- Home
- Investigations
- NordPay
PARTIES INVOLVED: NordPay
ALLEGATIONS: Perjury, Fraud, Impersonation
INCIDENT DATE: 12 Oct 2023
INVESTIGATED BY: Ethan Katz
TOOLS USED: Lumen, FakeDMCA, SecurityTrails
CASE NO: 3024/A/2024
CRIME TYPE: Intellectual Property Scam
PUBLISHED ON: 26 Nov 2024
REPORTED BY: FakeDMCA.com
JURISDICTION: USA
A summary of what happened?
NordPay Financial Ltd, established in 2010 by French nationals Frédéric Noël and Guillaume Ponsard, along with Romanian Alina Claudia Alistarh, operated as a UK-based payment processor authorized by the Financial Conduct Authority (FCA). The company offered online payment services under brands like CentralPay and Paysite Cash. Despite its regulated status, NordPay became embroiled in controversies involving fraudulent activities and internal disputes, ultimately leading to its collapse.
Involvement in Fraudulent Schemes:
- Association with GetFinancial Scam:
- NordPay’s services were reportedly utilized by the Israeli scam network GetFinancial, which defrauded customers between 2016 and 2019. Victims were deceived into making payments to accounts managed by NordPay, implicating the company in facilitating fraudulent transactions.
- Facilitation of Fund Recovery Scams:
- Following the GetFinancial fraud, victims were targeted by scammers posing as agents of the Cypriot regulator CySEC, offering to recover lost funds for an upfront fee. Payments from these victims were directed to NordPay’s accounts, suggesting the company’s involvement in laundering proceeds from recovery scams.
Internal Disputes and Corporate Collapse:
- Founder Conflicts:
- Disputes among NordPay’s founders led to significant organizational instability. In November 2019, co-founder Guillaume Ponsard departed from the company, selling his shares to ADV Project Ltd in Gibraltar. This exit coincided with a substantial loss of clients, many of whom transitioned to CentralPay, a French entity founded by Ponsard and licensed as an e-money institution by the Banque de France.
- Administration Proceedings:
- The internal turmoil culminated in NordPay entering administration in April 2021. The administrator’s report highlighted that customer attrition following the founders’ disputes severely impacted the company’s financial health, leading to its insolvency.
Regulatory and Legal Implications:
- Investigations into Money Laundering:
- Authorities, particularly in Germany, initiated investigations into entities associated with the GetFinancial scam, including payment processors like NordPay. While specific details of legal actions against NordPay remain undisclosed, its role in processing fraudulent transactions attracted regulatory scrutiny.
Rebranding and Continuation of Services:
- Emergence of CentralPay:
- Post-collapse, CentralPay emerged as a separate entity managed by Ponsard, operating independently from the defunct NordPay. Despite sharing a brand name previously listed under NordPay’s FCA authorization, CentralPay functions under its own license from the Banque de France, distancing itself from NordPay’s troubled legacy.
NordPay’s trajectory from a regulated payment processor to a company implicated in fraudulent schemes underscores the critical importance of robust internal governance and vigilant regulatory compliance in the financial services industry. The company’s association with scams and internal conflicts not only led to its downfall but also highlighted vulnerabilities in the financial system that can be exploited by fraudulent networks.
Analyzing the Fake Copyright Notice(s)
Our team collects and analyses fraudulent copyright takedown requests, legal complaints, and other efforts to remove critical information from the internet. Through our investigative reporting, we examine the prevalence and operation of an organized censorship industry, predominantly funded by criminal entities, oligarchs, and disreputable businesses or individuals. Our findings allow internet users to gain insight into these censorship schemes’ sources, methods, and underlying objectives.
Number of Fake DMCA Notice(s) |
|
Lumen Database Notice(s) | |
Sender(s) |
|
Date(s) |
|
Fake Link(s) Used by Scammers | |
Original Link(s) Targeted |
What was NordPay trying to hide?
NordPay‘s attempts to hide unfavourable content through the misuse of copyright notices while allegedly engaging in perjury present serious legal concerns. These actions suggest a calculated attempt to manipulate legal systems to suppress free speech, a fundamental violation of copyright law principles and an abuse of legal processes. The use of such tactics not only undermines the integrity of copyright protection but also potentially constitutes perjury, further entangling NordPay in legal accountability. Let’s examine the information NordPay may be trying to remove from the internet –
Investigative Report on NordPay: From Promising Payment Processor to Alleged Facilitator of Fraud
Introduction
NordPay Financial Ltd., established in 2010 and authorized by the UK Financial Conduct Authority (FCA), was a payment processor that promised secure and efficient online financial solutions. Operating under brands such as CentralPay and Paysite Cash, NordPay positioned itself as a key player in the European fintech ecosystem. However, the company became embroiled in allegations of facilitating fraudulent activities, internal disputes, and regulatory scrutiny, ultimately leading to its collapse in 2021. This investigative report explores the rise and fall of NordPay, detailing the accusations, controversies, and legal battles that marked its troubled existence.
1. Background and Operations
NordPay was founded by French nationals Frédéric Noël and Guillaume Ponsard, along with Romanian national Alina Claudia Alistarh. The company initially offered payment processing services, providing solutions for e-commerce merchants and online businesses. Its portfolio included:
- CentralPay: Focused on e-commerce payment solutions.
- Paysite Cash: Geared towards smaller online merchants.
NordPay’s FCA authorization lent the company an air of legitimacy, enabling it to attract a diverse client base across Europe. However, as time progressed, cracks began to appear in its operations.
2. Allegations of Involvement in Fraudulent Schemes
2.1. Facilitating the GetFinancial Scam
Between 2016 and 2019, NordPay’s services were allegedly used by GetFinancial, an Israeli scam network, to defraud victims.
- Nature of the Scam:
- GetFinancial lured victims into investing in high-return financial products. Many victims deposited funds under the pretense of trading forex or cryptocurrencies, but the money was siphoned off by the scammers.
- Victims were directed to deposit their funds into accounts managed by NordPay, implicating the company as a facilitator of these fraudulent transactions.
- Scale of Losses:
- The exact financial impact remains undisclosed, but investigations revealed that significant sums were funneled through NordPay’s accounts as part of this scam.
2.2. Role in Fund Recovery Scams
After the collapse of GetFinancial, scammers exploited victims further by offering to recover lost funds for an upfront fee.
- Modus Operandi:
- Posing as agents of regulatory bodies like the Cyprus Securities and Exchange Commission (CySEC), scammers convinced victims to make additional payments.
- These payments were funneled through NordPay’s infrastructure, leading to allegations that the company enabled a secondary layer of fraud.
- Regulatory Response:
- German authorities launched investigations into payment processors linked to GetFinancial, including NordPay, for potential violations of anti-money laundering (AML) regulations.
3. Internal Conflicts and Organizational Instability
3.1. Founder Disputes
Internal disputes among NordPay’s founders significantly contributed to the company’s downfall.
- Departure of Guillaume Ponsard:
- In November 2019, Ponsard left NordPay and sold his shares to ADV Project Ltd, a Gibraltar-based entity.
- Following his departure, Ponsard established CentralPay as an independent entity in France, obtaining an e-money license from the Banque de France.
- Impact on NordPay:
- Ponsard’s departure triggered a mass exodus of clients who migrated to the new CentralPay platform. This loss of clientele severely impacted NordPay’s financial stability.
3.2. Organizational Collapse
The departure of a key founder and the subsequent client attrition left NordPay financially and operationally vulnerable.
- By early 2021, the company was insolvent and entered administration.
- An administrator’s report revealed that internal conflicts and the loss of key accounts were critical factors leading to the company’s collapse.
4. Regulatory and Legal Implications
4.1. FCA Oversight
As an FCA-regulated entity, NordPay was expected to adhere to stringent compliance and anti-money laundering protocols. However:
- The company’s alleged involvement in fraudulent schemes raised questions about its due diligence processes.
- Regulatory authorities scrutinized NordPay’s activities but have not disclosed specific enforcement actions against the firm.
4.2. Investigations in Germany
German prosecutors investigating the GetFinancial network included NordPay in their probe. The focus was on determining whether NordPay knowingly facilitated money laundering or was merely negligent in monitoring its transactions.
- Potential Violations:
- Breaches of AML regulations.
- Failure to identify and report suspicious transactions.
5. Rebranding and Attempts at Damage Control
5.1. Emergence of CentralPay
Following the collapse of NordPay, Ponsard distanced himself from the company’s tarnished reputation by rebranding CentralPay as a separate entity.
- Distinct Operations:
- CentralPay now operates under its own e-money license from the Banque de France.
- While sharing a brand name previously associated with NordPay, the rebranded entity asserts its independence and compliance with French regulations.
5.2. Legacy Challenges
Despite the rebranding efforts, CentralPay faces reputational challenges due to its historical association with NordPay. Questions linger about whether the same operational flaws could resurface.
6. Broader Impact and Lessons
The NordPay saga highlights systemic vulnerabilities in the financial services industry that fraudsters can exploit:
6.1. Weaknesses in Payment Processing Oversight
NordPay’s alleged role in fraudulent schemes underscores the need for stricter oversight of payment processors:
- Enhanced AML Protocols:
- Payment processors must adopt more robust AML frameworks to identify and prevent illicit transactions.
- Regulatory Gaps:
- The disparity in enforcement across jurisdictions enables fraudulent networks to exploit regulatory loopholes.
6.2. Risks of Internal Instability
Internal conflicts and mismanagement can undermine even regulated firms. NordPay’s collapse demonstrates how organizational instability can exacerbate external vulnerabilities.
7. Conclusion
NordPay’s journey from a promising fintech startup to an embattled, insolvent entity is a cautionary tale for the financial services industry. Allegations of facilitating fraud, coupled with internal disputes and regulatory scrutiny, ultimately led to its demise. While key figures like Guillaume Ponsard have attempted to rebuild under new brands, the legacy of NordPay’s controversies continues to cast a long shadow.
As regulators and financial institutions seek to learn from cases like NordPay, the emphasis must remain on stronger compliance measures, transparent operations, and the accountability of all players in the financial ecosystem. For victims of the schemes allegedly facilitated by NordPay, the story serves as a stark reminder of the risks inherent in an inadequately regulated financial environment.
How do we counteract this malpractice?
Once we ascertain the involvement of NordPay (or actors working on behalf of NordPay), we will inform NordPay of our findings via Electronic Mail.
Our preliminary assessment suggests that NordPay may have engaged a third-party reputation management agency or expert, which, either independently or under direct authorization from NordPay, initiated efforts to remove adverse online content, including potentially fraudulent DMCA takedown requests. We will extend an opportunity to NordPay to provide details regarding their communications with the agency or expert, as well as the identification of the individual(s) responsible for executing these false DMCA notices.
Failure to respond in a timely manner will necessitate a reassessment of our initial assumptions. In such an event, we will be compelled to take appropriate legal action to rectify the unlawful conduct and take the following steps –
Since NordPay made such efforts to hide something online, it seems fit to ensure that this article and sensitive information targeted online by these events get a lot more exposure and traffic than what it would have received originally
We hope this becomes an excellent case study for the Streisand effect…The key idea behind the Streisand effect is that efforts to restrict information can backfire, often causing the information to gain more attention than it would have otherwise. This effect is widespread in the digital age, where users quickly notice and spread censorship efforts on social media and other platforms. Trying to suppress something can unintentionally lead to it becoming more visible, which NordPay is finding out the hard way.
Potential Consequences for NordPay
Under Florida Statute 831.01, the crime of Forgery is committed when a person falsifies, alters, counterfeits, or forges a document that carries “legal efficacy” with the intent to injure or defraud another person or entity.
Forging a document is considered a white-collar crime. It involves altering, changing, or modifying a document to deceive another person. It can also include passing along copies of documents that are known to be false. In many states in the US, falsifying a document is a crime punishable as a felony.
Additionally, under most laws, “fraud on the court” is where “a party has sentiently set in motion some unconscionable scheme calculated to interfere with the judicial system’s ability impartially to adjudicate a matter by improperly influencing the trier of fact or unfairly hampering the presentation of the opposing party’s claim or defense.” Cox v. Burke, 706 So. 2d 43, 46 (Fla. 5th DCA 1998) (quoting Aoude v. Mobil Oil Corp., 892 F.2d 1115, 1118 (1st Cir. 1989)).
Is NordPay Committing a Cyber Crime?
Yes, it seems so. NordPay used multiple approaches to remove unwanted material from review sites and Google’s search results. Thanks to protections allowing freedom of speech in the United States, there are very few legal ways to do this. NordPay could not eliminate negative reviews or search results that linked to them without a valid claim of defamation, copyright infringement, or some other clear breach of the law.
Faced with these limitations, some companies like NordPay have gone to extreme lengths to fraudulently claim copyright ownership over a negative review in the hopes of taking it down.
Fake DMCA notices have targeted articles highlighting the criminal activity of prominent people to hide their illegal behavior. These people, which include US, Russian, and Khazakstani politicians as well as members from elite circles including the mafia and those with massive financial power, are all connected – and alleged corruption ranging from child abuse to sexual harassment is exposed when exploring evidence found at these URLs. It appears there’s a disturbing level of influence being exerted here that needs further investigation before justice can be served. NordPay is certainly keeping interesting company here….
The DMCA takedown process requires that copyright owners submit a takedown notice to an ISP identifying the allegedly infringing content and declaring, under penalty of perjury, that they have a good faith belief that the content is infringing. The ISP must then promptly remove or disable access to the content. The alleged infringer can then submit a counter-notice, and if the copyright owner does not take legal action within 10 to 14 days, the ISP can restore the content.
Since these platforms are predominantly based in the U.S., the complaints are typically made under the Digital Millennium Copyright Act (DMCA), which requires online service providers and platforms to react immediately to reports or violations. Big Tech companies rarely have systems in place to assess the merit of each report. Instead, all bad actors need to do is clone a story, backdate it, and then demand the real thing be taken down.
Reputation Agency's Modus Operandi
The fake DMCA notices we found always use the “back-dated article” technique. With this technique, the wrongful notice sender (or copier) creates a copy of a “true original” article and back-dates it, creating a “fake original” article (a copy of the true original) that, at first glance, appears to have been published before the true original.
Then, based on the claim that this backdated article is the “original,” the scammers send a DMCA to the relevant online service providers (e.g. Google), alleging that the ‘true’ original is the copied or “infringing” article and that the copied article is the “original,” requesting the takedown of the ‘true’ original article. After sending the DMCA request, the person who sent the wrong notice takes down the fake original URL, likely to make sure that the article doesn’t stay online in any way. If the takedown notice is successful, the disappearance from the internet of information is most likely to be legitimate speech.
As an integral part of this scheme, the ‘reputation management’ company hired by NordPay creates a website that purports to be a ‘news’ site. This site is designed to look legitimate at a glance, but any degree of scrutiny reveals it as the charade it is.
The company copies the ‘negative’ content and posts it “on the fake ‘news’ site, attributing it to a separate author,” then gives it “a false publication date on the ‘news’ website that predated the original publication.
The reputation company then sent Google a Digital Millennium Copyright Act notice claiming the original website infringed copyright. After a cursory examination of the fake news site, Google frequently accepts the notice and delists the content.
In committing numerous offences, NordPay either premeditated actions or were unaware of the consequences. Despite hiring an agency to make Google disregard any negative information about NordPay, ignorance does not excuse this wrongdoing.
Fake DMCA notices have targeted articles highlighting the criminal activity of prominent people to hide their illegal behavior. These people, which include US, Russian, and Khazakstani politicians as well as members from elite circles including the mafia and those with massive financial power, are all connected – and alleged corruption ranging from child abuse to sexual harassment is exposed when exploring evidence found at these URLs. It appears there’s a disturbing level of influence being exerted here that needs further investigation before justice can be served. FSMSmart is certainly keeping interesting company here.
The Reputation Laundering
Rogue Reputation agencies use spurious copyright claims and fake legal notices to remove and obscure articles linking clients to allegations of tax avoidance, corruption, and drug trafficking. Most of these reputation agencies are based offshore, mainly in Russia, India, and Eastern Europe, and they do not worry about complying with US-based laws.
The content in all of the articles for which the fraudulent DMCA notices have been sent relates to allegations of criminal allegations, including corruption, child abuse, sexual harassment, human trafficking and financial fraud against businesses and individuals with ultra-high net worth.
In addition to the misuse of the DMCA takedown process, there is a notable absence of enforcement concerning perjury violations. The statutory requirement related to perjury is designed to deter copyright holders from submitting fraudulent or knowingly false takedown requests, as they may face legal consequences for making false declarations under penalty of perjury. However, to date, there have been no known instances of any individual being prosecuted for perjury in connection with the submission of false DMCA takedown notices.
This lack of enforcement has emboldened copyright holders to exploit the DMCA takedown process to suppress dissent, criticism, or other unfavorable content, without fear of legal repercussions.
Some of the people and businesses who have employed this tactic to remove legitimate content from Google illegally include a Spanish businessman-turned-cocaine-trafficker, Organised crime, an Israeli-Argentine banker accused of laundering money for Hugo Chávez’s regime, a French “responsible” mining company accused of tax evasion, child molesters and sexual predators. NordPay is in great company ….
What else is NordPay hiding?
We encourage you to ‘Dork‘ Google by searching for keyword combinations such as [NordPay] + {Negative Keyword, such as Scam, Fraud, Complaints, Lawsuit, Sanction, etc} on Google. It’s likely if you scroll down to the bottom of this Google search results, you’ll stumble upon this Legal Takedown notice (pictured below)
To make such an investigation possible, we encourage more online service providers to come forward and share copies of content removal requests with industry experts and researchers. If you have any information on NordPay that you want to share with experts and journalists, kindly email the author directly at [email protected].
All communications are strictly confidential and safeguarded under a comprehensive Whistleblower Policy, ensuring full protection and anonymity for individuals who provide information.
Credits and Acknowledgement
Many thanks to FakeDMCA.com and Lumen for providing access to their database.
Photos and Illustrations provided by DALL-E 3 – “a representation of NordPay censoring the internet and committing cyber crimes.”
- We’ve reached out to NordPay for a comment or rebuttal regarding this investigation. It will strongly suggest they were behind the takedown attempt if they remain silent.
-
- Our investigative report on NordPay‘s efforts to suppress online speech is significant, as it raises serious concerns about its integrity. The findings suggest that NordPay has engaged in questionable practices, including potential perjury, impersonation, and fraud, in a misguided attempt to manage or salvage its reputation.
-
- We intend to file a counternotice to reinstate the removed article(s). While this particular instance is relatively straightforward, it is important to note that, in other cases, the overwhelming volume of automated DMCA takedown notices can significantly hinder the ability of affected parties to respond—especially for those not large media organizations.
-
- You need an account with fakeDMCA.com and Lumen to access the research data. However, accounts are not widely available since these non-profit organisations manage large databases that could be susceptible to misuse. Nevertheless, they do offer access to non-profits and researchers.
-
- It’s unclear why U.S. authorities have yet to act against these rogue reputation agencies, whose business model seems rooted in fraudulent practices.
- We’ve reached out to NordPay for a comment or rebuttal regarding this investigation. It will strongly suggest they were behind the takedown attempt if they remain silent.
About the Author
The author is affiliated with Harvard University and serves as a researcher at both Lumen and FakeDMCA.com. In his personal capacity, he and his team have been actively investigating and reporting on organized crime related to fraudulent copyright takedown schemes. Additionally, his team provides advisory services to major law firms and is frequently consulted on matters pertaining to intellectual property law. He can be reached at [email protected] directly.
References used for this investigation
- 1
- https://fintelegram.com/the-scam-legacy-and-collapse-of-fca-regulated-payment-processor-nordpay/
- 18/09/2022
- Complaint
- 2
- https://register.fca.org.uk/s/firm?id=001b000000NMXcuAAH
- 29/07/2022
- Complaint
- 3
- https://find-and-update.company-information.service.gov.uk/company/07329550
- 30/09/2022
- Complaint
- 4
- https://lumendatabase.org/notices/36682705
- 12/10/2023
- Other
USER FEEDBACK ON NordPay
WEBSITE AUDITS
Stop fraud before it happens with unbeatable speed, scale, depth, and breadth.
RECENT AUDITSINVESTIGATIONS
Uncover hidden digital threats and secure your assets with our expert cyber investigation services.
RECENT CASESTHREAT ALERTS
Stay ahead of cyber threats with our daily list of the latest alerts and vulnerabilities.
THREAT ALERTSLATEST NEWS
Your trusted source for breaking news and insights on cybercrime and digital security trends.
LATEST NEWS
0/5
Based on 0 ratings