Partner Nicola McKinney discusses digital asset recovery and the Economic Crime and Corporate Transparency Bill in Law360

September 14, 2023

Partner Nicola McKinney examines a recent Civil Recovery Order, which enabled the seizure of £750,000 in crypto, and explores how the recovery of digital assets will be impacted by upcoming legislation.


Nicola’s article was published in Law360, 11 September 2023, and can be found here.

The Crown Prosecution Service (CPS) recently announced[1] that it had seized over £750,000 worth of cryptocurrency, having obtained a civil recovery order (CRO) and using powers under the Proceeds of Crime Act 2002 (POCA). The CRO was exercised against a hacker, who was not publicly identified by the CPS, alongside the execution of search warrants to seize a black book of 14 “recovery seeds” without which access to the two digital wallets holding the cryptocurrency would not have been possible.

Upcoming Legislation and Recovery Regimes

The use of existing POCA powers to recover not just unlawful property in the form of crypto assets, but also related items such as recovery seeds, is interesting to note ahead of the upcoming assent of the Economic Crime and Corporate Transparency Bill, which also looks to cover these areas. This legislation is trailed as providing additional powers to law enforcement so that crypto assets which are the proceeds of crime can be more quickly and easily seized and recovered.

The Economic Crime and Corporate Transparency Bill extends powers under the POCAs confiscation and civil recovery regimes, making specific allowances for seizure, detention, confiscation and recovery of crypto assets and crypto-related items. In general terms, the confiscation framework confers powers to deprive a defendant, after conviction and if they have a criminal lifestyle, of sums which are equivalent to the benefit of their criminal conduct. The civil recovery regime operates without requiring criminal proceedings, but permits the seizure and recovery of assets in order to deprive individuals of the benefit of unlawful conduct.

Particularly following this recent case, some may query whether the new powers are necessary.

Courts have repeatedly accepted, albeit generally at interim hearings, that crypto assets are capable of amounting to property. The recent Law Commission report on digital assets also makes it clear that a final finding to that end is likely to be made before long. That being the case, the need to specifically identify crypto assets as a discrete form of property which may be seized, may prove superfluous.  The recent High Court CRO[2] against the hacker would appear to demonstrate just that.

More likely to be of direct assistance are new powers to seize crypto-related items – such as passwords, private keys and recovery seeds – which will be able to be the direct subject of a search order in the CRO jurisdiction. Likewise, rules permitting crypto wallets to be frozen, and governing the circumstances in which crypto assets may be destroyed, may clarify and therefore better assist law enforcement.

Crypto Fraud Victims

UK victims of crypto fraud may read the news of this recent High Court recovery order as a welcome move to aid investors in the recovery of stolen digital assets. However, the reality is that CROs such as this are unlikely to be of much assistance to targets of crypto fraud who seek to recover their stolen digital property. This is due to the fact that the POCA regime is generally not victim-focussed, but instead aimed at depriving wrongdoers of the benefit of unlawful conduct. Assets and property which are frozen and recovered through a CRO ultimately vest in the trustee for civil recovery; they are not paid over to victims. The position will not be any different for digital assets.

A victim does have a right to apply to the court to seek assert their ownership of the property in question, and to try to have their property excluded from the CRO proceedings. However, this does not automatically result in the return of those assets to the victim, who will still then have to take further, independent steps to recover their property through civil proceedings.


CROs can still confer some potential benefits to victims of crypto fraud. While a victim is unlikely to obtain full details of a police investigation by virtue of a CRO, it may be that some information comes to light – for example about where stolen crypto assets have been located – which could assist the victim’s own investigations, and crucially, cut down their own costs. However, hurdles such as obtaining a reliable blockchain analysis report, and third-party disclosure orders against crypto exchanges, are unlikely to be entirely avoided.

Of more direct assistance, are the property freezing orders that the CPS is likely to obtain prior to a CRO; under the new ECTB regime these will be tailored as crypto wallet freezing orders. These prohibit, until a CRO is made, the use or movement of the crypto assets which have been located. Freezing crypto assets prior to a CRO, can also give victims more time identify and isolate their own assets within the frozen property, and to take necessary steps to recovery them.

Not the Usual Crypto Fraud

The jurisdiction of the CRO regime aside, there are reasons why recent headlines concerning cryptocurrencies and CROs are probably of less significance to victims than they at first appear.

For instance, the facts of this recent case[3] are not typical of the “classic” investor crypto fraud in the UK, which sees a UK-based investor falls victim to a scam and authorise a transfer of funds to the fraudster, under a misapprehension as to the fraudster’s identity or how the funds are to be applied. This case has a number of unusual features, which indicate that it was not this type of “authorised push payment” (APP) fraud.

One such feature is that hackers don’t often feature in crypto theft, and most thefts of digital assets do not happen after a hack. The time and skill involved in locating and accessing a private key — which will permit access and control of a digital asset wallet — will often be disproportionate to the value of the crypto-assets in the digital wallet. APP frauds, by contrast, are more cost-effective and commonplace.

In this case, the hacker appears to have been based in the UK, which is again not part of the profile of APP frauds that are most commonly seen in the crypto sector and, in most cases, crypto fraud victims are targeted by unknown persons who are based in other jurisdictions. The cross-border element to this kind of fraud makes obtaining information, and recovering the assets through civil proceedings, more expensive and complex for victims of crypto crime.

Action by English and Welsh police will therefore likely have a limited deterrent effect on APP fraudsters targeting UK victims and, with the recent headlines concerning CROs and upcoming legislation such as the Economic Crime and Corporate Transparency Bill, it will be interesting to see how this will impact the scope for civil recovery of crypto assets over the coming months.