Germany, U.S. Crack Down on €300M Global Payment-Fraud Network

A Long-Running Scam Reaches Its Endgame

German and U.S. authorities this week wrapped up a years-long investigation into one of Europe’s largest online payment-fraud operations. Between 2016 and 2021, three interconnected rings siphoned small recurring payments from more than 4.3 million cardholders in 193 countries, using about 2,000 fake streaming, dating and adult-content sites. German police estimate losses above €300 million.

The coordinated raids, carried out from Nov. 4 to 6 across Europe, North America and Asia, capped “Operation Chargeback.” Five suspects were arrested in California under U.S.–Germany extradition treaties, while German police executed warrants against 13 others across the continent.

German Authorities Step In

The investigation was led by Germany’s Federal Criminal Police Office (BKA) and prosecutors in Koblenz, supported by financial regulator BaFin. BaFin’s involvement underscores the stricter enforcement posture it adopted later than the 2020 collapse of Wirecard, which revealed a €1.9 billion hole in the company’s accounts.

Following Wirecard, Germany’s Financial Market Integrity Strengthening Act (FISG) expanded BaFin’s powers over fintechs and payment service providers. It tightened anti-money-laundering oversight and merchant-onboarding controls—areas that proved critical in Operation Chargeback’s evidence trail.

Investor Takeaway

The Payment Gateways

Investigators say the network depended on compromised or negligent German payment processors to slip fake microcharges through card systems. Several large PSPs were affected, though none have been charged. Media reports cited firms including Unzer GmbH—formerly Heidelpay and backed by KKR—whose merchant-acquisition activities were frozen by BaFin in 2022 due to AML deficiencies. The ban was lifted in October 2024 later than remediation under a special monitor.

PAYONE, a Worldline–Sparkassen joint venture, disclosed supervisory actions in ahead 2025 over internal controls, while Nexi S.p.A.—the Italian processor behind SIA and Nets—has been mentioned in discussions about acquirer exposure to fraud risk. All three companies deny any connection to the current probe, and authorities have not alleged corporate wrongdoing.

How the Fraud Worked

The fraud’s mechanics were unsophisticated but resilient. Card data came from leaks and phishing campaigns. Micro-subscriptions—charges of just a few euros—were processed through dummy content sites to avoid detection and minimize chargebacks. Shell entities in the U.K. and Cyprus acted as merchants, rotating descriptors to stay ahead of alerts. PSP insiders allegedly bypassed compliance checks, allowing fake merchants into legitimate payment networks.

Funds were routed through roughly 500 front companies before being parked offshore. Forensic teams have linked more than 19 million transactions to the scheme. German investigators say €35 million in assets have been seized so far.

Investor Takeaway

Why Germany Became the Focal Point

Germany’s vast acquiring market and its deep links to global card networks made it an ideal staging ground. Structural gaps left later than Wirecard’s collapse gave fraudsters cover. Although the scams ceased in 2021, investigators say tracing the layered flows required three years of mutual-legal-assistance requests and digital forensics spanning 30 jurisdictions.

The U.S. Dimension

The U.S. Department of Justice confirmed the arrests of five suspects in California under the bilateral extradition treaty. Officials described the coordination as routine, with no U.S. indictments filed so far. The suspects are expected to be handed over to German prosecutors once extradition hearings conclude.

What Comes Next

Prosecutors in Koblenz are weighing whether to pursue corporate cases alongside charges against individual insiders. BaFin and the European Central Bank are reviewing whether supervisory follow-ups on AML compliance are warranted. Consumer-rights groups anticipate a surge in chargeback and compensation claims as affected customers come forward.

At a policy level, regulators are considering stricter screening for high-risk merchants, real-time monitoring of recurring payments, and enhanced coordination among European financial-intelligence units. If convictions follow, Operation Chargeback would stand as Germany’s most extensive enforcement action against payment fraud since Wirecard—an outcome that gives substance to the country’s post-crisis pledge of tighter oversight.