Emerging Trends in Crypto Fraud
This is an Insight article, written by a selected partner as part of GIR's co-published content. Read more on Insight
Cryptocurrency – it’s the hottest thing in investing. Or it was. With the values of cryptocurrencies plummeting, regulations tightening and high incidences of fraud, what can investors do to protect themselves and what are the emerging trends that we need to be aware of?
- What are crypto assets?
- How big is the fraud problem?
- How are investors defrauded?
- Can investors protect themselves from fraud?
- How are countries dealing with crypto regulation?
Referenced in this article
- Bill Gates v Elon Musk
- China’s tough stance on crypto
- Asia regulation
- The end of Gatecoin
As crypto faces a global retreat – with many investors and exchanges facing a massive sell off and steady losses – Bill Gates’s recent statement rings true: ‘cryptocurrencies and NFTs are 100% based on greater fool theory’.
The Microsoft founder went on: ‘I like investing in things that have valuable output. The value of crypto is just what some other person decides someone else will pay for it.’
At the other end of the debate is Elon Musk. His company Tesla accepts Dogecoin as a payment method for the purchase of some merchandise. The entrepreneur even personally continues to support Dogecoin, although recently, Mr Musk was sued for US$58 billion by a Dogecoin investor who accused him of running a pyramid scheme to support the currency.
Despite the conflicting views of these prominent personalities and entrepreneurs, regulators globally continue to be wary of cryptocurrency. Virtual assets, a broader name for cryptocurrency, are perceived by regulators as a major threat to the total stability of the financial system. Crypto’s recent rapid growth, increasing scale of trading activity, high price volatility and increasing involvement of institutional investors can potentially affect financial markets and investors through the wealth effect and severe price correction.
The ease and anonymity with which crypto assets can be transferred electronically and, possibly, across borders, as compared with regulated fiat currency systems, makes them highly susceptible to money laundering or terrorist financing activities. There is also the potential risk of maintaining security, with hackers stealing currencies worth millions. ‘Crypto exchanges are the frontier between the dark web and the regulated fiat world,’ says Tom Keatinge, a financial crime expert at the Royal United Services Institute.
Despite the concerns, the universe of digital assets continues to multiply. There are now more than 18,000 cryptocurrencies, over 400 crypto exchanges and the global market cap of cryptocurrencies currently exceeds US$900 billion.
Below, we examine the risks associated with crypto assets, the different schemes employed to defraud investors, the challenges associated with asset tracing and the regulatory environment in the two primary Asian jurisdictions of Singapore and Hong Kong for virtual assets.
What are crypto assets?
In the absence of a legal definition like there is for securities, cryptographic assets can be described as transferable digital representations that are designed in a way that prohibits their copying or duplication. The technology that facilitates the transfer of cryptographic assets is referred to as a ‘blockchain’ or distributed ledger technology. Blockchain is a digital, decentralised ledger that keeps a record of all transactions that take place across a peer-to-peer network, enabling the encryption of information. Cryptographic assets and the underlying technology provide opportunities to digitise a variety of ‘real world’ objects. Cryptocurrencies are the most commonly known subset of cryptoassets and are primarily used as a means of exchange, with Bitcoin being the most prominent.
Today we have different kind of cryptoassets such as non-fungible tokens (NFTs), synthetic assets, stablecoins and utility tokens, among others.
The pace of development in the crypto industry has far outstripped regulators’ ability to respond. With social media and online forums such as Reddit becoming the primary information source for potential investors, the potential for inexperienced investors to get burnt is high.
Due to this, consumers have limited awareness of the risks associated – and the lack of protection – for these assets. Fewer than one in 10 potential buyers of cryptocurrencies have seen official warnings about crypto, according to the United Kingdom’s Financial Conduct Authority.
Unlike deposit insurance for bank depositors in the scenario of a bank’s inability to pay its debts when due, losses on cryptoassets are not covered under any deposit insurance schemes by government bodies.
‘It’s a fraud and worse than tulip bulbs,’ Jamie Dimon, CEO of JP Morgan
Over US$1 billion lost to scams
According to a recent report released by the US’s Federal Trade Commission, investors have lost over US$1 billion in cryptocurrency scams between January 2021 and March 2022. More than 46,000 people have lost money in crypto fraud since the beginning of 2021, making it the leading source of payment scams. The median individual reported loss was US$2,600.
Fraudsters are attracted to cryptocurrency transactions as they are anonymous and no central bank or authority follows, traces, stops or recovers fraud as it happens. Consequently, they often use cryptocurrencies for illegitimate transactions or concealing the assets acquired through a fraud. Cryptocurrency acquisition or transaction methods may include:
- purchasing cryptocurrency through a cryptocurrency exchange;
- receiving cryptocurrency as payment for legal or illegal transactions;
- purchasing cryptocurrency for cash at a cryptocurrency ATM; and
- exchanging fiat currency for cryptocurrency through informal peer-to-peer transactions.
Cryptocurrency transfers cannot be reversed, making them difficult to trace. And most people are still unfamiliar with how crypto works. Some of the most common types of crypto scams that are prevalent and have been used to defraud people are the following.
Bogus investment scams
Since 2021, US$575 million of all crypto fraud losses reported to the FTC were about false investment opportunities. They are basically Ponzi schemes where new adopters are necessary to give artificial returns to the early adopters. Most of these schemes are advertised on social media platforms like Instagram, Facebook and WhatsApp. Limited knowledge of crypto adds to the promise of huge returns – a dangerous combination.
Fake crypto trading websites and wallets
Copies of trade websites and apps are thriving. Unfortunately, they seem quite similar to the authentic ones, and some phoney websites even rank high in Google searches, making it difficult to detect the risk. Investors may ‘purchase’ bitcoin using these bogus websites and applications, and even see their cash rise on bogus charts. In order to gain confidence, many services even enable people to make a ‘test withdrawal’, allowing you to withdraw a little sum of money. However, after trying to withdraw all of their funds, investors will realise that their funds have already gone.
Pump and Dump
‘Pump and Dump’ schemes occur when the perpetrators buy most of the supply of a small cryptocurrency or coin with low liquidity and small market capitalisation, promote it, often by engaging celebrities, influencers, social networks and spreading fake news. This usually drives the value of this cryptocurrency or coin up. The perpetrators who were pumping the coin will now ‘dump’ it. One recent cautionary story involves SQUID, the ‘meme coin’ cryptocurrency based on the Netflix series Squid Game. It was soaring one moment and then lost all its value in a major drop. The coin’s creators allegedly disappeared with US$3 million obtained from investors.
We have recently seen an increase in ‘romance scams’, which all follow the same pattern: an attractive woman contacts the victim online, builds their trust, then gives tips on crypto investing, recommending a crypto trading platform with the highest return ever. Almost always, the platform is a forgery. A number of similar occurrences using the currency OEN and the sites Bitfex.pro and Bitfex.vip have been recorded in Hong Kong.
Initial coin offering (ICO)
A new cryptocurrency offering is an uncontrolled method of raising cash. Investors anticipate large profits from such ICOs and quickly join up to pay for future coins using another cryptocurrency, often Bitcoin or Ethereum (ETH), straight to the fundraiser’s e-wallet. Many ICOs are completely fabricated, with phony bios of non-existent team members and technical whitepapers copied from other, legitimate cryptocurrencies. However, many ICOs failed to generate funding, while others fail entirely.
Trading platforms freezing wallets without legal grounds
We get complaints about respectable platforms that take crypto assets but subsequently lock the wallets because the trader does not follow their anti-money laundering (AML) or know-your-customer (KYC) standards. This is a murky area as AML/KYC processes typically need to be completed by the platform prior to accepting crypto money. If the money had been deposited and non-compliance with AML/KYC is cited as an excuse for wallet freezing, we believe the whole transaction should be regarded null and void and the crypto money refunded to the rightful owner.
Fake cryptocurrency exchanges
Fake and unregulated cryptocurrency exchanges act as a legitimate exchange to commit a scam. Potential victims are lured by celebrity endorsement promising extraordinary returns on investments. When a victim attempts to withdraw funds, obstacles appear such as unannounced fees and taxes to be paid. Often victims discover that their money disappears altogether. In 2017, South Korean authorities exposed one of the most notorious fake cryptocurrency exchanges. BitKRX was named to look like the cryptocurrency arm of the legitimate and largest financial trading platform in the country, Korea Exchange (KRX) — a common technique for fake exchanges trying to establish legitimacy quickly. Based on public goodwill towards KRX, BitKRX was able to lure investors who believed BitKRX was run by KRX. But when clients who thought they had purchased BTC tried to access their funds, they discovered their money had vanished.
A well-known example involves the OneCoin Ponzi scheme, which defrauded victims across various jurisdictions including the United States, Europe, China and Singapore. OneCoin was an alleged form of cryptocurrency that could be mined by those who paid for educational courses and tokens that could be used to mine OneCoin. OneCoins could be exchanged for a limited amounts of fiat currency on Xcoinx (a private cryptocurrency exchange), depending on how much you had invested. In reality, no blockchain technology was involved and OneCoin was eventually discovered to be worthless.
Figure 1: Reported cryptocurrency fraud losses by year
Weak passwords offers scope for theft
As per a recent study, 75 per cent of millennials use the same password for 10 different devices, apps and accounts and some use the same password for over 50 different sites. Blockchain wallet providers offer different security check points to prevent data hacks. Some of these include a multi-chain authentication and providing software applications such as a secured password manager. They also recommend using a VPN to access the wallet, even if using a secure Wi-Fi network. However, consumers place convenience over security making it easy for cybercriminals to attack. Cybercriminals and hackers may need just one password to gain access to a victim’s crypto wallet or their complete digital profile. Also, breach of a smartphone may provide a hacker insight into significant personally valuable data that may offer ideas about potential passwords.
Alternatively, using strongarm tactics such as kidnapping have also been used by fraudsters. In November 2021, Hong Kong Police rescued a 39-year-old cryptocurrency trader who was supposed to be attending a Tether (USDT) trade but was instead kidnapped for seven days by triad members and forced to reveal his passwords to his online banking account and cryptocurrency trading platforms, losing approximately USDT 5 million (approximately HK$39 million).
Is consumer protection possible?
How can crypto investors stay safe? Here are some key ways to protect any current or future investments.
Trustworthy internet platforms
To provide a layer of safety, cryptocurrency investors should make transactions via trustworthy internet platforms, or through legal firms rather than face-to-face. Other security strategies include maintaining strong passwords (use a trusted password manager app), spreading cryptocurrencies across different wallets, keeping the seed phrase safe in an offline location, using two-factor authentication, and if technical skills allow, holding both hot and cold wallets.
For crypto transfers, customers should rely on public blockchains that provide visibility on all transactions taking place. With the blockchain’s public ledger available and an open-source code underpinning it, it is possible to uncover associated transactions and trace the funds. Blockchain explorers can be used to undertake blockchain analysis and analyse entries for each transaction that is made.
Crypto is NOT the new gold
When facing a too-good-to-be-true crypto scam, the best strategy is to remain wary and carry out adequate due diligence. Anybody that offers a new cryptocurrency, promising it to be a safe and high return investment without any government oversight, may not be telling the truth.
Many countries now require currency exchanges – businesses that allow customers to exchange fiat currency for cryptocurrency or one cryptocurrency for another – to comply with KYC requirements or at least maintain records of customers’ identities. This allows fraud examiners and legal advisers to track the money through court orders or subpoenas. Many digital wallet providers now insist on recording identifying information about their clients and this information can be used in tracing investigations.
Lack of a single jurisdiction
Difficulties arise when jurisdiction disclosure orders are sought and it is ambiguous which specific jurisdiction the cryptocurrency exchanges are headquartered in. For example, some of the largest cryptocurrency exchanges, such as Binance, Coinbase and Kraken do not have physical corporate headquarters.
Another problem with asset tracing cryptocurrencies is the use of ‘coin mixers’. A coin mixer is software that allows you to break cryptocurrency into smaller amounts to be mixed with cryptocurrencies in numerous crypto wallets and then finally be deposited to the account of a choice. Such mixing of assets from various sources significantly complicates identifying and tracing cryptocurrencies.
Figure 2: Top frauds by reported cryptocurrency losses
Regulators are rushing to keep up
In the US, the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC) and the Internal Revenue Service (IRS) have regulatory control over cryptocurrency. The IRS has taken the position that all cryptocurrency investments are assets that can be taxed like other regular assets. On 3 May 2022, the SEC announced that it was dramatically expanding its Cyber Unit and renaming it as the Crypto Assets and Cyber Unit to identify crypto fraud as a major enforcement priority.
In the UK, the Financial Conduct Authority (FCA) has alerted the public to the risks of speculation in digital assets while they work to develop standards to govern the crypto sectors. The watchdog only regulates cryptocurrency providers for anti-money laundering, but it has sent many warning signals to consumers. Since January 2020, firms carrying on cryptoassets’ activity in the UK have to comply with the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017. Any firms undertaking crypto asset business in the UK without registration are committing a criminal offence.
As of March 2022, the EU has also implemented new rules for the traceability of crypto assets. These include:
- Detailing information on the source of and beneficiaries of all crypto assets, with the information available to competent authorities. Transactions from ‘unhosted wallets’ should be included under the above rule to ensure all asset transfers can be individually identified and suspicious transactions blocked.
- Set minimum thresholds for transactions to be eliminated and rules to cover all low value transfers.
- A public compendium of suspicious players involved in crypto assets to be compiled by the European Banking Authority. Providers must ensure that the assets being offered are not subject to any risks of unethical activities.
Despite regulators attempts to set new guidelines and warn investors, the process hasn’t been simple. The task is complicated by the large share of consumers who conduct their crypto dealing with offshore exchanges (86 per cent in the UK). A significant number of crypto businesses were not meeting anti-money laundering standards, making monitoring a struggle. With the introduction of the registration norms by the FCA in January 2020, only five companies were fully registered with until June 2021. Gary Gensler, the chair of the SEC, has said his aim was to bring ‘similar protections to the exchanges where you trade crypto assets as you might expect at the New York Stock Exchange or Nasdaq’.
What about Asia?
In contrast to the western world, countries in the Asia-Pacific region have demonstrated widely differing attitudes to the regulation of crypto assets.
China’s crypto shutdown
In September 2021, the People’s Bank of China (PBOC) announced a total crackdown by declaring cryptocurrency an illegal tender arising from concerns over its volatility and it being misused to launder money. China joins a growing list of countries including Indonesia, Egypt and Nepal where such restrictions exist.
The restrictions have been steadily tightened over the years with the shutdown of local cryptocurrency exchanges in 2017, and trading cryptocurrency being officially banned in June 2019. The PBOC planned to block access to all forms of cryptocurrency exchanges, domestic and foreign, and Initial Coin Offering websites, although transactions continued through foreign online exchanges.
The crackdown continued with the banning of institutions and companies from providing crypto currency-related services in May 2021. Government officials warned buyers that they wouldn’t receive any protection for trading in Bitcoin and other online currencies. This was followed up by payment platforms and banks being instructed to stop aiding transactions and banned the mining of cryptocurrency in June 2021.
Finally, in September 2021, all currency exchanges (both legal and virtual) engaging in information, or the buying or selling of virtual currencies were deemed illegal and carried the risk of investigation and prosecution. Financial institutions were banned from providing services for cryptocurrencies, which included opening accounts and funds transfer. All platforms or websites providing payment services or advertising in cryptocurrencies are now banned.
China’s position reflects the global concerns about cryptocurrency, such as their high-risk profile, their propensity to promote crime and their negative affect on government control of monetary systems.
What did Singapore do?
Singapore, renowned for its rigorous laws and regulations, maintains an open yet practical attitude toward cryptocurrencies. The Singapore Court recognised cryptocurrency as property and granted the first reporting freezing injunction in CLM v CLN  SGHC 4. The city state also permits cryptocurrency exchanges and trade. Cryptocurrency players working in Singapore are regulated by the Monetary Authority of Singapore (MAS).
Singapore has robust anti-money laundering and counter-terrorism financing measures in place to stop the misuse of digital payment tokens. In the past few years, MAS introduced various AML/CTF requirements aligned with FATF standards, comprising of the introduction of the Payment Services Act (PSA), AML/CTF notice and guidelines, surveillance efforts and licensing and supervision. The PSA was put into effect in January 2020 by MAS, the nation’s central bank and financial watchdog, to bolster consumer protection, promote trust in e-payments and improve the regulatory environment for payment services. It requires licences for crypto exchanges and other businesses involved in the cryptocurrency industry.
Since then, MAS has made a continuous effort to enhance the regulatory framework and updates to the PSA. The Singapore Parliament passed the Payment Services Bill of Amendment Act 2021. The bill will go into effect at a later date and will expand the definition of a cross-border money transfer service to include facilitating transfers of funds between individuals in other jurisdictions when Singapore-based service providers are neither accepting nor receiving funds.
The Financial Services and Markets Bill mandates the licencing and compliance with regional AML and CFT regulations of digital asset providers established in Singapore but conducting business outside of the city-state. In exercising care, the MAS has also turned down applications from more than 100 Bitcoin companies looking to set up shop there.
One of the biggest cryptocurrency exchanges in the world, Binance, was told by MAS in 2021 to stop offering payment services – and courting customers – in Singapore. In order to alert Singaporean customers that the platform is neither governed nor authorised to offer payment services in the city-state, MAS also included Binance.com to its Investor Alert List in September 2021.
Subsequently, the Binance Singapore subsidiary has declared that it has withdrawn its application for a local licence and shut down its operations for digital payment tokens in Singapore.
On 14 February 2022, MAS published its Explanatory Brief on the Financial Services and Markets Bill 2022, which is currently before Parliament. If approved, this brief will allow for more stringent anti-money laundering and counterterrorism regulations for companies that provide services for virtual assets but are registered in Singapore. Any Virtual Asset Service Provider that is not already registered with MAS also falls under this.
From the above developments, it is clear that the MAS is working to facilitate rapid development in the global cryptocurrency market and that it is closely monitoring the situation to ensure that regulations are in place and risks are appropriately managed.
Crypto regulation in Hong Kong
From a jurisdiction that had minimal regulation of crypto currencies, the Hong Kong Monetary Authority (HKMA) and the SFC have gone on a fast-track mode. After concluding a consultation in May 2021, it introduced a Crypto Regulation Circular in January 2022. Under this new circular, the SFC will regulate all trading platforms that facilitate the offer, sale or purchase of any crypto in exchange for money or alternative cryptocurrency. All such agencies will be defined as ‘virtual asset exchanges’ and need to comply with the new AML and CTF obligations. With this new rule, nearly all cryptocurrency exchanges operating in Hong Kong will need to be licensed by the SFC and offer their services to professional investors only.
The Crypto Regulation Circular
This new regulation targets financial institutions, including banks and intermediaries, that wish to provide any distribution, dealing or advisory services related to cryptoassets. They also need to inform the SFC (and HKMA where applicable) in advance if they have any plans to engage in such activities. The SFC and the HKMA will grant a six-month transition period for intermediaries that have already engaged in virtual asset-related activities to adopt the new guidelines.
Virtual asset distribution services
Virtual asset-related products are considered too complex and should comply with the SFC’s requirements for the sale of complex products:
- Professional investors only: virtual asset-related products will only be offered to professional investors. The exception is a limited suite of derivative products and funds that are traded on regulated exchanges.
- Evaluation of investors: intermediaries should assess whether clients have suitable knowledge of investing in virtual assets or related products prior to making transactions on their behalf. If not, necessary training needs to be provided to the clients on the nature and risks of virtual assets.
- Adequate net worth requirements and margin trading: clients should have sufficient net worth to be able to assume risks and bear potential losses of trading. This also becomes necessary in the scenario of margin calls to clients, when they have taken leverage for trading.
- KYC procedures: need to be conducted on clients dealing in virtual asset derivative products and the financial resources available for undertaking such risks.
- Due diligence: intermediaries must review products offered to the retail investors by evaluating the fund’s operating parameters such as constitution, manager, custody practices, regulatory status, etc. Clients should be made aware of the product’s features such as volatility, warnings on margin and deposits of the client.
Virtual asset dealing services
For dealing services offered by intermediaries, the rules are more specific:
- they must be undertaken by only Type 1 – those dealing in securities – intermediaries only;
- they can only partner with SFC-licensed virtual asset trading platforms. Currently, only one exists – OSL, which is operated by BC Technologies – but further approvals are in the pipeline;
- introductions to be only provided to professional investors;
- an omnibus agreement will encompass the expected conduct requirements for intermediaries such as capital requirements, KYC processes, risk control and disclosures for client trading, regular statements to client of asset portfolio, etc; and
- clients to only deposit or withdraw in fiat currency to minimise risks associated with transfer of virtual assets.
Virtual asset agency services
Similar rules, such as full compliance with all SFC and HKMA regulations and detailed conduct requirements, exist for intermediaries providing advisory services in virtual assets. Detailed conduct requirements are outlined in the HKMA’s circular, which specifies the following.
Guidance to banks and insurers on virtual assets and virtual asset service providers:
- Banks: the HKMA has adopted a risk-based approach to supervising banks’ virtual assets activities. Banks should be cautious when lending against virtual assets as collateral and undertake additional customer due diligence and AML/CFT controls and risks. Discussions need to be undertaken with the HKMA before launching relevant virtual assets’ products or services
- Insurers: insurers should be conservative and deduct the value of virtual assets in full when deriving their solvency positions. Relevant guidelines on risk management and corporate governance established by the insurance authority should be adhered to when designing products or evaluating risks related to virtual assets’ activities.
While the regulation offers significant clarity for the regulated crypto industry servicing accredited wealthy individuals and corporations, the circular fails to account for unregulated crypto exchanges and brokers that serve retail customers. These businesses are not directly impacted by the circular, although may face competitive pressures from regulated operators. The Legislative Council will revisit the Anti Money Laundering Ordinance later this year, which will probably cover the protection of retail investors.
Liquidation of Gatecoin
Founded in 2013, Gatecoin emerged as Hong Kong’s first cryptocurrency (Bitcoin and Ethereum tokens) exchange. Designed for both professional traders and retail investors, it was incubated by the Hong Kong Science Technology Parks and Tsinghua University and licenced as a Hong Kong Money Service Operator. The problems with Gatecoin started in 2016, when the exchange was the target of a security breach and lost US$2 million in cryptocurrencies (15 per cent of Gatecoin’s crypto asset deposits), giving hackers access to Gatecoin’s hot wallets.
According to some estimates, the market value of Bitcoin and Ethereum stolen was over US$20 million. In September 2017, Gatecoin’s banking accounts with Hang Seng Bank were frozen without notice. Gatecoin unsuccessfully approached other banks and appointed a payments processor regulated by the French government.
However, the payments processor failed to process most of Gatecoin’s transfers in a timely manner, while also retaining a significant portion of its funds. Despite pursuing legal action, Gatecoin was unable to recover its funds resulting in its shutdown and liquidation in March 2019. Shortly after, the SFC issued a Position Paper regarding the Regulation of Virtual Asset Trading Platforms.
Recovery of defrauded Bitcoins
The Hong Kong High Court also offered proprietary remedies to victims to recover the misappropriated Bitcoins in Samara v Dan (2019). A judgment was handed down granting relief to the petitioner for the Bitcoins transferred to the defendant and the relevant sale proceeds. It is interesting to note that some of the Bitcoins in question were sold through Gatecoin.
The plaintiff’s case was that he had asked the defendant to sell 1,000 Bitcoins as an agent in return for a 3 per cent commission. Since the plaintiff was not a Hong Kong resident, the sale proceeds were to be captured in the defendant’s local bank account and later transferred to the plaintiff’s overseas account. However, the defendant pleaded that there was a seller and buyer relationship with the plaintiff, and he did not owe the plaintiff any money.
During the interim, a Mareva injunction was granted to the plaintiff to freeze the defendant’s assets and a discovery order against the relevant bank account and Gatecoin to determine the underlying fund flow. Based on documents produced by the relevant bank and the liquidator of Gatecoin, the plaintiff was able to identify part of his Bitcoins and the sale proceeds.
Later at the trial, the plaintiff also produced WhatsApp communication and email records indicating the agency relationship. There was no evidence provided by the defendant denying the agency relationship or transfer of funds for the sale of some of the Bitcoins.
The court ruled that the defendant was in breach of his fiduciary duties as agent and all sale proceeds to be paid to the plaintiff. The defendant was also liable to repay the loans plus interest.
While crypto assets have not caused any major disruptions in Asia, market regulators are keen to ensure monetary and financial stability as these assets are increasingly adopted and evolve in complexity. As a result of covid-19, the commerce and technology sector has experienced massive transformation and development, forcing fraudsters to adapt and invent new, more sophisticated types of fraud involving cryptocurrencies.
The choices for regulators are between an opt in or pilot regime, a risk-based regime, a catch all regime or a blanket ban. While a risk-based regime is probably the preferred approach, the common objective across all jurisdictions is the protection of users, monetary and financial stability, minimising regulatory arbitrage, a nimble and agile regulatory framework – which efficiently accommodates the rapid market development – and financial innovation prevalent in this asset class.
 Seed Phrase – is a collection of 12 to 24 random words generated by a wallet service and needs to be entered in the exact same sequence as received when signing up.
 Hot wallets can be logged into from anywhere at any time but come at a greater risk of data theft and breaches. Cold wallets are offline wallets, not connected to the internet, such as a USB device. However, if you lose your offline wallet, there is no ‘forgot your password’ option to recover it.
 CFE Manual 2021, 1.1046
 A crypto asset wallet address that is in the custody of a private user.
 Notice PS-N02 and accompanying Strengthening AML/CFT Controls of Digital Payment Token Service Providers (March 2021).
 Surveillance efforts are concentrated on (1) identifying and discouraging DPT operations in Singapore that are not authorized and (2) using data and blockchain analytics to identify businesses that pose a larger risk.
 The amendments made by the Amendment Act will not take effect on any certain day.
 Counter Terrorist Financing.
 The HKMA provides a flowchart outlining the factors to be evaluated in identifying a virtual asset-related product as a complex product.
 The definition of a professional investor is tied to the value of a person’s portfolio of cash and securities but does not include the value of any virtual assets in the portfolio.
 These should have been specified by the SFC and should be approved for distribution to retail investors.
 The HKMA has outlined detailed criteria for assessing whether a client has professional knowledge of virtual assets.
 OSL is a wholly owned subsidiary of BC Technology Group, a publicly listed HK entity. OSL DS (HK Limited) is the first company to be granted Type 1 & Type 7 digital asset licences by the HK SFC. OSL SG Pte Ltd. was granted licence exemption by the MAS. Its parent is Asia’s only listed, ‘big four’ audited digital asset and fintech company providing prime brokerage, custody, exchange and SaaS services for institutional clients and professional investors.
 HKMA details the conditions in an annexure that primarily relate to issues such as restricting services to professional investors, KYC obligations and reviewing client’s financial net worth and risk appetite through a written agreement.