Blacklisted Scam Companies

What Is a Financial Regulatory Blacklist?

A financial regulatory blacklist — more precisely called a warning list, investor alert list, or unauthorised firms list — is a publicly accessible register maintained by a financial regulator identifying companies or individuals that are operating without authorisation, have been subject to enforcement action, or are suspected of fraudulent activity targeting consumers in that regulator’s jurisdiction. Blacklists are not criminal convictions. They are administrative warnings — formal notices to consumers that a named entity poses a risk. A company appearing on a regulatory blacklist has not necessarily been prosecuted or found guilty of fraud in a court of law. Conversely, a company not appearing on any blacklist has not been cleared of wrongdoing — it simply has not yet come to the regulator’s attention or been formally warned against. This distinction matters enormously for how blacklists should be used: as one layer of a multi-source verification process, not as a definitive safety certificate in either direction.  

How Companies Get Added to Regulatory Blacklists

Unauthorised Operation

The most common basis for blacklisting is operating a financial services business without the required regulatory authorisation. In the UK, EU member states, Australia, and Singapore, providing investment services, operating a trading platform, or managing client funds requires a licence from the relevant financial regulator. Entities doing so without a licence are operating illegally and, when identified, are typically added to the relevant warning list.

Consumer Complaints and Intelligence

Regulators receive complaints from consumers who have been defrauded or experienced problems with a financial service provider. When complaint volumes reach a threshold, or when a single complaint contains sufficient detail to suggest systematic fraud, the regulator may investigate and — if evidence supports — issue a public warning. This complaint-driven process means blacklisting is inherently reactive: a company must cause identifiable harm before it is warned against.

Clone Firm Identification

Regulators actively monitor for clone firms — fraudulent operations impersonating legitimately authorised entities. When a clone is identified, regulators typically issue a specific warning naming the fraudulent entity and its website alongside the details of the genuine authorised firm being impersonated. The FCA maintains a particularly active clone firm warning programme.

Enforcement Action

Where a regulator has taken formal enforcement action against an entity — issuing fines, revoking a licence, or commencing legal proceedings — the entity’s details are published on enforcement registers and, in many cases, on consumer-facing warning lists. Enforcement-based listings carry more formal weight than unauthorised operation warnings, as they reflect completed regulatory proceedings rather than preliminary assessments.

Cross-Border Regulatory Intelligence Sharing

Regulators share intelligence through international networks including IOSCO (International Organization of Securities Commissions), ESMA’s convergence mechanisms, and bilateral memoranda of understanding. A company warned against by ASIC in Australia may subsequently appear on the FCA’s warning list, and vice versa. This sharing is improving but remains incomplete — a blacklisting in one jurisdiction does not automatically trigger a warning in all others.  

The Critical Limitations of Blacklists

Before consulting any blacklist, understanding what it cannot tell you is as important as knowing what it can.

Blacklists Are Reactive, Not Predictive

A company only appears on a blacklist after it has come to a regulator’s attention. By definition, newly launched fraudulent operations — including the majority of fake trading platforms, pig butchering platforms, and ghost investment schemes at any given moment — are not on any blacklist yet. The absence of a blacklist entry is not evidence of legitimacy. It is evidence only that the company has not yet been warned against by that specific regulator.

Geographic Coverage Is Fragmented

Each regulator only warns against entities it has identified within its own jurisdictional scope. A fraudulent broker operating from Cyprus and targeting Australian investors may not appear on either the CySEC or ASIC warning list. It may appear on neither despite being actively defrauding victims, because neither regulator has yet received sufficient complaints to trigger a warning. Multi-regulator searches are essential — but even comprehensive multi-regulator searching does not eliminate gaps.

Blacklists Are Frequently Outdated

Fraudulent operations move rapidly — changing domain names, rebranding under new entity names, and migrating infrastructure to avoid detection. A company blacklisted under one name may be operating identically under a different name the following week. Blacklists record historical warnings; they do not track rebranding. Searching only the name of a company as currently presented — without investigating its corporate history and associated entities — misses this evasion technique entirely.

Clone Firms Exploit the Positive Appearance of Authorised Firms

The most technically sophisticated fraud involving blacklists is the clone firm: a fraudulent entity that uses the name, registration number, and regulatory credentials of a legitimately authorised firm. The authorised firm appears positively on the register; the clone does not appear on any warning list. The fraudster benefits from the victim’s reasonable assumption that verifying the name on the register is sufficient. It is not — the website URL must be verified character by character against the register entry.  

Official Blacklists and Warning Lists: A Comprehensive Directory

United Kingdom

FCA Warning List — fca.org.uk/consumers/warning-list The Financial Conduct Authority’s consumer-facing warning list is the most actively maintained and frequently updated financial fraud warning resource in Europe. Searchable by firm name, website URL, and phone number. Includes unauthorised firms, clone firm warnings, and entities under investigation. Updated regularly — new warnings are added as quickly as the FCA’s intelligence process identifies them. FCA Enforcement Actions Register — fca.org.uk/news/news-stories/enforcement Published enforcement decisions, fines, and licence revocations against FCA-authorised or formerly authorised firms. More formal than the warning list — entries here reflect completed regulatory proceedings. Financial Ombudsman Service Decisions — ombudsman-decisions.org.uk Published FOS decisions include cases involving specific firms. Searching a firm’s name in published FOS decisions reveals whether complaints have been upheld against it — a useful secondary signal.

European Union

ESMA Convergence Database — registers.esma.europa.eu ESMA’s registers include supervisory actions taken by national competent authorities across EU member states. While not a consumer-facing warning list, it records regulatory measures — warnings, licence suspensions, and enforcement actions — taken by EU national regulators, searchable by entity name. CySEC Warning List — cysec.gov.cy/en-GB/public-info/warnings The Cyprus Securities and Exchange Commission publishes warnings against unauthorised entities targeting Cypriot investors and entities misusing CySEC’s name or authorised firms’ identities. Given Cyprus’s prominence as an EU passporting jurisdiction for financial services, CySEC’s warning list is disproportionately relevant to cross-border investment fraud cases. BaFin Warning List — bafin.de/EN/Verbraucher/Aktuell Germany’s Federal Financial Supervisory Authority publishes consumer alerts against unauthorised entities targeting the German market. BaFin’s warnings are particularly relevant for fraudulent forex, CFD, and crypto platforms operating without German authorisation. AMF Blacklist — amf-france.org/en/warnings-and-sanctions/warnings-lists France’s Autorité des marchés financiers maintains one of Europe’s most comprehensive blacklists — covering unauthorised investment firms, asset managers, and forex/crypto platforms. The AMF blacklist is frequently ahead of other EU regulators in identifying new fraud operations and is well worth searching even for cases with no specific French connection. CONSOB Warning List — consob.it/web/consob-and-its-activities/warnings Italy’s securities regulator publishes warnings and orders against unauthorised entities. Italy has been particularly active in warning against cryptocurrency fraud platforms and binary options operators. CNMV Warning List — cnmv.es/portal/Alerta/Avisos-CNMV.aspx Spain’s Comisión Nacional del Mercado de Valores maintains a warning list of entities operating without CNMV authorisation. Relevant for fraud operations with Spanish connections or targeting Spanish-speaking investors globally. AFM Warning List — afm.nl/en/consumers/veel-gestelde-vragen/waarschuwingsregister The Netherlands’ Authority for the Financial Markets maintains a warning register of unauthorised entities. The Netherlands’ prominence as an EU financial centre makes the AFM list relevant beyond its domestic scope. KNF Warning List — knf.gov.pl/en/consumer-protection/public-warning-list Poland’s Financial Supervision Authority publishes a public warning list that has become one of the most extensive in the EU — reflecting both Poland’s large retail investor population and its active regulatory monitoring of cross-border fraud targeting Polish consumers. FSMA Warning List — fsma.be/en/warnings Belgium’s Financial Services and Markets Authority publishes warnings against unauthorised entities. The FSMA list covers investment firms, crypto platforms, and forex operators targeting Belgian investors. CMVM Warning List — cmvm.pt/en/Comunicados/Alertas/Pages/list.aspx Portugal’s Comissão do Mercado de Valores Mobiliários publishes alerts against unauthorised entities and clone operations. Relevant for fraud involving Portuguese connections or Golden Visa-linked property investment fraud.

Asia-Pacific

ASIC MoneySmart Warning List — moneysmart.gov.au/scams/check-before-you-invest Australia’s Securities and Investments Commission maintains an investor alert list of unlicensed companies and individuals targeting Australian investors. Regularly updated and searchable by name. ASIC also publishes enforcement actions at asic.gov.au/enforcement. MAS Investor Alert List — mas.gov.sg/investor-alert-list Singapore’s Monetary Authority publishes a comprehensive investor alert list covering unregulated entities, clone firms, and businesses operating without MAS authorisation. Given Singapore’s role as a regional financial hub, the MAS list is essential for Asia-Pacific investors regardless of their country of residence. FMA New Zealand Warning List — fma.govt.nz/consumer/investment-scams New Zealand’s Financial Markets Authority publishes warnings against entities targeting New Zealand investors. Relevant for New Zealand-connected fraud and increasingly for Australia-connected schemes given trans-Tasman fraud network overlap. SFC Warning List (Hong Kong) — sfc.hk/en/alert-list Hong Kong’s Securities and Futures Commission maintains an alert list of suspicious entities. Given Hong Kong’s prominence as an Asia-Pacific financial centre, the SFC list captures a significant volume of cross-border fraud operations with regional reach. FSC Warning List (South Korea) — fsc.go.kr South Korea’s Financial Services Commission publishes warnings relevant to Korean investors and entities operating without Korean authorisation.

Global and Cross-Jurisdictional

IOSCO Investor Alerts Portal — iosco.org/investor_protection The International Organization of Securities Commissions aggregates investor alerts from member regulators across over 100 countries into a single searchable portal. The most comprehensive single source for cross-jurisdictional fraud warnings globally. Essential for checking whether a firm has been warned against in any major jurisdiction, not just the regulator most obvious from the fraud’s surface presentation. Interpol Financial Crime Resources — interpol.int/Crimes/Financial-crime Interpol does not maintain a consumer-facing company blacklist, but its financial crime resources include intelligence on major cross-border fraud typologies and regional alerts relevant to multi-country fraud investigations.  

How to Search Blacklists Effectively

Search by Multiple Identifiers

Do not search by company name alone. Search the company’s claimed registration number, the website URL, any phone numbers provided, and — if you have them — the names of individuals associated with the company. Fraudulent operations frequently change names while retaining the same infrastructure, phone numbers, and individuals.

Search Multiple Regulators Simultaneously

A company targeting Asia-Pacific investors through an EU-registered entity may appear on ASIC’s warning list, the FCA’s warning list, CySEC’s list, and the MAS alert list simultaneously — or on only one. The IOSCO portal provides the broadest simultaneous coverage. For EU-specific searches, running the ESMA convergence database alongside individual national regulator lists maximises coverage.

Search for Related Entities

If a company appears on a blacklist, search for all entities registered at the same address, operated by the same directors, or using similar branding. Fraudulent operations routinely spin up new entities when a previous one is blacklisted — tracing the network reveals the full scope of the operation and supports legal proceedings against all connected parties.

Document Your Search Results

Whether a company appears or does not appear on a blacklist, document your search — screenshot the search results, the date and time of the search, and the platform searched. If the company is later confirmed as fraudulent, your documented search results contribute to the evidentiary record and may be relevant to claims against financial institutions that processed your payments.  

What to Do If a Company You Have Used Appears on a Blacklist

If You Have Not Yet Sent Money

Do not proceed. A blacklist entry — regardless of how recent or which regulator issued it — is a formal warning against engaging with that entity. No investment opportunity justifies sending funds to a company that a financial regulator has formally identified as unauthorised or fraudulent.

If You Have Already Sent Money

Act immediately. A blacklist confirmation that the company you dealt with is fraudulent or unauthorised is an important evidentiary finding — it strengthens every recovery mechanism available to you. Contact your bank or card issuer immediately and reference the blacklist entry as supporting evidence for a payment recall or chargeback claim. A regulatory warning against the recipient of your funds is directly relevant to the bank’s assessment of your claim. Preserve all evidence including screenshots of the blacklist entry, the date you discovered it, and all transaction and communication records. File formal reports with your national financial regulator and police, referencing the blacklist entry. The existence of a regulatory warning significantly strengthens both the criminal complaint and any civil proceedings. Seek specialist legal and advisory support — particularly where the blacklisted entity has connections to European jurisdictions. A regulatory warning can accelerate court proceedings by establishing the fraudulent or unauthorised nature of the defendant’s operations without requiring the claimant to prove that fact independently from scratch.  

Beyond Blacklists: A Complete Verification Framework

Blacklists answer one question: has this company already been identified as problematic? They do not answer the far more important question: is this company legitimate? For that, a complete verification framework — covering corporate registration, regulatory licence confirmation, financial health, beneficial ownership, and operational credibility — is necessary regardless of whether a company appears on any blacklist.