Business Lending

Kris Roglieri To Stay in Prison Indefinitely After Shocking Development

June 3, 2024
Article by:

Add credible threats to murder an FBI agent to the list of scandalous accolades that Kris Roglieri has racked up in recent months. On Monday, prosecutors revealed the rationale behind the unusual demand to have him detained for what is seemingly a white collar crime, and that is that he has become dangerous. According to calls and emails Roglieri had with an unnamed friend, he said would “take out” a judge and a receiver, that he was going to “wack anybody” that went after him, and that he had determined the home address of one of the FBI agents investigating him and that he planned to put a bullet in their head.

“when someone takes everything away from you . . . if I go down, everyone goes down,” he said.

When the FBI became fully aware of the circumstances, he was arrested and taken into custody on May 31 on a single charge of wire fraud. It is likely that more charges will follow given that more than $100 million of the funds he took from customers remain unaccounted for. Nevertheless, prosecutors used the danger he posed to secure his temporary detainment without bail and on Monday he was ordered to remain in prison indefinitely while awaiting trial. He is being represented by a public defender.

Meanwhile, Roglieri’s company Prime Capital Ventures has been in receivership while he himself is in Chapter 7. In the latter case, he was recently ordered to turn over all his assets, including ownership of his businesses. One of those businesses, NACLB, announced prior to the order that it was rebranding to a different name, was still accepting payments from customers, and that it was exciting to still be moving forward.

Intuit Originates $452M in Business Loans in FY Q3 2024, Has Excellent Portfolio Performance

May 27, 2024
Article by:

IntuitIntuit generated $452M in business loans in its recent fiscal quarter ending April 30th. That was down slightly from the $469M in the quarter before it. Apparently the performance of its business loan portfolio has been excellent. Not only did the company say that “past due amounts were not material” but it also said that the allowance for losses on these loans was also immaterial. Similar to the prior quarter, this segment of Intuit’s business did not even come up once during the earnings call.

Intuit’s business loan originations are roughly on pace with Shopify Capital’s, at somewhere in the neighborhood of $2B a year. Both companies benefit from a sticky core product that their customers use. In the case of Intuit it’s the Quickbooks bookkeeping software.

Intuit’s CEO, Sasan Goodarzi, opened the quarterly earnings announcement by saying that AI is changing the world. “The era of AI is one of the most significant technology shifts in our lifetime and our strategy to be the global AI-driven expert platform is delivering significant benefits to our customers and strong results across the company,” Goodarzi said. “I’m proud of our innovation and performance, and because of our momentum, we are raising Intuit’s revenue, operating income, and earnings per share guidance for the fiscal year.”

Shopify Capital MCA, Loan Origination Growth Appears to Slow Down

May 9, 2024
Article by:

Shopify Capital, the funding arm of Shopify that provides merchant cash advances and loans to merchants on its platform, experienced no increase in these related receivables in Q1 compared to Q4 2023. The company typically records significant growth in this figure each quarter. Shopify used to broadcast its origination figures far and wide in each quarterly earnings report and call but has since gotten shy about this segment of its business and no longer discloses originations. Instead, its balance sheet line item for “Loans and merchant cash advances” is virtually all there is to go by now and they were listed at $815M in Q1 vs $816M the prior quarter. This, of course, only reflects anything they’ve kept on balance sheet and could be a misleading indicator if those receivables are being sold off or taken on by a third party.

Shopify’s major rival, Amazon, never disclosed origination figures for its Amazon lending program, and in March announced that it was discontinuing its in-house lending program altogether after a 12-year run.

Shopify is still among the largest online small business lenders in the US.

Square Loans: $1.32B Funded in Q1, Expands to Japan

May 2, 2024
Article by:

blockSquare Loans, a subsidiary of Block, originated 129,000 small business loans for a total of $1.32B in the first quarter.

“Strength in banking gross profit was driven by continued strong demand for loans and healthy repayment trends,” the company said. Loss rates also remained consistent with historical ranges.

The company also expanded its business loan program to Japan and it has so far exceeded their expectations.

“Clearly, quick access to funds and a seamless product experience are true differentiators relative to existing financing options for SMBs in Japan,” said Block CFO Amrita Ahuja.

Separately, Block CEO Jack Dorsey spent an inordinate amount of time talking about Bitcoin in the quarterly shareholder letter, his entire message in fact.

It opened up with the following quotation: “Why the hell are you all spending so much time on bitcoin?”

“We get this question a lot. We’ll use this quarter’s letter to answer it,” Dorsey wrote in response.

Enova Has Big Q1, Sees Strong SMB Market

May 1, 2024
Article by:

enova home pageEnova originated $960M in small business loans in Q1 2024, setting what is believed to be a new quarterly record. During the earnings call, Enova CEO David Fisher said that confidence in the economy and consumer spending was driving the SMB market forward.

“Our small businesses aren’t concerned about inflation,” Fisher said. “Strong consumer spending and the ability to increase prices are offsetting that. And we are seeing stable performance in that portfolio.”

In fact, the company expects yield on the SMB side of its business to increase in the short term.

“We’ve just shifted more towards kind of the middle to upper end of our APR range for the SMB products,” said Fisher. “And so with those higher APRs from slightly higher defaults – so you’ll see over the next few quarters just slightly elevated compared to historic level default rates in the SMB business and eventually slightly higher net charge-offs as a percentage of ARR. But what will come along with that, is higher yields and higher revenue. And so the ROEs on those products, those originations are looking really, really good.”

Enova also expressed the value it’s gotten out of marketing its products on TV.

“We’ve gotten heavier and heavier in TV,” Fisher said. “That’s been an area of success for us for sure relative to say five to seven years ago, and I think certainly relative to our competitors. And then digital I think has improved for us in ways that we probably wouldn’t have guessed a few years ago. And a lot of that growth I think is kind of taking share away from leads. I think leads has continued to shrink as the share of the total, which was fine, we’d like to control our own destiny.”

The Long Running Mysterious Fraud in the Small Business Finance Industry and How to Defend Yourself

May 1, 2024
Article by:

The submitted deals are real. The merchants are real. Everything checks out until suddenly it doesn’t. The merchants block the payments and find out they’ve been scammed.The funders find out they’ve also been scammed. But it’s too late because the money is gone and the fraudsters disappear without a trace.

deBanked reviewed hundreds of court documents, emails, and websites in preparation for this story and spoke with multiple people familiar with the matter, though only one would agree to go on record. Here’s the story of how the scam works and what you need to know to defend yourself.

the scheme

It was a textbook merchant interview call. The business owner answered the questions succinctly and convincingly. He knew his stuff and sounded confident, like somebody who wanted to just finish the process and get the underwriter to issue a final approval on his funding application. His accent said little about where he was from. It sounded like it could be Mid-Atlantic or perhaps lower New England, just a regular business owner on Main Street USA.

“It sounded a little nasal, right?” said Alex Shvarts, CEO of FundKite, after playing the recording for me to judge.

The tone of the voice did actually sound unusual after thinking about it. Something was off about the call and that was the only tell. For the person on the other end of the phone wasn’t who they claimed to be. It would later be debated if they had used voice changing technology, one of many layers of obfuscation that had been put in place to cover up what is quickly becoming the scheme of the decade.

FundKite had signed up a new broker and promptly received two deals from them. On this particular one the paperwork attached to the application was real. This was a real business and these were their real documents. But the real owner of the business had no idea that any of it had been used to apply for funding with FundKite.

In a typical identity theft scenario, a scammer gets a lender to send the loan proceeds to a bank account that is controlled by the scammer, keeping the victim completely in the dark that their identity is being used for the fraud until much later when a default occurs. But in this case the scammer intended to have a funding company send money to the victim’s actual bank account. It’s a twist that understandably makes it very difficult for the funding company to later believe that the merchant’s identity had been stolen since they were the ones receiving the proceeds. But once the business has been funded, the scammer executes the next step in the scheme, convincing the business owner to send the money to them. If that sounds like a whole lot more work to make this heist successful, then you have no idea how many layers of deceit are in play and the scale at which it’s operating.

phishing emailIt started sometime around 2019 (maybe even earlier) and is still happening to this day across the industry. The scammer uses stolen identities to incorporate businesses, followed by using those entities to open up bank accounts for them. One account is used to impersonate being a lender and another to impersonate being a broker. They first get to work by being the fake lender and register a domain name that closely resembles and could be mistaken for a real lender they’re trying to impersonate. According to records obtained by deBanked, domain names challenged via UDRP and seized as part of an ongoing investigation into the fraud reveal that the scammers also use stolen identities to register the domains, making the real buyers untraceable.

The objective of having these fake domains in the first place is to contact existing real borrowers of the real lender and to pass themselves off as the real lender. It’s a classic phishing scheme.

There’s various theories as to how this is done, but there’s a possibility that public records are sufficient for the scammer to accomplish this step. A reverse UCC search can reveal the names of a lender’s customers and the time in which they received a loan. From there, big data or cursory internet searches are enough to obtain the contact info of those borrowers. This type of list building is nothing new and fairly common in the data business.

The scammers then email the borrowers from the fake domain, purporting to work for their real lender, and give them the great news that positive repayment history has afforded them the reward of being able to refinance their loan at a lower rate.

It is generally good practice to check the domain name of a sender, even though that itself is not foolproof, but an incorrect one, especially one that resolves to a “404 Error Not Found” page, should be a sufficient indicator that these emails are coming from an impostor, yet business owners still fall for it, perhaps because they recognize the name and find the offer consistent with their expectations.

special dealIn one case that deBanked reviewed, the opportunity was presented to refinance a double digit APR loan down to as low as 4% with the same lender. When the victim was asked during a deposition if that number had struck him as suspiciously low, he said it did not, especially considering his belief that he had “excellent payment history” and that he felt like it made sense to get a break after all the stresses of covid.

The scammers generally communicate with perfect English over email but will also do phone calls. They use Google voice numbers in the area code that match up with the real lender. deBanked called an older one that had been used and nobody picked up. They might use the name of a real employee at the lender or create a fake one, going so far as to generate a paper trail online that shows the name of that person working for the lender.

Once on the hook, they ask the victim to submit lengthy documentation over email so that the refinance can be reviewed. These are typically documents like tax returns, bank statements, a copy of a driver’s license, A/R and/or A/P schedules, etc. After that the scammer moves on to the next phase, using the phished documents to apply for loans or merchant cash advances. This is where the scammer’s fake broker entity comes in.

These fake brokers tend to pass a background check because they rely on stolen identities that are clean, the business entities they’ve created under them are real and match up, there’s a tax ID, there’s a bank account in their name, and there’s no sketchy stuff about them on the internet. They even have a website, again registered with the fake identity, that often looks like or is an outright exact copy of another broker’s website. Even a diligent funding company can be duped despite a background check. Once the fake broker is signed up with a funder, the phished merchant data is submitted but with the scammer’s phone number and email address. Oftentimes the deal amounts are large. deBanked reviewed several cases related to this scheme that ranged in size from $200,000 to $600,000.

Since all the merchant information is legit, the merchants tend to get approved. The scammers are also adept at pretending to be the merchants in an interview phone call with an underwriter, like the one I listened to previously. They can even guide the merchant through a funder-mandated bank verification under the illusion that it’s all related to their current lender for the refinance. If any questions arise about the mention of another financial company name, it’s explained away as an affiliate partner or related vendor that they use.

bank buildingOnce the scammer is confident the funds are coming, they tell the merchant the refinance has been approved and that there is a narrow window to complete the final steps. As part of this they send a lengthy legalese-filled digital contract with an e-sign for the fake refinance that looks exactly like their real lender’s, again reinforcing how legitimate the whole thing feels.

Once complete, they’re told that a large wire will be arriving in their account, which will actually be from the funding company they don’t know about. In a normal refinance, a lender might withhold a portion of the new loan to apply to the outstanding balance, but in these cases the victims are told that they have to receive the full amount of the funds from their lender first and then wire the outstanding balance of the loan straight back to the lender. The merchant nets the difference if there is any left over. This round-trip transaction is communicated as being their way of managing their accounting, an excuse that again seems to come across as plausible to those that think they’re dealing with their trusted lender the whole time.

In the earlier iterations of the scheme, the name on file for the bank account to wire the funds to would look almost identical to their lender’s name. When the victim sends the wire to pay off their outstanding loan, they are completely unaware that they have just wired funds to a scammer and that the entire thing had been a very elaborate ruse. It’s not until days later when their account starts getting debited by a funding company they have never heard of as part of an agreement they had never entered into do they become alerted that something is amiss. By then it’s too late. Doubly too late if the funder has also wired the fake broker a commission for putting the whole deal together in the first place.

Although the scheme can yield several hundred thousand dollars at a time, it ultimately results in the loss of their fraudulently opened bank accounts as the funders respond with an investigation that can include litigation and/or a report to law enforcement. That means the scammers have to open new accounts under new stolen identities. That’s easier said than done, which is perhaps why last year they apparently improvised on this step. They don’t need to open bank accounts for the fake lenders anymore.

Instead, according to at least three examples reviewed by deBanked, they’re more recently asking the victims to wire the funds to the general deposit account of a cryptocurrency exchange. If this sounds like it would be too obvious, consider that it has worked. The wire forms, which look identical to the earlier versions, are only different in that they contain a different account name to send the funds to. The lender’s logo can still be found on the top.

EthereumIn one case, deBanked was able to obtain records that allowed for the funds to be traced. The scammer had the exchange convert the wired funds into Ether, to which the Ether apparently moved between three crypto exchanges before disappearing into a generic holding address of an offshore exchange with millions of transactions. Another dead end.

deBanked emailed one of the two exchanges it reviewed related to this scheme to ask about their customer KYC procedures but received no response. The other was not contacted to avoid tipping them off to a possible active investigation. The exchanges both have deposit accounts at US banks, both of which are known for their fintech relationships. Typically, crypto exchanges that take on US customers do rely on some level of KYC. It appears based on limited evidence so far that the crypto accounts opened up by the scammers are done under the stolen identities of the merchants so that everything matches when a wire comes in. This is where it gets murky because the scammers may ask the merchants to take selfies of themselves, ones that could include holding up their ID in their hand or holding a piece of paper with a specific written message on it as proof that it’s them. That a merchant might jump through these hoops on the belief that it’s all to secure a purported refinance with their existing lender requires some suspension of disbelief, though many online finance companies these days are requiring varying levels of customer identity verification.

The outcome, in any case, is that millions of dollars have been purportedly stolen over the course of several years. The scam has been directed at all sorts of funders, from the A paper players to the Z paper players. The merchants, as the original dupes that make this possible because they fall for a basic phishing scheme, are also left to pick up the pieces. The scammers may have even scammed another high profile scammer, at least according to documents reviewed by deBanked. There’s a brazen fearlessness to it all.

A main connecting link has been funders that will do large deals, hundreds of thousands of dollars in a single transaction. But that might be changing. Industry chatter more so than hard evidence suggests the web of intended targets might be growing and that thanks to innovations with AI and crypto, the scammers may attempt to use artificial identities for the brokers rather than real ones. A lot of the steps involving bank accounts and stolen identities are no longer as necessary, which means if you’re a funding or lending company and you’re reading this, you may be vulnerable.

Sources familiar with the matter say that it’s good practice to remind your customers about possible phishing risks and to keep them informed about what methods of communication you will use throughout the life of the relationship. This includes whether or not you might employ phone calls, emails, texts, or snail mail communications, and the precise sender information they should expect. This might limit the likelihood of your own customers from getting phished but there’s tactics you can use to prevent becoming the victim funding company as well.

According to Alex Shvarts, a good start is only conducting a merchant interview on phone numbers assigned to the business. “If it’s a cell phone we have to have a cell phone bill that verifies the owner’s information,” he says. Also, if the customer has a website, avoid communicating with them over a free email address like Outlook or Gmail or Proton Mail and instead direct all communications to an address on their company domain name, one you’ve confirmed is really theirs and not a boilerplate setup by the scammers to deceive you again. Other possible steps are to use live ID verification or a common tool like CLEAR, he suggests. Shvarts wouldn’t disclose some of the proprietary methods they’ve come up with so as not to tip off a scammer reading this.

scammerWhen it comes to the broker, do proper due diligence. It’s been said that a fake broker may test the waters with a small deal first before submitting the large fraudulent one to generate a level of confidence that everything is on the up and up.

According to documents reviewed by deBanked, the scammers typically rely on a relatively bare bones website for their fake broker shop, a collection of borrowed templates and verbiage from other companies out there. It’s a rabbit hole that can lead one down many wrong directions, especially in an era when similar bare bone lead gen sites litter the internet by the thousands. Consider doing a FaceTime or Zoom call with the broker so that you can see if their face matches the identity that’s been provided!

The scammers have used different domain name registrars and hosting services. They may push for a weekly or monthly payment option so as to create lead time between when the victim wires the funds to them and when the first debit hits from the funder they’ve targeted for it. They seem to prey on merchants that have an outstanding business loan rather than an MCA because it makes the low in-house interest rate refinance all the more plausible. So if you see debits in an applicant’s bank account from any one of the more commonly known online business lenders, you should be thinking about this story and ways to make sure you are speaking with the actual business owner. Do they know who you are? Have they been offered a refinance? Do they even know who their broker is?

“When you first identify the fraud, notify law enforcement including the FBI,” one source familiar with the matter said.

California Launches its Own Business Loan Marketplace

April 28, 2024
Article by:

welcome to californiaIt’s a sign of the times. State and federal organizations are launching their own business loan marketplaces to compete with the numerous ones that exist in the private sector. The latest is California which just launched its “Small Business Loan Match” tool.

“We created Loan Match to ease the process of finding trusted loans for California entrepreneurs, gathering dozens of lenders on one platform for a one-stop experience,” the site says. “All lenders have been pre-vetted and enrolled in IBank’s Loan Guarantee Program, which specializes in bridging the gap between responsible lenders and small businesses.”

IBank, not to be confused with iBank, is the California Infrastructure and Economic Development Bank that was created to “finance public infrastructure and private development that promote a healthy climate for jobs, contribute to a strong economy and improve the quality of life in California communities.”

California follows New York City which launched NYC Funds Finder, the SBA’s Lender Match tool, the CFPB’s planned loan marketplace comparison tool, and Bank of America’s Access to Capital Connector.

Coming Soon: Domain Names as Loan Collateral

April 25, 2024
Article by:

loans against domain namesIt’s called a DeFi Cash Advance, a collateralized loan with 1-30 day terms. It’s just one of many products created by Teller, a peer-to-peer lending platform that relies on smart contracts to facilitate the transactions. The key word is “collateralized” because the blockchain-tethered asset doesn’t necessarily have to be crypto-native per se anymore. Virtually any business owner with a website can offer up its online domain name as collateral for a loan thanks to rapidly developing blockchain technology.

“Essentially what Teller is at the core is basically like an OTC desk as a way to think about it because Teller doesn’t do any lending,” said Kieran Daniels, Growth at Teller.

Instead it’s done by peers which have historically used the platform to lend against very esoteric crypto assets that traditional commercial finance folks would probably roll their eyes at. But all that’s poised to change ever since a Silicon Valley-based startup called Namefi recently found a way to bridge regular old internet domain names to the ethereum blockchain. Namefi’s tech can turn any .com or similar internet domain into a real life NFT without any disruption to the underlying website it hosts. And once ownership of the domain name is governed by whomever owns the NFT, then voilà, it can be offered up as collateral for a loan on the blockchain.

The advantage of doing something this way is the efficiency in which it transforms a widely recognized digital asset, a domain name, into a liquid piece of collateral for a loan. For example, a loan can be made instantly just with a smart contract, it can be transferred to escrow (while still working the whole time) instantly, and also transferred to the lender in the instance of a default without any headache or hassle. The hard part, if one could even consider it hard, is that in order for the domain name to turn into an NFT, it has to be transferred from the owner’s current domain name registrar to the one operated by Namefi. This can be accomplished in less than an hour. It’s the exact same process as if one were to transfer a domain name from say Godaddy to Namecheap. Namefi does all the techy stuff that turns it into an NFT and the user can still manage their regular DNS settings via Namefi.

As mentioned previously, Teller is accustomed to other assets on its platform, things like “meme coins” and digital artwork, some of which use a technological token standard called ERC-721. That’s kind of where I ironically enter the story because I noticed that Namefi relied on the same standard when turning domain names into NFTs. And so without informing either Namefi or Teller of what I was up to, I turned a domain name that I owned into an NFT via Namefi and then used the Teller platform to set up and execute a loan transaction, resulting in a self-aggrandizing press release this past January about how smart I was for possibly doing the first domain name loan over ethereum in the world.

It was noticed. The outcome is that Namefi and Teller have been talking to each other since. On February 28, the two took to social media to announce a partnership.

“We’re fully leaning into it,” said Daniels to deBanked, “we did a spaces [on X] with Namefi.”

“I think we’re just really bridging that gap for a lot of people right now and actually making that connection to say that ‘hey, NFTs aren’t just JPEGs, they aren’t just digital identity, they can have other forms of utility,'” said Alexander Walker, Ambassador at Namefi. “And there’s millions of people out there with domain names already.”

And that’s sort of the point. Everyone already understands domain names as a digital asset. The tech has just finally caught up to do that much more with them.

The typical challenge of any upstart peer-to-peer lending platform, however, is liquidity. As some readers may recall in the very early years of LendingClub and Prosper, hopeful borrowers would languish on those platforms while they waited for individual retail investors to pool together enough money to actually fund the full value of the loans. Teller has already come up with a solution for other assets it understands well, standing liquidity pools funded by peers or investors that will automatically lend against assets it recognizes. There would be a similar goal with certain categories of domain names.

“When you go to Teller, you’ll see Pokemon on ENS or 999s or certain collections of NFTs,” said Daniels of Teller. “So those are the more popular NFTs and so what Teller has done is created standing offers for those. So again, Teller isn’t the LP, but LPs can come in and add to that pool. And anyone with one of those categories can instantly get a loan or instantly borrow against that.”

Peer to PeerEnter .coms into the fray.

“The bigger vision is right now when you go to Teller you see Tokens, NFTs, and ENS,” Daniels said. “We want to change that to Tokens, NFTs, and Domains. […] Once we integrate that and once we get set up, then we can really lean into it and grow it from there.”

The market is still mostly unaware that this technology is here. Early interest seems to be coming from domain name investors in particular, those that think about the standalone speculative or resale value of a domain name independent of any active business use. Valuations on that basis might be too small or risky for a commercial lender to get excited about. The real opportunity then perhaps is domain names that are actively in use where the corresponding website is driving revenue for a business or even generating it on site. In the digital era, it’d be reasonable to say that many businesses depend on their web traffic to generate hundreds of thousands or millions of dollars a year in annual sales. A domain name that is being used to make that all happen is theoretically worth much more than an unused clever sounding domain name. It’s also the sort of collateral that could be monetized by a lender familiar with the market of its borrower.

With 360 million domain names registered worldwide as of Q3 2023, there’s a large market at stake.

“Domains don’t have that liquidity as of yet,” said Walker of Namefi. “But we’re currently building out that infrastructure. And that’s what makes me really excited.”