SEC Charged River Source Wealth Management, LLC,

FOR IMMEDIATE RELEASE
2019-77

Washington D.C., May 28, 2019 —
The Securities and Exchange Commission today charged investment adviser Stephen Brandon Anderson with defrauding clients by overcharging advisory fees of at least $367,000.

According to the SEC’s order, Anderson owned and operated River Source Wealth Management, LLC, a now-defunct registered investment adviser in North Carolina. River Source’s primary revenue stream was customer advisory fees. Customer agreements provided that those fees would be based on each customer’s assets under management. The SEC’s order finds, however, that in 2015 and 2016, Anderson overcharged a majority of his clients.

The amount and percentages of the overcharges varied but, in the aggregate, amounted to approximately 40% more than the agreed-upon maximum customer advisory fees.

As described in the order, Anderson also misled his clients about the reason he transferred their assets from River Source’s long-time asset custodian, falsely stating that it was his decision and that the separation was “amicable.” In fact, as the order finds, the asset custodian ended the relationship with River Source after it noticed irregular billing practices and failed to receive sufficient supporting documentation from Anderson.

Furthermore, the order finds that Anderson made material misstatements in reports filed with the Commission, including overstating River Source’s assets under management by at least $34 million (18%) in 2015 and $61 million (35%) in 2016, and failed to implement required compliance policies and procedures.

The order prohibits Anderson from acting in a supervisory or compliance capacity or from charging advisory fees without supervision for at least three years, and requires Anderson to provide notice of the SEC order to clients and prospective clients.

“When advisors breach their duty to clients by misleading and overcharging them, they can expect the SEC will craft a package of remedies that will compensate harmed investors, provide additional safeguards for prospective investors, and deter similar conduct,” said Carolyn M. Welshhans, Associate Director in SEC’s Enforcement Division.

The SEC’s order finds that Anderson violated Sections 206(2) and 207 of the Investment Advisers Act, and aided and abetted and caused River Source’s violations of the books and records and compliance provisions of the Advisers Act. In addition to the limitations and undertakings discussed above, Anderson agreed to a cease-and-desist order and a censure, and agreed to pay disgorgement and prejudgment interest of $405,381 and a $100,000 penalty. Payments made by Anderson pursuant to the order will be distributed to harmed investors through a Fair Fund. Anderson consented to the order without admitting or denying the findings.

The SEC’s investigation was conducted by Brian Vann and Daniel A. Weinstein with assistance from James Smith, Samara Ross and Jonathan Swankie, and the case was supervised by Brian O. Quinn and Ms. Welshhans.

https://www.sec.gov/news/press-release/2019-77

Advertisements

Mediation Services, Melinda Branscomb Contacting Consumers

Alert Number: CA050228_4/29/19(4/20)
Updated: 05/06/2019
Originally posted: 11/16/2017

The Washington State Department of Financial Institutions (DFI) has received multiple scamalert2complaints from Washington consumers of what appears to be debt a collection scam. Several consumers reported being contacted by entities alleging to be “Mediation Services” and “Mutual Mediations.” These entities claimed to be collecting debts owed for loans the consumers reported never occurred.

One consumer reported to receive threatening voicemails from Mediation Services. When the consumer called the number provided, the answering individual would not give the consumer any information about the source of the alleged debt. The consumer reported that several calls and voicemails were received.

Another consumer reported that someone claiming to represent Mediation Services had been leaving voicemails on the consumer’s personal phone. The caller identified himself as Kevin Reynold. The caller stated that he needed the consumer to contact him regarding a pending case against the consumer for an outstanding debt. The voicemail further stated that legal action would be taken if the debt was not paid immediately, and that the consumer would be waiving his rights if the consumer failed to respond.

One consumer reported being called by someone identifying himself as Brad Stevens from Mediation Services. The caller told the consumer he was collecting a debt owed for a payday loan, but refused to identify the name of the payday loan company. The caller claimed the consumer owed $700 for a payday loan taken out in 2010 that the consumer did not recognize. The consumer reported that the caller knew what bank the consumer used.

Another consumer reported being called multiple times by someone claiming to represent Mutual Mediations. The caller claimed the consumer owed $1,000 to National Group, LLC for a payday loan taken out in 2011 that the consumer did not recognize. The consumer reported the caller threatened that theft charges would be filed if the consumer did not enter into a payment plan.

These facts have been alleged by the consumers, and have not been verified by the Department.

The consumers reported the following contact information related to the calls:

Phone numbers:

  1. 253*244*9739
  2. 855*466*9581
  3. 859*402*0778
  4. 844*860*0904
  5. 253*244*9981

Names: Kevin Reynolds |Brad Stevens

The entities perpetrating the apparent scams are not licensed by the Department and are not registered to conduct business in Washington State by the Department of Licensing, the Department of Revenue, or the Secretary of State. The Department of Licensing licenses and regulates collection agencies under RCW 19.16.

Please note that the callers reported by the consumer should not be confused with the following businesses that are registered with the state:

  • Mediation Services, LLC – Bellingham, WA (Inactive)
  • Mediation Services, Melinda Branscomb – Vashon, WA

DFI warns Washington consumers:

Never send money or provide access to your bank or credit card in response to threatening telephone calls or emails you receive claiming that you owe a debt.
Never give any personal information, such as social security number, credit card, or bank account information to any individual, website, or company without first verifying their identity and license status.
Check that a financial services company or individual is properly licensed to conduct business in the state of Washington by using the “Verify a License” feature on the DFI’s website at http://www.dfi.wa.gov.
Check the license status of collection agencies with the State of Washington Department of Licensing at http://www.dol.wa.go

DFSA and an International Bank Impersonated

29 May 2019

The Dubai Financial Services Authority (DFSA) warns the financial services scamalert2community and members of the public of a scam in which the DFSA and an international bank were impersonated.

The scammers, using the DFSA logo, issued a fake “Stop Order” addressed to an international bank. The Stop Order stated that an incoming transfer of USD7.6 million was put on hold, because a “Covering Certificate” is required prior to the receipt of an international transfer. The Stop Order also stated that the Covering Certificate is mandated by the DFSA and can be obtained for a fee of 0.2% of the transfer amount. A copy of the fake Stop Order can be found here.

In addition, the scammers, using the logo of the same international bank referred to in the Stop Order, issued a fake “Payment Confirmation” regarding the transfer of USD7.6 million. A copy of the fake Payment Confirmation can be found here.

Both fake letters, being the Stop Order and Payment Confirmation, were sent to a member of the public who is listed as the beneficiary of the fictitious USD7.6 million transfer.

In an attempt to authenticate the scam, the perpetrators of the scam fraudulently used the following without permission:
• The name and logo of the DFSA;
• The name and purported signature of a royal family member on the Stop Order; and
• The name and logo of an international bank.

The DFSA is informing you that the Stop Order and Payment Confirmation are false documents which were not issued by the DFSA or the international bank respectively.

The DFSA informs you that it does not:
• Require a Covering Certificate for international transfers; or
• Charge a fee for international transfers.
The DFSA strongly advises you that you do not communicate with the perpetrators in relation to the scam, and under no circumstances should you send any money to them in connection with the scam.

The DFSA has a page on its website dedicated to alerts which it has issued about scams. All alerts issued by the DFSA may be accessed by going to: ALERTS

The DFSA has also issued warnings and guidance about the common types of scams perpetrated on consumers. For more information on these scams, please go to: HOW TO AVOID BEING SCAMMED

The DFSA encourages consumers to refer to the list of regulated Firms and Authorised Individuals licensed by the DFSA that is available on the DFSA’s PUBLIC REGISTER

If you have any concerns about the authenticity of any correspondence or documents that purport to be issued by the Dubai International Financial Centre (DIFC), DFSA or a DFSA regulated Firm, you should direct your concerns to the DIFC on Tel:+971 4 362 2222 and to the DFSA via the DFSA Complaints function on: COMPLAINTS

Dubai Financial Services Authority

Amana Financial Services (Dubai) Limited

Dear scamFRAUDalert,

scamalert2

The Dubai Financial Services Authority (DFSA) warns the financial services community and the public of a scam in which the scammers falsely claim to be an Authorised Firm, based in the Dubai International Financial Centre (DIFC) and regulated by the DFSA.

The scammers offer trading services to potential investors under the trading name “Amana Trade”. In doing so, the scammers have impersonated a legitimate DIFC incorporated and DFSA regulated Authorised Firm, namely, Amana Financial Services (Dubai) Limited, by:

• using the name “Amana Trade” which is similar to “Amana Financial Services (Dubai) Limited”; and
• falsely representing that it is a DFSA Authorised Firm.

Dubai Financial Services Authority

Complaintboard.com Adsense ID ca-pub-0908409732572457

We’ve said all along that complaintsboard engages in cybersquatting and other harmful practices online.

Complaintsboard.com Adsense ID
ca-pub-0908409732572457
ca-pub-0908409732572457

CA-pub-7643816519439245 | 10 domains

  1. complaintboard.in
  2. complaintsboard.com
  3. sudzibas.lv
  4. 2huzhe.net
  5. reviewstalk.com
  6. callerfinder.com
  7. complaintsboard.com
  8. incomus.com
  9. spamcaution.com
  10. spaminform.com
  11. yadsi.in
  12. alejandrobocanegra.com
  13. lustre.jp
  14. infoprut.ro
  15. chinascampatrol.org
  16. chinascambusters.com
  17. scamus.com
  18. bdomains.com
  19. numtracker.com
  20. vcharges.com

publisher ID7643816519439245.png

WhoIs XPAND LABS aka XPAND Staffing aka Moxie Media, LLC?

WhoIs XPAND LABS aka XPAND Staffing? Anyone with knowledge of this firm should please contact us.

Alec Difrawi, a consultant for DMS, told Bungalower that the space, located at 625 E. Central [GMap], should be fully operational by July 3. Alec Difrawi is now “The Quarterback” at Moxie Media, LLC.

Alec Difrawi_Moxie Media2Alec Difrawi_Moxie Media

The job postings from this company are suspect.

  1. Distribution Associate
  2. Dock Worker
  3. Forklift Operator
  4. Mover
  5. Packer
  6. Stocker
  7. Unloader
  8. Warehouse Worker

XpandLab

 

WhoIs Samir.net

IP this site is hosted on:
208.87.35.103 (29,484,910 sites on IP)

Parent domain of this site:
samir.net (1 site on domain)

Name servers of this site:
buy.internettraffic.com (39,442,664 sites on name server)
sell.internettraffic.com (39,442,663 sites on name server)

Address lookup
canonical name:samir.net
aliases
addresses:35.186.238.101
Domain Whois record

Queried whois.internic.net with “dom samir.net”…

Domain Name: SAMIR.NET
Registry Domain ID: 103017926_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2018-10-22T20:13:35Z
Creation Date: 2003-09-03T18:03:56Z
Registry Expiry Date: 2019-09-03T18:03:56Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: 480-624-2505

Name Server: NS1.NAMEFIND.COM
Name Server: NS2.NAMEFIND.COM

DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

>>> Last update of whois database: 2019-06-01T21:01:12Z <> Last update of WHOIS database: 2019-06-01T21:00:00Z <<<
Network Whois record
Queried whois.arin.net with "n 35.186.238.101"…

NetRange: 35.184.0.0 – 35.191.255.255
CIDR: 35.184.0.0/13
NetName: GOOGLE-CLOUD
NetHandle: NET-35-184-0-0-1
Parent: NET35 (NET-35-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Google LLC (GOOGL-2)
RegDate: 2016-10-11
Updated: 2016-10-17
Ref: https://rdap.arin.net/registry/ip/35.184.0.0

OrgName: Google LLC
OrgId: GOOGL-2
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US
RegDate: 2006-09-29
Updated: 2017-12-21
Comment: *** The IP addresses under this Org-ID are in use by Google Cloud customers ***
Comment:
Comment: Direct all copyright and legal complaints to
Comment: https://support.google.com/legal/go/report
Comment:
Comment: Direct all spam and abuse complaints to
Comment: https://support.google.com/code/go/gce_abuse_report
Comment:
Comment: For fastest response, use the relevant forms above.
Comment:
Comment: Complaints can also be sent to the GC Abuse desk
Comment: (google-cloud-compliance@google.com)
Comment: but may have longer turnaround times.
Comment:
Comment: Complaints sent to any other POC will be ignored.
Ref: https://rdap.arin.net/registry/entity/GOOGL-2

OrgAbuseHandle: GCABU-ARIN
OrgAbuseName: GC Abuse
OrgAbusePhone: +1-650-253-0000
OrgAbuseEmail: google-cloud-compliance@google.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/GCABU-ARIN

OrgNOCHandle: GCABU-ARIN
OrgNOCName: GC Abuse
OrgNOCPhone: +1-650-253-0000
OrgNOCEmail: google-cloud-compliance@google.com
OrgNOCRef: https://rdap.arin.net/registry/entity/GCABU-ARIN

OrgTechHandle: ZG39-ARIN
OrgTechName: Google LLC
OrgTechPhone: +1-650-253-0000
OrgTechEmail: arin-contact@google.com
OrgTechRef: https://rdap.arin.net/registry/entity/ZG39-ARIN
DNS records
name class type data time to live
samir.net IN A 35.186.238.101 3600s (01:00:00)
samir.net IN NS ns2.namefind.com 3600s (01:00:00)
samir.net IN NS ns1.namefind.com 3600s (01:00:00)
samir.net IN SOA
server: ns1.namefind.com
email: dns@jomax.net
serial: 2019022800
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 300
3600s (01:00:00)
101.238.186.35.in-addr.arpa IN PTR 101.238.186.35.bc.googleusercontent.com 120s (00:02:00)
101.238.186.35.in-addr.arpa IN RRSIG
type covered: PTR (12)
algorithm: RSA/SHA-256 (8)
labels: 6
original ttl: 120 (00:02:00)
signature expiration: 2019-06-21 02:20:20Z
signature inception: 2019-05-30 02:20:20Z
key tag: 31554
signer's name: 238.186.35.in-addr.arpa
signature:
(1024 bits)
12306ABCDA7D9B9DD48F366AB66B3230
69EF09D0DC67A55F4B53E5DC5D2DE4A7
800171B645CBFA63E825A2527AB0DBCB
00D62A1B1C68B4567A1C3AD320B973BD
92003D6AC5CF8A1F78475CEF1C372889
ACEBAEEB36D7C9B0283CB38FFF3A1252
86B1D56FD19CAC1C5494F18301F1A23A
CCF86E76133EA82760599A955ACDE219
120s (00:02:00)
238.186.35.in-addr.arpa IN NS ns-gce-public1.googledomains.com 21600s (06:00:00)
238.186.35.in-addr.arpa IN NS ns-gce-public2.googledomains.com 21600s (06:00:00)
238.186.35.in-addr.arpa IN NS ns-gce-public3.googledomains.com 21600s (06:00:00)
238.186.35.in-addr.arpa IN NS ns-gce-public4.googledomains.com 21600s (06:00:00)
238.186.35.in-addr.arpa IN RRSIG
type covered: NS (2)
algorithm: RSA/SHA-256 (8)
labels: 5
original ttl: 21600 (06:00:00)
signature expiration: 2019-06-21 02:20:20Z
signature inception: 2019-05-30 02:20:20Z
key tag: 31554
signer's name: 238.186.35.in-addr.arpa
signature:
(1024 bits)
69AD2AEABFC1285F018E4053D2C28697
2C69FD4F1BF7594407A2E3BBE38C71E5
647D1FAE7131D50ADB86A81A3ADEA7E7
F61CDAB19D4878132F7D8A70EE7701E0
8A81C24E64C877F94B0712F71515B349
75A37728199AEC62E52E5891D354B027
E23F70EE400366FF7AC2005FFED049FC
421BAF48A58ACE3238167A9D5CE79605
21600s (06:00:00)
238.186.35.in-addr.arpa IN SOA
server: ns-gce-public1.googledomains.com
email: cloud-dns-hostmaster@google.com
serial: 1
refresh: 21600
retry: 3600
expire: 259200
minimum ttl: 300
21600s (06:00:00)
238.186.35.in-addr.arpa IN RRSIG
type covered: SOA (6)
algorithm: RSA/SHA-256 (8)
labels: 5
original ttl: 21600 (06:00:00)
signature expiration: 2019-06-21 02:20:20Z
signature inception: 2019-05-30 02:20:20Z
key tag: 31554
signer's name: 238.186.35.in-addr.arpa
signature:
(1024 bits)
5B821869C26DC0F611357D7C2B0C1E9E
7AD93B2177078958502526FE46EE19C6
C2E2D0A14865044D6B26F259F7FCEA1C
8E0A14B7F8A22D5E04198DE34F6D0586
F582B661F405DFFE9FCC54BD1A5DE213
8A062802248AE6B59938C824CAE38665
BAC20042D505D7F10CFF6B6716776FC9
9B0240FF8A55BDFD7748AE8F98A234AC
21600s (06:00:00)
238.186.35.in-addr.arpa IN DNSKEY
flags: ZoneKey (256)
protocol: 3
algorithm: RSA/SHA-256 (8)
public key:
(1056 bits)
03010001B0F3AF89FED54FC277D55384
FE16E4D8B454904696BF98469F3DBA0A
0F781F5509D8D03F556C58F90C1B47E6
5A45EE041A61488BB607937A12EB4C59
F927663E84C947A721E3B1A97FE4A3A8
2942D5884093442AB5FF464FF350321C
E5685E0E337B8FF330F6A83C3B10E72D
4E85DFE93C23D2C28C1F426919222CB4
EF40DF23
300s (00:05:00)
238.186.35.in-addr.arpa IN DNSKEY
flags: SecureEntryPoint, ZoneKey (257)
protocol: 3
algorithm: RSA/SHA-256 (8)
public key:
(2080 bits)
0301000195DDD4CB787FE839A63AAA05
06CCEC69C0D97D57A42A6B6B192A25E9
D0C0011F83451E53F906C21BE8EA83DA
BCC1C43308C6367E03150B618B3802AA
6586DF264DF6DC9E46AE27F46DDD0EAE
7B4824F94E05505C6F3F4DEF643EBA97
C847DB42E058E576032503498213C989
1D4B853E9ED7D2D21A8F6747AB0EAF80
32E1CBDE1E906CE2D2770F7FAB1D456B
B575A2A464F16F5CEB68E7941BDA2C1C
7CBC229EB7B8504A81D7791344E205F7
1B609B66A1FBCDDB7D8187677E84244F
B116B97F07D06FED6079CBA5BC673C30
291AE80EBA360097F7146F687BE000DE
AB544955C38653FA9E115BD6BEB80870
76883106BAEF27A67971BD666C62EE9F
CBF77CBF
300s (00:05:00)
238.186.35.in-addr.arpa IN RRSIG
type covered: DNSKEY (48)
algorithm: RSA/SHA-256 (8)
labels: 5
original ttl: 300 (00:05:00)
signature expiration: 2019-06-21 02:20:20Z
signature inception: 2019-05-30 02:20:20Z
key tag: 901
signer's name: 238.186.35.in-addr.arpa
signature:
(2048 bits)
1F6FA0952C95A3A147270D1F48A430C9
67C10D43DC37D3D0B39427C8E3C89C79
7531CCEB8A3A9106D7CAE2AE4746995A
A68D2CC3B31E00C015BA409AC6EE69DE
8C118661D0D354577BCADC87D5DE7E59
34CADC4D6DCAAA49E369BB709115C900
62CEAEE664A347F477D45528CCFFEDC9
83D4B014C010B1C3853F0D33A7CE2882
C78931A3BCBF80DE6FFFDA5F230508F5
97ADA5A1D84B8DB423A204F0C5A2870E
8CC45D8EA591A31DAC3150321E18A190
10B5B93A49D7A88711B49C249420BCF8
3D2D802938FF0339AE05406D05C31951
FEF55C7D74A6E969D28780F685FFB003
FD72CE6FF1BCC80EF9A218AAE1D45B29
4C330083265D4E38D42A40CE7BC7632C
300s (00:05:00)
238.186.35.in-addr.arpa IN NSEC3PARAM
hash algorithm: SHA-1 (1)
flags: None (0)
iterations: 1
salt:
(64 bits)
BA507B1DC4CF22C1
5s (00:00:05)
238.186.35.in-addr.arpa IN RRSIG
type covered: NSEC3PARAM (51)
algorithm: RSA/SHA-256 (8)
labels: 5
original ttl: 0 (00:00:00)
signature expiration: 2019-06-21 02:20:20Z
signature inception: 2019-05-30 02:20:20Z
key tag: 31554
signer's name: 238.186.35.in-addr.arpa
signature:
(1024 bits)
80CA7C15A34B7B52038CF041F7EF38BC
3C4BBFBE67217A4FA36A0A3E1F42B850
79263CDC7452821121750E50E4D31B6A
B9EA9B25BE1CE3AFC0636A3F3202AB62
79D45FB2DD746051E8E23ABBBE67520D
B52CF9ADA44FC629F36FEFAF1FE53B82
EFDCAD0AEE15C205DBCA8488EEEB1119
1DC0B0F6BE9AD5140CA44BBEBA101ED2
5s (00:00:05)
238.186.35.in-addr.arpa IN CDS
[no interpretation available]
hex dump:
(36 bytes)
03 85 08 02 FF B7 4A C6 ……J.
D7 4E BE 46 44 B5 F0 39 .N.FD..9
CF EE E7 98 7E 21 E6 B2 ….~!..
26 5D D2 38 E3 C9 AC 32 &].8…2
A1 33 FA 2F .3./
300s (00:05:00)
238.186.35.in-addr.arpa IN RRSIG
type covered: CDS (59)
algorithm: RSA/SHA-256 (8)
labels: 5
original ttl: 300 (00:05:00)
signature expiration: 2019-06-21 02:20:20Z
signature inception: 2019-05-30 02:20:20Z
key tag: 31554
signer's name: 238.186.35.in-addr.arpa
signature:
(1024 bits)
1BBE7EBA4E0DB3E7E68B5B6FBCD604F0
6D9E5D4815F5ED507F27D13D4ABB580E
8124D1F29123F5E4F1863246C63B7DE2
8DD4019EA6935992ED4494B7A7554E61
AE29F077424563F947B27C7257612C16
70AC44A552FC359041548098A373E7D8
27AFD0C73F8D66E92A43B0875EBD6522
8468B5F541650624DA6D4E4EDB7B4F85
300s (00:05:00)
— end —
URL for this output | return to CentralOps.net, a service of Hexillion