A data leak from Finaport, an asset manager based in Zurich, shows the firm worked with clients that included politically exposed persons, two Russians accused of embezzling funds from a bank they owned, and a businessman accused of insurance fraud.
On the surface, the client roster of the boutique Swiss investment firm Finaport Holding might appear exceptionally clean.
Between 2017 and 2019, the company — which manages bank accounts, companies, and other assets for its wealthy clients — filed just two alerts of suspicious transactions to the Swiss regulator, according to an internal audit.
Yet over that same period, Finaport represented over a dozen clients who had high-level political connections, were accused of corruption, or were facing criminal charges.
These customers included a former Afghan minister fired amid corruption accusations, a Peruvian politician connected to the massive “Car Wash” bribery scandal, and the son of a former Uzbekistan intelligence chief. But many of those with the clearest red flags were Russian.
Finaport said the information in the leak was an “arbitrary, out-of-date and incomplete selection,” and that “drawing conclusions from it for Finaport’s business activities leads to false and/or misleading insinuations.”
Leaked correspondence showed that Finaport employees were willing to push back against due diligence requests from banks — sometimes in strong language. In 2016, when an employee of the investment bank Julius Baer wrote to Finaport to ask questions about the source of one client’s wealth, a senior Finaport employee wrote back with apparent incredulity.
“This is not even ‘compliance’ – it’s pure harassment,” the employee wrote. “This is getting ridiculous… Where has the ‘can do’ spirit and common sense gone…? [The client] will be leaving with its assets to a Bank in [Liechtenstein] over the coming days. Shall I congratulate them?”
Forwarding the exchange to a colleague, he wrote: “That’s the kind of crap they make us deal with.” (Finaport said the employee was frustrated because he had been asked for the same information multiple times and that it would be wrong to draw conclusions about “an insufficient compliance culture at Finaport or even breaches of due diligence from this one-off incident.”)
With fewer than 50 employees, Finaport says its aim is to “preserve wealth and generate income” for its clients by “striving to invest in a highly ethical and sustainable way.”
It was not possible to establish from the leak how many transactions Finaport oversees or processes for its clients every year. But compliance experts said many of the transactions found by reporters should have at least raised red flags, and prompted an alert to the Swiss Money Laundering Reporting Office, known as MROS.
Swiss law requires wealth management firms like Finaport to report transactions to MROS if they have “reasonable ground to suspect that assets involved in the business relationship are connected to an offense,” or if funds or assets involved may be the “proceeds of a felony.”
The leaked documents were posted online briefly by Russian hacker group ALPHV in February. They were obtained by Swiss Television (RTS) and shared with reporters at OCCRP, Le Monde, and Der Spiegel. Reporters then obtained court records, searched commercial databases, and interviewed anti-money laundering experts, academics, and activists to corroborate and interpret the leaked data and to confirm the backgrounds of Finaport’s clients.
Presented with some of the investigation’s findings, a Swiss compliance expert, who asked to remain anonymous out of fear of retaliation, said that asset managers have the same compliance obligations as banks, and that some of the due diligence checks done by Finaport were not up to the standards required by the Swiss financial authority.
Reached for comment, Finaport said it was a “pure asset manager,” which “carries out asset management activities exclusively on the basis of powers of attorney limited to administrative actions.” It said that the company adhered to “all legal standards relevant to the company” and that its compliance with regulations was examined in annual audits.
Finaport acknowledged that it had provided services to “a very small number of clients who were classified as Politically Exposed Persons.”
“We had and have at all times a comprehensive picture of our clients and beneficial owners of the assets under management. We have always had and continue to have the necessary certainty that the assets under our management did not originate from predicate offenses to money laundering, or were under the control of criminal organizations,” it said.
“When in doubt about this, we have consistently implemented the legal requirements for such situations.”
Leaked documents show that Finaport’s higher-risk clients were sent for additional review to Alexander Rabian, a lawyer at the Zurich firm Streichenberg who was chief adviser to Finaport’s compliance department.
An internal email from 2018, seemingly explaining company procedures to a new employee, said that Rabian typically took “no more than 15-20 minutes to review” prospective client dossiers, as long as all the necessary documents were included.
Contacted by reporters, Rabian said he had carried out “second reviews” of previous checks on potentially higher risk clients. “I always sent incomplete files back to the compliance department and customer advisers for completion, even several times if necessary. In some cases, it was in fact possible to study and assess a perfectly prepared file in 15 to 20 minutes — provided that the situation was simply manageable despite a possible increased risk,” he said, adding that it typically took much longer.
The leaked documents show that Rabian was involved in discussions over one of Finaport’s clients, Swiss company Radamant Finance AG, owned by Belarusian-born father and son duo Yuri and Alexei Khotin. Emails show Rabian was sent information about Radamant’s owners, and indicate that he helped draft an email confirming Finaport’s willingness to provide directors for Radamant.
In a letter sent after this article was first published, Rabian told OCCRP he had “never approved reviewed [sic] such a relationship.”
Nicknamed the “secret oligarchs” in Russian media reports, the Khotins owned more than one million square meters of Moscow property, including the Four Seasons hotel, according to a 2019 Forbes report.
Through Radamant, the Khotins also owned a now-defunct Russian bank, Yugra Bank, which rose from a small regional lender to become one of the country’s larger banks under their management.
A senior Finaport executive, Hellmut Schümperli, was appointed Radamant’s sole director in May 2016 after the company passed a “successful due diligence” process. An unsigned shareholders’ resolution dated November 29, 2016, authorized Schümperli to “execute” a series of 22 payments worth $587 million from Radamant’s account at Yugra to a Cypriot company called Bittos Logistics Enterprises Ltd.
Reporters were unable to verify whether the resolution was ultimately approved, but Radamant’s financial records show the payments were made, and that the arrangement was discussed in multiple subsequent emails.
The shareholders resolution says the money would be sent in connection with “agreements on purchase and sale of ,” but offers no other details.
At the time of the drafted resolution, the Khotins were allegedly draining Yugra of over two billion euros and stashing a fortune in Cyprus companies, according to claims made by the state deposit insurance agency in a civil case in a Russian District Court. The case is ongoing.
Reporters found no evidence that Finaport would have known about the embezzlement accusations against the Khotins while they carried out the Bittos transfers. Tom Mayne, a Research Fellow at the University of Oxford specializing in anti-corruption regulations, said it was “difficult to see the economic rationale” of the transactions, given their size and structure.
And, by mid-2017, it was clear that Yugra was in financial trouble.
In July that year, the Russian Central Bank issued a statement saying it had revoked Yugra’s banking license. The story was picked up by Reuters, which reported the Central Bank’s claim that Yugra’s “business model was based on lending to projects linked to its owners, and that it had conducted suspect transfers.”
By September 2018, Yugra was declared bankrupt. But Finaport continued to work with Radamant — and, by extension, the Khotins — until mid-2019.
The suspension of Yugra’s license for suspected transfers and loans to its owners, and the financial collapse of the bank “should have been clear signs to Finaport that extra care should be taken regarding transactions related to Yugra, including enhanced due diligence,” Mayne said.
But a leaked December 2018 document shows Finaport worked on an arrangement for Radamant to forgive Bittos’s debt in exchange for shares in three Cypriot companies.
On paper, these three companies were valuable. Their annual reports claimed they owned the rights to eight oil fields in Russia, worth billions of dollars. But none of them, or their holding company, Hazapour Ltd., had a bank account or funds of their own, according to a separate email from Rabian.
The reports also claim the companies obtained the rights to the oil fields for just 129 to 131 euros each in September and October 2018 — just as Yugra was going bust. The documents offer no explanation for the low price.
In a separate letter found in the leak, Rabian worries about the legitimacy of the companies, their assets, and the deal. “Despite our repeated requests, no reliable information regarding the economic viability of [the three] companies has been sent to us,” Rabian wrote.
He also noted that parties to the deal appeared to be closely linked to the Khotins, and suggested that the Khotins themselves may be behind Hazapour and the Cypriot firms.
“The controllers / beneficial owners of [Hazapour] are identical to the controllers / beneficial owners of Radamant or are at least close to them,” he wrote, adding that “doubts may be raised as to whether Radamant’s acquisition of the shares in the companies was carried out in accordance with the principle of ‘dealing at arm’s length.’”
Finaport cut its ties with Radamant in July 2019, though internal Finaport records show it did not raise any MROS alerts that year. Rabian continued to work on the deal in his capacity at Streichenberg law firm until at least 2021, leaked emails show. It is not clear if the deal was eventually concluded.
When asked about specific clients, Finaport directors said they could not reply because they were “subject to professional secrecy protected by criminal law.” The Khotins did not respond to requests for comment.
A few months before the Russian Central Bank revoked Yugra’s banking license, it also suspended the licenses of insurance companies belonging to businessman Alexander Kondratenkov.
Two years later, in August 2019, Russia’s Ministry of Justice charged Kondratenkov with embezzlement, alleging he had committed insurance fraud. The case is ongoing. (Kondratenkov did not respond to requests for comment.)
By the time he was charged, Kondratenkov had fled. His current whereabouts are unknown.
The leaked documents reveal how Finaport helped Kondratenkov set up Swiss bank accounts under a second, Chilean identity.
In an October 2018 memo, a Finaport staff member managing Kondratenkov’s account explained that his client had one account at Bank UBP under his Russian name, and another at Bank Mirabaud under his newly-obtained Chilean name, Alexander Garcia Feskov. (According to the memo, the name was a variation on a combination of Kondratenkov’s Chilean-born father’s original name and his mother’s maiden name.)
With Finaport’s help, he managed to move several million dollars from Russia to Switzerland and then into his “Garcia Feskov” accounts at Mirabaud, internal documents show.
The leaked documents show Finaport started working with Kondratenkov, and helped him open bank accounts under his Chilean name, before press coverage of the allegations against him appeared. But by August 2019, Russian media had covered the case extensively. The newspaper Kommersant, seen as one of the country’s leading dailies, reported that Kondratenkov was charged with fraud “on a particularly large scale.”
The reports apparently alarmed staff at Bank Mirabaud, who blocked an $800,000 transfer made on Kondratenkov’s behalf due to “compliance concerns.”
Finaport wrote another memo, dated November 2019 and addressed to the bank, dismissing the news reports. Finaport said the Russian outlets covering the case were “junk” press, and claimed that Kondratenkov was not the owner of the company at the heart of the scandal. (A Russian court judgment this year confirmed that the company was in fact Kondratenkov’s.)
Yet Mirabaud filed an alert to the Swiss anti-money laundering authorities in mid-November, and closed all Kondratenkov’s accounts between January and March 2020, according to a source close to the matter who was not authorized to speak on record.
Even before the embezzlement accusations, Kondratenkov’s use of multiple identities should have been a red flag, a former agent at French anti-money laundering agency Tracfin told reporters after reviewing their findings.
“Although it isn’t prohibited to have two passports, having two distinct identities is highly questionable,” the former agent said, requesting anonymity because he was not authorized to speak to the press.
Kondratenkov’s trial is ongoing, and he is still wanted by Russian authorities. Russian media reports and court documents obtained by reporters have placed him variously in London and an upscale French Alpine town since 2020.
Meanwhile, Finaport’s internal records show that the firm continued to classify Kondratenkov as a “low risk” client until at least May 2020, long after the charges against him in Russia became public knowledge. Leaked records show the firm was still working on behalf of his wife as recently as April 2022.
Rabian, the lawyer, told reporters Kondratenkov was not currently a Finaport client. “On the basis of what we have been able to find in public sources, we have serious doubts as to whether Alexander Kondratenkov has been the subject of criminal proceedings in Russia that meet the guarantees of the European Convention on Human Rights,” he added.
One of Finaport’s most important clients, judging by the value of assets under its management, was Liubov Komissarenko. Born in Ukraine in 1977, Komissarenko had only just completed her studies in Moscow in the mid-2000s when she started setting up construction companies, including assembly service providers and a distributor of technical equipment for water supply.
A Finaport due diligence document from 2022 said that Komissarenko had started out making windows before taking a bank loan to move into larger-scale developments.
What it failed to mention was that her company has also received public contracts issued by a Russian state-owned company run by her romantic partner, Alexander Ponomarenko. (Not to be confused with the sanctioned billionaire port and banking businessman of the same name.)
A 2018 “know your customer” form Komissarenko submitted to Finaport said the two had been “life partners” since 2003. A lawyer responding on behalf of one of Komissarenko’s German firms said the relationship ended “several years ago.”
Ponomarenko was appointed the head of Russia’s largest sewage provider, Mosvodokanal, in 2012, which then gave Komissarenko’s company millions of euros worth of contracts.
The lawyer responding for Komissarenko’s German firm denied that she benefited significantly from these contracts, and said that she made her wealth independently through real estate and construction. Ponomarenko did not respond to requests for comment.
Komissarenko became a Finaport client in November 2014. Ponomarenko’s daughter Natalia became a client in December 2016, followed by Natalia’s husband in July 2017, then Andrey, Komissarenko’s son from an earlier marriage, in December 2017. By the end of 2022, the various Ponomarenko-linked bank accounts managed by Finaport held a total of $46 million. (None of the family members responded to requests for comment.)
Russia’s February 2022 invasion of Ukraine put European bankers on even higher alert when offering services to Russian or Russia-linked clients.
It has been “enormously dangerous” to open accounts or manage assets for Russian clients, Viktor Winkler, a sanctions expert and expert witness in Germany’s parliament, told OCCRP’s media partner Paper Trail Media.
The “corridor” in which such services can legally take place is “very, very narrow,” Winkler said. “Within this enormously narrow corridor, comprehensive, exhaustive checks have to be made and numerous safeguards implemented.”
In October 2022, an employee at the Swiss bank Reyl emailed concerns about incomplete information in Finaport’s due diligence file on Komissarenko — and particularly about her link to Ponomarenko. The email also flagged a public report that claimed Ponomarenko “helps [Komissarenko] in obtaining the necessary state contracts.”
The Reyl staff member also noted that Finaport did not disclose that Komissarenko has Russian citizenship. It’s not clear from the leaked emails how Finaport responded or whether Reyl took any further action. Finaport declined to comment on specific clients. Reyl said that the bank “has always acted, and continues to act, in accordance with all applicable laws and regulations, and has no further comment.”
Ponomarenko himself does not appear to have been a Finaport client. Since February 2022, Mosvodokanal has supported Russia’s war effort in Ukraine, including by encouraging its workers to go fight.
One video posted on Vkontakte, a Russian social media platform, says that Mosvodokanal staff who sign up for military service will be given guarantees that their jobs will be safe until their return, and that they will enjoy “all the same benefits as military personnel.”
“The company scrupulously follows the fate of all those at the front,” the video states.
Misha Gagarin (OCCRP) contributed reporting.
CLARIFICATION: This article was updated on September 18, 2023, to reflect comments sent to OCCRP post-publication and to clarify Alexander Rabian’s role with regard to Radamant Finance AG.
Fact-checking was provided by the OCCRP Fact-Checking Desk.
