DOJ Refocuses on Crypto Fraud, Seizes $1.1 B in Illicit Assets

Context On April 27, Acting U.S. Attorney General Todd Blanche reiterated an April 2025 memo that bars prosecutors from charging crypto developers for users’ illegal actions. The memo disbanded the National Cryptocurrency Enforcement Team and limited DOJ cases to clear‑cut fraud or money‑laundering offenses. Blanche told attendees at the Bitcoin 2026 conference that lawyers for developers should feel free to contact his office to verify compliance.

Key Facts - The DOJ seized 503 domains that hosted fraudulent crypto‑investment schemes and froze $701.9 million in cryptocurrency linked to victim‑fund laundering. Combined with other asset freezes, total confiscated value exceeds $1.1 billion. - A French national, Maximilien de Hoop Cartier, received an eight‑year prison term for running an unlicensed exchange that laundered $470 million through shell companies and U.S. crypto wallets. - The Department’s new enforcement posture follows recent court actions, including the dismissal of securities‑fraud claims against Coinbase by SDNY Judge Jed Rakoff, signaling tighter limits on investor lawsuits against exchanges. - New York Attorney General Letitia James secured a $5 million settlement from Uphold for promoting a fraudulent savings product, underscoring state‑level crackdowns on deceptive crypto offerings.

What It Means Security teams must treat crypto‑related fraud as a high‑priority threat vector. The DOJ’s focus on end‑user misconduct means that developers of wallets, smart‑contract platforms, and trading APIs face reduced regulatory risk, but the entities that market, sell, or manage crypto assets remain exposed to criminal prosecution. Companies should audit third‑party integrations for compliance with anti‑money‑laundering (AML) rules and ensure that marketing materials do not imply guarantees or insurance that do not exist.

Mitigations - Implement robust AML transaction monitoring that flags rapid movement of funds to newly created wallets, a common pattern in laundering schemes. - Deploy domain‑blocking lists that include known fraudulent crypto‑investment sites; update feeds daily to capture newly seized domains. - Conduct regular legal reviews of product disclosures to confirm they do not misrepresent risk or suggest regulatory protection. - Harden smart‑contract code against re‑entrancy and access‑control flaws (e.g., CVE‑2023‑XXXXX) that fraudsters exploit to siphon funds. - Train incident‑response teams to recognize phishing attempts that mimic legitimate exchange communications, a tactic often used to harvest credentials for laundering operations.

Looking Ahead Watch for DOJ guidance on AML reporting thresholds for decentralized finance platforms and for any amendments to the 2025 memo that could further delineate developer immunity.