Summary Briefing
The Invisible Billion: Iran's Sanctions Machine - A Fake CEO, a Kilburn Basement, and a Billion Dollars
She had a Companies House listing, polished websites, marketing videos, and addresses ranging from a Caribbean beachfront to a Covent Garden apartment to a Dubai skyscraper. Elizabeth Newman looked entirely credible. She was entirely fictitious - an AI-generated identity assembled from a Shutterstock stock footage clip, built into the public face of a network that moved over $1 billion on behalf of Iran's Revolutionary Guard Corps. The investigation that eventually exposed the network began, in part, with a purple-collared cat. This briefing examines what happened, what it means, and what your organisation needs to do about it.
What's Inside
- The full account of Zedcex and Zedxion Exchange - two UK-registered crypto exchanges that appeared entirely legitimate, with polished branding, active social media and a named Companies House director, but were operating as front companies within an Iranian crypto-financing network that moved more than $1 billion on behalf of the IRGC and the Houthis
- A deep dive into Fraud as a Service - how generative AI has dramatically lowered the barrier to creating convincing synthetic identities, from executive headshots and LinkedIn profiles to video appearances and corporate websites, and why traditional indicators of legitimacy are no longer reliable as standalone signals of trustworthiness
- The Babak Zanjani connection - how investigators used blockchain analysis, corporate records, and a distinctive purple-collared cat to trace the network back to a sanctioned Iranian financier with a long history of moving oil revenues through layered front company structures, now adapted for the crypto era
- Hawala, cash, and a chicken Kiev - a detailed account of Wirmon Ltd, the foreign exchange business operating from a basement in Kilburn that was convicted of laundering millions in Iranian-linked criminal proceeds in April 2025, and how IRGC agents allegedly use London restaurants to distribute payments to sleeper cell operatives using impossible menu orders as coded pass phrases
- An analysis of Gulf enforcement action in 2026 - covering the UAE's dismantling of dozens of IRGC-linked sarraf exchange networks in April and May, Bahrain's detention of 41 suspects linked to IRGC-directed financial operations, and what the scale and speed of enforcement action signals about the regional recalibration underway
- A synthesis of new tools and old tricks - how digital evasion methods and centuries-old hawala systems are not competing but coexisting within the same networks, and why compliance frameworks that focus too narrowly on either will miss the threat
- Practical guidance on what firms must do now - from treating polished digital presentation as a verification trigger rather than a legitimacy signal, to network mapping behind apparent corporate credibility, blockchain-linked flow tracing, and monitoring informal transfer chains across UK and GCC corridors
