CySEC Flags 21 Fraudulent Broker Domains, Including AvaTrade & OneRoyal Clones
The Cyprus Securities and Exchange Commission (CySEC) has issued a new warning highlighting 21 unauthorised investment websites, including suspected clones of the regulated brokers AvaTrade and OneRoyal. The alert expands CySEC’s fast-growing blacklist of platforms offering forex, CFD and automated-trading services without the licence required under Article 5 of Law 87(I)/2017.
According to the regulator’s latest notice, the listed websites operate without any authorisation to provide investment services in Cyprus. The development follows a year of intensified enforcement, during which CySEC imposed nearly €3 million in penalties for unlicensed or abusive practices. The new warning underscores rising concerns around brand impersonation, aggressive online marketing and cross-border investor harm.
Publish Date
25 Nov 2025
Reading Time
10 minutes
Category
Legal News
Jurisdiction
Cyprus
New CySEC Warning Targets 21 Unauthorised Broker Domains
CySEC’s updated list includes domains that mimic established trading brands or market themselves as multi-asset brokers. Many present themselves as regulated investment firms, yet none appear in CySEC’s official public register of Cyprus Investment Firms.
The 21 flagged domains include fernrise.com, cfdoptions.com, xmarktrades.com, finconnect.fr, premiumwave.online, capitaliko.com, tradeshipglobex.com, fasat-g.pro, and quantoria-markets.net. A full list was published in the regulator’s announcement, also covered by Finance Magnates full report.
Several domains appear deliberately structured to mislead retail traders into believing they are dealing with licensed European brokers.
Clone Brokers and Cross-Border Scams – AvaTrade & OneRoyal Imitators
Clone websites remain one of the most damaging fraud patterns in the European trading sector. They copy the branding, website structure or naming style of legitimate brokers to lure investors toward unregulated platforms.
CySEC identified avacaptal.com, which closely resembles the name and design of AvaTrade, a genuinely regulated multi-asset broker holding EU and Australian licences. Another domain, oneroyalfx.co, appears to imitate OneRoyal, a long-established regulated broker with more than two decades of operational history.
Cross-border risks are also increasing. Quantoria-markets.net, one of the domains on CySEC’s list, has separately been flagged by Québec’s financial regulator AMF for offering unregistered crypto-trading services AMF investor warning.
This demonstrates how fraudulent entities often target investors across multiple jurisdictions simultaneously.
Legal Framework – What CySEC Authorisation Under Law 87(I)/2017 Means
Any platform offering investment services in Cyprus or targeting Cypriot users must hold a Cyprus Investment Firm (CIF) licence under Law 87(I)/2017, which implements the EU’s MiFID II regime. Licensed CIFs meet regulatory standards on capital, safeguarding, governance, conduct and reporting.
To help readers distinguish between legitimate and unauthorised activity, a simple comparison table clarifies the difference:
| Feature | Authorised CIF | Unauthorised Website |
|---|---|---|
| Regulatory licence | Yes – CySEC CIF licence under Law 87(I)/2017 | None |
| MiFID II protection | Yes | No |
| Investor recourse | Compensation schemes & regulatory complaints | None |
| Supervision | Ongoing | Absent |
| Marketing controls | Required | Frequently abusive |
Investors who engage with unlicensed platforms have no regulatory protections, no access to investor-compensation mechanisms and no guaranteed right of recourse.
Practical Red Flags for Investors in Cyprus and the EU
CySEC’s warning offers reminders that many unauthorised brokers share the same behavioural patterns. Common red flags include:
- Look-alike domains based on well-known brokers.
- Claims of guaranteed returns or “automated crypto wealth systems”.
- Requests for upfront deposits via unverified channels or crypto wallets.
- Unprofessional websites using fake licence numbers or fabricated certificates.
- Pressure to “upgrade accounts” through repeated calls or messaging apps.
CySEC urges investors to verify licence details directly through its public register of authorised firms CySEC CIF register.
The regulator also notes an increase in fraudulent emails falsely claiming to represent CySEC and requesting payments for “trading certificates” or fund releases—something the authority never does.
What This Means for Regulated Brokers and CFD/FX Operators
For regulated brokers, the rise of clone sites creates reputational and regulatory challenges. Fraudsters increasingly use real licence data, scraped from registers and corporate disclosures, to build more credible-looking impostor sites. Brokers may therefore need to adopt:
- Brand-monitoring systems to detect domain similarity.
- Rapid escalation processes to notify CySEC and hosting providers.
- Client-facing guidance explaining how to identify the official domain.
- Record-keeping of impersonation incidents for compliance reporting.
For CFD and forex operators serving the EEA, CySEC’s warnings highlight growing regulatory expectations around marketing oversight, distribution controls and investor-protection standards.
Next Steps – Monitoring, Enforcement and How We Can Help
CySEC may issue further actions following this warning, including domain-takedown requests, cross-border cooperation with EU and non-EU regulators, or additional penalties against entities linked to unauthorised activity. Market participants should expect heightened scrutiny of marketing claims, automated-trading tools and high-yield investment schemes.
We support clients with broker due-diligence, regulatory mapping for MiFID-linked activities, and brand-protection strategies for regulated brokers exposed to impersonation risk across the EU and beyond.
Schedule a consultation right now.
CySEC Unauthorised Broker Websites – Key FAQs
How can I check if a forex or CFD broker is licensed by CySEC?
Verify the firm’s name and domain using CySEC’s official public register. The regulator lists every authorised Cyprus Investment Firm and the exact domain linked to each licence.
What is a CySEC “unauthorised broker website”?
It is any platform offering investment services without a CIF licence under Law 87(I)/2017. These sites often use misleading marketing, clone branding or promises of high returns.
Are AvaTrade and OneRoyal included in this warning?
No. CySEC flagged clones of these brokers. The legitimate firms remain authorised and operate under their own regulated domains.
What should regulated brokers do if a clone uses their brand?
They should notify CySEC, collect evidence, inform affected clients and request domain takedowns. Many firms also implement automated brand-monitoring tools.
Does this CySEC warning affect investors outside Cyprus?
Yes. Many unauthorised brokers target traders across the EU, UK, Middle East and Africa. A CySEC warning signals that the entity lacks regulatory approval in Cyprus and likely elsewhere.
Accelerate Your Business with These Offers
Legasset's Knowledge Hub
articles and news:
