Clone firm using our brand and a fake broker site triggered an FCA warning (lawful grounds to take the clone down)
Short answer: when a clone firm copies your licensed broker brand and FRN to run a fake site, the lawful and effective move is to take the clone down — DMCA §512 to the host for copied assets, a trademark/impersonation complaint to the registrar, and proxy/abuse reports — while surfacing the regulator’s clone-firm clarification in search. The FCA, CySEC or ASIC warning is a warning about the clone, issued to protect your customers; legitimate regulator warnings about your own firm are not removable, and we would never try. This applies across the US (DMCA), EU/EEA and UK, with the statute used depending on where the host and assets sit.
What a clone-firm warning actually is
A clone firm is a fraudster who copies the name, FRN, address or website of a genuine, authorised broker to look legitimate. Victims check the regulator’s register, see your real authorisation, and assume the fraudster is you. When the regulator spots this, it publishes a clone-firm warning — naming your brand to tell the public that someone is misusing it and listing the fake contact details to avoid.
This is the point to be precise about, because firms panic at seeing their name in a warning. The warning is about the clone, not about your conduct. It exists to protect the people the fraudster is targeting. A legitimate regulator warning about your own firm — a genuine FCA, CySEC or ASIC notice concerning your actual authorisation or conduct — is not something we remove or suppress, and no honest practice would offer to. The clone angle is the opposite situation: the warning is on your side, and the work is to kill the fake site and make the regulator’s clarification easy to find.
What you can do yourself — taking the clone down
Most clone broker sites copy enough of your real site to give you a clean copyright basis, and that is usually the fastest lever.
- DMCA §512 notice to the host (US-hosted assets). If the clone copies your site copy, logo, screenshots or images, send a §512 takedown to the hosting provider identifying the exact URLs, the original works, and your good-faith statement. US hosts have a statutory incentive to act on a properly formed notice. This is copyright law; it is the right tool for copied material, not for the impersonation itself.
- Registrar abuse / trademark complaint. Pure brand impersonation — the use of your name and FRN — is a trademark and passing-off matter. File with the domain registrar’s abuse channel, citing fraud and trademark infringement. Many registrars suspend domains used for financial fraud.
- Proxy reports. If the site sits behind Cloudflare, file at abuse.cloudflare.com. Cloudflare is usually a proxy, not the host: it forwards reports to the origin host rather than removing content itself, except for narrow categories like phishing. So your real target is the host behind it — see how to find the real host behind Cloudflare.
- Platform impersonation channels. If the clone runs ads or social profiles, use each platform’s impersonation/IP reporting flow with your trademark registration as standing.
Keep dated records of every notice. Each step is the predicate for the next if a recipient stalls.
Surfacing the regulator’s clarification
Taking the file offline is half the job; the other half is what your customers find when they search. You want the regulator’s own clone-firm warning page and your firm’s clarification ranking, not the clone’s residue.
- Publish a clear “we have been cloned” notice on your real domain, listing your genuine contact details and linking the official regulator warning.
- Link the regulator’s clone-firm page from authoritative pages so it ranks against the fraudster’s footprint.
- Where the clone’s URLs persist in search after the host removes them, Google’s Report Content for Legal Reasons tool can be used for clearly unlawful content. Note that Google forwards legal-removal requests to the public Lumen database; a clumsy self-filing can republish the very URLs you are trying to bury, so file precisely. For clearly-unlawful clone content the forms work fine.
Where the self-help route breaks
Clone operators expect takedowns. They host offshore on providers chosen because they ignore notices, register fresh domains the moment one drops, and run mirrors. A single §512 notice wins one URL; it does not win the campaign. The leverage then shifts: the registrar, the upstream network provider, and search deindexing so the clone stops receiving the traffic that is its entire purpose, even while a file sits live on an uncooperative server. None of these layers is guaranteed alone, which is why serious enforcement runs several at once and over time.
What the legal route looks like
Under US law, DMCA §512 drives host-level removal of copied assets — but DMCA is a copyright remedy, not a defamation or impersonation remedy, and it does not touch a legitimate regulator warning. In the EU/EEA and UK, the copyright basis differs (the EU’s relevant directives and national copyright law), trademark and passing-off support registrar and court action, and fraud reporting routes exist in each jurisdiction. The constant across all three: you are asserting your own rights against a fraudster, with standing you can document.
When to bring in counsel
One clone on a cooperative host is something a capable in-house team can handle with the steps above. It becomes a counsel matter when the clone is one of many mirrors regenerating faster than you can file, when the host is hostile, when you need registrar, upstream and deindexing worked in parallel under named statute, or when the regulator warning is drawing customer questions and you need the clarification surfaced cleanly. That is enforcement at volume — across the broker reputation practice — and it is where a layered, statute-named approach earns its keep.
Informational, not legal advice — verify the current forms and grounds, which differ by jurisdiction (US, EU/EEA, UK). No outcome is guaranteed; results depend on the facts and the jurisdiction.
Asked before engagement.
- A clone firm is using our brand and FRN — can we remove the FCA clone-firm warning?
- No, and you would not want to. The FCA clone-firm warning protects your customers by naming the fraud; it is a warning about the clone, not about you. The lawful action is to take down the clone site and surface the regulator's clarification, not to suppress the warning.
- What is the fastest lawful way to take a fake broker clone site offline?
- Usually a layered notice: a DMCA §512 takedown to the host for the copied site and brand assets, a trademark/impersonation complaint to the registrar, and a report to the proxy (e.g. Cloudflare) so it forwards to the origin host. The host-level DMCA notice tends to move fastest in the US.
- Does a DMCA notice work when the clone is just impersonating us, not copying files?
- DMCA §512 covers copied material — your site copy, logo, screenshots, images. Pure impersonation without copying is a trademark and passing-off matter, handled through registrar abuse and the platform's impersonation channels rather than DMCA. Most clone sites copy enough to support both.
- The clone is behind Cloudflare and the host ignores us. What now?
- Leverage shifts to the registrar, the upstream network, and search deindexing so the clone stops receiving traffic. Cloudflare forwards abuse reports to the origin host rather than removing content itself, so identifying the true host is the step that unlocks the rest.
- Can you guarantee the clone stays down?
- No honest practice guarantees that. Clone operators re-register on new hosts and domains, so this is enforcement over time, not a single takedown. Surfacing the regulator's clone-firm clarification in search is what protects customers while the cat-and-mouse continues.
Senior counsel · in IP and compliance practice since 2014. Every guide is reviewed before publication.
Full counsel profile →