---
type: court_doc
id: "court_sdny_207_3"
court: "SDNY"
case_no: "23-cr-00118"
doc_number: 207
doc_type: "TRANSCRIPT"
filed_date: null
lang: "zh"
url: "https://mubeitech.com/court/court_sdny_207_3"
json_url: "https://mubeitech.com/api/court/court_sdny_207_3"
---
# Sam Harvey Claydon First 21 December 2023 IN THE MATTER OF UNITED STATES OF AMERICA -V- KWOK ET AL., S1 23 Cr. 118 (AT)



> 原始法庭文件为英文；下方为英文全文，顶部为中文摘要。

Sam Harvey Claydon First 21 December 2023

## IN THE MATTER OF UNITED STATES OF AMERICA -V- KWOK ET AL., S1 23 Cr. 118 (AT)

## WITNESS STATEMENT OF SAM HARVEY CLAYDON

I, SAM CLAYDON, partner at CANDEY of 8 Stone Buildings, Lincoln's Inn, London WC2A 3TA WILL SAY AS FOLLOWS:

#### Introduction

- 1. ("CANDEY"). CANDEY is regulated by the Solicitors Regulation Authority as a law firm. I am also a solicitor-advocate (having obtained my higher rights certification in 2012), and a member of Lincoln's Inn as I hope to be called to the Bar during 2024. I have spent my career specialising in litigation, arbitration and investigations, with a particular focus on financial disputes. I have worked at a number of highly-regarded City firms on a number of market-leading cases. I am duly authorised to provide this witness statement on behalf of the Himalaya Group (as defined below).
- 2. Given that this witness statement is not being given in English proceedings, I wish to make clear the significance attached the statement of truth that I have signed at the end of this statement. As a solicitor, I am an officer of the Court. I therefore owe various duties to the Court, including a duty not to mislead the Court in any way. I am also subject to a number of other regulatory duties, including the duties to act with independence, honesty and integrity.
- 3. and is true. Where a matter is not within my own knowledge, I indicate the source of it and I believe it to be true.
- 4. Nothing that I say in this witness statement is, or is intended to be, any waiver of privilege whatsoever.

## Background

- 5. Limited and Himalaya International Group Limited (together, the "Himalaya Group").
- 6. Himalaya Exchange is a British Virgin Islands ("BVI") registered company, named Himalaya International Clearing Limited, trading as Himalaya Exchange (the "Exchange"). It operates a

user-to-user, centralised cryptocurrency exchange platform that consists of an engine that operates a continuously matched order book. in respect of virtual asset products. It is a platform for clients to trade, store and manage the Himalaya cryptocurrencies, namely the Himalaya Coin ("HCN") and the Himalaya Dollar ("HDO"). HCN is the Exchange's trading coin, a cryptocurrency priced by supply and demand. HDO is a stable coin, structured with the aim of maintaining its value at 1:1 to the US Dollar. Both coins are Ethereum-based tokens with backwards compatibility with the ERC- 20 standard.

- 7. Himalaya International Reserve, and Himalaya International Financial Group are coin issuers. The HDO is issued by the Himalaya International Reserve and the HCN is issued by the Himalaya International Finance Group.
- 8. ultimate beneficial owner of Himalaya Exchange, and others, in which it alleges that the Defendants perpetrated a fraudulent scheme through the Exchange (the "DoJ Investigation"). Mr Je and the Himalaya Group vehemently deny any wrongdoing whatsoever and are defending themselves to the full extent permitted by law in the DoJ Investigation.
- 9. in cash USD in Himalaya Exchange accounts belonging to customers of the Exchange. This has caused hardship to those customers, many of whom were ordinary people who had invested their own money into the Exchange.
- 10. On 6 December 2023, 3,539 customers of Himalaya Exchange (the "Customers") filed a motion pursuant to Federal Rule of Criminal Procedure 41(g) for the return of their property seized by the United States (the "Customer Action"). The Customer Action is led by Mr Bradford Geyer, a former employee of the DoJ. A website has been set up at himalayarestoration.com which contains further information regarding the Customer Action. The Customers have given their consent for the Exchange to pass on to Mr Geyer their details, including information pertaining to HDO and HCN balances, deposits and redemption information held in their Exchange account. Due to the serious safeguarding and risk of harm concerns this has been done using their unique Himalaya account number ("HID"). The Exchange provided the balances as at 10 November 2023 to Mr Geyer in the form of a schedule (the "Customer Action Schedule").
- 11. The collective position of the Customers is that they are not the victims of any fraud and they have not suffered any losses at the hands of the Himalaya Group. They say that the only losses that they have suffered are as a result of the seizure of Customer deposits undertaken by the DoJ, following which the price of the HCN dropped significantly. Certain Customers have made public statements to the press about the deleterious effect that the seizure has had on their lives, which in certain cases has led to them being unable to access any of their money.
- 12. The Himalaya Group supports the Customer Action given that it maintains that the DoJ seizure is unlawful and deposits should be returned to the Customers. I understand that the Himalaya Group has instructed two audits of its customer deposits that were undertaken by Armanino, both of which have shown that the Exchange held full reserves equivalent to the HDO they issued to the Customers.
- 13. to its legal obligations to prevent loss or depreciation of those assets, which includes constant assessment of litigation risk for any failure to act that could result in substantial losses. The Exchange has, at all times, acted with integrity, and has a right to take the necessary steps to ensure that it meets its obligations to its customers.
- 14. constitutes collusion with the Customer Action. These allegations are unprofessional and are wholly without merit or supporting evidence, as well as being vigorously denied by the Exchange, whose sole objective is to meet its obligations to its genuine customers. The Exchange obtains no benefit from the Customer Actions are influenced or directed by any Defendant or any other third party. Indeed; the Customer Action and Mr Geyer are both independent of the Exchange. The exchange takes any untrue or defamatory allegations seriously, and is prepared to take any steps necessary to defend its reputation.

## CANDEY's Instruction

- 15. exist. The Himalaya Group strenuously denies that allegation and avers that there is no factual basis whatsoever to make it. In relation to that, on 12 December 2023 the Himalaya Group instructed CANDEY to undertake an independent review to establish that, amongst other things and contrary to the incorrect assertions of the Customers do exist and have been onboarded as customers onto the Exchange in compliance with the Himalaya Group's stringent compliance procedures.
- 16. On 13 December 2023, CANDEY instructed Mazars, in their capacity as forensic accountants, to undertake the following as part of an independent investigation (the "Independent Review"):
	- (a) Database") in order to confirm and document the processes and procedures in place relating to customer onboarding at the Exchange;
	- (b) account on the HEX Customer Database;
	- (c)
- verify the existence of "know your client" ("KYC") onboarding information; (i)
- (II) verify the financial data contained in the Customer Action Schedule against the live data on the HEX Customer Database for this sample; and
- (iii) rate of rate 1:1) by the Exchange to Customers (according to the Customer Action Schedule) against the bank statements of the Exchange; and
- (d) limited to the United States.
- 17. in the following paragraphs the extent to which we have done so. For that purpose, CANDEY attended the offices of a service company to Himalaya Exchange with authority to access the Himalaya Exchange database ("admin panel") on 14 and 15 December 2023 (I attended on both days, and a solicitor colleague attended with me on 14 December). The purpose of CANDEY's close supervision has been to ensure the integrity and independence of the Independent Review
- 18. to all necessary information in order to undertake the Independent Review. No officer, employee or member of the service company, Himalaya Group or of any companies affiliated to the Himalaya Group has in any way influenced CANDEY or Mazar's work and both CANDEY and Mazars have been able to work unimpeded.

#### Live and Independent Review of the Hex Customer Database

- 19. Mazars and CANDEY were provided with access to the Hex Customer Database for the purpose of conducting a live and independent review of it, and to confirm and document the processes and procedures in place relating to customer onboarding at the Exchange, as well as to carry out a mock onboarding. These matters relate to "Instruction 4" in Mazars' Report.
- 20. CANDEY participated in the process of opening an account with the Himalaya Group at http as more particularly described in Mazar's report at section 7.
- 21. that database. In particular, CANDEY saw how an HID number is inputted and the information that is returned when an HID number is entered into the HEX Customer Database.

22. CANDEY understands that access to the HEX Customer Database is restricted to users with the appropriate access privileges. For instance, the finance department can see top ups, redemption amounts and customer balances but cannot see any other information. Edit privileges are restricted to customer support managers, and senior managers. For other users, any editing button does not work.

## Customer Registration and Verification

- 23. The customer tier system was then explained to CANDEY in the context of the onboarding process. To register and become a customer of the Exchange, one must verify their email address and phone number with two factor authentication ("2FA"). Each customer is assigned an HID number1 when they have undergone the 2FA verification. 'No tier' means that the customer has an unverified email address and in such circumstances that customer would not be assigned an HID number.
- 24. rejected. After that, a customer would be unable to create an account using that email address. A prospective customer would need to get in touch with customer service if they wished to reregister as a customer of the exchange using the same email address.
- 25. zero' status. At this stage, no KYC checks have yet been undertaken and even if a customer never undertakes any of those KYC checks, he/she will remain 'tier zero'. Even if the customer goes through KYC and has been rejected, he/she will remain Tier zero.

## KYC Process

- 26. J The KYC process consists of a questionnaire, a face scan of the customer's identification documents ("ID") (both scans done using Jumio) and a ComplyAdvantage check.
- 27. various KYC questions, including points about crypto trading experience, employment status etc. Answers are either selected from a drop down menu or multiple choice. For each answer, a numerical score is given which then, when added up, determines the risk level for that particular customer.
- Any customer whose risk level is 59 or below is classified as low or medium risk. Those 28. customers (subject to passing their Jumio and ComplyAdvantage checks, as more particularly described below) are automatically approved.

<sup>4 &</sup>quot;HID number" (which is a unique account number attributed to each customer).

- 29. profiles are escalated to a compliance analyst who must manually review the KYC questionnaire then, if the analyst is satisfied that the customer can be onboarded, the customer's application is escalated for approval to a compliance manager. The analyst must write and record in the system a risk summary statement for all applications requiring manual review by compliance as evidence of the analyst's overall evaluation and understanding of the applicant's risk profile.
- 30. are escalated to a compliance analyst who must manually review the KYC questionnaire then, if the analyst is satisfied that the customer can proceed, the customer's application is escalated for approval to the Client Review and Onboarding Committee (which comprises senior decisionmakers).
- 31. Jumio (http) is one of the market leading applications for AML and ID validations. A customer must pass a Jumio check to be onboarded as a customer, for which the customer must first provide a live scan of a government-issued ID. Once the customer inputs their government-issued ID (either using the camera on their PC or mobile device) Jumio also then checks their name using ComplyAdvantage (which is a market-leading tool that checks for any adverse media/online information) and their answers to the KYC questionnaire must match with the corresponding information on their ID. Jumio takes the data from the IDs and populates that information in the customer's profile. When performing the face scan, Jumio also confirms that the scan was being done 'live' rather than by use of a picture.

## Verifying that each Customer has an Exchange account

- 32. CANDEY were provided with the Customer Action Schedule and shared that with Mazars for the purposes of the Independent Review. As part of the experts' work in verifying that each of the Customers had an Exchange account on the HEX Customer Database (referred to as "Instruction 2" in Mazars' Report), CANDEY supervised the retrieval of the data for that purpose as I describe in further detail below.
- 33. customers by way of a live export of data from the HEX Customer Database to an excel spreadsheet. Tier 1 customers are those customers who have passed all KYC and compliance checks and have been onboarded on to the Exchange. CANDEY saw the input of the search parameters into the HEX Customer Database, the corresponding live data that was then retrieved from those searches on screen, and the export which resulted in the creation of seven Excel spreadsheets. At this stage there was no manual intervention involved in the extraction of the data.
- 34. The reason that seven Excel spreadsheets were created as a result of the data export was because the HEX Customer Database only allows for a limited number of items to be exported at one time. Under CANDEY's supervision, those seven spreadsheets were combined into one single spreadsheet by copying and pasting the data from each of those seven spreadsheets into one spreadsheet. CANDEY and Mazars verified that the total number of customers listed in the single consolidated spreadsheet added up to the same total as the number of customers in the seven separate spreadsheets.
- 35. CANDEY then reviewed the columns within the consolidated spreadsheet. We observed that most of the information was irrelevant for the purposes of the Independent Review, but to minimise any manual intervention CANDEY instructed that no columns should be removed simply on the grounds of irrelevance. We then identified the columns that contained personal data that could identify any individual customer. Those columns were the following (the "Personal Identifiers"):

username; displayname; fullname; mobile; birthdate; lastcommentby; addressl1; addressl2; zip;firstmiddlename; iddocnumber; city.

- 36. that deletion. The data still contains Each customer's "HID" number: this is a unique numerical identifier for each customer. The Customer Action Schedule also contains the HIDs of the Customers, a point to which I return below.
- 37. spreadsheet, copying only the values rather than the underlying formulae. Again, CANDEY instructed and supervised this process.
- 38. J The Customer Action Schedule was then used to identify the Customers from within the composite spreadsheet by using the VLOOKUP function with the customer HIDs. That resulted in the identification of customer HID matches from the Customer Action Schedule within the composite spreadsheet and highlighted them. All of the non-responsive (and thus non-highted) entries were then deleted to leave only the anonymised customer data for the HIDs appearing on the Customer Action Schedule. CANDEY then provided that spreadsheet to Mazars. All of this was done under CANDEY's instruction and supervision.

## Identify and isolate a sample of the Customers to verify certain information in detail

39. J. As part of "Instruction 3" in Mazar's Report, they have identified and isolated a sample of Customers to: (i) verify the existence of KYC onboarding information; (ii) verify the financial data contained in the Customer Action Schedule against the live data on the HEX Customer Database for this sample; and (iii) verify the redemptions paid (HDO stable coin redeemed back for USD at the rate of rate 1:1) by the Exchange to Customers (according to the Customer Action Schedule) against the bank statements of the Exchange,

- 40. CANDEY witnessed the process undertaken to do that, which involved the use of the HEX Customer Database to retrieve the information held on each Customer one by inputting HIDs manually for each Customer in the sample.
- 41. In relation to (i), CANDEY saw the process undertaken to retrieve the KYC onboarding information then to check that against the relevant Customer in the Customer Action Schedule.
- 42. from the Hex Customer Database and check that against the financial data for that Customer contained in the Customer Action Schedule.
- 43. contained within the Customer Action Schedule against the bank statements provided by the Exchange (such bank statements then being provided by CANDEY to Mazars).

## Mock customer onboarding

- 44. a mock client onboarding. We undertook a test with France as a country of residence and citizenship.
- 45. prompted to select three questions from a drop-down list of several questions. All were the usual generic security questions. For instance, name of first school, favourite movie, favourite holiday destination etc.
- 46. Then the system asked us for an email address and password, and to acknowledge that we are not in the US, Canada or Japan or any other jurisdiction that prohibits the holding of cryptocurrency. At that stage, the Exchange's terms and conditions must then be accepted as well as their privacy policy.
- 47. Once that was complete, we then received an email asking us to click on it to verify the email address used for registration. When clicked, it took us to a page saying, "Your account has been activated".
- 48. the 2FA process. Otherwise, we would be unable to access any functionality on the website.
- 49. a confirmation code with six digits, which was valid for a few minutes. Once we entered it into

the website, we received a message saying that the mobile phone number was successfully verified.

- 50. The website then displayed a 'complete verification' button. At this point the account did not have any functionality. We were then presented with a list of compliance questions. These are detailed questions around business activity/employment to determine the risk compliance score. We had to select where funds will be received and/or transferred from.
- 51. Jo After that, we had to provide an ID to be scanned into Jumio. A passport, driver's licence or identity card are the only three acceptable options. A customer can use the camera on their PC or scan a QR code and use their phone, and we opted for the latter. Jumio also takes a face photo. The Mazars team member was immediately rejected because her ID did not match the details entered upon registration. The reason given by Jumio (which is only visible to the Exchange and not the customer) was: "Full name differs from record."
- 52. After that, a notification appeared on the profile and showed that the customer had been rejected. After clicking on the "rejected" button, the site then said that the customer failed the ID verification process.
- 53. full correct name". Notably, as we saw on the system, her risk score jumped significantly once her ID was rejected.
- 54. Jumio also complyAdvantage check against her name at the same time. In our case the name entered was shown as having passed the checks and no adverse findings were highlighted.
- 55. A test was also done to onboard as a US resident. The system did not have a US country selection and therefore no account could be opened.

# STATEMENT OF TRUTH

I believe that the facts stated in this witness statement are true. I understand that proceedings for contempt of court may be brought against anyone who makes, or causes to be made, a false statement in a document verified by a statement of truth without an honest belief in its truth.

Illegible signature.

Signed:

Name: Sam Claydon Dated: 21 December 2023