The promise of Open Banking was security and transparency. But in the hands of Estonian DAXCHAIN OÜ, it has become a weapon for obfuscation. FinTelegram can now expose how DAXCHAIN, led by Latvian national Olegs Bogdanovics, has built a “Shadow Stack” to move millions from EU bank accounts into the pockets of unlicensed offshore casinos like WinBay.
The Anatomy of the Hijack
When a player attempts to deposit at WinBay, they are not sent to a bank. They are sent through a “cascade”—a labyrinth of domains including payment-gateway.io, moneyflect.com, and debitly.tech.
At the end of this maze sits the Tink (VISA) API. Tink is a legitimate, high-trust tool. However, DAXCHAIN uses it to “pull” fiat funds directly from players’ bank accounts under the guise of its Estonian VASP (Virtual Currency) license.
The Great License Deception
Here is the catch: DAXCHAIN is not a bank. It is not a Payment Institution. While it holds a VASP license to exchange crypto, it has zero authority to act as a fiat payment agent for third-party casinos. By processing these gambling deposits, DAXCHAIN is operating an unlicensed payment business in the heart of the EU.
A Warning for Banks
Estonian authorities have already begun to move. As of February 2026, DAXCHAIN OÜ is facing a potential deletion from the register. Banks and processors like Tink must ask themselves: Why are our rails being used to fuel unlicensed offshore casinos via an Estonian crypto-shell?
View the full Black-Risk listing on RatEx42: https://listings.ratex42.com/listings/daxchain/
Would you like me to generate a featured image for this DAXCHAIN investigation, illustrating the “Cascade” of domains leading to the bank transfer?
