The Bank of Lithuania revokes licence of UAB PAYRNET (former embedded banking platform Railsr). The institution provided financial services through 90 intermediaries. Just a year ago, the firm was looking for investment at a $1 billion valuation.

The Bank of Lithuania revoked the licence of the electronic money institution UAB PAYRNET „for serious, systematic and multiple violations of legal acts”. „This means that the institution can no longer provide financial services and has to return the funds to its clients within the set time limit. The Bank of Lithuania will apply to the court for the initiation of bankruptcy proceedings against the institution and also intends to apply to law enforcement authorities.” – according to the press release.

In addition, the Bank of Lithuania restricted the right of UAB PAYRNET to dispose of the funds allocated to its activities with certain reservations. According to the information provided to the Bank of Lithuania, the institution is aware of the amount of its current liabilities to clients, and its client funds are safeguarded in separate dedicated accounts. These funds will not be restricted, therefore clients who hold funds in the accounts of this institution must apply for their refund directly to UAB PAYRNET.

The institution must inform clients about the applicable settlement procedure with clients no later than within 5 working days. The funds must be returned to the account specified by a client opened with a credit or other electronic money or payment institution. Read more here.

The Bank of Lithuania has found that the institution violated the Republic of Lithuania Law on Electronic Money and Electronic Money Institutions, the Law on the Prevention of Money Laundering and Terrorist Financing as well as the Law on Payments.

The business model of UAB PAYRNET was exclusively focused on activities through intermediaries. During the inspection period, the institution provided financial services through 90 intermediaries, distributors or other legal entities distributing the institution’s financial services. In most cases, the institution would establish a business relationship with them without due diligence and without assessing their suitability, reputation and risk; in cases where the assessment was conducted, it was inadequate.

The institution did not control how and to whom intermediaries provided the services of the institution, how they performed the money laundering and terrorist financing functions delegated to them, failed to comply with the requirement for periodic training of intermediaries, audits of their activities or other types of assessment. 

The Bank of Lithuania also identified a number of other particularly serious violations related to the prevention of money laundering and terrorist financing, the implementation of international sanctions and restrictive measures. 

The assessment of the money laundering and terrorist financing risk of the institution’s clients was inadequate and, in some cases, not performed at all. The internal control procedures related to client due diligence had serious shortcomings. The institution did not always identify clients, failed to comply with the requirements to properly identify clients or their representatives remotely, did not always properly verify or at all check information about the client’s beneficiary, often failed to identify the purpose and intended nature of the client’s business relationships and engaged in business relationships with clients at high risk of money laundering and terrorist financing without applying enhanced client due diligence.

UAB PAYRNET failed to ensure an adequate internal control system in the area of prevention of money laundering and terrorist financing, including the allocation of functions and measures for managing conflicts of interest. The institution did not store relevant information that could be recovered where necessary, and its IT system did not ensure proper collection, processing and use of data. Information related to client and beneficiary identification, monetary transactions and operations was not always available to the staff responsible for managing the risks of money laundering and terrorist financing.

UAB PAYRNET did not have all the data on the number of clients (end users) using its services: it did not control the data on the payment transactions of end users and was unable to determine the exact amount of end-user funds. The institution did not store key data of end-users necessary to ensure the prevention of money laundering and terrorist financing. 

The institution failed to properly regulate the process of monitoring business relationships and operations, as well as to properly perform daily (instant) and retrospective monitoring of client payment transactions. The client monitoring tools (scenarios) put in place were insufficient and did not allow timely and effective detection of suspicious transactions and their investigation. The institution did not always report suspicious client operations or transactions to the Financial Crime Investigation Service on time. In addition, there have been instances where the institution tipped-off intermediaries about reported suspicious client transactions, although this is prohibited.

UAB PAYRNET did not have the appropriate means to determine whether the transactions and operations carried out by the client fall outside the scope of the international restrictive measures, failed to properly verify whether the client, the beneficiary and the client’s representative were on the lists of sanctioned persons, and in some cases failed to verify whether their clients were dealing with persons subject to international financial sanctions or restrictive measures.

During the inspection period, the institution failed to properly safeguard end user funds: instead of keeping the funds in a dedicated account of a credit institution or central bank, it kept funds at another electronic money institution. Moreover, without having a legal basis and without concluding agreements, the institution formed reserves in the account of an electronic money institution of another group of companies, to which UAB PAYRNET belongs, for the purpose of securing the liabilities of another institution. 

There has been a case in which the institution unilaterally terminated contracts concluded with clients without informing them in advance, and having received their requests for redemption of the electronic money held in the account of UAB PAYRNET, failed to fulfil that obligation. The Bank of Lithuania received around 50 complaints from consumers regarding this case.

The institution, in the absence of properly approved own funds calculation procedures, failed to ensure adequate internal controls for the calculation of own funds requirements and failed to properly comply with the own funds requirements: it incorrectly calculated own funds requirements and failed to meet own funds requirements during several reporting periods. The institution did not have internal documents governing the management of financial accounting (including the procedure for recording and evaluating transactions), internal controls and preparation of financial statements.

UAB PAYRNET failed to comply with the mandatory instructions given by the Bank of Lithuania, provided incomplete and inaccurate information in the financial and operational reports submitted to the supervisory authority. In addition, the institution did not audit the financial statements for 2022 within the time limits established by law and did not make a decision on the distribution of profit (loss).

After assessing the institution’s financial position, the Bank of Lithuania found that the liabilities currently held by the institution exceeded its assets, therefore it is insolvent and there is no evidence that the situation could change in the near future. It is important to note that last year the institution made payments for the expenses incurred by other companies in the group of companies to which UAB PAYRNET belongs, resulting in an irrecoverable amount of more than €7 million, which had a very negative impact on the financial position of the institution. The Bank of Lithuania intends to apply to law enforcement authorities requesting an assessment of whether criminal offences have been committed.

In February 2023, the Bank of Lithuania restricted the activities of UAB PAYRNET, and in March it appointed a temporary representative for the supervision of the activities of this institution. In 2022, the institution came fifth among Lithuania’s electronic money and payment institutions according to its annual turnover (€7.5 billion). According to unaudited data, last year its operating income amounted to nearly €6.4 million. Read more here.

_____________

In March, Railsr was saved from collapse after agreeing a sale to a consortium of investors.
Just a year ago, the firm was looking for investment at a $1 billion valuation but had been looking for a buyer for several months as it faced up to the economic downturn, with a possible deal with African payments technology unicorn Flutterwave falling through. according to Finextra. The rescue deal has seen Railsr continue to trade under a new entity, Embedded Finance, but this does not include the Lithuanian business.