After the Bank of Lithuania revoked Paytend Europe UAB’s EMI licence for serious and systematic AML/CFT failures — including a mishandled relationship with an unnamed high-risk customer — MEXC appears to have re-engineered its Euro deposit rail. FinTelegram’s fresh deposit simulation (screenshots on file) shows Legend Trading now embedded as the fiat service layer inside MEXC’s “Bank Transfer” flow, including KYC onboarding and terms acceptance — yet the rail still routes deposit logic through Finetix Ltd S.R.L. as the contractual counterparty.
Combined with whistleblower-supplied bank transfer evidence from Italy showing 2024 deposits to MEXC Estonia OÜ via Lithuanian infrastructure and additional on-ramp rails via ClearJunction-prefixed accounts, a consistent pattern emerges: MEXC systematically swaps providers while preserving an obfuscation-first architecture designed to keep the “MEXC” beneficiary out of the sending bank’s line of sight.
Key Findings (Compliance Signals)
- Whistleblower evidence (Italy, 2024): bank transfer receipts show EUR deposits routed to MEXC Estonia OÜ via a Lithuanian IBAN (masked in publication), and additional rails via Banxa and MoonPay using ClearJunction-prefixed accounts (CLJU).
- FinTelegram rail mapping (Feb 2026): FinTelegram documented a dual architecture with Finetix Ltd S.R.L. as the universal contractual recipient, with routing via HEURO SAS / OuiTrust for SEPA Instant and Paytend Europe UAB for standard bank transfer.
- Open Letter escalation (18 Feb 2026): FinTelegram publicly put Paytend on notice and stated that Paytend was processing Euro deposits for MEXC via Finetix; Paytend’s continued facilitation was framed as a compliance and governance failure.
- Regulatory enforcement (6 Mar 2026): Bank of Lithuania revoked Paytend’s licence after inspection found serious and systematic deficiencies and referenced incorrect information and missing correspondence tied to a high-risk customer relationship.
- New rail shift (today’s simulation): FinTelegram observed Legend Trading replacing Paytend/OuiTrust as the user-facing “Bank Transfer” fiat service layer inside MEXC — while Finetix remains present in the legal/contractual wording of the deposit flow (screenshots on file).
- Critical inference (defensible): MEXC’s rail is not “one provider.” It is a provider-swappable obfuscation stack with a persistent contractual shield layer — the compliance risk does not disappear when one EMI or processor disappears.
Evidence Pack (Whistleblower — anonymized)
FinTelegram reviewed supporting documents from an Italian retail user (identity withheld; personal data not published). The documents include:
- Banxa deposit instructions referencing a ClearJunction-prefixed IBAN (CLJU) and bank details for Clear Junction Limited.
- BBVA transfer receipt showing a EUR bank transfer to Banxa using a CLJU-prefixed account (masked in publication).
- BBVA transfer receipt showing a EUR bank transfer to MoonPay Technology Services Limited using a CLJU-prefixed account (masked in publication).
- BBVA transfer receipt showing a EUR bank transfer to MEXC Estonia OÜ using a Lithuanian IBAN (masked).
- BBVA transfer receipt showing a later EUR bank transfer to “Mexc” using the same Lithuanian IBAN pattern (masked).
Why it matters: this is not “forum chatter.” These are bank-level payment artifacts that demonstrate how EU retail funds were routed to MEXC-linked beneficiaries and/or MEXC-adjacent on-ramp partners through structured rails.
What Changed: From Paytend/OuiTrust to Legend Trading — Without Changing the Core Design
1) The older model (documented by FinTelegram)
In February 2026, FinTelegram described a dual-rail architecture:
- Finetix Ltd S.R.L. acting as the universal “contractual recipient,”
- routing through HEURO SAS / OuiTrust for SEPA Instant,
- and routing through Paytend Europe UAB for standard bank transfers.
FinTelegram’s Open Letter (18 Feb 2026) stated that Paytend continued to process Euro deposits for MEXC via Finetix.
2) The enforcement shock (Bank of Lithuania)
On 6 March 2026, the Bank of Lithuania revoked Paytend’s EMI licence after inspection findings that included systemic AML/CFT and internal control failures and an explicit reference to a mishandled high-risk customer relationship.
3) The new model (today’s simulation — screenshots on file)
FinTelegram’s new deposit simulation indicates:
- Legend Trading (webiste) is now the embedded fiat service layer inside MEXC’s “Bank Transfer” flow, including integrated onboarding/KYC and “Legend” terms acceptance.
- Despite the provider swap, the Romanian payment agent Finetix still appears in the deposit rail’s contractual wording — consistent with Finetix’s historical role as “contractual recipient / legal shield” previously documented by FinTelegram.
- The flow appears engineered to avoid showing a static IBAN to the user and instead pushes users into an “online banking login / hand-off” style transfer initiation, where payment details can be auto-populated and less transparent to the end user (and often harder for the public to audit).
- On MEXC’s SEPA deposit rail, the beneficiary is now shown as SecureSwap s.r.o. (secureswap.exchange), a Czech-registered entity presented inside a P2P-style “notify seller” flow. In our deposit simulation (screenshot on file), MEXC instructs users to transfer funds to a Lithuanian IBAN starting with “LT…3130…,” which corresponds to the Lithuanian financial-institution code 31300 = UAB ZEN.COM—meaning the SEPA collection leg is routed via ZEN.COM’s Lithuanian EMI infrastructure, not directly to an account transparently labelled “MEXC.”
Compliance takeaway: this looks like rail refactoring, not remediation.
Legend Trading: Why This Provider Swap Raises New Questions
Legend Trading’s own EU site positions “Legend Trading EU” as an institutional liquidity provider with products such as “Legend Gateway,” and it lists exchange showcases (including KuCoin). The site also states: “Legend Ireland Financial Limited … is regulated by the Central Bank of Ireland.”
This creates a very direct compliance question:
If a regulated or regulated-adjacent provider is deeply integrated into MEXC’s EU fiat deposit flow, what is the exact compliance perimeter being applied to the MEXC relationship and its downstream payment architecture?
FinTelegram is not alleging wrongdoing by Legend Trading based solely on integration. But in a post-Paytend world — where a Lithuanian supervisor has just revoked a licence citing serious AML/CFT deficiencies and a high-risk customer relationship — a provider stepping into the same rail inherits the same core risks unless the architecture itself changes.
Finetix: The Constant Node
FinTelegram’s February 2026 rail analysis called Finetix the universal contractual gateway/recipient in MEXC euro deposits and noted that it functions as a “legal shield” layer in the stack.
The whistleblower evidence from 2024 further supports that MEXC-linked collections existed before the later “Finetix-fronted” evolution: earlier rails show direct beneficiary naming (“MEXC Estonia OÜ” / “Mexc”) and additional third-party on-ramps (Banxa/MoonPay) — consistent with a strategy of multi-rail redundancy.
Compliance interpretation: when a stack keeps the same contractual shield while swapping the pipe, the intent is typically continuity under pressure — not improved transparency.
Updated Rail Map
| Period | User-facing rail | Contractual / named recipient | Pipe / Provider layer |
|---|---|---|---|
| 2024 (whistleblower Italy) | Bank transfer + on-ramp purchases | “MEXC Estonia OÜ” / “Mexc” (bank receipts) + Banxa/MoonPay | Lithuanian IBAN rail + ClearJunction-prefixed accounts for Banxa/MoonPay |
| Feb 2026 (FinTelegram) | Standard bank transfer + SEPA Instant | Finetix as contractual recipient | Paytend (standard bank transfer) + HEURO/OuiTrust (SEPA Instant) |
| Feb 2026 (Open Letter) | Euro deposits for MEXC | Finetix | Paytend |
| Mar 2026 (Regulator) | — | — | Paytend licence revoked; “high-risk customer” reference |
| May 2026 (FinTelegram simulation) | Bank Transfer “Legend …” + bank-login initiation | Finetix still present in rail wording | Legend Trading as embedded service layer |
Compliance Verdict
This is now a pattern with a signature:
- MEXC uses EU-facing rails to pull retail fiat.
- It keeps a contractual shield layer (Finetix) or other intermediating structures that reduce beneficiary transparency.
- When a facilitator becomes exposed or sanctioned, MEXC hot-swaps the provider and refactors the UI/flow to reduce auditability.
- Whistleblower bank artifacts show the rails were operational in 2024 and routed to MEXC-linked beneficiaries and/or MEXC on-ramp partners.
Paytend’s revocation does not “end the story.” It demonstrates that the risk was real, and the provider swap suggests that MEXC’s priority is operational continuity, not compliance clarity.
What FinTelegram Will Now Investigate (and what regulators should ask)
- Legend Trading → MEXC: What is the exact scope of Legend’s services (pure gateway vs. MoR vs. settlement orchestration)?
- Finetix’s continuing role: Why does Finetix remain in the contractual layer even after the “pipe” changes?
- Bank-login payment initiation: Which AIS/PIS or open-banking infrastructure is being used? Who is the PISP? Where is the consent stored?
- Downstream settlement: Which banks/EMIs now hold the accounts that previously sat behind Paytend / HEURO?
- Consumer disclosure: Is the ultimate beneficiary relationship sufficiently disclosed for AML/CTF and consumer protection expectations?
Call for Whistleblowers (MEXC, Legend, Finetix, and EU Banking Partners)
If you are:
- a MEXC customer who used “Bank Transfer / Easybank / Legend …” deposit routes,
- a current or former employee/contractor of Legend Trading, Finetix, HEURO/OuiTrust, Paytend, or any integrated PSP/PISP,
- or a compliance professional at a bank that processed these flows,
we want evidence: deposit instructions, settlement details, beneficiary data, IBANs (privately), on-chain TXIDs, support tickets, and contractual documentation. Submit via Whistle42.
FinTelegram follows the conversions — and the pipes. If you know what replaced Paytend behind the scenes, help us map it.
