United States: Senators Unveil Crypto Market Structure Principles in Lead-up to the Senate’s Version of the CLARITY Act

On the heels of the House Financial Services Committee’s introduction of the CLARITY Act, Republican senators who serve on the Senate Banking Committee introduced their “Crypto Market Structure Principles” (the Principles) to establish a “baseline” for negotiating the Senate’s version of its market structure bill. Shortly after releasing the Principles, the Digital Assets Subcommittee of the Senate Banking Committee held a hearing on market structure.
Despite making this forward progress, it is unclear when the Senate will put pen to paper on a market structure bill. House Financial Services Chair French Hill has indicated that he would like to pass the CLARITY Act with stablecoin legislation, with the support of House Majority Whip Tom Emmer, who stated that “market structure is essential to any congressional action on digital assets. I expect the GENIUS Act has a path in the House, so long as it’s accompanied by the CLARITY Act.”
Despite the House’s approach, the Senate and President Trump are calling on the House to pass a clean version of the GENIUS Act as soon as possible so the stablecoin legislation can move forward irrespective of the status of the market structure bill. We expect to see whose vision for timing wins out in the coming weeks.
In the meantime, the Senate is exploring market structure legislation of its own. According to Senator Cynthia Lummis, the Principles will “ensure the US remains at the helm of global financial advancement.” The Principles provide that legislation should provide a distinction between digital asset securities and digital asset commodities and clearly allocated regulatory authority to avoid advancing an “all-encompassing regulator”. Themes of the Principles include fostering innovation, establishing clear guidance to enable financial institutions to operate in the digital asset space with regulatory certainty, and protecting customers.

Accidentally Deceased: Can a Consumer Reporting Agency be Liable for a Mistake?

Last week, U.S. District Judge Joshua D. Wolson of the Eastern District of Pennsylvania denied summary judgment motions filed by both the plaintiff and the defendant Consumer Reporting Agency (“CRA”) in a fair credit dispute under the Fair Credit Reporting Act (FCRA). The plaintiff filed his complaint after the CRA incorrectly reported him as deceased to a creditor that plaintiff had applied for a credit card with, which resulted in the plaintiff’s application being denied.
The FCRA is a federal law that regulates the collection, use, and sharing of consumer credit information. It aims to ensure accuracy, fairness, and privacy by consumer reporting agencies. The FCRA grants consumers various rights and imposes strict penalties for failures to comply.
In Breitenbach v. SageStream, the plaintiff sought to open a credit card with Synchrony Bank to take advantage of a 0% interest credit card offer. Synchrony Bank provided plaintiff’s basic background information to the CRA. The CRA provides consumer reports and scores to help businesses decide whether to offer credit to customers. An unfortunate typo in the plaintiff’s information led the CRA to pull up the profile of a deceased individual with a nearly identical Social Security number. Synchrony Bank ultimately denied the plaintiff’s application. The CRA argued the mistake was reasonable and even supported by some evidence. The plaintiff, meanwhile, alleged the CRA failed to investigate and properly verify the information prior to reporting to the creditor that the plaintiff was deceased.
The plaintiff then sued the CRA, claiming it was liable for negligent and willful violation of Section 1681e(b) of the FCRA. In cross-motions for summary judgment, the CRA argued it was reasonable to run the personal identifying information provided against the death master file and accurately report when the information provided matches a deceased record. The plaintiff relied on the U.S. Court of Appeals for the Third Circuit’s 2010 ruling in Cortez v.TransUnion, which held that a credit agency willfully violates the FCRA when it ignores key differences in personal identifying information from a third party and produces an inaccurate credit report.
Judge Wolson denied both motions, concluding plaintiff had produced enough evidence that a jury could infer that the CRA failed to follow reasonable procedures, noting there was evidence in the record that the CRA had information to know that the Social Security number did not belong to the plaintiff.
Banking is a heavily regulated industry, and this litigation is a reminder that even small mistakes can have costly consequences. It is imperative to have an experienced attorney guide you through the best practices and procedures.

What to Know About Illinois’s 2025 Amnesty Programs

On May 31, 2025, the Illinois General Assembly passed House Bill 2755, which contains three amnesty programs the state estimates will substantially increase its coffers. Illinois Governor JB Pritzker signed the bill into law on June 16, 2025.
General Amnesty Program (35 ILCS 745/10)
The Illinois Department of Revenue (IDOR) will run a general amnesty program from October 1, 2025, through November 15, 2025. During this period, taxpayers who pay “all taxes due” to the State of Illinois for any taxable period ending after June 30, 2018, and before July 1, 2024, will have all associated interest and penalty charges waived.
IDOR regulations provide key details, including:

“Eligible tax liabilities” include any taxes (other than the motor fuel use tax) that are imposed by the State of Illinois and collected by IDOR.
Taxpayers can selectively participate in the program by paying all taxes due for an eligible tax liability (e.g., income tax but not sales tax) or for a particular tax period (e.g., 2022 but not 2023).
Specific procedures for amnesty participation by taxpayers under audit, with disputes pending in the Fast Track Resolution Program or before the Informal Conference Board.
Amnesty can also be granted to taxpayers with civil cases pending in state courts, in administrative hearings, or at the Illinois Independent Tax Tribunal, provided the litigation is dismissed before the end of the amnesty period by agreed order entering judgment in favor of IDOR.
Taxpayers can participate by making estimated payments of the taxes due, including additional Illinois taxes that will result from a federal change that has not become final.
Taxpayers participating in the amnesty program may claim a refund for an overpayment of an established liability based on an issue that is not an amnesty issue or of an estimated payment, including one based on an estimated federal change.

We expect IDOR to publish additional guidance and forms on its website prior to the program’s October 1, 2025, inception.
Franchise Tax Amnesty Program (805 ILCS 8/5-10)
The Illinois Secretary of State will run a franchise tax amnesty program from October 1, 2025, through November 15, 2025. The program applies to franchise taxes or license fee liabilities for any tax period ending after June 30, 2019, and on or before June 30, 2025. Payment of all franchise taxes and license fees due for any taxable period will result in abatement of any associated interest or penalties.
Notes:

There are no regulations related to the Franchise Tax Amnesty Program.
The Franchise Tax Amnesty Program has much more limited eligibility than IDOR’s General Amnesty Program. Taxpayers who have received interrogatories from the secretary’s Department of Business Services or that are a party to any civil, administrative, or criminal investigation or litigation for nonpayment of franchise tax or license fees are not eligible to participate.

The Secretary may publish additional guidance and forms on his website prior to the program’s October 1, 2025, inception.
Remote Retailer Amnesty Program (35 ILCS 120/2-13)
IDOR will run a remote retailer amnesty program from August 1, 2026, through October 31, 2026. During this time, IDOR will waive all interest and penalties associated with a remote retailer’s payment of a “simplified retailers occupation tax rate” for taxes due for January 1, 2021, through June 30, 2026.
Notes:

The “simplified retailers occupation tax rate” is a blended rate equal to 9% for sales subject to the state’s general 6.25% tax, and 1.75% for sales subject to the 1% tax (generally food and drug items).
Taxpayers must pay all taxes due at a simplified rate for the relevant period to obtain a penalty and interest waiver, either up front or via an approved repayment plan.
Registration with IDOR and payment of taxes on a going-forward basis is required.
Participating taxpayers must file returns for the relevant period but do not have to complete Form ST-2, an often-burdensome form that requires reporting of sales by specific locality.
Local units of government do not play a role in the acceptance of applications and do not have the ability to make assessments in addition to accepted payments.
Participation in the program would eliminate a remote retailer’s ability to challenge the constitutionality of IDOR’s assessment of destination-based local tax for the time period resolved by amnesty.

We expect IDOR to issue regulations and publish forms on its website prior to the program’s August 1, 2026, inception.

United Kingdom: UK Crypto Regulation: Regulated Activities

The UK is quickening the pace on the new crypto regulatory regime. The Financial Conduct Authority (FCA) published three papers in quick succession in May 2025: a discussion on key policy positions (DP25/1) and two consultations on detailed rules (CP25/14 and CP25/15). This blog focuses on DP25/1. Please see our upcoming separate blogs on the other proposals.
The FCA intends to regulate not only UK cryptoasset trading platforms but also certain non-UK overseas platforms. Any non-UK overseas cryptoasset trading platforms that service retail customers in the UK on a cross-border basis will need to get authorised by the FCA, and they will need to set up a UK physical presence in order to obtain authorisation. It is currently not clear in what circumstances an overseas crypto exchange would be considered to have retail customers in the UK – e.g. whether there would be look-through to the ultimate customers if the exchange itself services only institutional intermediaries which have underlying retail customers. 
Cryptoasset intermediaries that buy/sell cryptoassets will also need to obtain authorisation. Further, if they wish to service retail customers, the cryptoasset in question must be admitted onto at least one UK authorised cryptoasset trading platform. This means the intermediary’s business model would depend on factors outside its control, i.e. whether there would be any authorised cryptoasset trading platform that happens to have the relevant cryptoasset listed on their platform. This could present significant challenges, particularly at the start of the regime where trading platforms themselves are also applying to get authorised.
While the FCA prefers to ban cryptoasset lending and borrowing for retail customers, it leaves the door somewhat open by also exploring an alternative – to allow retail access but with enhanced conduct rules on intermediaries (e.g. requiring assessment of customer creditworthiness). Given the importance of lending/borrowing in the current crypto ecosystem, an absolute ban on retail access may likely have significant consequences. It remains to be seen where the final determination will land.
For cryptoasset staking, one key proposal is to make the staking firm liable for failures of their third party service providers (e.g. those providing technology to the firm). This may potentially have significant impact on staking firms (e.g. they may need to reconsider their arrangements with third party service providers).

UK Data Act 2025: Key Changes Seek to Streamline Privacy Compliance

The UK’s Data (Use and Access) Act 2025 (the Act) officially came into law on June 19.
The Act seeks to modernize the UK’s data protection and e-privacy regimes. It aims to help support the economy, improve public services, and make everyday life and business compliance easier by encouraging secure data sharing between consumers and third parties.
Updates to Current Legislation
The Act introduces amendments to the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003, impacting areas such as legitimate interests, direct marketing, data subject access requests (DSARs), and automated decision-making, notably:

A new lawful basis for data processing in the form of “recognized legitimate interests.” These are specific types of processing activities that are automatically considered lawful, for example, fraud detection and prevention, information security, crime prevention, and public health and safety. 
Relaxed rules around automated decision-making and cookie consent. Notably, explicit consent will no longer be required for certain types of cookies, including analytics, site optimization, and website functionality. With respect to automated decision-making, prior rules regarding individual rights not to be subject to decisions based solely on automated processing have now been relaxed to apply only when the decision involves special category data such as health, race, region, or biometric data. 
Provides broader flexibility in connection with data subject access requests. In practice, these changes only reflect the existing guidance of the Information Commissioner’s Office (ICO), which many controllers have followed in recent years. This includes codifying the requirement for the controller’s search for personal data concerning the data subject to be (no more than) a “reasonable and proportionate search.”

Impact on Organizations
For financial services organizations, the Act may streamline their ability to process data without always needing a legitimate interests assessment (LIA), for example in connection with fraud prevention, IT security, intra-group administration, and direct marketing. 
The Act may reduce several administrative burdens that prior UK privacy laws placed on all organizations by removing opt in consent requirements for functional and analytics cookies used on websites, potentially offering greater flexibility for data subject access requests, and reducing the requirement for legitimate interest assessments in certain cases. 
The Act also lays the foundation for data initiatives that would enable data portability in certain key sectors, including transport, finance (outside of retail banking), healthcare, and energy. These purpose of these initiatives is to encourage greater innovation in these sectors, similar to Open Banking, which already exists for retail banking. Linked to this, there are also provisions for digital IDs, which might simplify know your customer (KYC) processes and remote ID verification. These changes may, in part, enable customers to switch more easily between suppliers, the aim of which is to drive more innovation through increased competition.
Although these changes may benefit UK organizations, they do not change requirements under the broader GDPR. UK organizations should carefully assess their compliance programs to ensure that any changes made to UK operations do not result in compliance gaps under GDPR and other EU member state laws.
Considerations for Companies
UK organizations should assess their compliance programs and, more generally, their data strategy to determine whether or not these remain “fit for purpose” in light of the changes the Act introduces. For example, companies should consider:

Reviewing data processing activities to identify where the new “recognized legitimate interests” basis for processing may be relied upon; 
Updating DSAR processes; 
Reassessing cookie and marketing compliance to take advantage of opt out for low-risk cookies; 
Preparing for smart data schemes where relevant; and 
Preparing for digital ID and verification frameworks.

OCC Enters Consent Orders Against New York-based Bank

On May 14, the OCC entered into a formal agreement with a New York-based bank after determining that the institution is in “troubled condition.” In its findings, the OCC cited alleged unsafe or unsound practices tied to the bank’s strategic planning and earnings performance.
The agreement does not cite specific statutory violations and imposes no monetary penalties. Instead, it places the bank under heightened supervisory scrutiny and requires extensive corrective action. Specifically, the bank must develop and implement two core remediation plans:

Three-year strategic plan. By September 30, the bank must submit a plan that sets measurable goals for risk management, earnings, growth, capital, and product strategy. A board-level compliance committee will oversee implementation and submit quarterly progress reports to the OCC.
Earnings improvement program. Also due by September 30, the bank must identify expense-reduction and revenue-generation opportunities, including branch and technology optimization, compensation review, and strategies to grow non-interest income while remaining compliant with consumer-protection laws.
Operations and succession. The bank’s plan must include an evaluation of its internal operations, staffing levels, management-information systems, policies, and procedures, and incorporate a management employment and succession plan to ensure adequate staffing and leadership continuity.

The board must create a compliance committee of independent directors within 15 days to oversee implementation and provide quarterly progress reports to the OCC. The agreement will remain in force until the OCC verifies that all corrective actions are fully and sustainably completed.
Putting It Into Practice: While the CFPB continues to scale back its regulatory and enforcement efforts, other federal and state agencies are continuing their oversight. What is notable here however, is that the OCC entered into a consent order without requiring the bank to pay a civil money penalty. This approach raises questions about the OCC’s enforcement posture—particularly when compared to the often-penalty-driven actions of the CFPB in recent years. The absence of a monetary penalty may signal a more collaborative or rehabilitative stance by federal regulators. Only time will tell.
Listen to this post 

Federal Reserve Board Removes Reputational Risk from Examination Ratings

On June 23, the Federal Reserve Board announced that reputational risk will no longer be a component of its bank-examination program. The same day, the Board released a revised edition of its Guidelines for Rating Risk Management at State Member Banks and Bank Holding Companies, which deletes every reference to reputational risk.
The announcement states that examiners will now focus on specific, quantifiable categories of financial, operational, legal, and compliance risk. To ensure uniform implementation, the Federal Reserve will train examination staff, update supervisory manuals, and coordinate with other federal banking agencies to promote consistent practices.
The updated SR 95-51 substitutes discussions of “material financial risks” for all reputational references. Going forward, examination reports will not cite or downgrade banks for perception-based concerns; supervisory ratings will hinge solely on measurable risk metrics. Banks may still track reputational considerations internally, but those metrics will no longer influence federal examination outcomes.
Putting It Into Practice: The Fed’s move, following similar actions by the OCC and FDIC confirms a coordinated shift toward objective, metrics-driven supervision. With the Fed, OCC and FDIC all removing reputational risk from examination ratings, institutions examined by multiple regulators can expect more consistent procedures across the prudential regulators.

Understanding Cryptocurrency Forfeiture: A Guide to Digital Asset Seizure

Introduction
The rapid evolution of the digital economy has introduced new modes of value transfer, investment, and criminal activity, which has complicated the legal landscape of digital asset seizures. Federal, state, and local authorities have increasingly leveraged digital asset forfeiture as a tool to disrupt illicit activity, with the legal framework evolving rapidly—particularly following the establishment of the United States Strategic Bitcoin Reserve. This policy shift, emphasizing the retention of forfeited cryptocurrency as a long-term government asset, is underpinned by updated legal frameworks, advanced blockchain intelligence, and a renewed focus on victim restitution and law enforcement funding.
The Strategic Bitcoin Reserve marks a significant departure from prior practices, in which seized digital assets were typically liquidated at auction. The current administration empowers the government to retain a portion of forfeited cryptocurrency, aligning asset management with broader national security and financial stability objectives. This development has far-reaching implications for market participants, including businesses, investors, and individuals subject to asset seizure or forfeiture proceedings.
This article provides a comprehensive analysis of the current administration’s approach to cryptocurrency asset forfeiture, including statutory and regulatory frameworks, investigative methodologies, and the integration of forfeited digital assets into government reserves. The discussion aims to elucidate the legal and procedural considerations shaping asset forfeiture in the digital economy, and to examine best practices for compliance, risk mitigation, and defense strategies relevant to legal practitioners and industry experts navigating this rapidly changing field.
Statutory and Regulatory Framework
The statutory framework governing federal asset forfeiture, particularly as it applies to digital assets, is evolving rapidly. The legal foundation for asset forfeiture in the United States is based on a complicated web of statutes, regulations, and case law that have been adapted to address the unique characteristics of cryptocurrencies and other digital assets. Foundational authorities remain central, but recent policy developments have clarified and expanded their reach, especially in light of the growing prevalence of digital assets in criminal investigations and enforcement actions.
Key statutes relevant to digital asset forfeiture include:

18 U.S.C. § 981(a)(1)(A) & (C) (civil forfeiture of property involved in money laundering, fraud, and other specified unlawful activities). This statute allows the government to seize assets connected to a wide range of financial crimes, even in the absence of a criminal conviction, provided that the government can establish a preponderance of the evidence linking the property to illegal activity.
18 U.S.C. § 982(a) (criminal forfeiture following conviction for money-laundering predicates). Criminal forfeiture is typically pursued as part of a criminal prosecution, and requires a conviction on the underlying offense. The government may seek forfeiture of assets directly or indirectly involved in the criminal conduct.
21 U.S.C. § 853(p) (substitute-asset provisions allowing forfeiture of property unrelated to an offense when direct proceeds are beyond the court’s reach). This provision is particularly relevant in cases where digital assets have been transferred, dissipated, or otherwise rendered unavailable, allowing the government to pursue substitute assets of equivalent value.
31 U.S.C. § 9705 (Treasury Forfeiture Fund, authorizing agencies such as Internal Revenue Service Criminal Investigation, Homeland Security Investigations, and the Secret Service to retain and deploy forfeiture proceeds, and to support the Strategic Bitcoin Reserve). The Treasury Forfeiture Fund plays a critical role in managing and distributing proceeds from forfeited assets, including digital currencies.
28 U.S.C. § 524(c) (Department of Justice (“DOJ”) Assets Forfeiture Fund, applicable to Federal Bureau of Investigations (“FBI”) and Drug Enforcement Administration matters and permitting retention of forfeited assets for government use). This fund supports a range of law enforcement activities and now includes provisions for the retention of digital assets as part of the Strategic Bitcoin Reserve.

Recent executive orders and agency guidance confirm that digital assets—including cryptocurrencies and stablecoins—are treated as “property” for forfeiture purposes. The administration’s directive to retain forfeited cryptocurrency in the Strategic Bitcoin Reserve, subject to statutory requirements for victim restitution and law enforcement funding, underscores the importance of understanding the evolving legal obligations and rights under these rules. Additionally, the government has issued guidance clarifying the treatment of digital assets under existing forfeiture statutes, and courts have increasingly recognized the applicability of these laws to a wide range of digital asset types, including non-fungible tokens (“NFTs”) and decentralized finance (“DeFi”) tokens.
Congress and federal agencies continue to refine the legal framework governing digital asset forfeiture. Proposed reforms may further expand the government’s authority to seize and retain digital assets, while also introducing new procedural safeguards and transparency requirements.
Current Policy Drivers
The administration’s approach to cryptocurrency asset forfeiture is shaped by several key policy initiatives, each with direct implications for the legal and financial sectors. These policy drivers reflect a broader shift in the government’s strategy for managing digital assets, balancing the need for effective law enforcement with considerations of market stability, victim restitution, and due process.

Establishment of the Strategic Bitcoin Reserve.The government’s retention of forfeited Bitcoin and other digital assets as part of a national reserve, rather than immediate liquidation, is intended to preserve long-term value and support law enforcement operations. This policy shift necessitates careful analysis of the legal status and management of seized assets. The Strategic Bitcoin Reserve is designed to serve as a hedge against inflation, a source of funding for future enforcement actions, and a tool for enhancing national security. By holding digital assets rather than selling them at auction, the government can avoid flooding the market and potentially depressing asset prices, while also benefiting from potential appreciation in value. This approach also aligns with international trends, as other countries explore similar strategies for managing seized digital assets.
Emphasis on Victim Restitution and Law Enforcement Funding.Executive orders and agency protocols mandate that forfeited assets be used first to compensate victims. Remaining assets may be allocated to the Strategic Bitcoin Reserve or used to fund law enforcement initiatives, including investments in blockchain intelligence tools and training. The government has established structured liquidation policies to ensure that a portion of seized assets is preserved in reserve, while only liquidating assets when necessary to meet operational funding needs or to provide restitution to victims. This approach creates a self-sustaining budget cycle for law enforcement, enabling agencies to reinvest proceeds from liquidated assets into ongoing investigations and capacity-building efforts.
Expansion of Blockchain Intelligence and Public-Private Partnerships.The administration’s investment in advanced blockchain analytics and partnerships with exchanges and stablecoin issuers has accelerated the identification, freezing, and seizure of digital assets. Public-private collaboration is critical to the success of these efforts, as exchanges, wallet providers, and other virtual asset service providers (“VASPs”) play a key role in detecting and reporting suspicious activity. The government has also worked closely with international partners, such as Europol and the Guardia Civil, to coordinate cross-border investigations and asset recovery efforts. These partnerships have led to the dismantling of major criminal networks and the recovery of substantial amounts of illicit digital assets.
Reform of Asset Forfeiture Laws and Structured Liquidation Policies.Recent reforms have amended DOJ and Treasury protocols to authorize long-term Bitcoin retention rather than immediate liquidation. The government has established secure custody solutions for holding seized assets and implemented policies that align liquidation with market conditions, ensuring strategic sales instead of default post-seizure liquidation. These changes are designed to maximize the value of seized assets, minimize market disruption, and enhance transparency and accountability in the management of government-held digital assets.

Investigative Tools and Enforcement Practices
Federal agencies employ a range of investigative techniques to trace and freeze cryptocurrency assets. Understanding these practices is essential for legal practitioners and industry experts, as the sophistication of law enforcement’s digital asset investigations continues to increase. The following is an overview of key investigative tools and enforcement practices currently in use:

Tracing Illicit Cryptocurrency Flows.Law enforcement relies on advanced blockchain analytics tools, such as Chainalysis Reactor, TRM Labs, and Elliptic, to trace digital assets across multiple blockchains, identify links to criminal activity, and map the flow of funds. These platforms integrate with sanctions lists, open-source intelligence, and proprietary databases, enabling the visualization of complex transaction patterns and the identification of wallets associated with illicit activity. Investigators can follow the movement of funds through mixers, tumblers, and privacy coins, often uncovering sophisticated money laundering schemes. Legal professionals and industry participants must assess exposure and respond to inquiries related to such investigations, including requests for information, subpoenas, and search warrants.
Freezing Assets via Exchanges and Stablecoin Issuers.When assets are traced to exchanges or stablecoin wallets, law enforcement may collaborate with these platforms to freeze funds. Centralized stablecoin issuers (e.g., Tether, Circle) can freeze or burn tokens associated with illicit activity, while exchanges may restrict withdrawals or transfers from accounts flagged as high risk. Legal practitioners often advise on compliance protocols, the risks of account freezes, and the legal remedies available, including challenging the basis for a freeze and seeking the release of legitimate funds. The development of internal policies for responding to law enforcement requests and managing reputational risks associated with asset freezes is also critical.
Legal and Procedural Steps.Law enforcement typically seeks seizure warrants from courts, presenting evidence of a nexus to criminal activity. Upon judicial authorization, assets are transferred to government-controlled wallets or frozen in place. The process may involve ex parte applications, emergency restraining orders, and coordination with multiple agencies. Practitioners must be familiar with the statutory process for contesting seizures and asserting the rights of potential claimants, including filing claims under the Civil Asset Forfeiture Reform Act (“CAFRA”) and pursuing motions to suppress evidence obtained through unlawful searches or seizures.
Physical Seizure of Cold Wallets.Agencies are increasingly adept at identifying and securing hardware wallets, seed phrases, and other cold storage devices during searches. Investigators may use digital forensics tools to extract wallet information from computers, mobile devices, and physical storage media. Best practices for safeguarding digital assets, maintaining secure backups, and responding to search warrants or subpoenas involving physical crypto storage are essential considerations. Legal implications of providing or withholding access to private keys and recovery phrases should also be carefully evaluated.
International Collaboration and Asset Sharing.Cross-border investigations and asset sharing with international partners are now routine. Law enforcement agencies frequently work with counterparts in Europe, Asia, and other regions to trace and recover digital assets linked to transnational crime. Mutual legal assistance treaties (“MLATs”), joint task forces, and information-sharing agreements facilitate the coordination of investigations and the repatriation of seized assets. Navigating the complexities of international enforcement and asset recovery requires attention to compliance with foreign legal requirements and the negotiation of asset-sharing agreements.
Emerging Technologies and Future Trends.The landscape of digital asset enforcement is constantly evolving, with new technologies and investigative techniques emerging on a regular basis. Artificial intelligence, machine learning, and advanced data analytics are increasingly being used to detect patterns of illicit activity and predict future threats. The government is also exploring the use of blockchain-based evidence management systems and digital asset custody solutions to enhance the security and transparency of seized assets. Staying abreast of these developments is critical for legal and industry professionals to adapt to new enforcement practices and regulatory requirements.

Recent Representative Cryptocurrency Forfeiture Actions 
Recent enforcement actions underscore the government’s increasing sophistication in tracing and recovering digital assets. These cases illustrate the practical application of investigative tools, the importance of public-private collaboration, and the evolving policies surrounding the Strategic Bitcoin Reserve:

Cryptocurrency Confidence Scams (2025).The DOJ last week seized more than $225.3 million in cryptocurrency linked to investment fraud and money laundering schemes. These funds are associated with “cryptocurrency confidence scams” that deceived victims into believing they were making legitimate investments. The cryptocurrency was part of a sophisticated money laundering network that executed hundreds of thousands of transactions to obscure the origins of the stolen funds. The FBI and U.S. Secret Service (“USSS”) played significant roles in tracing and seizing the illicit funds, marking the largest cryptocurrency seizure in USSS history. More than 400 suspected victims lost funds, with reported losses exceeding $5.8 billion in 2024 alone. The DOJ emphasized its ongoing commitment to protecting the public from cryptocurrency scams and recovering stolen funds for victims.
Colonial Pipeline Ransomware Recovery (2021).The DOJ traced and recovered approximately $2.3 million in Bitcoin paid as ransom, demonstrating the power of real-time blockchain analysis. Investigators were able to follow the movement of funds through multiple wallets, ultimately seizing the private keys associated with the ransom payment. This case set a precedent for the use of blockchain analytics in high-profile cybercrime investigations. These developments highlight the importance of strategic legal responses to investigations and asset recovery, including negotiation with law enforcement and the pursuit of civil claims for the return of seized assets.
Pig Butchering Scam Takedowns (2023-2024).U.S. law enforcement, in collaboration with stablecoin issuers and exchanges, froze and seized hundreds of millions of dollars in digital assets linked to large-scale scams. These operations involved the use of advanced analytics to identify fraudulent accounts, the rapid freezing of assets by centralized platforms, and the coordination of victim restitution efforts. Legal and compliance professionals play a key role in developing internal controls to detect and prevent fraud, contesting or mitigating the impact of asset freezes, and ensuring adherence to reporting requirements and best practices for cooperating with law enforcement.
Operation Spincaster and International Seizures (2024-2025).Joint operations with international law enforcement and blockchain analytics firms have dismantled global scam networks and resulted in significant cryptocurrency seizures. These cases often involve complex cross-border investigations, the use of mutual legal assistance treaties, and the negotiation of asset-sharing agreements between countries. Multi-jurisdictional enforcement actions require careful navigation of conflicting legal requirements and the protection of interests across multiple jurisdictions.
Spanish Guardia Civil Cryptocurrency Seizure (2025).In a landmark operation, Spanish authorities, supported by U.S. law enforcement and blockchain intelligence firms, seized more than EUR 27 million in cryptocurrency from a transnational criminal organization. The operation spanned multiple provinces and involved the freezing of assets on several major exchanges. This case highlights the growing importance of international collaboration and the role of advanced technology in asset recovery.
Other Notable Cases.Additional recent actions include the seizure of assets from darknet marketplaces, the recovery of funds from ransomware attacks targeting critical infrastructure, and the dismantling of money laundering networks operating through DeFi platforms. These cases demonstrate the government’s commitment to pursuing illicit actors across the digital asset ecosystem and the need for businesses to maintain robust compliance programs.

The DOJ last week seized more than $225.3 million in cryptocurrency linked to investment fraud and money laundering schemes. These funds are associated with “cryptocurrency confidence scams” that deceived victims into believing they were making legitimate investments. The cryptocurrency was part of a sophisticated money laundering network that executed hundreds of thousands of transactions to obscure the origins of the stolen funds. The FBI and U.S. Secret Service (“USSS”) played significant roles in tracing and seizing the illicit funds, marking the largest cryptocurrency seizure in USSS history. More than 400 suspected victims lost funds, with reported losses exceeding $5.8 billion in 2024 alone. The DOJ emphasized its ongoing commitment to protecting the public from cryptocurrency scams and recovering stolen funds for victims.
These cases highlight the importance of sophisticated legal analysis in navigating rapid, intelligence-driven seizures and the evolving policies surrounding the Strategic Bitcoin Reserve. Experience in handling high-profile forfeiture actions is essential for providing strategic advice and effective representation in complex cases.
Procedural Mechanics of Crypto Seizure and Forfeiture
The procedural mechanics of crypto seizure and forfeiture involve a combination of technical investigation and legal process. The process typically begins with the identification of suspicious activity, often through the use of blockchain analytics tools that trace funds to specific wallet addresses. Investigators may follow assets through multiple transactions, exchanges, and privacy-enhancing technologies, building a comprehensive picture of the flow of funds and their connection to alleged criminal activity.
Once sufficient evidence is gathered, law enforcement may seek to freeze assets by working with exchanges, stablecoin issuers, or other virtual asset service providers. This can be accomplished through court-ordered seizure warrants, emergency restraining orders, or compliance protocols that enable rapid restriction of high-risk accounts. In some cases, stablecoin issuers may freeze or burn tokens associated with illicit activity, while exchanges may restrict withdrawals or transfers from flagged accounts.
Prosecutors typically seek judicial authorization—through a Rule 41 warrant, civil forfeiture complaint, or other legal process—detailing the evidence and technical methods for securing assets. The government must demonstrate probable cause or a preponderance of the evidence linking the assets to criminal conduct, depending on the type of proceeding. Legal professionals play a critical role in responding to such actions, asserting rights throughout the process, and challenging the basis for seizure when appropriate.
After assets are seized or frozen, the government is required to provide notice to potential claimants. This may be accomplished through blockchain messaging, publication in official channels, and direct service to known parties. Claimants have a statutory period to contest forfeiture under the CAFRA or other applicable laws. The process may involve filing claims, participating in administrative proceedings, and litigating contested issues in court.
Following adjudication or default, assets may be returned to victims, liquidated, or retained in the Strategic Bitcoin Reserve. The government’s structured liquidation and custody protocols are designed to ensure transparency, maximize asset value, and protect the interests of victims and legitimate owners. Contesting forfeiture, seeking asset return, negotiating settlements, and navigating the complexities of government asset management policies are key areas of focus. Experience in high-stakes forfeiture proceedings, compliance with strict notice and claim requirements, and the development of strategies for recovering or protecting digital assets are essential for effective legal practice in this area.
Possible Legal Defenses to Cryptocurrency Forfeiture
A range of legal challenges may be asserted in cryptocurrency forfeiture proceedings, including constitutional, statutory, and procedural defenses. The unique characteristics of digital assets present both opportunities and challenges for claimants seeking to protect their property rights. Key defenses include:

Fourth Amendment Challenges.Clients may contest seizures as unreasonable searches, particularly where warrants are based on probabilistic blockchain analysis or lack specificity regarding private keys. The use of advanced analytics and artificial intelligence in tracing digital assets raises novel questions about the reliability and admissibility of evidence. While courts often uphold the use of blockchain analytics, lawyers continue to litigate issues related to overbroad warrants, lack of particularity, and the protection of privacy interests in digital wallets and private keys. There have been successful challenges to the scope of search warrants and the methods used to access encrypted devices and storage media.
Eighth Amendment Proportionality.The forfeiture of highly appreciated digital assets can be challenged as an excessive fine, especially when asset values far exceed alleged criminal proceeds. The volatility of cryptocurrency prices and the potential for significant appreciation between the time of seizure and forfeiture raise important questions about proportionality and fairness. Developing proportionality arguments, presenting expert testimony on asset valuation, and navigating the evolving case law in this area are critical. Recent court decisions have recognized the need to consider the relationship between the value of the forfeited assets and the gravity of the underlying offense.
Innocent-Owner Claims (CAFRA).Third parties may assert lack of knowledge or involvement in criminal conduct. The distributed and pseudonymous nature of crypto custody can complicate these claims, particularly with multi-signature wallets, custodial arrangements, and DeFi platforms. Developing and presenting robust innocent-owner defenses, including documenting the source of funds, demonstrating lack of control over tainted assets, and challenging the government’s tracing methodologies, is essential. Practitioners should also be aware of the procedural requirements for asserting innocent-owner claims and the potential for negotiated settlements.
Procedural and Technical Defenses.Challenging government tracing methodologies, contesting the timeliness of proceedings, and disputing the identification of tainted assets is critical. As blockchain investigations become more sophisticated, it is important to ensure that procedural and technical rights are fully protected. Experience in challenging the admissibility of digital evidence, contesting the use of proprietary analytics tools, and advocating for greater transparency in government investigations is increasingly important. The use of expert witnesses, preservation of digital evidence, and development of technical defenses based on the unique features of blockchain technology are also key considerations.
Other Potential Defenses.Additional defenses may include challenges based on lack of jurisdiction, violations of due process, the improper application of forfeiture statutes to novel digital asset types, or the statute of limitations has expired. Identifying all available defenses and developing comprehensive strategies for protecting interests in forfeiture proceedings is a critical aspect of legal practice in this area.

Policy Considerations for Practitioners and Lawmakers
The evolving landscape of digital asset forfeiture raises several policy considerations relevant to practitioners, lawmakers, and the broader legal community. As the legal and regulatory framework continues to develop, it is essential to consider the broader implications of current policies and to advocate for reforms that promote fairness, transparency, and efficiency.

Balancing Enforcement, Victim Restitution, and Due Process.While rapid asset freezes are vital for disrupting criminal networks and preventing the dissipation of illicit funds, they must be balanced with procedural safeguards and prompt opportunities for claimants to contest forfeiture. The government’s emphasis on victim restitution is commendable, but it is equally important to ensure that innocent owners and legitimate businesses are not unfairly deprived of their assets. Ensuring due process at every stage—including timely notice, access to judicial review, and the opportunity to present evidence and challenge the government’s case—is essential.
Strategic Asset Management and Custodial Risk.The government’s retention of large cryptocurrency reserves introduces market and security risks, including the potential for price volatility, hacking, and mismanagement. The implications of custodianship, staking rewards, airdrops, and structured liquidation policies must be carefully considered. The development of secure custody solutions, transparent asset management protocols, and independent oversight mechanisms is essential to mitigate these risks and to maintain public confidence in the government’s handling of digital assets.
Funding Law Enforcement and Avoiding Improper Incentives.The use of forfeited assets to fund law enforcement raises transparency and conflict-of-interest concerns. While self-sustaining budget cycles can enhance the effectiveness of digital asset investigations, they may also create incentives for overzealous enforcement and the pursuit of revenue at the expense of due process. The impact of these funding mechanisms should be critically assessed, with support for fair and transparent processes and reforms that promote accountability and the responsible use of forfeiture proceeds.
International Coordination and Best Practices.As cross-border investigations increase, harmonizing doctrines and adopting best practices—such as enhanced judicial oversight, victim claims portals, and standardized asset-sharing agreements—are essential. The complexity of international asset recovery requires close collaboration between governments, private sector partners, and civil society organizations. International coordination requires navigating conflicting legal requirements, negotiating asset repatriation agreements, and advocating for the adoption of global standards for digital asset forfeiture.
Future Directions and Legislative Reform.Ongoing legislative and regulatory reforms are likely to further shape the landscape of digital asset forfeiture. Proposed changes may include enhanced procedural protections for claimants, greater transparency in asset management, and the development of new tools for tracing and recovering digital assets. Active engagement in policy discussions and advocacy for reforms that balance the needs of law enforcement, victims, and legitimate asset holders are essential for the continued evolution of the legal framework.

Conclusion
As the legal landscape for digital asset forfeiture continues to evolve, the integration of digital assets into national policy, the expansion of investigative tools, and the retention of forfeited assets in government reserves all present new challenges and opportunities for the financial ecosystem and legal profession.
Remaining at the forefront of legal developments is essential for protecting property rights, asserting effective defenses, and adapting to the rapidly changing digital economy. A comprehensive approach includes compliance with evolving statutory and regulatory frameworks, the development of robust internal controls, effective responses to law enforcement inquiries, and the litigation of complex forfeiture proceedings. Strategic guidance on risk management, asset recovery, and the development of best practices for digital asset custody and management is increasingly important.
Looking ahead, continued innovation in both technology and policy is anticipated, with new tools and legal doctrines emerging to address the unique challenges of digital asset enforcement. Legal and industry professionals must remain vigilant and informed to navigate the future of digital asset forfeiture with confidence and clarity.

Department of Labor Reverses Course on Crypto Guidance for 401(k) Plans

On May 28, 2025, the Department of Labor (DOL) issued Compliance Assistance Release No. 2025‑01 (the 2025 Release), formally rescinding Compliance Assistance Release No. 2022-01 (the 2022 Release) that had urged fiduciaries to exercise “extreme care” before offering cryptocurrencies in 401(k) plans. This rescission marks a shift from placing higher security on plan fiduciaries that offered cryptocurrencies to a more neutral approach towards plans that offer this digital investment option. 
The DOL’s 2022 Release
In March 2022, the DOL issued the 2022 Release, in which the agency cautioned plan fiduciaries against offering cryptocurrencies in 401(k) plans. This guidance warned fiduciaries that adding crypto options — whether coins, tokens, or any crypto-linked derivatives — could raise serious ERISA concerns due to digital assets’ volatility, valuation challenges, inexpert plan participants, custodial and recordkeeping risks, and evolving regulations. Although non-binding, the guidance conveyed that fiduciaries may breach their fiduciary duties if they fail to exercise “extreme care” when offering cryptocurrencies in 401(k) plans and further indicated the potential for investigations of plans that invested in cryptocurrencies.
The DOL’s 2025 Release
On May 28, 2025, the DOL issued the 2025 Release, which rescinded the “extreme care” fiduciary interpretation and reaffirmed that plan fiduciaries must continue to satisfy ERISA’s duties of prudence and loyalty when selecting investment options. The 2025 Release explained that the “standard of ‘extreme care’ is not found in [ERISA]” and is beyond ERISA’s ordinary fiduciary principles. The 2025 Release further underscored that the DOL is returning to its “historical approach by neither endorsing nor disapproving of plan fiduciaries who conclude that the inclusion of cryptocurrency in a plan’s investment menu is appropriate.” 
The DOL’s Revised Fiduciary Standard
Moving forward, when evaluating any particular investment type, including cryptocurrencies, a plan fiduciary’s decision must generally satisfy ERISA’s duties of prudence and loyalty, should “consider all relevant facts and circumstances,” and will “necessarily be context specific.” Fifth Third Bancorp v. Dudenhoeffer, 573 U.S. 409, 425 (2014).

Overdraft Fee Agreements — A Cautionary Tale

Community banks are being sued more frequently in overdraft fee lawsuits. Many of these actions are putative class action lawsuits that can be costly for banks to defend and complicated to settle. At the center of these lawsuits are claims that banks’ account agreements are confusing, unfair, or deceptive. These claims often focus on banks’ “authorize positive, settle negative” (APSN) overdraft practices. Plaintiffs also commonly claim that banks charge nonsufficient funds fees and multiple re-presentment fees on a single item without customers’ agreement and charge multiple foreign ATM transaction fees.
Overdraft Fees and Opt-In Agreements
An APSN transaction happens when a debit card transaction is authorized while there are sufficient funds in the customer’s account, but then intervening transactions settle and decrease the amount of available funds, resulting in insufficient funds to cover the initial transaction. Because there are insufficient funds in the account when the initial transaction settles, the bank charges an overdraft fee.
Plaintiffs claim that charging an overdraft fee in this situation is either a breach of the account agreement or is unfair and deceptive because the agreement did not clearly explain the bank’s overdraft practices. Regulation E (12 CFR § 1005) requires financial institutions, including community banks, to provide notice to customers of the bank’s overdraft services and give the customer a reasonable time to “opt in” to those services. Banks are also required to provide written confirmation of the customer’s opt in and inform the customer of their right to “opt out” of the overdraft services at any time. The form, substance, and presentation of these disclosures are critical to defending an overdraft fee lawsuit and minimizing the risk of future litigation.
To aid in drafting these disclosures, the Federal Reserve created the Model A-9 Consent Form for Overdraft Services (Model Form). In the years since its creation, courts have considered whether the Model Form provides customers with sufficient notice of a bank’s overdraft services. Generally, courts have found that if the Model Form does not exactly and completely describe a bank’s overdraft practices, then it is an inadequate disclosure. Inadequate or confusing opt-in agreements can also give rise to breach of contract claims if customers incur overdraft fees that they believe are in violation of a bank’s stated overdraft practices.
Class Action Lawsuits in Mississippi
Mississippi banks are not immune from these lawsuits. Plaintiffs have recently filed class action lawsuits against community banks for breach of contract, claiming that the defendant bank charged overdraft fees in violation of the bank’s overdraft agreement. Bringing claims for breach of contract is usually preferable for plaintiffs because they have three years to bring state law breach of contract claims and only one year to bring federal claims under the Electronic Funds Transfer Act. The three-year limitation period on breach of contract claims also broadens the criteria for potential members of a plaintiff class. However, there are jurisdictional defenses that community banks in Mississippi should consider.
Class Action Fairness Act
Because Mississippi state courts do not have a procedural device for plaintiffs to bring class action lawsuits in state court, plaintiffs must file class action lawsuits in a federal court in Mississippi. In class action lawsuits where the plaintiff only asserts state law breach of contract claims, the plaintiff must establish federal class action jurisdiction under the Class Action Fairness Act (CAFA). CAFA expands federal jurisdiction to class action lawsuits where at least one plaintiff is a citizen of a different state than at least one defendant and the amount in controversy exceeds $5 million in the aggregate.
However, there are a few exceptions to CAFA jurisdiction. The “home state” exception is particularly relevant for community banks with large, local customer bases. This exception applies when two-thirds of the proposed plaintiff class are citizens of the state where the lawsuit is filed, and the defendant bank either (1) is incorporated in the state where the lawsuit is filed or (2) has its principal place of business in the state where the lawsuit is filed. If the defendant bank shows the requirements of the home state exception are met, a court cannot exercise jurisdiction over the lawsuit.
Banks should also be aware that exceptions to CAFA jurisdiction can be waived if not raised early in the proceedings. Evaluating the availability of the home state exception and other exceptions to CAFA jurisdiction is critical as similar class action lawsuits have survived the motion to dismiss stage, with courts finding that the defendant bank’s opt-in agreement is not so clear as to preclude the plaintiffs’ claims.

China Newsletter | Q1 2025/Issue No. 63

In This Issue
This China Newsletter provides an overview of key Q1 2025 developments in the following areas: 

1.
 
Antitrust

China Unveils Anti-Monopoly Guidelines for Pharmaceutical Sector

2.
 
Compliance

China Formally Finalizes First Anti-Corruption Guidelines for the Health Care and Life Sciences Industry

3.
 
Corporate

China Streamlines Company Registration: Key Changes Effective February 2025

4.
 
Data Privacy & Cybersecurity

China Issues Personal Information Compliance Audit Rule 
China Issues Regulation for Facial Recognition Technology Applications 
China Issues Measures for Labeling AI-Generated and Synthetic Content

5.
 
Foreign Investment

China Publishes 2025 Action Plan for Stabilizing Foreign Investment

6.
 
International Trade

China Promulgates Regulations for Implementing Anti-Foreign Sanctions Law

Read the Full Newsletter Here

Mexico Publishes Sustainability Reporting Standards

On May 13, 2024, the Mexican Financial Reporting and Sustainability Standards Board (CINIF) published the Sustainability Reporting Standards (NIS), which took effect Jan. 1, 2025. The NIS require any entities that report their financial statements under Mexican Financial Reporting Standards to include sustainability information in financial statements beginning in 2026 using data from the 2025 fiscal year. This GT Alert summarizes the most relevant aspects of the NIS.
I. Context
In response to the increased environmental and social demands in recent years, and in line with the United Nations’ Sustainable Development Goals (ODS) and the first international sustainability standards, IFRS S1 and S2, issued by the International Sustainability Standards Board (ISSB) May 13, 2024, CINIF issued the first Mexican NIS, NIS A-1, and NIS B-1. The promulgation of these standards corresponds to the first stage of CINIF’s strategy for issuing the NIS.
II. Purpose
The NIS aim to formalize and standardize ESG (Environmental, Social and Governance) information reporting. Specifically, the purpose of NIS-1 is to establish the conceptual framework of the NIS, in line with the conceptual framework of the Financial Reporting Standards (NIF). On the other hand, NIS B-1 establishes the standards for determining the Basic Sustainability Indicators (IBSO) and their disclosure.
III. NIS A-1

Establishes the conceptual framework and general requirements applicable to sustainability information, which are consistent with NIF. 
NIS A1 provisions should be applied in conjunction with the detailed requirements provided in NIS B-1. 
Defines the characteristics that must be met for sustainability information to demonstrate improvement from previous years’ reporting.

IV. NIS B-1

Establishes the criteria for the identification and disclosure of all IBSOs, which are applicable to all types of entities. 
Introduces 30 IBSOs, 21 quantitative and nine qualitative, which must be fully disclosed:

Quantitative indicators
Qualitative indicators
 
 
 

Environmental
Social
Governance
Social-Human capital
Governance

1. Greenhouse gas (GHG) emissions, scope 1
2. GHG emissions, scope 2
3. GHG emissions, scope 3
4. Energy consumption
5. Renewable energy consumption
6. Sustainable investment
7. Incoming water
8. Water reuse
9. Wastewater discharge
10. Discharge of treated wastewater
11. Incoming water from water-stressed areas
12. Land use within or near irrigated areas for biodiversity
13. Dependence on substances and products that deplete the ozone layer
14. Generated waste
15. Used waste
16. Hazardous waste
1. Wage gap
2. Training hours
3. Performance evaluations and professional development of employees
4. Accidents and diseases at work that caused incapacity or death
1. Women on the board of directors
1. Management of equal opportunity and suitable work conditions
2. Occupational health and safety management
1. Board of directors
2. Independent supervisory body
3. Risk management policy
4. Sustainability strategy
5. Code of integrity and ethics
6. Information security
7. Protection and privacy of third-party data 

For each of the quantitative IBSOs, the absolute and relative value must be determined and disclosed according to the specifications of the standard. 
Entities must disclosure at least the following: (i) profile and context in which they operate; (ii) reporting period; (iii) comparable information with the previous year; (iv) economic sector to which they belong; (v) geographic regions in which they operate; (v) economic activities; and (vi) number of workers and categories of occupation, gender, and age ranges. 
IBSO disclosure should be made in the notes of financial statements at the end of the reporting period, displayed in comparison with the previous period. 
NIS B-1 outlines the sources that may be consulted to obtain the information required for the determination of each IBSO.

V. Effective Date
The NIS took effect Jan. 1, 2025.
VI. Additional Considerations

The NIS B-1 transitory provisions specify that in the first year of application, entities will not be required to present information from previous periods in comparative form with the current period.

The first reporting deadline will be in 2026, using data from the previous year.
In addition to the above, entities may not disclose Scope 3 GHG emissions1 during the fiscal year following Jan. 1, 2025.

1 Scope 3 GHG emissions are the result of activities from assets not owned or controlled by the reporting entity, but that the entity indirectly affects in its value chain.
 
Paula Maria De Uriarte contributed to this article