FinTelegram has received a new player complaint involving alleged illegal casino deposits processed through opaque merchant descriptors and regulated payment infrastructure. The complainant claims that payments connected to online casinos including Malina Casino and Wazbee Casino were routed through payment processors including Smartflow Payments/SENDS, xpate Ltd and Finthesis Ltd/PAIO.
The case is not an insider leak. It is a player-side payment complaint — but one with transaction-level documentation: ARN numbers, dates, amounts, descriptors, screenshots of processor correspondence, and partial refund evidence.
The player alleges that the disputed transactions were casino deposits disguised as non-gambling merchant payments, including alleged classification under MCC 7372 rather than gambling-related merchant categories. FinTelegram has not yet independently verified the MCC coding from raw card-network records. However, the submitted material raises serious red flags around merchant transparency, acquiring-chain accountability and payment-processor monitoring.
The Complaint
According to the complainant, 42 transactions were processed between October and December 2025 through a network of obscure merchant descriptors. The alleged casino brands named by the complainant are:
- Malina Casino
- Wazbee Casino
The complainant says the casinos did not respond to his refund requests and that he therefore escalated the matter to the payment processors and acquiring-chain entities identified in the transaction records.
The core allegation: illegal casino deposits were allegedly routed through non-transparent merchant descriptors and misclassified as non-gambling activity.
The Payment Processors Named
The complaint names the following entities:
| Entity | Role alleged by complainant | Status in evidence reviewed |
|---|---|---|
| Smartflow Payments Ltd / SENDS https://sends.co/ | Processor/acquirer chain for INNTCIT and CL2SK transactions | Transaction list shows 13 transactions totaling €2,000; three INNTCIT transactions marked refunded. |
| xpate Ltd /XPATE https://xpate.com/ | Processor/acquirer chain for multiple opaque descriptors | Transaction list shows 13 transactions totaling €1,306 involving vercs2, calcal, jusdot5, tokdom, jusski6 and paypay. |
| Finthesis Ltd / PAIO https://paio.company/ | Alleged processor/acquirer for SKINMODE and CYBGEU flows | Referenced in screenshots and complaint; further clean transaction data requested. |
| Helaba / HELADEFF https://www.helaba.com/ | German banking / a receiving-side or settlement-side banking reference | Annex repeatedly references HELADEFF and a German IBAN beginning DE97 5005. |
| Libergos Limited | Cyprus-based payment agent in the HELADEFF / German IBAN routing environment | Cyprus casino-sector entity, publicly linked to Hollycorn N.V.-related casino operations and previously warned by ACMA for prohibited interactive gambling services. |
The Merchant Descriptor Map
The submitted material does not show transparent casino merchant names on the payment records. Instead, it shows a series of obscure descriptors.
| Descriptor | Processor / acquirer indicated | Current assessment |
|---|---|---|
| INNTCIT | Smartflow Payments / SENDS | The UK corporate register shows Instantonit Limited registered with SIC code 62020 — IT consultancy activities (https://instantonit.com) |
| CL2SK | Smartflow Payments / SENDS | High-priority descriptor. Repeated across Annex and Smartflow list. |
| vercs2 | xpate Ltd | Opaque descriptor; UK Companies House record shows VERIDRA LTD with SIC codes for data processing, web portals, and other information services. |
| calcal | xpate Ltd / Annex | Opaque descriptor; needs merchant-of-record confirmation. |
| jusdot5 | xpate Ltd / Annex | Opaque descriptor; needs acquirer clarification. |
| tokdom | xpate Ltd | Opaque descriptor; needs acquirer clarification. |
| jusski6 | xpate Ltd / Annex | Opaque descriptor; needs acquirer clarification. |
| paypay | xpate Ltd | Opaque descriptor; requires clarification. |
| SKINMODE | Finthesis / PAIO alleged | Requires clean ARN-level confirmation. |
| CYBGEU | Finthesis / PAIO alleged | Requires clean ARN-level confirmation. |
The pattern is familiar: short, non-branded, non-consumer-facing descriptors; repeated round-number payments; obscure addresses; and PSPs distancing themselves from the underlying merchant.
FinTelegram was not yet able to verify the legal merchant-of-record behind all descriptors. However, several descriptors resolve to opaque UK address clusters or match public player complaints about gambling-related card payments. These findings require clarification from Smartflow/SENDS, xpate, Finthesis/PAIO and the acquiring banks.
SENDS: The Refund Question
A Smartflow/SENDS transaction list seen by FinTelegram shows 13 transactions. Three INNTCIT transactions are marked as refunded. That does not prove guilt. But it raises a sharp question:
If SENDS could process refunds for part of this flow, why did the remaining disputed transactions become a “contact the merchant” problem?
FinTelegram will ask SENDS to explain:
- who the legal merchant of record was behind INNTCIT and CL2SK;
- why the INNTCIT transactions were refunded;
- what MCC was applied;
- whether 3DS/SCA was triggered;
- whether these payments were connected to Malina Casino, Wazbee Casino, or related operators.
xpate: “Technology Provider” Is Not the End of the Story
The complainant provided correspondence in which xpate reportedly stated that it is a payment processing technology provider and not the direct provider of goods or services.
That answer may be contractually convenient. It is not sufficient. If xpate appears in the acquiring or processing chain, then the relevant questions remain:
Who was onboarded? Who was monitored? Who approved the merchants? Who saw the descriptors? Who carried the risk?
The xpate transaction list shows 13 transactions totaling €1,306 across multiple opaque descriptors. xpate’s own prohibited-activities document, submitted by the complainant, lists categories including offshore structures, unclear UBOs, unlicensed gambling, high-risk financials and unacceptable reputational-risk merchants.
That makes the case obvious: xpate should explain how these descriptors passed its merchant-control framework.
The MCC 7372 Allegation
The palyer alleges that the casino-related payments were misclassified under MCC 7372, typically associated with computer programming / data processing / IT services, rather than a gambling-related category.
This allegation is serious. It goes to the heart of transaction laundering: payments for one activity allegedly being processed as another.
FinTelegram has not yet independently verified the MCC from raw card-network or issuer records. We therefore treat the MCC 7372 point as an allegation requiring confirmation.
But the question is legitimate: Were gambling deposits processed under non-gambling merchant categories? If yes, this would raise major issues for acquiring banks, payment processors, card schemes and regulators.
The German Settlement Layer
The Annex repeatedly references HELADEFF and a German IBAN beginning DE97 5005, suggesting a German banking or settlement layer in the payment chain.
FinTelegram makes no allegation that Helaba knowingly processed illegal casino payments. But where German banking infrastructure appears in a payment-rail complaint involving alleged illegal gambling, the institution should clarify the nature of the account relationship: settlement account, PSP account, acquiring account, correspondent function — or something else?
FinTelegram Assessment
This is not yet a final proof file. It is a credible player complaint with transaction-level evidence.
The complaint shows:
- multiple payment processors;
- obscure merchant descriptors;
- ARN-level transaction records;
- alleged casino connection;
- partial refunds;
- possible MCC misclassification;
- repeated refusal or deflection by involved payment entities.
The case fits a broader pattern FinTelegram has documented for years: offshore or illegal casino operators using payment intermediaries and opaque merchant descriptors to access card and banking rails while hiding the true gambling purpose from banks, issuers and players.
Questions To SENDS, xpate, PAIO and the Casinos
FinTelegram invites the named entities to answer:
- Were the disputed transactions connected to Malina Casino, Wazbee Casino, or related gambling operators?
- Who were the legal merchants of record behind INNTCIT, CL2SK, vercs2, calcal, SKINMODE and CYBGEU?
- Which MCCs were used?
- Was MCC 7372 used for any of the payments?
- Were 3DS and Strong Customer Authentication applied?
- Why were some SENDS-linked transactions refunded while others were not?
- Which regulated institution held the settlement account referenced by the German IBAN/HELADEFF records?
- Were suspicious activity reports or internal AML escalations filed?
Call for Information
FinTelegram is looking for further information from:
- players who deposited into Malina Casino or Wazbee Casino;
- players who see descriptors such as INNTCIT, CL2SK, vercs2, calcal, SKINMODE, CYBGEU, jusdot5, tokdom, jusski6 or paypay on bank/card statements;
- insiders at SENDS, Smartflow Payments, xpate, PAIO/Finthesis, acquiring banks, ISOs, payment facilitators or casino cashier providers;
- compliance officers with knowledge of MCC 7372 use in gambling flows.
Submit information securely via the FinTelegram whistleblower platform.
Player losses are one thing. Payment laundering is another. If regulated payment firms helped illegal casinos disguise deposits as IT services or other non-gambling transactions, this is not a private dispute — it is a regulatory matter.
