Fraud Factory Firms Traced to Penniless Proxies
19 May 2020

By Mattias Carlsson, Holger Roonemaa, Oliver Kund and Hannes Munzinger, OCCRP, 18 May 2020

OCCRP — Rita is almost 13,000 euros in debt and was convicted of shoplifting a bottle of gin. Ricardo is unemployed and has been arrested several times for drug possession and driving without a license. His mother, Silwia, stole a white sweater worth 16 euros from an H&M in Stockholm.

But all three of these struggling Swedish citizens own companies registered at a prime address in Tallinn, Estonia’s capital city. Even more improbably, they bought these Estonian companies through other firms they own in the tiny Caribbean nation of St. Vincent and the Grenadines.

They are part of a larger network of firms registered in the same distinctive way: Estonian companies owned by shell companies in St. Vincent and the Grenadines, largely owned by down-on-their-luck Swedes.

The reason for this unusual ownership pattern becomes clearer after a look at what these companies were used for: hawking get-rich-quick investment schemes online.

Many are tied to a Ukraine-based call center exposed in a series of articles by OCCRP and Swedish newspaper Dagens Nyheter (DN) in March. The center allegedly defrauded people across the world by convincing them they were making investments in stocks, bitcoins, and foreign currencies through legitimate financial firms. The scheme is currently under investigation in Sweden.

Hiding behind a web of foreign companies creates a veneer of credibility while obscuring the true beneficiaries of the scams and allowing them to move money internationally, Estonian police told OCCRP. If those companies are, in turn, owned by citizens of a wealthy Nordic nation, all the better.

This could explain why whoever registered the firms turned to over two dozen Swedish proxies such as Silwia and Ricardo. Some were aware they were lending their names to companies they had nothing to do with, but at least one person alleged that his identity was stolen with forged documents.

The Operation

Last year, a whistleblower approached Dagens Nyheter after he became concerned that his employer, a call center based in Ukraine’s capital, Kyiv, was committing major fraud under the guise of selling investments to vulnerable people around the world.

The whistleblower alleged that the call center, Milton Group, employed an army of young salespeople whose job was to scam victims, particularly pensioners, with promises of get-rich-quick schemes.

Reporters spoke to victims on four continents who had been lured in by what they believed were high-tech trading firms that would allow them to open web-based investment accounts and make a fortune.

These firms were operating under different brand names, complete with their own sleek websites and marketing campaigns, but all of them led back to Milton and its owners, who appear to have pocketed the millions of dollars “invested” with them.

One of the brands frequently mentioned by Milton’s victims was Vetoro Banc. The whistleblower told journalists that Vetoro had been entirely invented inside Milton’s offices in Kyiv, with the name chosen because it sounded “like one of the Italian banks.”

Vetoro’s website changes frequently, but at various times it has advertised being “owned and operated” by companies based in St. Vincent and the Grenadines called Hanabishi Partners Ltd and Gozala Enterprises, as well as their Estonian subsidiaries, Hanabishi Management and Gozala Services.

Both Hanabishi Management and Gozala Services were purchased on the same day in April 2019 from an agent in Tallinn by two hard-up Swedish women recently convicted of crimes. The women made the purchases through St. Vincent shell companies.

Funds for the purchase of Hanabishi were listed as coming from “business profits from Hong Kong,” despite the fact that its owner, Silwia, had been sued in a Stockholm district court the previous month for not repaying a 3,500-euro car loan.

Examining Milton Group records as well as code embedded in the brands’ websites, reporters discovered that the other three investment outfits named by the whistleblower as being sold from Kyiv — CryptoMB, Cryptobase, and Glad2Trade — were also part of the Estonia-St. Vincent network.

In total, at least 61 firms were registered between February 2018 and February 2020 at the same address in Tallinn, then quickly purchased by offshore firms from the Caribbean nation.

Most of them even share the same address: Suite 305, Griffith Corporate Centre in Kingstown, the capital of St. Vincent and the Grenadines.

Of those, 57 firms offer get-rich-quick investment services following a similar format to Milton Group’s schemes.

  • At least 24 are linked to websites that have been blacklisted by authorities in at least one European country.
  • 21 can be connected to Milton Group.
  • Four are sold by a call center in Albania that reporters have also tied to Milton Group.
  • 23 are currently accepting new investments through a Cyprus-based payment company called Naspay.

Naspay is owned by David Todua, a Georgia-born Israeli citizen who was identified by the whistleblower as one of the key figures behind Milton Group. (Todua denies holding any position in the company).

Milton Group in Kyiv, the linked call center in Albania, and the payment company Naspay all failed to respond to repeated requests for comment.

The Registration Agent

For years, businessman Argos Kracht has been one of Estonia’s most prolific formation agents, churning out new companies from his office adjacent to Tallinn’s City Hall.

For nearly as long, he’s been having run-ins with authorities who accuse him of setting up shell companies that can be used for tax evasion, money laundering, and other financial crimes.

Read more at OCCRP

Photo (cropped and edited): Sergey Galyonkin/CC BY-SA 2.0

RiskScreen: Eliminating Financial Crime with Smart Technology

Advance your CPD minutes for this content, by signing up and using the CPD Wallet