From Digital Age to Nano Age. WorldWide.

Tag: Financial

Robotic Automations

Hackers are threatening to publish a huge stolen sanctions and financial crimes watchlist | TechCrunch

A financially motivated criminal hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime.

The hackers, which call themselves GhostR, said they stole 5.3 million records from the World-Check screening database in March and are threatening to publish the data online.

World-Check is a screening database used for “know your customer” checks (or KYC), allowing companies to determine if prospective customers are high risk or potential criminals, such as people with links to money laundering or who are under government sanctions.The hackers told TechCrunch that they stole the data from a Singapore-based firm with access to the World-Check database, but did not name the firm.

A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year.

Simon Henrick, a spokesperson for the London Stock Exchange Group, which maintains the database, told TechCrunch: “This was not a security breach of LSEG/our systems. The incident involves a third party’s data set, which includes a copy of the World-Check data file. This was illegally obtained from the third party’s system. We are liaising with the affected third party, to ensure our data is protected and ensuring that any appropriate authorities are notified.”

LSEG did not name the third-party company, but did not dispute the amount of data stolen.

The portion of stolen data seen by TechCrunch contains records on thousands of people, including current and former government officials, diplomats, and private companies whose leaders are considered “politically exposed people,” who are at a higher risk of involvement in corruption or bribery. The list also contains individuals accused of involvement in organized crime, suspected terrorists, intelligence operatives, and a European spyware vendor.

The data varies by record. The database contains names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

World-Check is currently owned by the London Stock Exchange Group following a $27 billion deal to buy financial data provider Refinitiv in 2021. LSEG collects information from public sources, including sanctions lists, government sources, and news outlets, then provides the database as a subscription to companies for conducting customer due diligence.

But privately run databases, like World-Check, are known to contain errors that can affect entirely innocent people with no nexus or connection to crime but whose information is stored in these databases.

In 2016, an older copy of the World-Check database leaked online following a security lapse at a third-party company with access to the data, including a former advisor to the U.K. government that World-Check had applied a “terrorism” label to his name. Banking giant HSBC shut down bank accounts belonging to several prominent British Muslims after the World-Check database branded them with “terrorism” tags.

A spokesperson for the U.K.’s data protection authority, the Information Commissioner’s Office, did not immediately comment on the breach.

To contact this reporter, get in touch on Signal and WhatsApp at +1 646-755-8849, or by email. You can also send files and documents via SecureDrop.

Software Development in Sri Lanka

Robotic Automations

Consumer Financial Protection Bureau fines BloomTech for false claims | TechCrunch

In an order today, the U.S. Consumer Financial Protection Bureau (CFPB) said that BloomTech, the for-profit coding bootcamp previously known as the Lambda School, deceived students about the cost of loans, made false claims about graduates’ hiring rates and engaged in illegal lending masked as “income sharing” agreements with high fees.

The order marks the end of the CFPB’s investigation into BloomTech’s practices — and the start of agency’s penalties on the organization.

The CFPB is permanently banning BloomTech from consumer lending activities and its CEO, Austen Allred, from student lending for a period of ten years. In addition, the agency is ordering BloomTech and Allred to cease collecting payments on loans for graduates who didn’t have a qualifying job and allow students to withdraw their funds without penalty — as well as eliminate finance changes for “certain agreements.”

“BloomTech and its CEO sought to drive students toward income share loans that were marketed as risk-free, but in fact carried significant finance charges and many of the same risks as other credit products,” CFPB director Rohit Chopra said in a statement. “Today’s action underscores our increased focus on investigating individual executives and, when appropriate, charging them with breaking the law.”

BloomTech and Allred must also pay the CFPB over $164,000 in civil penalties to be deposited in the agency’s victims relief fund, with BloomTech contributing ~$64,000 and Allred forking over the remainder ($100,000).

Allred founded BloomTech, which rebranded from the Lambda School in 2022 after cutting half its staff, in 2017. Based in San Francisco, the vocational organization — owned primarily by Allred — is backed by various VC funds and investors including Gigafund, Tandem Fund, Y Combinator, GV, GGV and Stripe, and at one time was valued at over $150 million.

Critics almost immediately attacked the firm’s then-pioneering business model — the income share agreement, or ISA — as predatory.

For BloomTech’s short-term, typically six-to-nine-month certification — not degree — programs in fields spanning web development, data science and backend engineering, the school originated income-share loans to fund students’ tuition. (According to the CFPB, BloomTech has originated “at least” 11,000 loans to date.) These loans require that recipients who earn more than $50,000 in a related industry pay BloomTech 17% of their pre-tax income each month until reaching the 24-payment or $30,000 total repayment threshold.

BloomTech didn’t market the loans as such, saying that they didn’t create debt and were “risk free,” and advertised a 71%-86% job placement rate. But the CFPB found these marketing claims and others to be flatly untrue.

BloomTech’s loans in fact carried an annual percentage rate and an average finance charge of around $4,000, neither of which students were made aware of, and a single missed payment triggered a default. The school’s job placement rates were closer to 50% and sank as low as 30%. And, unbeknownst to many students, BloomTech was selling a portion of its loans to investors while depriving recipients of rights they should’ve had under a federal protection known as the Holder Rule.

Prior to the CFPB order, BloomTech, which briefly landed in hot water with California’s oversight board several years ago for operating without approval, had faced other lawsuits claiming the school misrepresented how likely graduates were to get a job and how much they were likely to earn. Last year, leaked documents obtained by Business Insider raised questions about the company inflating its efficacy and hyping up a curriculum that didn’t upskill students at the level they expected.

To comply with the CFPB order, BloomTech must stop collecting payments on loans to graduates who didn’t receive a qualifying job in the past year, and eliminate the finance charge for those who graduated the program more than 18 months ago and obtained a qualifying job making $70,000 or less. The company must also allow current students to withdraw from the program and cancel their loans, or continue in the program with a third-party loan.

Software Development in Sri Lanka

Robotic Automations

Jio Financial, BlackRock to tap India's wealth management market | TechCrunch

Jio Financial Services, part of the Indian conglomerate Reliance, is forming a joint venture with U.S. asset manager BlackRock to set up a wealth management and broking business in India, the two firms said Monday.

The announcement follows BlackRock and Jio Financial launching a joint venture last year to offer asset management services in India. The two companies plan to invest $150 million each in the joint venture, they said last year. That joint venture is awaiting the Indian market regulator’s approval.

The expansion of BlackRock and Jio Financial’s partnership underscores Reliance’s growing ambitions in the financial services sector. The $237 billion Indian firm already leads the nation’s refinery, retail and telecom sectors. (India’s central bank doesn’t permit tycoons to receive the banking license.)

Jio Financial Services said in a report last year that it was taking a direct-to-customer approach, using alternate data models for personalized offerings and a unified app for diverse customer financial needs, to cut costs and tailor interactions.

Since its public debut in August, Jio Financial Services has already expanded to insurance and lending businesses.

Software Development in Sri Lanka