Russia, but assets flowed to its crypto wallets amounting to hundreds of millions of euros. Using Elliptic’s blockchain-analysis tools, journalists found that via Garantex the group was sent at least $8,697.
Garantex Europe OÜ, the Estonian operator, lost its license in March 2022. Nevertheless, the company continued operating. According to Delfi, prosecutors opened a criminal investigation into illicit economic activity.
In November 2021 OFAC imposed sanctions on the crypto-exchange Chatex (Izibits OÜ, formerly run by Bezrodny), which, like Garantex, operated from Federation Tower in Moscow.
In June, amid the rapid Wagner mutiny led by Yevgeny Prigozhin, experts recorded a spike in ruble-denominated activity on the crypto market. This led experts to suggest that blockchain has become a key channel for moving Russian assets under financial sanctions.
According to journalists, the activity is supported by the Estonia-registered exchange Coinsbit, enabling rubles to be converted into digital currencies. Platform representatives have repeatedly asserted that there are no restrictions for Russian citizens.
On the platform’s site there is a mention of the Estonian company ITEcosystem OÜ, which lost its crypto licence in July 2020. Officially the founder and director is a Ukrainian citizen named Yaroslav Yarovenko. Open sources indicate only that in 2014 he was convicted of stealing women’s shoes from a Zara store in Kyiv.
Journalists also found hundreds of warnings about fraud linked to Coinsbit online. According to the Trustpilot portal, the exchange’s trust rating is 2.2 out of 5 based on 205 reviews.
At present, the operator of the exchange is registered on the Seychelles.
Experts say that the licensing regime introduced by Estonia in 2017 proved flawed.
\n
“This is a stark example of bad legislation. It would never have worked,” said an anonymous former official involved in drafting the regulation.
\n
Nevertheless, the prospect of legitimisation proved highly attractive for industry players. According to the Financial Inspectorate as of mid-2021, almost 55% of all virtual asset service providers worldwide were registered in Estonia. A substantial portion of them was associated with entities operating in Russia (440) and Ukraine (203).
Since then authorities initiated a sweeping reform to clean up the sector. Most of the companies did not agree or could not comply with the updated rules, and in the country, out of 1,644 licensed crypto firms only 78 remained (as of writing).
Many of the companies that ceased operations in Estonia relocated to other European jurisdictions, including Lithuania, which now hosts more than 800 crypto firms.
One of them is Arbismart. In February 2022 the firm announced its relocation due to the Estonian Financial Inspectorate introducing “new draconian rules.” Journalists found numerous allegations of fraud against the company, and the amounts lost by investors are claimed to be up to €50 000.
The company is registered in the name of a Ukrainian resident who confirmed that his personal data are in the registry. However, he said he knows nothing about Arbismart and has no involvement.
Previously-operated from Estonia, crypto-processing Payeer also opened a company in Lithuania. Researchers noted that the platform is very popular with Russian users, and online there are easy-to-find instructions for circumventing financial sanctions through it. instructions.
Following Payeer, the operator of the digital-asset platform Mercuryo—MoneySwap OÜ—also followed suit. The Estonian regulator revoked the company’s licence due to an opaque ownership structure and compromising information on the internet (fraud allegations). In Lithuania, the platform established a new business named MoneyAmber UAB.
Journalists counted at least 68 Lithuanian crypto firms with ties to Estonia-based firms, using the same brand, name or internet domain.
In May, the European Council, comprising 27 member states, unanimously approved the Markets in Crypto Assets Regulation (MiCA). EU member states also approved new anti-money-laundering measures.