For years, Payvision was sold to the market as a Dutch fintech success story. In reality, the newly published Payvision chat excerpts presented by EFRI point to something far uglier: a regulated payment institution that, according to criminal case materials cited by EFRI, did not merely process payments for scam networks around Uwe Lenhoff and Gal Barak, but allegedly helped keep those networks alive when fraud pressure, chargebacks, blocked accounts, and liquidity stress threatened to choke them. If these chats say what they appear to say, then Europe is not looking at a mere compliance lapse. It is looking at payment infrastructure turned into fraud infrastructure.
Key Findings
- From processor to enabler: The EFRI chat exhibits suggest that Payvision did not merely process payments, but allegedly helped scam networks solve critical payment and settlement problems.
- Awareness of fraud risk: The published messages strongly indicate that Payvision knew it was dealing with merchant structures tied to fraudulent broker operations linked to Uwe Lenhoff and Gal Barak.
- Conversion over compliance: According to EFRI, Payvision allegedly facilitated higher card acceptance for scam merchants through high-risk setups, including MOTO processing and the use of MCC 6211.
- Keeping the scam machine alive: The chats show repeated urgency around blocked accounts, delayed settlements, and emergency transfers, underscoring how vital Payvision was to the continued operation of the fraud schemes.
- Top-level involvement: Several excerpts suggest that extraordinary transfers and exceptional payment decisions required approval at the highest level, allegedly involving founder and CEO Rudolf Booker.
- ING-linked money flows: EFRI’s report points to the use of Stichting Payvision accounts, including ING-linked accounts, to move or reroute funds when ordinary channels came under pressure.
- Profiting from toxicity: The evidence suggests that Payvision did not just profit from processing scam payments, but also from the fallout through chargeback fees and so-called fraud-risk premiums.
- Risk as a revenue stream: The “Chargeback and Fraud Risk Premiums” document supports the allegation that fraud-related distress was monetized rather than treated as a reason to exit the client relationship.
- More than an AML failure: While Dutch prosecutors established structural AML shortcomings, the EFRI materials suggest conduct that may have gone beyond weak controls into active operational support.
- A scandal that reaches ING: Because ING acquired Payvision at a premium valuation and later shut it down, the affair raises unresolved questions about due diligence, oversight, and institutional accountability.
- The payment layer as crime infrastructure: The wider lesson is stark: industrial-scale broker fraud could not have functioned without payment partners willing to keep funds flowing despite obvious red flags.
- Potential smoking-gun evidence: The Payvision chats may be among the most damaging documentary exhibits yet published in the wider Lenhoff-Barak cybercrime complex.
The Chats Start Where The Scandal Really Starts: Conversion
The first exhibit published by EFRI goes straight to the commercial heart of online broker fraud: payment acceptance. According to EFRI’s report and the cited court files, Payvision allegedly accepted MOTO transactions and used MCC 6211 for Lenhoff-linked schemes even though the operating entities did not hold a MiFID licence. EFRI further says a seized 19 February 2016 chat recorded Lenhoff celebrating that, after Payvision was introduced, the decline rate fell by 65% and acceptance rose by 80%. The accompanying image published by EFRI shows the message trail behind that claim.
That is not a technical footnote. In scam economics, conversion is everything. Boiler rooms can lie all day, but if card payments do not clear, the fraud dies. EFRI’s second screenshot reinforces that point: in December 2015, Lenhoff allegedly complained that 3D Secure on Option888 was causing them to lose too many clients.
The implication is devastating. According to the report, the fraud network needed fewer controls and easier card acceptance, and Payvision allegedly supplied exactly that.
Then Came The Operational Support
The scandal turns darker in the chats about blocked accounts and payment rerouting. EFRI says that after Wirecard Bank blocked the Payific Ltd account effective 1 November 2016 because of fraud complaints, the Lenhoff organisation came under severe pressure. The chat screenshots published by EFRI show the panic: “we are losing Tomer,” “we need it urgently,” and “Payvision cannot provide a swift of the transaction but that the money has left their account and will be with the beneficiary.” EFRI says these messages reflect direct intervention to keep a key creditor paid and the fraud machine running after its ordinary banking channel broke down.
That is the point where the old defense — “we were just the processor” — starts to collapse. Processors do not normally become crisis managers for merchant groups drowning in fraud complaints. Yet EFRI’s report describes repeated “special” transfers, including direct payments from Stichting Payvision accounts to third parties, allegedly to preserve operational continuity for the Lenhoff network. If accurate, that is not neutral processing. That is active stabilisation of a criminal cashflow system.
Booker’s Name Appears Where it Should Never Have Appeared
One of the most toxic features of the published exhibits is not just the transfers themselves, but the reported need for top-level approval. EFRI states that these extraordinary payments required the approval of Rudolf Booker, Payvision’s founder and then CEO. One screenshot published by EFRI includes the lines: “that depends on what Rudolf agrees to do” and “ask Chang before, cause Rudolf is in Asia.” Another line says, “at least then we can do the big ones from there.”
Even if one adopts the most cautious legal reading, those are not the optics of a processor trying to isolate itself from toxic merchants. They are the optics of a senior-management-controlled relationship in which the payment provider appears to be helping solve merchant liquidity and routing problems in a red-flagged fraud environment. That is precisely why these chats are so dangerous. They drag the scandal out of the realm of bad onboarding and into the realm of deliberate operational enablement.
The ING Account Angle is Explosive
EFRI moves from chats to flow evidence. According to the report, after another provider, MoneyNetInt, stopped cooperating because of suspicious settlement activity, millions paid by victims through Visa and Mastercard into Stichting Payvision accounts held at ING Bank N.V. and Deutsche Bank were allegedly redirected onward to Winslet Enterprises, a company EFRI identifies as being under Lenhoff’s control. The published tables show a series of transfers from an ING-linked Stichting Payvision account totaling roughly €3.08 million, followed by additional transfers from a Deutsche Bank-linked Stichting account totaling roughly €2.75 million.
This is where the scandal stops being a Payvision-only story and becomes an ING legacy story. ING bought a 75% stake in Payvision in 2018 at a valuation of €360 million. Three years later, it announced it would phase the business out; Reuters reported that ING had already written down €188 million in goodwill and had previously sold half of Payvision’s operations for a nominal €1. ING itself said in 2021 that it had strengthened Payvision’s governance and compliance after the acquisition. But the public question is now much sharper: what exactly did ING buy, what did it know, and when did it know it?
Payvision Did Not Just Process The Fraud But Charged For The Fallout
EFRI’s fourth exhibit may be the most cynical of all. It includes a Payvision letter titled “Chargeback and Fraud Risk Premiums,” addressed to Hitchcliff Ltd and signed by Booker. The document says Payvision would impose an additional fee of €1 per euro of chargeback and fraud volume, and the published pages show a debit amount of €658,057.31. EFRI says these were not isolated fees but part of a broader commercial model in which Payvision allegedly processed more than €134 million for Barak- and Lenhoff-linked schemes while profiting from high processing fees, chargeback handling fees, and private penalty-style premiums.
That is what makes the case morally and legally grotesque. According to EFRI’s presentation of the record, Payvision was allegedly not losing money because the merchants were toxic. It was making money because they were toxic. The more fraud risk materialised, the more the processor could bill around it. In that light, the “risk premium” begins to look less like prudent pricing and more like a monetised fraud externality.
Dutch Enforcement Confirmed AML Failure — But Barely Touched The Scandal
The Dutch Public Prosecution Service said in April 2024 that two former Payvision directors received fines of €150,000 and €180,000 because Payvision had, from 2016 through April 2020, carried out inadequate customer due diligence, failed to properly identify beneficial owners and the purpose of business relationships, and failed to maintain ongoing monitoring. The criminal investigation, the OM said, began after a report from De Nederlandsche Bank (DNB). That official statement is already damning. But compared with the picture painted by the EFRI chats, it also looks absurdly narrow.
Because the EFRI material does not describe a processor sleepwalking through KYC failures. It describes, according to the cited court files, a firm embedded in the day-to-day payment problems of known scam networks, allegedly rerouting flows, supporting third-party payouts, approving exceptional transfers, and profiting heavily from chargeback-driven distress. If that evidentiary picture is broadly correct, then Europe is not dealing with a sloppy gatekeeper. It is dealing with a financial enabler.
The Wider ING backdrop Makes The Payvision Affair Even Uglier
The Payvision scandal also lands against a broader ING history of AML and control failures. In 2018, ING agreed to pay €775 million in the Netherlands after admitting that criminals had been able to launder money through its accounts for years; Reuters reported prosecutors said those shortcomings were structural and long-lasting. In 2020, Reuters also reported that a Milan court ordered ING to pay €30 million to settle an Italian money-laundering case. None of that proves liability for the conduct alleged in the EFRI report. But it does destroy any comforting fantasy that Payvision sat inside a pristine control culture.
The Need to Cover-Up
ING has every incentive to bury Payvision as an embarrassing failed acquisition. Payvision is dissolved, the executives took relatively modest fines, and the bank would prefer the market to remember only a bad M&A bet. But the EFRI chats threaten to turn that narrative inside out. They suggest that what ING bought was not just a fast-growing fintech, but a revenue machine allegedly fed by some of Europe’s most notorious scam brokers. According to EFRI, the same criminal case materials show not only awareness of the fraud environment but apparent assistance in solving the payment and settlement problems that kept those schemes alive.
That is why this case matters for every regulator, court, and victim in Europe. Fraud does not scale without finance. Boiler rooms need cards, acquiring, settlement, merchant shells, trust accounts, and someone willing to keep the money moving when the red flags start flashing. The Payvision chats, as published by EFRI, go to the heart of that architecture. They show the payment layer not as a neutral bystander, but as the nervous system of the scam economy.
Conclusion
What emerges from the Payvision chats is not the picture of a negligent payment processor that failed to ask enough questions. It is the picture of a financial intermediary that, according to the documented communications and the surrounding case files, appears to have known exactly what kind of merchants it was dealing with and nonetheless helped keep their fraud operations running.
If these chats withstand full judicial scrutiny, then Payvision was not standing at the edge of the scam economy — it was operating inside it, managing frictions, protecting flows, and profiting from the victims’ losses at every stage. That is why this case should not end with a few legacy fines, corporate silence, and selective amnesia at ING. Europe needs full accountability for the executives, institutions, and banking structures that turned payment processing into an instrument of industrial-scale fraud.
