Enforcement Roundup: Securities regulators hit virtual currency ponzis, penny stock scams, and more

By Brian Monroe
June 7, 2017

In our latest ACFCS Enforcement Roundup, we take a securities slant to highlight several key enforcement actions involving virtual currency Ponzi schemers, a company that became a clearing portal for penny stock fraudsters, a trader who used the cover of big banks to engage in illegal Venezuelan bond swaps, and more.

The cases, mostly involving the U.S. Securities Exchange Commission (SEC), reveal a plethora of details that would be of value to financial crime compliance professionals, including properly querying and risk ranking customers, correctly tuning transaction monitoring systems, and filing detailed and timely suspicious activity reports (SARs).

The ACFCS Enforcement Roundup, and its sister series, the Report Roundup, are regular features culled and condensed from regulatory, investigative and other bodies. They highlight important actions, trends and issues to help professionals better detect and prevent financial crime.

SEC charges traders with breaching AML rules by helping penny stock firms clear transactions while shirking SAR duties

The chief regulator of the U.S. securities sector has charged Utah-based Alpine Securities with thousands of violations tied to anti-money laundering (AML) rules and engaging in manipulative practices to help fraudulent penny stock firms steal from unsuspecting victims.

The Securities Exchange Commission’s (SEC’s) complaint alleges that Alpine “routinely and systematically failed to file [suspicious activity reports] for stock transactions that it flagged as suspicious.”

Moreover, when Alpine did file SARs, the firm “allegedly frequently omitted the very information that formed the bases for Alpine knowing, suspecting, or having reason to suspect that a transaction was suspicious,” according to the order. The SEC is seeking unspecified civil penalties and criminal sanctions.

The SEC noted that Alpine already dealt in high-risk areas, acting as a clearing firm for many microcap over-the-counter (OTC) stock transactions.

Since 2011, Alpine has “cleared thousands of deposits of microcap securities, most of them involving Scottsdale Capital Advisors Corp. as the introducing broker, and many of which were used as part of various stock manipulation and other schemes,” but filed few SARs.

The major failures identified by the SEC include:

· Systematically omitting from at least 1,950 SARs material, “red-flag” information of which it was aware and was required to report, such as a customer or issuer’s criminal or regulatory history, evidence of stock promotion, or whether a customer was a foreign financial institution, including at least 1,150 SARs which included only the customer name, date of deposit, dollar value of deposit, and the name of the security deposited

· Filing SARs only on the deposit of stock in approximately 1,900 instances in which the stock was subsequently liquidated, but failing to file required SARs on subsequent related transactions such as the liquidation, or transfer of funds resulting from the liquidation, even though it had identified the deposit of the security as suspicious; and

· Failing to file at least 250 SARs within the required 30 days after the date the suspicious activity was detected.

Shortly before its AML problems came to a head, in 2011, Alpine was acquired by John Joseph Hurry, who also owns Scottsdale Capital Advisors Corp. Hurry is the sole director of Alpine and the managing member of Alpine’s parent entity.

Scottsdale introduced customers to Alpine, including those who conducted the majority of the transactions that are the subject of this matter. Like Alpine, Scottsdale’s business focuses on microcap stock transactions, according to the order.

Since 2011, Scottsdale has been the source of most of Alpine’s business.

But that company also had AML issues and run ins with its regulator. In 2011, Scottsdale was the subject of a Financial Industry Regulatory Authority (Finra) enforcement action alleging, in addition to other violations, that “Scottsdale filed deficient SARs.”

The order goes beyond just the financial crime foibles of the two linked companies, but also reveals lapses in core AML 101 controls, noting that the already high-risk penny stock customers had checkered pasts with formal actions against them – a detail easily uncovered through online searches.

“Many Scottsdale and Alpine customers have been charged with violations of the federal securities laws, including violations relating to transactions that cleared through Alpine,” according to the SEC.

The SEC’s order against Alpine is also a shot against any company engaging in stock fraud, a particular challenge when dealing with diminutive, cheap stocks with little known about their true business aims or the authenticity of their ownership.

It’s clear the SEC, along with Finra, have made going after penny stock frauds a priority, but investigators are taking a different tack – finding the shady brokers that are completing these illicit trades as they are a likely a nexus to a bevy of corrupt companies.

The order also details red flags that other broker dealers should be looking for and filing SARs, including depositing penny stocks, liquidating them and quickly wiring the proceeds out or a customer having wildly high returns on an investment, far out of line with standard market moves – the hallmarks of a ponzi scheme.

The SEC also stated that Alpine missed other fraudulent tells, including the customer or issuer having formal actions against them or being the subject of negative news and ongoing civil, criminal or regulatory violations.

Other red flags look at aberrant account activity, such as the customer “maintaining multiple accounts, or maintains accounts in the names of family members or corporate entities, for no apparent business purpose or other purpose.”

To see the SEC order, please click here. To watch an ACFCS webinar on how financial crime intersects the securities sector, please click here.

Finra bars former trader who used anonymous accounts to hide nearly $200 million in Venezuelan bond trades

Finra, the self-regulatory agency for the US securities sector, barred a former Morgan Stanley registered representative for using nominee accounts in the names of large U.S. banks to conceal $190 million in Venezuelan bond trades from his firm.

Morgan Stanley had banned the foreign bond trading in the roiling region due to AML, regulatory and reputational risks, according to the order.

The Venezuelan bond swaps carry a bevy of AML risks, from hidden sanctions exposure points to trading done on behalf of organized criminal groups that are not known to U.S. traders. But they can also be highly profitable due to the desperation of Venezuelan businesses and individuals to get U.S. dollars without going to the black market.

Instead of abiding by Morgan Stanley company policies, John Batista Bocchino “continued to trade in Venezuelan bonds on behalf of his customers, but hid the trades from the firm by using several nominee accounts in the names of well-known U.S. financial institutions, and direct[ed] the trades through those accounts.”

The banks were not aware of the scheme, according to the SEC.

Using that scheme, Bocchino “executed approximately 300 Venezuelan bond trades in the accounts opened in their names. To further conceal his customers’ trading, Bocchino created hundreds of firm documents, including new account forms and trade tickets, that contained false information.”

The moves evaded Morgan Stanley AML due diligence, monitoring and suspicious activity report filing.

The order notes that Bocchino had good reason to hide who he was dealing with as they were already on many banks’ radar for illicit actions.

“In fact, several of the underlying customers presented regulatory concerns, at least three were not customers of Morgan Stanley and were not approved to trade through the firm, and one previously had its account frozen by the firm,” according to the order. To read the order, please click here.

US SEC hits Bitcoin Ponzi schemer with $12 million penalty

In a modern twist on a perennially popular fraud scheme, Homero Joshua Garza allegedly lured investors with the promise of shares in two companies that would generate lucrative returns by mining Bitcoins.

According to the SEC, Garza’s outfits, GAW Miners and ZenMiner, never possessed the computing power to make good on those claims and instead paid back investors with funds from other victims, the stock-in-trade of the Ponzi schemer.

The SEC levied a civil penalty of $1 million against each of the Connecticut-based companies, and a disgorgement of a combined $10 million in allegedly ill-gotten gains.

The defendants “used the lure of quick riches from a twenty-first century payment system known as virtual currency to defraud investors,” the SEC stated in its December 2015 complaint, noting that the company claimed it was mining for bitcoins and another virtual currency, altcoin.

“Though cloaked in technological sophistication and jargon, defendants’ fraud was simple at its core – defendants sold what they did not own, and misrepresented the nature of what they were selling.”

The case is one of a spate of fraud schemes centered around virtual currencies in recent years. In 2014, the SEC won a $40 million judgement in a civil case against a fraudster who operated a Bitcoin-based Ponzi scheme under the name “BitCoin Savings and Trust.”

The SEC detailed several steps in the evolution of the latest fraud, including:

  • From August 2014 to December 2014, Garza and his companies sold $20 million worth of purported shares in a digital mining contract they called a Hashlet.
  • More than 10,000 investors purchased Hashlets, which were touted as always profitable and never obsolete.
  • Although Hashlets were depicted in GAW Miners’ marketing materials as a physical product or piece of mining hardware, the promised contract purportedly entitled the investor to control a share of computing power that GAW Miners claimed to own and operate.
  • Investors were misled to believe they would share in returns earned by the Bitcoin mining activities when in reality GAW Miners directed little or no computing power toward any mining activity.
  • Because Garza and his companies sold far more computing power than they owned, they owed investors a daily return that was larger than any actual return they were making on their limited mining operations.
  • Therefore, investors were simply paid back gradually over time under the mantra of “returns” out of funds that Garza and his companies collected from other investors.
  • Most Hashlet investors never recovered the full amount of their investments, and few made a profit.

In the beginning, the company first marketed itself as reseller of computer hardware and equipment that could be used to mine for bitcoins and altcoins.

The operating model soon morphed to one where people could purchase the mining equipment, but that GAW Miners would “host” the equipment in its data center, allowing people to purportedly log in over the Internet to focus resources on a particular mining pool,” for a fee that covered electricity and such.

The company then urged customers to switch to “Cloud Hosted Mining,” while around that time another company, ZenMiner, popped up to offer such a service. While Garza owned and controlled both, he kept that fact hidden until he could create a fictitious press release stating that GAW had spent an exorbitant amount to buy a slice of ZenMiner.

“This charade continued when, on or about August 24, 2014, GAW Miners issued a press release announcing that its parent company (which was also owned and controlled by Garza), had purchased a controlling stake in ZenMiner for $8 million, and that ZenMiner had become a division of GAW Miners,” according to the SEC complaint.

“This statement was false; no such transaction occurred because Garza had always owned and controlled ZenMiner,” the SEC stated. “Garza authorized and approved the issuance of GAW Miners’ false press release.”

Garza allegedly spun the tall tale as “proof that GAW Miners was a leader in the virtual currency industry by bridging the gap between hardware sellers and hosted mining services.”

But when customers started asking for their equipment – rather than having the company host the systems on their behalf – GAW again switched gears in a bid to dupe chafed customers into keeping their money in the company and get new customers.

As noted above, the solution was the creation of the “hashlet.”

GAW Miners’ press releases and website, and Garza’s posts on the company’s message board variously described Hashlets as “the world’s first digital cloud miner” and as “designed from the start to be the easiest, most convenient miner to own,” according to the SEC.

“GAW Miners and Garza marketed Hashlets specifically to non-technical people interested in virtual currency mining, touting a Hashlet as being ‘so easy to use that it is Grandma approved,’” and claiming that ‘[i]f you can open an email, you can setup and operate a Hashlet,’” according to the SEC.

The company had several red flags that should have been signs for customers and potentially even banks to back away from the operation.

GAW Miners’ had several different business models, all that used jargon and promised to be doing something on behalf of customers, while never producing or proving any actual evidence of that, which should have raised the eyebrows of potential investors and compliance staffers.

If AML professionals or investors had engaged in more extensive due diligence, they potentially could have uncovered Garza’s connection to both companies – realizing he is manipulating them to give the appearance of legitimacy.

Finally, the company again created a wonky-sounding product – built in the virtual world and doing something no one can verify – steeped in double-speak tech talk, a hot air balloon of blustering and bloviating that could have been popped if someone had pressed the company to actually prove its supposedly lofty aims.

That could have been achieved if someone had pressed to see pictures, videos or take an actual tour of the facilities supposedly engaging in the burgeoning Bitcoin hashing. And because no one could really determine the ratio of hashlets to computing power, Garza again used that to his advantage.

To get a sense of the dollar figures at play, prices for Hashlets ranged between about $10 and $50 per unit, depending on their features, including which pools they were able to mine, according to the complaint.

“During their first week of availability alone, GAW Miners and ZenMiner oversold — between triple and quadruple — the number of Hashlets for which they had the supporting computing power,” according to the SEC. “Yet, their sales continued.”

“By October 2014, GAW Miners had oversold Hashlets to an even more extreme degree,” according to court documents. “It had oversold altcoin-mining Hashlets by at least about 100 times its computing capacity, and bitcoin-mining Hashlets by at least about 5 times its computing capacity.” To read the full order, please click here.