How a Stock-Footage Model and a Purple-Bell Cat Exposed Iran's Billion-Dollar Crypto Laundering Empire

OCCRP Investigation

• The Cat and the Stock-Footage CEO: How a Digital Trail Helped Unmask an Iranian Money Machine
• A woman named Elizabeth Newman supposedly runs two U.K.-registered crypto exchanges.
• But she appears to be a corporate fiction used as a front for a convicted embezzler whom the United States has accused of moving billions of dollars’ worth of digital assets on behalf of Iran’s repressive regime.
• THE FULL OCCRP STORY IS HERE https://tinyurl.com/3bsabtd6

Executive Summary

• An OCCRP investigation reveals that two UK-registered cryptocurrency exchanges, Zedcex and Zedxion, purportedly led by a non-existent "Elizabeth Newman" (actually stock footage of a model), served as fronts for Iranian financier Babak Zanjani.
• Zanjani, previously sentenced to death for embezzlement but later released, is accused by the US Treasury of using these exchanges to launder billions in funds for Iran's Islamic Revolutionary Guard Corps (IRGC), bypassing sanctions.
• The platforms processed over $94 billion in transactions while claiming dormancy in UK filings.
• Evidence links Zanjani directly, including metadata and social media ties to his partner, Solmaz Bani, who helped operate the exchanges.
• This highlights vulnerabilities in UK corporate registries and the role of crypto in evading international sanctions amid Iran's recent protests and regional conflicts.

Summary

• The story uncovers a sophisticated scheme where two cryptocurrency exchanges, Zedcex Exchange Ltd. and Zedxion Exchange Ltd., registered in the UK, were allegedly used to funnel billions of dollars for Iran's IRGC, a powerful military and economic entity accused of suppressing protests and supporting militant groups.

• On paper, the exchanges were directed by Elizabeth Newman, a 40s Dominican woman with addresses in the Caribbean, London, and Dubai.
• However, OCCRP reporters found no evidence of her existence; her image in promotional videos was stock footage from Shutterstock, and other "employees" were similarly fabricated.

• The real orchestrator is Babak Zanjani, an Iranian businessman convicted of embezzling state oil funds in 2016 and sentenced to death. However, his sentence was commuted in 2024, and he was released earlier.
• US authorities sanctioned him in January 2026, alleging he used the exchanges to move funds anonymously for the IRGC, including $1 billion linked to the group and over $10 million to a Yemeni Houthi financier involved in Red Sea shipping attacks.
• Blockchain analytics firm TRM Labs confirmed the exchanges handled massive volumes, with Zedcex alone processing $94 billion since 2022, despite UK filings declaring them dormant.
• Zanjani's involvement is evidenced by company records showing his alias (Babak Morteza) as an early director, metadata in Zedxion documents listing him as author, and a YouTube video of him in front of the Zedcex platform.
• His romantic partner, Solmaz Bani (also known as Niyoosha or Sara Bani, and "Niu Niu" online), played a key role:
• She registered domains for the exchanges,
• Appeared in auto-fill details in tutorials, and
• Shared social media posts linking her to Zanjani, including photos of a distinctive cat with a purple bell that matched one posted on Zedxion's Telegram.
• The US and UK have sanctioned Zanjani, but the UK spared the exchanges. This case illustrates how crypto enables sanction evasion, funded repression during Iran's 2026 protests (where thousands died) and broader geopolitical tensions.

THE FULL OCCRP STORY IS HERE https://tinyurl.com/3bsabtd6

Lessons Learned for Compliance

The UK corporate registry's lax verification allowed this facade. New laws under the 2023 Economic Crime Act, which require identity checks and set deadlines in 2026, may help prevent such incidents in the future.

• Strengthen Identity Verification in Corporate Registries:
• The UK's "honesty box" system enabled fictitious directors; implement mandatory, proactive checks (e.g., biometric or document validation) to prevent shell companies from providing legitimacy to illicit networks.
• Enhance Due Diligence in Crypto Exchanges: Regulators and platforms should require transparent ownership disclosure, regular audits, and blockchain tracing to detect sanction evasion. Firms like TRM Labs demonstrate the value of analytics in identifying high-risk wallets.
• Monitor for Red Flags in Dormant Entities: Companies claiming inactivity but showing massive transaction volumes warrant immediate scrutiny; integrate financial intelligence units with corporate filings for cross-verification.
• Address Digital Footprints in Investigations:
• Social media, metadata, and domain registrations can unmask hidden operators; compliance teams should incorporate open-source intelligence (OSINT) tools to trace connections.
• International Coordination on Sanctions:
• Discrepancies (e.g., US sanctioning exchanges while the UK did not) allow loopholes; foster global alignment to close jurisdictional gaps in crypto regulation.
• Risk Assessment for High-Risk Jurisdictions:
• Entities linked to sanctioned countries like Iran require elevated scrutiny, including screening for aliases, partners, and indirect control to mitigate money laundering risks.

Source

• https://tinyurl.com/3bsabtd6
• https://www.occrp.org/en/investigation/the-cat-and-the-stock-footage-ceo-how-a-digital-trail-helped-unmask-an-iranian-money-machine?utm_source=OCCRP&utm_campaign=4eab04709e-EMAIL_CAMPAIGN_2026_02_27_08_00&utm_medium=email&utm_term=0_bcc1d53473-4eab04709e-398764241