THE DIRECTORS of Africrypt investment company are alleged to have made off with about $3.6 billion (R49.6bn) of unsuspecting South Africans’ crypto investments, according to papers seen by Independent Media’s investigations unit.

The directors, Ameer Cajee and his brother Raees Cajee, allegedly transferred Africrypt’s pooled funds from its South African account(s) through Bitcoin on the blockchain in April 2021 after claiming that there was a breach in the company’s system, compromising client accounts, wallets and nodes.

Notably, FNB, which banked Africrypt according to documents seen by Independent Media’s investigations unit, allegedly enabled the investment company’s transactions, although the bank has vehemently denied this.

FNB risk spokesperson Nadiah Maharaj adamantly refused to acknowledge any relationship with the fraud-accused company. And when probed further FNB opted to hide behind protocol and policy.

“FNB once again confirms that it does not have a banking relationship with Africrypt. Due to client confidentiality, FNB cannot provide any information on specific bank accounts,” Maharaj said.

When approached for comment SA Reserve Bank (SARB) senior media relations co-ordinator Ziyanda Mtshali said crypto-related matters fell under the Financial Sector Conduct Authority (FSCA), however, the FSCA denied having jurisdiction.

“The Intergovernmental Fintech Working Group – which includes the SARB, the National Treasury, the SA Revenue Service, the FSCA, the Financial Intelligence Centre, the National Credit Regulator and the Competition Commission – is busy finalising an updated South African position paper on crypto assets.

“The position paper makes various recommendations around how to bring crypto-assets within the South

African regulatory remedy in a phased and structured manner,” said Mtshali.

Hanekom Attorneys, which is representing the defrauded investors, said the FSCA was unable to proceed with the Africrypt matter as it did not fall within its jurisdiction.

It was further stated that it was the view of the FSCA that no financial product or financial services were provided.

The matter was reported to the Hawks and Hanekom Attorneys has not yet received feedback.

The Hawks have not responded to requests for comments.

Independent Media’s investigation unit has received information that Ameer and Raees Cajee fled to the UK, a claim that was supported by Hanekom Attorneys in its investigation, which revealed an account transfer that was done in the UK before the alleged hack.

Announcing the “hack”, Africrypt said: “We regret to inform you that due to the recent breach in our system, client accounts, client wallets and nodes were all compromised …

“Unfortunately, this has forced Africrypt to halt operations … We urge all clients to please be patient as we attempt to resolve the situation. It is understandable that clients may proceed the legal route, but we ask clients to please acknowledge that this will only delay the recovery process.”

Africrypt employees had lost access to the back-end platforms seven days before the alleged hack and were not able to view or access client balances during this time. According to analyses by Hanekom Attorneys, the flow of funds revealed that clients would be requested to deposit funds via EFT directly into Africrypt’s local FNB banking account and the client accounts were managed by Ameer Cajee.

Darren Hanekom, founder of Hanekom Attorneys, said they were investigating the transfer of funds and it seemed that the funds were subjected to various dark web tumblers and mixers, resulting in severe fragmentation.

“We were contacted by investors shortly after the Africrypt announcement and immediately became suspicious as the announcement implored investors not to take legal action.

“In taking the matter forward, we requested our clients to provide copies of all relevant correspondence, their cryptocurrency wallet addresses and proof of payments,” said Hanekom.

He said although the fallout of Africrypt was articulated as a “hack”, as per the client notice, they had picked up an anomaly in that, among others, the same delivery address was used for the dissipation of funds during the period between April 9 and 13, as was used in January during the course of Africrypt’s “regular” business dealings.

“Consequently, the nature of the dissipation being a ‘hack’ seems misplaced in these circumstances. Further … we are not privy to the status of the South African bank account(s) used to run Africrypt, save for the fact that they are held with FNB.

“However, we assume that same has been drained, and the entirety of investors’ funds subjected to the above dissipation,” said Hanekom.