Over the last ten years or so, the cannabis industry appears to have evolved and developed beyond recognition. Ongoing waves of legalisation and other significant legislation changes across the world – including in Europe, the Americas, and Asia – have resulted in cannabis sectors, medicinal and recreational, alike, taking off in various markets. The new openness with which cannabis is increasingly discussed may give many players in this fledgling industry a false sense of security. While it may be easy to think that all is well in the sector, recent events may hint to the contrary.
Similar to what has been seen in the cryptocurrency industry in recent years, the cannabis industry appears to be an appealing target to less-than-savoury characters whose dodgy dealings threaten to give the sector a bad name. This year alone, two significant cannabis industry scams have taken headlines by storm – including one case which is now being referred to as “the biggest cannabis industry scam of all time.”
JuicyFields’ Alleged “Ponzi Scheme”
Up until July this year, thousands of investors continued to send funds to JuicyFields, a supposed cannabis investment firm that operated throughout the world. The allegedly fraudulent firm was registered in Germany before moving its headquarters to Amsterdam earlier this year. According to reports, thousands of investors had seen returns on their initial investment, prompting positive reviews that attracted more people to the firm. But below the surface, things were apparently not what they appeared.
In what is now being called a Ponzi Scheme, the owners of JuicyFields appear to have scammed up to 500,000 investors out of millions – and potentially billions – of euros. Initially, account holders with JuicyFields were able to invest from as little as €50 (£42) up to €180,000 (£150,000). The story was that investors – called “e-growers” – were essentially supporting legal cannabis cultivation efforts in various locations around the world. After three months, returns of up to 66% could be expected – and according to many account holders, the company had indeed paid out to them, either through bank transfer or in the form of cryptocurrency.
However, by July 2022, cracks were beginning to show. Employees of the firm had gone on strike, allegedly due to unpaid wages and ownership of the company had apparently changed hands. To top it all off, investors were suddenly locked out of their accounts, unable to access their funds. Since this development, JuicyFields’ social media accounts have been shut down, and customer services – and any employee, for that matter – have become unreachable.
So, what really happened with JuicyFields, and could the alleged scam have been identified earlier?
Spotting the Red Flags
The first thing to note about this case is that the majority of the alleged victims appear to have been individual investors. As such, it is likely unfair to expect these individuals to have extensive screening and due diligence practices in place to identify potentially fraudulent investment opportunities. Nonetheless, larger firms and companies that may have invested in JuicyFields operations may well have spotted some red flags should they have conducted the necessary due diligence.
Louie Ferrer, Compliance Director at Shweed, explains that there were red flags that could have been acknowledged.
“If we were to use Juicy Fields as a case study to apply the basic principles of Customer Due Diligence (CDD) and use that information to then assess the entity’s AML/CFT/Sanctions risk, it becomes obvious that Juicy Fields raises red flags in all major areas of risk.”
Identification and Verification
Mr Ferrer explains that companies need to ‘know their customers’ for a number of reasons:
- To comply with the requirements of relevant legislation and regulation;
- To help the firm, at the time the due diligence is carried out, to be reasonably certain that the customers are who they say they are, and that it is appropriate to provide them with the products or services requested;
- To guard against fraud, including impersonation and identity fraud;
- To help the organisation to identify, during the course of a continuing relationship, what is unusual and to enable the unusual to be examined; if unusual events do not have a commercial or otherwise straightforward rationale they may involve money laundering, fraud, or handling criminal or terrorist property;
- To enable the organisation to assist law enforcement, by providing available information on customers being investigated.
One of the most important aspects of due diligence is the Identification & Verification (ID&V) of the corporate body, its directors, and its beneficial owners. This helps to establish whether the company and its operations are legitimate.
With regards to JuicyFields, the company was legally incorporated in several countries; however, as recent articles have reported, it is clear that no one was really sure who was behind the company. In fact, what we now appear to know regarding the beneficial owners of JuicyFields was only discovered due to a leak.
Mr Ferrer notes: “In this respect – unless Juicy Fields were to provide the shareholder information – the basic criteria of CDD would not have been met.”
It wasn’t simply the owners of the company that could have been seen as a red flag for investors. In actual fact, the warning signs were apparent from as early as March, this year – literally. German Federal Financial Supervising Authority (BaFin) issued official warnings about JuicyFields. By May, the Spanish National Finance Commission had placed JuicyFields on its list of companies not authorised to conduct investment business in the country.
To put it bluntly, JuicyFields simply was not registered to provide the services they were offering. And yet, with all these warning signs, many investors continued to interact with the company until its closure two months later.
Identifying Risk Factors
There are some major risk factors that should always be taken into account when assessing potential new customers and their inherent financial crime risk:
- Entity Type
- Delivery Channels
Entity Type Risk
Risk associated with the entity type of the company generally refers to any form of legal entity or related service that enables individuals to divest themselves of ownership while retaining an element of control over the company. In such cases, the company potentially represents an increased customer risk. For example, companies with complex ownership structures that make it relatively easy to conceal underlying beneficiaries where there is no legitimate commercial rationale or companies for which nominee shareholders have been appointed – as was the case at Juicy Fields.
Other potential examples of Entity Type Risk include:
- Companies incorporated in jurisdictions that do not require the identity of the ultimate underlying principles to be disclosed;
- Certain forms of trust or foundation, including blind trusts, dummy settlor trusts and settler-directed trusts where knowledge of the identity of the true underlying principals or controllers cannot be guaranteed;
- Certain trusts under which a ‘protector’ may be appointed who can override certain key elements of the trust;
- Companies issuing bearer shares.
According to Transparency International, “Opaque corporate ownership structures represent the primary method used by corrupt individuals to hide stolen funds.”
The country/jurisdiction with which a company is connected or does business, or in which it is based can also affect the overall Anti-Money Laundering (AML)/ Combating the Finance of Terrorism (CFT) business risk. This is known as Country Risk. This also includes the geographical sphere of their business activities, such as the location of the markets in which their business is conducted.
Thanks to data leaks, it is now apparent that the real control and ownership of JuicyFields stemmed from Russia – a country that is considered high risk for a number of reasons, including FATF-issued warning statements relating to threats to the integrity, safety and security of the international financial system (arising from Russia’s invasion of Ukraine); the Russian Federation’s expulsion from the Council of Europe; Russia’s ceased membership of MONEYVAL; and the US State Department’s classification of Russia as a ‘Country/Jurisdiction of Primary Concern in respect of Money Laundering and Financial Crimes.
With all this said, however, Russia was neither a country in which JuicyFields was registered nor operated. Therefore, not only would this have raised red flags due to association with a high-risk country, but also that JuicyFields had no operational connection to Russia but was instead registered in low-risk countries (Spain and Germany). This may indicate that the owners of the company were consciously trying to hide any ties to Russia.
While the JuicyFields “Ponzi Scheme” may be the biggest cannabis scam to date, it is not the only event worth a mention. In November, the so-called ‘Amsterdam Cannabis Expo 2022’ was found to be the latest scam to hit the industry. The fact is, the cannabis industry appears to have become something of a target for scammers in recent years – much like we have seen with the cryptocurrency industry in the same period. This is likely due to a greater focus being placed on growing businesses in the space, at the expense of adequate security.
Nonetheless, JuicyFields’ primary function was to provide financial services and, as such, it operated in the Financial Services sector. As this is a regulated sector, it is typically regarded as low risk; however, as we mentioned earlier, relevant research would have told any interested party that JuicyFields was not authorised by any of the financial regulatory bodies of the countries in which it operated.
Furthermore, JuicyFields operated as a cannabis crowdfunding platform – a sector that is considered high-risk due to the difficulties in distinguishing between legitimate and illegitimate transactions. This means that the financial services provided could be misused or more vulnerable to money laundering or terrorist financing.
Delivery Channel Risk
Finally, the way a business provides its services and how customer relationships are managed can also affect its susceptibility to fraud, money laundering, or terrorist financing. Mr Ferrer notes how face-to-face delivery is generally considered the lowest-risk delivery channel.
This is because photographic evidence can be physically checked and an impression of the customer’s age and lifestyle gained. As Mr Ferrer explains, “the risk of identity fraud is lowered in face-to-face relationships where original identity documents are obtained and closely checked for discrepancies.”
In contrast, the use of third-party referrals and social media is typically considered to indicate higher risks. In the case of JuicyFields, the company used the rise of social media influencers and a referral program to attract new investors, with significant financial incentives for prescribers.
While not every point in this article will have yielded warning signs for anyone looking into the reliability and legitimacy of the JuicyFields investment scheme, it is clear that sufficient due diligence, like that carried out at Shweed, would have raised enough red flags to deter the onboarding of the customer. Due diligence practices are often considered too much of an additional cost for many companies – particularly in fledgling industries like the cannabis sector; however, the JuicyFields case demonstrates the importance of this step.
In this particular case, professional and expensive resources were apparently not needed to discover (at least some of) the warning signs hiding behind the surface: a simple – and free – search of regulators’ websites could have been enough to deter would-be victims.