LONDON (Reuters) - A network of dummy online stores offering household goods has been used as a front for internet gambling payments, a Reuters examination has found.
The seven sites, operated out of Europe, purport to sell items including fabric, DVD cases, maps, gift wrap, mechanical tape, pin badges and flags. In fact, they are fake outlets, part of a multinational system to disguise payments for the $40 billion global online gambling industry, which is illegal in many countries and some U.S. states.
The findings raise questions about how e-commerce is policed worldwide. They also underline a strategy which fraud specialists say regulators, card issuers and banks have yet to tackle head-on.
That strategy is “transaction laundering” - when one online merchant processes payment card transactions on behalf of another, which can help disguise the true nature of payments.
Credit card companies including Visa and Mastercard require all online purchases to be coded so they can see what type of purchase is being processed and block it if it is illegal in a particular country. The codes are known as Merchant Category Codes. Gambling transactions, for example, are given the code of 7995 and subject to extra scrutiny.
The scheme found by Reuters involved websites which accepted payments for household items from a reporter but did not deliver any products. Instead, staff who answered helpdesk numbers on the sites said the outlets did not sell the product advertised, but that they were used to help process gambling payments, mostly for Americans.
Categorising a gambling transaction as a purchase of something else is against the rules of card issuers including Visa and Mastercard, the card companies said in response to Reuters’ findings.
“Transaction laundering is serious misconduct - often criminal,” said Dan Frechtling, head of product at G2 Web Services, a financial compliance company which works with leading banks and card issuers. “It violates the merchant’s agreement with its acquirer, allows prohibited goods and services to enter the payment system, and may flout anti-money laundering laws.”
Three other fraud experts consulted by Reuters said transaction laundering helps online merchants trade in areas that credit card issuers and banks may otherwise bar as “high risk,” such as gaming, pornography or drugs. Some of them say thousands of online merchants may be using similar techniques to move billions of dollars that card companies would otherwise block.
“It is the digital evolution of money laundering,” said Ron Teicher, CEO of Evercompliant, a cyber-intelligence firm that works with banks to identify suspect sites. “The only thing is it is much easier to do, and much harder to get caught.”
The dummy stores came to Reuters’ attention in late 2016, when an anonymous document posted on the internet pointed to three online outlets that advertised products but did not actually deliver any. In December, a reporter placed an order for a yard of burlap cloth on one of the sites, myfabricfactory.com, a website run by a UK company called Sarphone Ltd. The fabric, advertised in U.S. dollars at $6.48 per yard, has “many uses including lightweight drapes,” the website says. Sarphone did not respond to requests for comment.
This order went unmet. After a few weeks an email from My Fabric Factory arrived saying the product was out of stock. The payment was refunded.
When a reporter called the helpline number given on the site, the call was answered by someone who gave her name as Anna Richardson. She said she was employed by Agora Online Services, a payment services provider. Payment services providers (PSPs) verify, process and code card transactions.
Richardson said Agora processes payments for poker and works with “hundreds” of online gambling sites. Asked which references on the reporter’s card statement would be for online gambling, Richardson said, “If you have been using a betting site of any sort ... they are normally processed by us.”
It was not possible to verify Richardson’s identity. The My Fabric Factory email came from Agora’s email address, firstname.lastname@example.org. Agora, headquartered in Iceland and linked to companies from the UK to Germany, is owned by a Mauritius-based company, DueXX Ltd, according to Orbis, a company database. Andrej Brandt, one of two directors of Agora and listed as the sole point of contact on DueXX’s website, declined to comment.
“Thank you very much for your interest but I don’t like to share my views and insights,” he said via text message after Reuters presented its findings. “I presume you understand.”
The other director of Agora, Joerg Henning, could not be reached.
Reuters placed orders for household products on six other websites, all owned by companies in the UK. All the orders went unfilled and payment was refunded without comment. The sites used the same mail server as one of Agora’s web addresses, agrsupport.net, according to domain name records.
The site helplines were answered by three individuals who all said they worked for Agora, a company that specialized in processing gambling payments. One was the woman who identified herself as Anna Richardson. Another gave her name as Lucy, and the third, who did not give his name, told the reporter, “Most of the people who gamble and end up having our charges on their accounts are Americans. Gambling is illegal in America.” The staff said they were based in Germany.
When Reuters made payments on the seven sites, in each case the reporter’s credit details were processed by Deutsche Payment, a payment processor headquartered in Berlin. Its website says it is certified by the PCI Security Standards Council, a global payment card security body. It was included in Visa Europe’s May 2017 list of approved agents. Deutsche Payment did not respond to requests for comment.
The PCI Security Standards Council said it was up to the card companies to regulate payment processors.
Presented with Reuters’ findings, a spokesperson for Visa said, “We require all gaming sites to be processed under the relevant Merchant Category Code. Our rules are always subject to local law and we do not tolerate criminal activity.”
A spokesperson for Mastercard said: “When we are alerted to activities that may be against our rules or against the law, we work with the merchant’s bank to confirm or investigate the allegation.”
After Reuters approached the payment processing companies, all seven online stores stopped accepting payments, although they remain visible online.
Illicit gaming is hard to detect, partly because those involved cooperate to hide what they are doing, said Scott Talbot, head of government relations at the Electronic Transactions Association, a trade organization for the payment processing industry that counts some of the world’s largest banks as members.
Also, sites like those found by Reuters are small cogs in a complex global infrastructure.
“Illicit finance is incredibly creative,” said Gregory Lisa, a partner at law firm Hogan Lovells who has worked for the U.S. Treasury Department’s Financial Crimes Enforcement Network and as a trial attorney for the U.S. Department of Justice prosecuting money-laundering and fraud cases. “It is a very difficult arms race between the government and illicit actors and their financiers.”
Fraud specialists say dummy stores like those found by Reuters are not meant to be visited by the normal public. They are designed to be hard to spot, and their role is simply as a shop front to back up the bogus description.
Gambling sites that operate in countries where online gaming is illegal will take payment through their own sites, but then simply program the sites to give a reference to sites like the dummy stores in payment records, the consultancy Evercompliant says.
As far as the gambler is concerned, their payment has gone to the gambling site. Only when they see their card statement do they find a reference to the bogus store. If they visit the store and call the helpline number, the people who answer explain that the transaction actually corresponds to gambling – as Agora staff told the Reuters reporter.
Evercompliant, which has developed proprietary technology to help large banks and finance firms check sites they deal with, analyzed the seven dummy stores at Reuters’ request.
It found they were part of what it called an “ecosystem” of nearly 50 interlinked websites, owned by companies in countries ranging from Georgia to Latvia. It analyzed these sites and said if it had found such a network in a bank’s portfolio of customers, it would suspect transaction laundering, CEO Teicher said.
Such sites get around checks by credit card companies by using loopholes in the system, according to Frechtling at G2.
Some banks rely on payment processors to vet online merchants. While most PSP firms are legitimate, their due diligence can be perfunctory, he said.
“Some PSPs will make a basic anti-money laundering check - for example, using sanctions lists,” he said. “But they may not do a full vetting of you until you start transacting. That is a weak link.
“Transaction laundering directly through a bank doing thorough due diligence would be relatively difficult, but at a PSP that is sponsored by a bank it is often easier.”
It was not possible for Reuters to determine which bank or banks work with Deutsche Payment or Agora.
The UK firms that own the seven dummy online stores were set up by Simon Dowson, whose company formation agency closed down in 2015 after businesses it set up were involved in global scams including money-laundering. Reuters revealed last year how Dowson used residents of the English town of Consett as part of the scheme.
Dowson’s wife, Tanaporn Thompson, also known as Tanaporn Dowson, was named as director of Sarphone Ltd, the owner of My Fabric Factory, for a week in January 2017. She could not be reached.
The person named in the UK company register as having ultimate control of Sarphone is another Consett resident, Emma Chambers. Chambers and Dowson did not respond to requests for comment for this story.
Additional reporting by Lauren Young in New York and Ragnhildur Sigurdardottir in Reyjkjavik; Edited by Sara Ledwith