IronFX Withdrawal Delays – a Story of a $176m Client Money Hole

The issues faced by clients of a particular Cypriot brokerage have been one of the hottest topics in the industry for the past few years. Customers of the company have been vocal across social media about how official authorities are not doing anything to help them. A new insight into the issue from the perspective of the regulators adds a new angle to the story.

The European regulators, most notably the Cyprus Securities and Exchange Commission (CySEC) and the European Securities Markets Authority (ESMA), have been closely inspecting the case all along. However due to the sensitivity of the matter for the industry as a whole, they have been cautious about what is made public in order to safeguard the industry, clients and their funds.

CySEC’s officers found that the company lacked the necessary control mechanisms to prevent such conduct. Additionally, they found a violation in that the formula used to calculate the amount due to customers was not fair, as it was designed against customers and for the benefit of the brokerage.

The end result is that a regulatory squeeze on the industry is now in motion across the European Union, and whether the Cypriot authorities handled the case adequately or not will be left to the reader to decide.


The Audit Office of the Republic of Cyprus has released its annual report, highlighting a specific case with a “large Cyprus Investment Firm (CIF)” that didn’t handle its clients’ withdrawal requests particularly well. The description of the case matches the timeline of the issues that clients of IronFX have been facing over the past couple of years.

A statement exclusively sent to Finance Magnates by a CySEC spokesperson confirms that the company mentioned in the Audit Office document is IronFX. He  elaborates on the case: “Following the issuance of financial penalties on IronFX for non-compliance relating to the withdrawal of client funds and bonus promotions, the firm is subject to supervisory checks to ensure it implements the corrective measures needed to uphold full investor protection.”


“CySEC takes any unlawful withholding of client funds by each and every firm it supervises very seriously. Whilst CySEC does not have restitution powers, it encourages investors to submit their complaints to the Financial Ombudsman or take legal action through the courts.” the statement elaborated.

This last part is particularly worth highlighting, since a large number of clients have been flooding social media channels instead of taking legal action – a strategy that cannot help these same customers to get their money back.


How did it all start?


The Cypriot Audit Office received a number of complaints throughout 2014 regarding a ‘large Cypriot Investment Firm (CIF)’. That company has been primarily engaged in providing online foreign exchange services (FX), with clients complaining that it refused to approve their fund withdrawal requests. The authorities were blamed for not taking adequate investor protection measures due to political pressure.

CySEC’s Audit

The first complaints started in December 2014 with some embassies in Cyprus upping the pressure on Cypriot authorities. By July 2015 the complaints had risen to over 1000, however this number included some duplicate claims.

The company responded at the time that the terms and conditions that were accepted by the complainants gave it permission to withhold funds from clients that it considered to be bonus abusers.

A preliminary inspection carried out by Cypriot authorities in March 2015 concluded that according to the terms and conditions accepted by the clients, the brokerage did indeed have the right to withdraw or withhold funds under such circumstances.


The result of this preliminary audit was not submitted to CySEC, but was presented in July 2015.

In early June 2015 CySEC decided to ask the company to seek independent legal advice and asked the firm to appoint external auditors to investigate the complaints. The company then replied that it is proposing to appoint “independent external experts” instead of external auditors, to investigate all complaints that had not yet been settled. The authorities accepted the proposal.

The company’s UK lawyers had given instructions to a third party, that was verified as not having any conflicts of interest, to issue a legal opinion on the matter of the withheld funds.

According to the minutes of a session of CySEC’s board, the chair of the commission informed the members that the company had proceeded to appoint an independent expert to investigate complaints against the firm.

In early July 2015 CySEC officers submitted a note to the board with the preliminary results of the March 2015 audit. They recommended the suspension of the firm’s operations until the complaints are investigated.



Too big to be suspended


Upon examining the note, CySEC adopted the recommendation of the officers and decided to await the firm’s response.

Authorities state that at the time the company had already begun to take some of the actions recommended by CySEC. The firm’s financial statements for 2014 were deemed to “give a fair and true picture” according to the report of the external auditors.

Authorities stated that it appeared that the company had sufficient funds to meet customer debts, and the company’s clientele was very large compared to the number of complaints (about 0.43%).

The firm was considered by authorities to be considerable in size, and the number of customers that it had pushed authorities to decide against suspending the company’s license, since the company would then have to close all open positions of its customers and would not be able to pay them all at once.



The event would have triggered the activation of the Cyprus Investor Compensation Fund (ICF), and if the coffers of the ICF were not big enough, a run on the Cypriot brokerage industry was a risk.

The CySEC chair stated that the company was in contact with two organizations interested in investing in the company.

In mid-July 2015, the company submitted to CySEC new legal advice from the law firm that had advised on its behalf stating that the terms and conditions of the company’s bonus plans were in compliance with the European MiFID directive. Under English law, those conditions could not be considered unfair.


In addition, an opinion of another law firm was submitted, stating that, after the examination of 20 complaints, it was considered that the methodology that was used by the company to categorize its clients as abusers was reasonable. The conclusion was that the company had the right to withhold or withdraw bonus and customer profits derived from the bonus provided. The lawyer firm did not have any conflicts of interest and had not advised the company in the past.

Senior Politician Questions CySEC over IronFX Debacle

In mid-July 2015, CySEC’s officers entered the offices of the company for an on-site investigation of the complaints. The first findings were that the company did not seem to have separated bonus money from the deposited money of its customers.

In addition, CySEC noted that in the firm’s reconciliation statement from March 2015, it was stated that the external auditors were not able to provide assurances that the amount presented in the statement as ‘non-withdrawable bonus’ was correct.

CySEC decided to request further clarification from the external auditors regarding the reconciliation status. The financial regulator decided that it was necessary to investigate all of the complaints. The President of CySEC informed the Audit Office that the decision to not evaluate all complaints was made on the basis that the sample covered all possible complaint case scenarios as well as due to the associated high costs.

In its next session, CySEC decided to delegate to the company’s external auditors to check whether the movement of capital to the company’s client money accounts in 2015 was in line with normal business activities and legislation.


An investigation and a €176m hole



CySEC’s officers found myriad infringements of laws and directives, indicating that the company was not acting fairly, honestly and professionally or in the best interests of its clients. The most serious breach, according to the officers, concerned methodology which the company employed to classify customers as bonus abusers.

The officers found that the company lacked the necessary control mechanisms to prevent such conduct. Additionally, they found that the formula used to calculate the amounts due to customers was not fair, as it was designed against customers and for the benefit of the brokerage.

The company was not in a position to know at any point in time the amount corresponding to deposits / profits / bonuses for its customers. According to CySEC there was a shortfall in client money totaling $176 million.


In addition the firm also presented a stress-test, however the CySEC supervision department has cast doubts on the reliability of the data that was used in it.

When it comes to client money movement, CySEC’s board decided that the high cost and time associated with the verification of the data were sufficient enough reasons for the regulator to accept the non-audited reconciliation statement of client accounts.

CySEC Head: IronFX Failed to Identify Misuse of its Bonus System. Special Interview

In October 2015, the company made presentations to CySEC and subsequently sent a letter to the President of Cyprus, stating that a particular investment company from abroad is considering an investment. According to the letter, CySEC’s final decision on the case would affect the final decision of the investor.

During the CySEC board meeting on the 2nd of November 2015, the content of the letter was discussed. At the next session company officials sought compromise with a zero fine. The proposal was rejected by CySEC.

The company subsequently made a new proposal, where a certain amount was also rejected by CySEC and the CEO of the company was contacted to discuss a fine over the phone. CySEC’s board also decided that the company has to reexamine its procedures and proceed to comply with the law.



CySEC’s €335,000 Fine



The systemically important firm has been given two months to boost its capital base and a proposal from the company to expand this matter to 6 months was subsequently rejected. An extension for the €335,000 fine was granted – the firm had 15 days to pay it (up from 5).

Massive layoffs started at the firm with staff costs being reduced by 15 percent.

In early 2016, the firm informed CySEC that it will not need external funds because it considered that the required funds would be covered by the expected profitability of the company. It estimated its capital adequacy ratio on the 31st of December 2015 to be 13.5%.

CySEC’s supervision department sent out a note to the board stating that the company failed to meet the recapitalization timetable set, which raises doubts regarding the reliability of the calculation of the capital adequacy ratio of the brokerage. The department recommended that the board submit within three days the capital support decision or a letter of guarantee.


A recommendation to relieve the CEO and shareholder of the company because of the serious deficiencies was also suggested. The board decided that the company had to submit within one month the audited financial statements for 2015 and updated its stress-test. It also had to strengthen its management board with at least one other person who was then to be appointed as executive director.


The firm was also asked to modify the display to clients via the front end, informing them of the amount of money in their accounts that was withdrawn regardless of bonus conditions.

In late February 2016 the company sent a new letter to CySEC requesting a seven week extension to comply with the conditions laid down in the agreement. CySEC’s supervision department informed CySEC’s board that this was the second time that the firm requested an extension and it is not complying with the previously agreed schedule.

A second recommendation to immediately suspend the company’s license was issued. The possibility of seriously harming the interests of the company’s clients was highlighted. The board decided to commit to using audited financial statements and a full investigation into the matter was launched to determine capital adequacy ratio and potential other irregularities.

Audit office conclusions and attorney general recommendation


According to the Audit Office, due to the large number of complaints there was a small delay in the audit. Noting that the first complaints were received from CySEC in December 2014, and the preliminary investigation was only launched in March 2015, the Cypriot supervisory body also highlighted that no significant results were found before July 2015.

The document continues, highlighting that the case may be a serious violation of CIF law and there is the potential for it to become a criminal investigation. Given the magnitude of the case and the significant international impact, the penalties must be severe.


“A similar rigor should also be exercised with regard to compliance with the requirements and deadlines set by the CySEC in its examination of such cases. When the CySEC Board decides to act differently from the recommendations of competent technocrats we suggest the reasons for that are well documented,” the document states.

In conclusion, the Audit Office states that given the seriousness of the offences established by CySEC, the case should be sent to the Cyprus Attorney General to consider if criminal offences have been committed.

Finance Magnates has reached out to IronFX for comment and will update our readers if and when it responds.


read more: