Crypto payment brands trigger “scam” searches for predictable reasons. Crypto involves AML and sanctions risk, and banks treat flows that touch it as high-risk. That pressure creates two problems at once: concerns about real fraud and unwarranted suspicion surrounding legitimate operators. Which of those is CoinsPaid?
In payments, a “scam” payment gateway usually shows at least one of these traits: no verifiable legal entity, no clear compliance perimeter, no credible custody controls, lack of incident disclosure, and a limited public profile to be able to shut down quickly.
Starting With the Hard Identity Checks
Legal entity and corporate registry. The operating company behind the CoinsPaid brand is publicly listed as Dream Finance OÜ in Estonia’s e-Business Register, with registry code 14783543, stated capital of around $5,796,900 (€5,000,000), and a Tallinn address shown on the register entry.
Public corporate footprint. CoinsPaid’s own contact disclosures repeat Dream Finance OÜ details and list other group entities, including Dream Finance UAB (Lithuania), Dream Finance US LLC, and Dream Finance Processing Inc. (Canada).
Licensing and Estonian Regulations
CoinsPaid’s public disclosures include an Estonian license number FVT000166 attached to Dream Finance OÜ. That appears in site footers and contact disclosures.
Estonia’s supervisory model has been changing under MiCA. The European Commission notes MiCA started applying for certain token rules on 30 June 2024 and became fully applicable on 30 December 2024.
Estonian authorities now place crypto-asset service provider licensing under Finantsinspektsioon in the MiCA era, and Estonia’s FIU continues publishing AML guidance and materials.
Compliance Posture
A merchant does not need to become an AML officer. You just need evidence of controls that match the risk. The FATF’s virtual asset guidance outlines baseline expectations, including risk-based controls, customer due diligence, record-keeping, suspicious activity reporting, sanctions controls, and supervision or monitoring for VASPs.
CoinsPaid publishes AML policies in its legal hub, including a U.S. policy for Dream Finance U.S. that states a zero-tolerance stance on money laundering and sets an internal control framework.
What to do: request the KYB checklist, ask how blockchain screening works, and ask what triggers rejection or offboarding. The sales team should be able to explain these steps in plain language, and judging by public sources, CoinsPaid handles risk scoring with industry best practices.
Custody Design for Cryptocurrencies
Many “scam” accusations in crypto payments come from one confusion: processing versus custody.
A gateway can settle funds into fiat quickly, thereby reducing exposure to digital assets. CoinsPaid offers multiple settlement options and appears to provide a combination of custodial and non-custodial services.
Multi-Signature Wallets
CoinsPaid pages state that funds can be secured using multi-signature cold wallets, which require more than one key to authorize transfers, reducing the risk of theft and fraud. This approach has some trade-offs, but is generally considered a best practice for the use of crypto in enterprise.
Cold + Hot Storage Policies
CryptoProcessing, the payment gateway created by CoinsPaid, describes a configurable threshold of how much money is kept in hot and cold wallets. When balances exceed the threshold plus a minimum transfer amount, the system moves the excess to a cold address automatically.
The policy aligns with a standard custody principle: keep operational liquidity online, keep reserves offline.
Security Validation and Third-Party Testing Signals
CoinsPaid has an ISO 27001 certificate and cites third-party security audits made for their platform. Specifically, 10Guards and Hacken gave the gateway an all-clear with no vulnerabilities detected.
For Blockchain analytics, CoinsPaid seems to be using Crystal and Chainalysis. These tools can help flag and score transactions in real-time, assisting with AML and related analytics.
Incident History
There’s only one major security incident. On July 22, 2023, CoinsPaid published a post describing a theft tied to a hacker attack, with a reported loss of approximately $37 million.
The FBI later stated DPRK TraderTraitor-linked actors were responsible for a $37 million theft from CoinsPaid, alongside other major incidents linked to the same crypto wallets. North Korea-linked Lazarus Group was a major suspect in several reports, including one from Reuters.
CoinsPaid published a detailed incident write-up with a clear date and loss figure, which provides buyers with concrete information instead of rumors. It shifts the focus from “Was the business fake?” to “How does the operator prevent, detect, and contain advanced intrusion?” Disclosure and the law enforcement record provide us with a basis to ask direct follow-up questions regarding access control, approvals, monitoring, and post-incident changes.
Why this matters: Crypto hacks and data breaches occur fairly often, affecting major providers like Coinbase, and paradoxically, they provide a stronger foundation for verification than any marketing claim. Hacks create a public record of a real incident with a traceable paper trail and state-linked attribution, reducing the possibility of a scam sailing into the night.
