September 21, 2021
This morning, OFAC sanctioned SUEX.io, a concierge cryptocurrency exchanger incorporated in Czechia but operating in Russia. This action comes as OFAC and the US Government writ-large try to tackle the festering problems posed by ransomware, and the criminal syndicates using it to extort billions of dollars out of victims around the world.
SUEX filled an essential niche in the ecosystem of underregulated exchanges that, either through willful ignorance or witting cooperation, facilitate the conversion of illicit crypto ransoms into real-world currency. SUEX largely communicated with its clients on the Telegram app and accepted new customers on a system of referrals from trusted intermediaries. This was not the kind of business where a random person on the internet could open an account. Transactions were only completed in-person at SUEX's offices. While not explicitly explained on its website, SUEX also appeared to deal almost exclusively in high-value deals - its minimum acceptable transaction was $10,000.
It also operated as a so-called "nested" exchange; SUEX did not directly custody its clients' crypto. Instead, it used the infrastructure of a large, global cryptocurrency exchange to conduct its transactions. Nested exchanges often take advantage of the greater liquidity and lower transaction costs of big, multinational exchanges while presenting customers with a custom-made interface obscuring the connection to the larger service. Using this relationship with a large exchange, and access to cash from unknown sources, SUEX was able to convert the illicit monies of its clients to physical cash at an alarming scale.
A Sprawling Enterprise
The breadth of SUEX's owners' sprawling interests in Russia and Eastern Europe's crypto, financial, and tech sectors is remarkable. Currently registered in Czechia as SUEX OTC s.r.o., the company's largest shareholder is a Russian national named Egor Petukhovsky. Petukhovsky's business interests range from M4Bank/CCT, a mobile point-of-sale services company, to Chatex.com, a start-up crypto exchange operating on the Telegram app platform. SUEX and Chatex, while nominally distinct businesses, share extensive corporate and legal relationships.
SUEX initially operated under the corporate ownership of an Estonian company - Izibits OU, which still holds an Estonian virtual asset service provider license on its behalf. The Russian-language website of SUEX still lists Izibits as its corporate owner. Izibits is the legal owner/operator of Chatex. The companies also share links through the domain registrar for Suex.io, Hightrade Finance Ltd. Registered in St. Vincent, Hightrade is also the legal entity users of Chatex contract with in its Terms of Service.
Vasilii Zhabykin, a 10% shareholder of SUEX OTC, acts as one of the company's two executives. Zhabykin has wide-ranging experience in tech and finance. According to his probable LinkedIn profile, he currently heads up MTS Telecommunication's crypto "neobank" NUUM. MTS is Russia's largest mobile telecom company, with billions in revenue and business interests in a wide range of sectors.
SUEX's other executive, Tibor Bokor, appears to be a Czech venture capitalist. The remaining investors in the company, Ildar Zakarov and Maksim Subbotin (possible AKA Maxim Kurbangaleev), publicly associate themselves with SUEX. Kurbangaleev, a co-founder of the company, even went so far as to advertise the company's lack of KYC-compliance checks on his LinkedIn profile:
OFAC's willingness to go after services like SUEX will likely have wide-ranging effects on the criminal-servicing underbelly of the crypto industry.
Major exchanges are now on notice that high-risk nested services like SUEX are in the government's sights. The profit margins earned by servicing these clients, whose lax or nonexistent KYC compliance processes facilitate crypto crime, are surely not worth the additional risk exposure they bring to big exchanges.
Today's action also highlights the collateral risks experienced by possibly legitimate businesses operated by the owners and investors of SUEX. These companies may not be named in this action, but their banks, investors, and clients will surely re-consider the wisdom of doing business with the operators of an OFAC-sanctioned crypto exchange.
How crypto exchanges can identify nested exchanges to manage risk
TRM's risk management platform enables exchanges, custodians and other cryptocurrency services providers to identify nested exchanged within larger exchanges. Ownership Analytics — a new form of blockchain intelligence introduced by TRM in 2020 — uniquely enables crypto businesses to detect parasite exchanges and other nested entities operating on their platform.
For more information on this capability or other emerging risk factors that may impact your business, please contact us.
Need support on an investigation?
Fill out the form to speak with our team about investigative professional services.