What We Know
BREACH DATA -- CONFIRMED CBA JIRA -- EXPOSED FASTEX COLLAPSE -- DOCUMENTED
Martin Galstyan is the Governor of the Central Bank of Armenia (CBA) -- the institution responsible for monetary policy, banking regulation, anti-money laundering enforcement, and management of the country's $3.5 billion in foreign reserves. He was appointed in 2020 at the age of 29, making him the youngest Central Bank governor in Armenian history.
His appointment followed the standard Pashinyan pattern: youth and loyalty over experience and competence. At 29, Galstyan had minimal central banking experience. He was given control of the institution that regulates every bank in Armenia, oversees financial crimes investigations, and manages billions in reserves. His primary qualification was that Pashinyan appointed him.
Under Galstyan's watch, the CBA has been characterized by two things: regulatory passivity toward politically connected financial operations, and catastrophic infrastructure security failures. The Fastex crypto collapse, the failure to investigate the SoftConstruct-to-Civil-Contract donation pipeline, and the exposed Jira system are not separate failures. They are symptoms of an institution that was designed to not ask questions.
The Critical Facts
| FACT | DETAIL | SIGNIFICANCE |
|---|---|---|
| DOB | February 16, 1991 | Confirmed via breach data (password = DOB) |
| Appointed | 2020, age 29 | Youngest CBA governor ever -- minimal experience |
| Education | Teaches at American University of Armenia | Academic, not practitioner |
| Breach email | martin.galstyan.91@mail.ru | Russian email service (mail.ru) |
| Breach password | 16021991 | His date of birth -- the CBA Governor uses DOB as password |
| Second breach | martin.galstyan@rambler.ru / 31203120 | Also on Russian Rambler service |
| Reserves | $3.5 billion | Under his management and oversight |
The Governor of Armenia's Central Bank -- the person responsible for the security of $3.5 billion in reserves and the regulatory oversight of the entire banking system -- uses his date of birth as a password on Russian email services. His email is martin.galstyan.91@mail.ru. His password is 16021991. That is February 16, 1991 -- his birthday. Under Russian law (SORM), the FSB has legal access to all mail.ru communications. The Central Bank Governor's personal communications are accessible to Russian intelligence by law, and he secured them with his birthday. This is not a minor security lapse. This is the person who sets security standards for Armenia's entire financial system.
The Money
FASTEX DATA -- DOCUMENTED OCCRP INVESTIGATION -- CONFIRMED REGULATORY CAPTURE PATTERN
Martin Galstyan's "money" section is not about his personal wealth -- it is about the money he was supposed to protect and the money he chose not to investigate.
The Fastex Collapse: $50M+ Lost
| TIMELINE | EVENT | CBA ACTION |
|---|---|---|
| Pre-2023 | SoftConstruct/Fastex launches FTN token | No regulatory framework established |
| 2023 | FC Barcelona shirt sponsorship ($50M+ deal) | No scrutiny of token-backed sponsorship |
| 2023-2024 | FTN token pumps to $4.61 ATH | No investor protection warnings |
| 2024-2025 | Token begins steady decline | No regulatory intervention |
| Early 2026 | Exchange shutdown announced | No action -- CBA silent |
| April 1, 2026 | Fastex exchange closes permanently. FTN at $0.32 (93% crash) | Zero regulatory response |
Armenian retail investors, athletes paid in FTN tokens, SoftConstruct employees with token-based compensation, and FC Barcelona players with locked FTN tokens -- all lost everything. The exchange that operated under CBA's regulatory jurisdiction shut down with $50M+ in losses. The Central Bank did nothing before, during, or after the collapse.
The SoftConstruct Donation Pipeline
OCCRP documented that SoftConstruct employees -- including Vache Khachatryan -- made "donations" to Civil Contract, with the pattern suggesting company-reimbursed fake donations (gambling money laundered into political contributions). Vache Khachatryan is a CBA employee. His email vache@cba.am with password gayush (his wife Gayane's name) appears in breach databases. There is also Khachatryanh@cba.am -- a different Khachatryan -- confirming multiple Khachatryans at the Central Bank.
This is the clearest case of regulatory capture in Armenia's post-revolution history. The pipeline works like this: (1) Badalyan's gambling empire generates revenue through SoftConstruct/VBET. (2) Employees like Vache Khachatryan make fake donations to Civil Contract. (3) Vache Khachatryan works at the Central Bank -- the institution that should investigate suspicious financial transactions. (4) The CBA under Galstyan never investigates the donation pipeline. (5) Meanwhile, Badalyan's Fastex exchange collapses with $50M+ in losses, and the CBA takes no regulatory action. The financial regulator employs a person documented by OCCRP as a fake donor to the ruling party, and that regulator fails to investigate either the donation pipeline or the crypto collapse connected to the same corporate group. This is not incompetence. This is design.
The Connections
OSINT SCAN -- CONFIRMED BREACH DATA -- CONFIRMED INFRASTRUCTURE ANALYSIS
Connection 1: CBA Jira Exposed
OWL discovered that the CBA's Jira project management system (jira.cba.am) is exposed with critical security failures:
| FINDING | DETAIL | RISK |
|---|---|---|
| Internal IP exposed | 192.168.93.214 | Internal network topology revealed |
| Anonymous access flag | Present in configuration | Unauthenticated access potential |
| Hosted in France | OVH infrastructure | Central Bank project data on foreign commercial hosting |
| Content | Project management data | Internal CBA projects, tasks, assignments visible |
This was published by OWL: cba-jira-internal-network-exposed. The Central Bank of Armenia -- managing $3.5 billion in reserves -- exposed its internal project management system, including internal IP addresses that reveal network topology, on a French commercial hosting provider. Under a governor who uses his birthday as a password.
Connection 2: FIU Employee Names Leaked
The Financial Intelligence Unit (FIU) -- the CBA division responsible for anti-money laundering -- had employee names leaked via cached Lotus Notes mailbox paths. This means the identities of the people investigating financial crimes in Armenia are potentially known to the criminals they investigate. Under Galstyan, the division meant to catch money laundering exposed its own staff directory.
Connection 3: 41 Subdomains -- The Infrastructure Empire
The CBA operates 41 subdomains -- tied with the MFA for the largest government web infrastructure footprint in Armenia. Critical systems include:
| SUBDOMAIN | PURPOSE | RISK |
|---|---|---|
| jira.cba.am | Project management | Internal tool exposed (published by OWL) |
| databank.cba.am | Banking data system | Critical financial data |
| databox.cba.am | Data storage | Critical |
| datacentre.cba.am | Data center management | Infrastructure control |
| online-reporting.cba.am | Financial reporting | Sensitive regulatory data |
| securewebmail.cba.am | McAfee Secure Web Mail | CBA secure email system |
| vpn.cba.am | VPN access | Remote access to CBA network |
| adfs.cba.am | Active Directory Federation | Authentication infrastructure |
| api.cba.am | Public API | Live (HTTP 200), IIS, empty since 2011 |
| nextgenaudit.cba.am | Audit system | Compliance and audit tools |
Connection 4: 17 Leaked CBA Credentials
| PASSWORD | ANALYSIS | |
|---|---|---|
| martin.galstyan.91@mail.ru | 16021991 | CBA GOVERNOR -- DOB as password on Russian email |
| martin.galstyan.91@mail.ru | 160291 | Same DOB, abbreviated format |
| martin.galstyan@rambler.ru | 31203120 | Governor on second Russian email service |
| vache@cba.am | gayush | OCCRP-documented fake donor at CBA |
| edgarnahapetyan@cba.am | 111111 | CBA employee -- password "111111" |
| Khachatryanh@cba.am | (in breach DB) | Second Khachatryan at CBA |
Seventeen CBA employee credentials are confirmed in public breach databases. The governor himself has three entries across two Russian email services. The person documented by OCCRP as a fake donor (Vache Khachatryan) has his CBA email in the same databases. Another CBA employee uses "111111" as a password. This is the security posture of the institution managing $3.5 billion in reserves.
Connection 5: The Pashinyan Appointment Pattern
Galstyan's appointment at 29 follows the same pattern as other Pashinyan placements: young, no institutional memory, no independent power base, completely dependent on the person who appointed them. Compare:
- Mkhitar Hayrapetyan -- Minister of Diaspora at 27
- Martin Galstyan -- CBA Governor at 29
- Andranik Simonyan -- NSS Deputy Director with captain rank (normally requires colonel)
- Suren Papikyan -- Defense Minister with zero military experience
The pattern is consistent: Pashinyan does not appoint qualified people to sensitive positions. He appoints dependent people who cannot survive politically without his protection.
The Vulnerability
RISK ASSESSMENT
| VULNERABILITY | EVIDENCE | LEGAL EXPOSURE |
|---|---|---|
| Fastex regulatory failure | $50M+ lost, FTN crashed 93%, zero CBA action | Regulatory negligence, failure to protect investors |
| SoftConstruct pipeline ignored | OCCRP-documented fake donations, CBA employee involved, no investigation | Failure to enforce AML regulations, complicity in money laundering |
| CBA Jira exposed | Internal IP, anonymous access, hosted on OVH France | Negligence in protecting critical financial infrastructure |
| FIU staff compromised | Employee names leaked via Lotus Notes paths | Endangerment of financial crime investigators |
| Personal security failures | DOB as password on Russian email, 17 staff credentials leaked | Systemic security negligence at highest level |
| Youth/inexperience as qualification | Appointed at 29, youngest ever | Questions of competence and appointment legitimacy |
Martin Galstyan's vulnerability is that everything he failed to do is documented.
He failed to regulate Fastex before, during, or after the collapse -- and the collapse is public record, with $50M+ in documented losses, a 93% token crash, and an April 1, 2026 exchange shutdown date that is verifiable.
He failed to investigate the SoftConstruct donation pipeline despite OCCRP publishing the evidence and despite his own institution employing one of the named fake donors -- and the OCCRP report, the breach data showing vache@cba.am, and the Civil Contract donation records are all permanent public records.
He failed to secure the CBA's own infrastructure -- and the Jira exposure (internal IP 192.168.93.214, anonymous access, OVH France hosting), the 17 leaked credentials, the FIU staff name leak, and his own DOB-as-password breach are all documented and published.
The next government will not need to investigate Galstyan from scratch. Every failure is already documented. Every piece of evidence already exists in public databases. The question is not whether there will be an investigation but how many charges it will produce. Regulatory negligence, failure to enforce AML laws, potential complicity in the money laundering pipeline that funded the ruling party, endangerment of financial crime investigators through infrastructure failures, and personal security practices that potentially exposed the Central Bank to foreign intelligence services -- these are not political opinions. They are documented facts with legal consequences.
The Question
Right now, Martin Galstyan is protected by Nikol Pashinyan's power. He is Central Bank Governor because Pashinyan needed someone young enough to have no institutional memory, compliant enough to not investigate the SoftConstruct donation pipeline, and dependent enough to never challenge the government's financial interests. He watched Fastex collapse because investigating it would lead to Vigen Badalyan, who funds Civil Contract. He employs Vache Khachatryan because the donation pipeline requires someone inside the regulator.
But Nikol Pashinyan has his exit plan. His wife Anna Hakobyan has been building connections in Beijing. There is the $1 million Sheikh Zayed Book Award. The strategic divorce filing that separates their assets. When the time comes, Pashinyan has his path out.
Martin Galstyan has no path out.
When Pashinyan leaves -- and he will leave -- Galstyan stays. In Armenia. At 35 years old. With a regulatory record that includes the worst crypto collapse in Armenian history and zero regulatory response. With an OCCRP investigation documenting fake donations from the corporate group he refused to investigate. With his own employee named as a fake donor. With a Jira system that exposed the Central Bank's internal network to the internet. With FIU staff whose identities were compromised. With 17 employee credentials in public breach databases. With his own email and DOB-as-password published for anyone to verify. With $3.5 billion in reserves that the next government will audit transaction by transaction.
He is 35. He will live with these files for decades. The Fastex collapse victims will not forget. The OCCRP report will not disappear. The breach data is permanent. The next Central Bank Governor will open the Jira system, review the FIU staff exposure, examine the SoftConstruct regulatory file (or lack thereof), and ask one question: what was Martin Galstyan doing?
Everything documented in this profile is from public records, OCCRP investigations, OWL published OSINT findings, and breach databases. It will still be public when the next government takes power. It will still be evidence when the next CBA Governor opens the regulatory files and finds Martin Galstyan's inaction documented on every page.
Nikol has his exit plan. What's yours, Martin?
Profile #9 of 100. The "Left Behind" series documents people who are currently protected by Nikol Pashinyan's power -- and who will be exposed when that power ends. Every profile is based on public records. Every fact is verifiable. The file is permanent.
Methodology
Breach data from public breach databases (martin.galstyan.91@mail.ru / 16021991 confirmed, plus 16 additional CBA employee credentials). CBA infrastructure OSINT via DNS enumeration, certificate transparency logs, and subdomain discovery (41 subdomains mapped). Jira exposure documented and published by OWL (cba-jira-internal-network-exposed). Fastex/FTN collapse data from exchange records, token price tracking, and media reports. OCCRP investigation data on SoftConstruct fake donation pipeline (Vache Khachatryan documented as donor). FIU employee leak via cached Lotus Notes mailbox paths. CBA infrastructure analysis via SSL certificates, SPF/DMARC records, and server fingerprinting. Career and appointment data from CBA official records, Wikipedia, and gov.am. All dates and facts cross-referenced with multiple sources.