Search and find what you need faster.

Posts Tagged ‘Crypto’

Digital Asset Law Reform: Key Takeaways for UK Advisers

Posted on: July 17th, 2025 by Natasha Cox

Following the Law Commission’s proposals for crypto and digital asset reform regime, Director Matt Green explores what these proposals mean for advisers – as well as those looking to recover stolen or hacked cryptocurrency.

Matt’s article was co-authored with Ashley Fairbrother, Partner at Edmonds Marshall McMahon.

Matt and Ashley’s article was published in FT Adviser, 16 July 2025, and can be found here.

In June 2025, the UK’s Law Commission proposed new powers to drastically help victims of fraud following the loss of cryptoassets where key details, like the bad actors’ details, are unknown. These proposals would allow courts to grant free-standing information orders at the outset of crypto fraud investigations, before the victim needs to commit to pursuing a substantive claim.

This may prove to be a vital legal reform and significantly increase access to justice, especially when victims have lost significant funds, and do not want to risk spending more money pursuing unknown parties who may or may not still hold funds.

The crypto fraud epidemic

Fraud concerning cryptoassets is a significant issue for consumers and businesses alike. Chainalysis’s “The 2025 Crypto Crime Report” notes that ‘pig butchering’ scams (i.e. scams via social engineering) have increased 40% year on year, and cost victims a total of $9.9 billion as of 2024. Separately, Chainalysis’s report notes that $2.2billion was stolen from crypto platforms across this period.

Last year, Action Fraud – the UK’s reporting centre for fraud and cybercrime – reported over 649,000 instances of investment fraud, with 66% attributed to crypto investment related schemes. Individuals are losing life savings, family homes and pensions, and taking out astronomical loans to pay fraudsters who demand more money to release funds already taken under the guise of investment profits.

Scams are often initiated by telephone calls, texts and emails from actors purporting to be from major cryptocurrency exchanges or banks who hold convincing personal data, usually obtained via data scraping, to harbour a victim’s trust and eventually extract funds. Assets are then typically laundered to facilitate human trafficking, drugs trades and organised crime.

Currently, victims can follow their funds across their respective blockchains by providing practitioners with their transaction identifiers, which show the funds being withdrawn or sent from their control to the fraudster. Following a traceable laundering process, funds can end up at centralised retail outfits like Binance, Kraken and Coinbase, offshore swapping services like SimpleSwap and ChangeNow, to purportedly decentralised outfits, who offer services without obtaining Know Your Client documents or Anti Money Laundering checks, performing permissionless transactions.

Once at these exchanges, victims need to know key information to consider the viability of pursuing a legal claim, including details of the exchange’s customer, information concerning internet-protocol addresses, trading histories and, of course, the balances held at accounts. Without this information, it is extremely difficult to consider whether a victim should spend good money chasing lost assets, and in most reported cases, victims have taken a high-risk approach in pursuing “persons unknown” with limited information.

To obtain this material, lawyers can use gateway 25(b) of the Civil Procedure Rules (which dictate the rules around litigation in England and Wales), which requires victims to start a substantive claim alongside an application for disclosure of information. This means they must be prepared to sue someone and detail the claim clearly at that stage.

As a commercial proposition, this might be extremely costly. The Law Commission recognises this at paragraph 3.78 of its report, where it states that “victims are not always able to say that they definitely intend to commence proceedings in England and Wales”

Similarly, to obtain wider reliefs against perpetrators, including a worldwide freezing injunction which prohibits the defendants from moving or dissipating their assets globally up to the value of the claim, the victim must also show from the outset that they have other assets to the value of the loss, on the basis that the injunction detriments the defendants unfairly. This is an enormous burden for any victim of fraud to overcome, without really knowing anything about the defendants.

Currently, the bar to entry is very high. Only those with deep pockets, and a high appetite for risk, can pursue their funds via the courts.

The Law Commission’s proposal

The Law Commission has recently published the “Digital assets and (electronic) trade documents in private international law, including Section 72 of the Bills of Exchange Act 1882, consultation paper” to assist victims, by allowing the court to grant a “free -standing information order to assist a claimant at the initial investigations stage of the proceedings”.

Should the proposal be successful, this would allow victims to assess the viability of the claim and consider the facts at hand without starting a formal claim. The costs might be substantially lower, and without the risk associated with formal litigation.

The proposed test for granting one of these orders is provided at paragraph 4.92 within the consultation paper, and summarised as:

  1. The case has a certain strength, in that the claimant must evidence a wrongdoing;
  2. The disclosure of this information is necessary to allow the victim to bring legal proceedings or other redress;
  3. The court must be satisfied that there is no other court in which the claimant could reasonably bring the application for disclosure;
  4. The court must be satisfied there is an adequate link to England and or Wales. For example, that the victim resides, domiciles or is a national here. This might also include (though not explicit in the paper) that the defendant purports to have an adequate connection to this jurisdiction – for example where a scam investment website says the company is registered in England.

Effect and next steps

In principle, this initiative will drastically lower the obstacles to recourse by giving victims a cost-effective solution to assess a claim’s viability and mitigate litigation risks early on. A consultation period for this paper is open until 8 September 2025, and many law firms and individuals have already backed the Law Commission’s above proposal, including both of us as authors of this piece as well as our peers including Nathan Capone at Fieldfisher.

This reform is vital in widening access to justice by revolutionising the initial stages of crypto asset recovery by removing substantial financial and procedural barriers that currently prevent many victims from commencing a claim.

To find out more about our Blockchain and Digital Assets services, please click here

 

Lawrence Stephens & Howden Unveil Innovative Crypto Theft Recovery Solution

Posted on: July 7th, 2025 by Natasha Cox

Lawrence Stephens has partnered with Howden, the global insurance intermediary group, to launch a first-of-its-kind solution for the cryptocurrency sector. This innovative facility combines robust crypto theft insurance with expert legal asset recovery services, offering clients a comprehensive and credible response to digital asset theft.

The new solution delivers more than just insurance – it provides clients with a fully integrated approach that includes legal expertise, access to leading crypto vendors, and forensic recovery capabilities.

“At Howden, we believe in delivering solutions that go beyond traditional insurance,” said Freddie Palmer, Head of Digital Assets and Blockchain at Howden. “By partnering with Lawrence Stephens, we’re empowering our clients with a seamless, end-to-end service that combines technical insurance advice, legal recourse, and access to the broader crypto ecosystem. It’s a powerful response to one of the industry’s most urgent challenges.”

Key features of the facility include:

  • Specialist legal support from Lawrence Stephens to initiate asset freezing and recovery proceedings.
  • Insurance coverage that includes partial reimbursement of legal recovery costs when engaging Lawrence Stephens.
  • Access to a trusted network of crypto vendors and forensic experts to trace and recover stolen assets.

“We’re delighted to offer our legal expertise to the insurance market through this collaboration with Howden,” said Matt Green, Head of Blockchain, Digital Assets and Technology Disputes at Lawrence Stephens. “After all, the legal process began helping an insurer reclaim payment following a ransomware attack.”

This launch marks a significant step forward in institutionalising crypto asset protection, offering clients a credible, structured, and responsive solution in an increasingly complex digital landscape. As digital assets become more mainstream, institutional-grade protection is essential to build trust, reduce risk, and support the long-term growth of the crypto economy.

To find out more about our Blockchain, Digital Assets and Technology Disputes services, please click here

How the UK Can Back Crypto Innovation with Action

Posted on: June 27th, 2025 by Alanah Lenten

We now find ourselves at a critical crossroads in the evolution of financial technology. While the UK once made bold proclamations about becoming a global crypto asset hub, real progress has stalled, and the lack of regulatory clarity is beginning to weigh on investment, innovation, and job creation. In an era where blockchain, artificial intelligence, and quantum computing are converging to reshape global economies, the UK must act decisively or risk falling behind forward-thinking jurisdictions such as the US, Singapore, and the UAE.

While recent developments from the Financial Conduct Authority (FCA) – including the publication of a crypto roadmap and the UK Treasury preparing draft legislation to provide clarity on qualifying crypto assets, including stablecoins, which will fall under the remit of the Financial Services and Markets Act 2000 –  indicate progress, the pace of change remains too slow.

The UK has a golden opportunity to define a forward-looking, globally competitive framework for digital assets, but this demands bold leadership, joined-up policymaking, and a clear national strategy that puts emerging technologies at the centre of economic growth. In a joint letter to government, Matt Green, Head of Blockchain and Digital Assets and Technology Disputes at Lawrence Stephens, together with leading industry bodies, outlined a series of proposals to help the UK realise this potential. The article below explores their key recommendations in more detail.

Laying the groundwork for growth

According to the FCA, around 12% of UK adults, approximately seven million people, now own digital assets. Despite this, only 8% of global venture capital funding in the space went to UK-based firms in the past year. The US, by comparison, attracted a staggering 76%. If the UK is serious about becoming a leading force in the digital economy, it must close this investment gap with urgency.

At present, a fragmented approach to digital asset regulation is inhibiting progress. A new wave of global strategies led by national governments eager to capture the economic benefits of blockchain and Web3 is leaving the UK at risk of playing catch-up. From Dubai to Washington, governments are launching clear action plans, appointing envoys, and rolling out incentive programs to attract high-potential digital firms.

A clear path to digital leadership

That’s why a coalition of leading trade bodies, including the UK Cryptoasset Business Council, Global Digital Finance, The Payments Association, techUK and Lawrence Stephens has come together to call on the Government to implement a clear digital asset strategy. Representing both pioneering start-ups and established multinational firms, we believe the UK can and should be at the forefront of responsible innovation.

There are four key steps the UK can take to realise this ambition:

1. Appoint a blockchain special envoy

Just as the US government has appointed a high-profile blockchain envoy to spearhead policy alignment and investment attraction, so too must the UK. A dedicated envoy would serve as a strategic bridge between government, regulators, and industry, driving consistency, championing innovation, and positioning the UK as a premier destination for blockchain-related investment. The envoy would also play a crucial global role, representing the UK on the international stage and securing collaboration opportunities with leading digital nations.

2. Launch a government-led Digital Asset Action Plan

Like the coordinated approach seen in artificial intelligence, the UK should implement a comprehensive strategy for digital assets and blockchain technology. This could include a white-glove concierge service to support scale-ups, integration of blockchain into public services, and the development of a globally competitive tax and investment landscape. Targeted incentives would enable the UK to attract and retain the world’s most promising digital firms, ensuring job creation and long-term economic benefit.

3. Recognise the convergence of emerging technologies

Emerging technologies rarely operate in silos. Blockchain, quantum computing, and AI are increasingly interdependent, and together they promise to redefine industries from finance and defence to supply chains and public healthcare. For example, blockchain can add transparency and trust to AI systems, while AI can optimise blockchain functionality. These technologies working in harmony offer the potential to deliver transformative public services, from decentralised property registries to secure NHS data transfers. The UK must actively foster collaboration across these disciplines to maximise impact and support innovation at scale.

4. Create an industry-government engagement forum

Effective policymaking must be informed by those at the forefront of innovation. To that end, we propose the creation of a high-level industry-government-regulator taskforce, designed to ensure close collaboration and continuous dialogue across sectors. This would enable agile policymaking that reflects the rapidly evolving nature of digital technologies and ensures the UK remains ahead of the curve.

Unlocking long-term economic value

The potential economic impact of digital assets and blockchain is immense. A recent PwC report projects that blockchain could add £57 billion to the UK economy over the next decade. Globally, it could boost GDP by £1.39 trillion by 2030. Sectors like logistics, finance, health, and public services stand to gain the most, particularly through improved transparency, faster data transfers, and streamlined transactions.

Meanwhile, the UK’s legal infrastructure is increasingly ready to support these developments. The Law Commission’s recent endorsement of a new ‘third category’ of property to account for digital assets is a significant step forward, strengthening the legal foundation for cryptoassets, tokenised securities, and carbon credits. In doing so, the UK is proving it has both the legal and technological credibility to lead on digital assets.

Now is the time to act

The UK’s digital asset economy is already the largest in Europe, with £172 billion in on-chain transactions last year. Yet without bold, strategic intervention, we risk being eclipsed by more proactive nations. As innovation accelerates and geopolitical dynamics shift, the UK must seize its moment.

With the right leadership, a coherent regulatory environment, and an ambitious vision for innovation, we believe the UK can cement its status as a global hub for digital assets and blockchain technology.

Now is the time to move from ambition to action.

If you have queries on the above, please contact Matt Green

Read the other articles in this edition here : The Fineprint – Edition 1 – July 2025 – Lawrence Stephens

How to protect your crypto assets

Posted on: May 30th, 2025 by Natasha Cox

Director and Head of Blockchain and Digital Assets, Matt Green, comments on the recent series of attempted kidnappings of crypto entrepreneurs and discusses how to best protect assets stored on the blockchain, in The Next Web.

Matt’s comments were published in The Next Web, 29 May 2025, and can be found here.

“Despite the industry pining for decentralisation, much of the data points towards identifiable individuals with either massive wealth or access to third parties’ wealth. Simple blockchain analytics openly identifies addresses holding fortunes, and once those addresses are associated with named individuals (data triaging and clustering can unmask a pseudonymised  address), then criminals can see very clearly that a person holds significant wealth. Imagine your bank balances are posted online and through analysing open source data, the world can see it’s your account.

“In terms of crypto holders, the only thing stopping criminals gaining access is human error or force so kidnapping aims to break down the integrity of that human led security.

“The nature of blockchains means balances and addresses are public. In the same way van stickers read “no tools are kept in this vehicle”, it might be worth making a conscious effort to show a single person under duress is incapable of giving access to crypto holdings. Having clear statements about Multi-Sigs (Multi-Signature wallets) would likely deter kidnappers, who would have to pursue multiple individuals to make gains.”  

To out more about our work on blockchain, crypto and digital assets, please click here

How to navigate the first 72 hours of a ransomware attack and recover ransoms paid in crypto

Posted on: May 23rd, 2025 by Alanah Lenten

Dominic and Asim’s article was published in Fraud Intelligence, 21 May 2025, and can be found here.

Discovering that you have been the victim of a ransomware attack can be reputationally and financially devastating to an organisation. However, when responding to an attack, the first 72-hours are critical. Quick and decisive action can help preserve evidence, while protecting assets and systems.

Cyber attacks vary in their potency and impact. A ransomware attack which locks down a company’s entire IT system is, of course, different from a more limited attack on a single device – an organisation’s response will therefore vary. However, notifying your insurers and the police, getting internal and external IT support on task immediately, while also notifying company staff should all be considered.

Where data is at risk, notifying the Information Commissioner and other regulators within 72 hours – as well as your customers – can also be necessary.

Should you pay the ransom?

Current guidance from the National Crime Agency is that they do not “encourage endorse nor condone the payment of ransom demands”. This is because there is no guarantee that you will get access to your data or computer, your computer may still be infected, you will be paying a criminal group, and you increase the likelihood that you (and others) may be targeted in the future.

However, in many cases, commercial victims of a ransomware attack can find themselves unable to continue their business operations whilst key systems remain compromised. This is the hacker’s leverage, that, there may come a point where continued business losses are unsustainable and paying a ransom to unlock their systems becomes an expense in mitigation.

Such ransom payments are often demanded in cryptocurrency and their payment can be covered by insurance. It is important that businesses check their policies to see whether this forms part of their cover.

How to prepare?

Given the number of moving parts involved in managing the aftermath after a ransomware event, it can quickly become overwhelming, unless robust and specific plans are already in place. Such ‘incident response plans’ should already be agreed and understood by the company’s leadership and those staff who will need to take action. Running simulations of how a business will cope during a ransomware attack is advisable (e.g. turning to paper processes in the short term and ensuring that all know what their roles are during an attack).

Backing up your systems on a regular basis and training staff  to recognise unusual behaviour or unexpected activity on their devices is critical – for example, phishing emails, unprompted windows opening up for split seconds, or excessive system resources being used when your device does not appear to be doing much. This can suggest that scammers have taken remote control of your device under the pretence of assisting you through services, like AnyDesk.

How to react?

While you are reacting to the consequences of the breach, you may simultaneously have to identify and fix the vulnerability, comply with legal and regulatory requirements, notify your insurers and provide comfort to your staff, customers and suppliers that matters are in hand. During this period, chaos can ensue, and mistakes can be made that could severely hamper any subsequent investigation.

Below are some key points to bear in mind during this initial period:

Preserve the evidence

The preservation of evidence is a key initial task, and leadership should strive to work with professionals to ensure that all system logs are retained. It is advisable to hire in digital forensics or organisations that specialise in dealing with cyberattacks –if you have good cyber insurance, this is something your insurer may provide.

Avoid formatting or performing factory resets at this stage. Evidence preservation is vital, particularly as forensic digital examination of your devices could yield critical information, instrumental in tracing and recovering the stolen assets.

If possible, take a full forensic image of the affected devices and work from backups (provided these have not also been compromised by the attack). You may need to buy fresh devices so that those affected can be preserved as evidence.

Your internal communications team may want to take on PR consultants to assist with crisis comms as the news breaks, if it is an attack with significant reputational implications.

Secure Your Communications

It may be wise to set up new, secure email addresses immediately and avoid logging into any accounts you suspect may have been compromised. You should consider how best to continue internal communications with secure channels being set up to action any critical messaging

It may be necessary to notify your bank and or other service providers of any new email address, or communication preferences, to ensure that no instructions are to be taken from the old email addresses.

In attacks where the victims have been socially engineered, one or more company email addresses or social media accounts may have been compromised. You should access the log-in history which details the IP address and location of all log-in attempts.

If there are any suspicious logins, it is likely that email addresses have been compromised, and your communications may be monitored or used by the scammers to gain further access. This could also impact other accounts, bank accounts and social media profiles.

It is vital that passwords are immediately changed and strengthened across the organisation.

Communicating with the Hackers

When the hackers reach out to demand a ransom payment from you ensure that they are unaware of the steps you are taking internally.

Ransom payment negotiators are available to assist with these negotiations to drive the ransom demanded down. This can also buy an organisation time if the hacker is threatening to publish the compromised data on the internet.

Make sure to collate a detailed record of all communications with the hackers, including requests for payments, emails, phone calls, text messages, social media interactions. If the ransom is paid in crypto, take a note of the transaction details, wallet addresses and transaction hashes etc.

If you have been directed to a webpage during your interactions with the hackers, you should ensure to take screenshots of these pages in case they disappear. Any evidence of what jurisdiction they may be in is also vital.

Accurate records are crucial for any subsequent legal action and investigations.

Recovering the ransom payment

If the ransom is paid in crypto, this could give you and your legal team time to investigate and trace the assets, write to any centralised exchanges who may be in receipt of those assets, and put them on notice of the theft and request that they freeze those accounts pending further legal action. It may also allow time for the necessary court orders to freeze assets to be granted and implemented. These steps, if taken quickly, can result in an organisation (or their insurer) recovering the ransom after it has been paid.

Your legal team will quickly be able to identify suitable independent blockchain tracing specialists who will be tasked with conducting an initial tracing report to follow the movement of your crypto assets and their traceable proceeds. You will need to provide proof that you owned the assets, as well as relevant transaction hashes or addresses as these will form the basis of asserting your proprietary claim to those assets, which is essential in recovering them.

Hackers typically seek to convert stolen crypto assets into cash, often using centralised exchanges as their off-ramp. The first step in any successful crypto asset recovery matter is identifying the exchanges used. Exchanges are subject to a degree of regulatory oversight and compliance mechanisms to satisfy the requirements of typically highly regulated banking entities.

Your legal team can place exchanges on notice that they have received the proceeds of crime and request they freeze the relevant accounts while also requesting disclosure of any onward transfers and withdrawals from that account to trace the stolen assets.

Report to Law Enforcement

The attack should be reported to the police and Action Fraud. Make sure you keep a copy of your report, as well as any crime reference numbers provided.

It is important that you engage with your local police force as much as possible and obtain a direct liaison and contact details. Try not to be discouraged or frustrated if the police cannot offer much help.

Police resources, expertise, and capacity to deal with cyber crime can vary considerably, and officers may lack immediate familiarity with the complexities involved.

Even if the police can’t provide much assistance, a formal report is important, as it creates an official record that supports other legal and recovery actions you may take and can also assist law enforcement in identifying patterns in criminal gangs to help others avoid falling victim.

Engage with Experts

Engaging promptly with specialist IT and legal advisors experienced in breach response is crucial to mitigate the fallout from the attack and limit business interruption.

Cyber experts should be able to quickly identify the areas of your system that have been affected, the extent of the breach and the data under threat, as well as devise a plan for bringing your systems back into operation. It may be possible to decrypt some of the compromised data without paying the ransom, or to restore your systems from backups.

Your legal team should work closely with these experts to ensure that your regulators are notified of the attack and kept abreast of developments. Your legal team may also need to review your company’s commercial agreements, to see if any termination or notification events are triggered as well as deal with any claims that might arise from your suppliers or customers as a result of the attack.

Conclusion

Careful advanced planning and swift and methodical action when an attack occurs can reduce stress, while also significantly limiting the damage a ransomware attack can cause to an organisation in the first 72 hours.

Crypto recovery – navigating the first 72 hours

Posted on: May 23rd, 2025 by Natasha Cox

When a person goes missing, the first 72-hours are mission critical.

The same urgency applies if you have been hacked, scammed or are the victim of a theft- even more so if the loss are crypto assets. Quick and decisive action in the immediate hours will significantly mitigate the risk of those assets being obfuscated and dissipated and assist with recovery.

Crypto scammers are particularly ruthless, often deploying all manner of sophisticated tactics. From straightforward account compromises and theft with no direct interaction, to elaborate social engineering, often gaining trust through dating websites, fake investment platforms, or social media, their ultimate aim is to deprive a rightful owner of crypto assets.

Discovering that you have been the victim, regardless of the methodology used, can be emotionally draining as well as financially devastating. Clarity of thought and rational action can often give way to absentmindedness. This can lead to victims continuing to pay the bad actors, or fake recovery firms who are one and the same.

In the circumstances this is entirely understandable.

The appropriate next steps can vary depending on the specific circumstances, however our recommended action plan is detailed below and applies to most scenarios:

  1. Secure your communications

Often, particularly in cases where victims have been socially engineered, your email addresses and social media accounts will likely have been compromised as the result of the hack.

Most mainstream email providers will allow you to see a log-in history which details the IP address and location of all log-in attempts. Consider if any are unrecognisable.

If there are any suspicious log-ins, it is likely that your email address has been compromised and your communications may be monitored by the scammers. This could also impact other personal and financial accounts linked to your email, such as online shopping accounts, bank accounts and social media profiles. Credit ratings and access to future baking facilities may also be affected.

In this case, it is vital that you immediately change the password for your email, and then for all other accounts held online.

In addition, we recommend that you set up a new, secure email address immediately and avoid logging into any accounts you suspect may have compromised. You should divert any personal and critical emails to your new account, and ensure that you update your email address across your online shopping, social media and bank accounts.

It is important that you notify your bank and or cryptocurrency exchange of your new email address, which replaces the old one, and ensure to communicate that no instructions are to be taken from the old email address.

  1. Cease communications strategically

In cases where scammers have maintained prolonged contact, they may continue to reach out to you. Let them remain unaware you know this is a fraudulent scheme. If they know that you are aware, there is a heightened risk that they will take steps to obfuscate their trail and dissipate assets, which can make asset recovery more complicated.

If you can, you should look to cease communication strategically without encouraging further interaction. One approach might be to indicate you will be unavailable or away for a few weeks. This will hopefully give you and your legal team time to investigate and trace the assets, write to any centralised exchanges who may be in receipt of those assets, and put them on notice of the theft and request that they freeze those accounts pending further legal action.

In short, the longer the scammers believe that their scam is undetected, the better.

You should then immediately begin collating a detailed record of all previous communications, including requests for payments, emails, phone calls, text messages, social media interactions, transaction details, wallet addresses and transaction hashes etc. Accurate records are crucial for any subsequent legal action and investigations. If you have been directed to a webpage during your interactions with the scammers, you should ensure to take screenshots of these pages in case they disappear.

Evidence of what jurisdiction they may be in is also vital. For example, note of their telephone number and dialling code (e.g. +44 for UK) or mention of a registered office (even if untrue) will help dramatically.

  1. Report to law enforcement

As soon as possible, you should report the theft to the police and Action Fraud – or equivalent law enforcement agencies. Make sure you keep a copy of your report, as well as any crime reference numbers provided.

It is important that you engage with your local police force as much as possible, and obtain a direct liaison and contact details. Action Fraud is only a database, and your query will not progress unless the police investigate.

Try not be discouraged or frustrated if the police cannot offer much help. Police resources, expertise, and capacity to deal with crypto related crimes can vary considerably, and officers may lack immediate familiarity with blockchain technology, or the complexities involved

Even if the police are unable to offer much direct assistance, formally reporting the incident is a crucial step as it creates an official record that supports any subsequent legal and recovery actions you may take with the support of your legal team.

  1. Device management and evidence preservation

Given that so much of our lives are conducted online and contained within personal devices such as laptops and mobile phones, it is crucial to exercise heightened caution if these devices may have been compromised.

If you notice unusual behaviour or unexpected activity on your devices (for example, unprompted command prompt windows opening up for split seconds, or excessive system resources being used when your device does not appear to be doing much) then this may be an indication your device may be compromised.

This is more likely if the scammers have previously taken remote control of your device under the pretence of assisting you through services, like AnyDesk.

As tempting as it may be, avoid formatting or performing factory resets at this stage. Evidence preservation is vital, particularly as forensic digital examination of your devices could yield critical information, instrumental in tracing and recovering the stolen assets. Formatting or resetting the device risks destroying potentially valuable evidence which often indicates the attack vectors used by the scammers and can be a useful part of the puzzle in identifying who they may be.

If your budget permits, obtaining new, uncompromised devices for interim use is recommended.

  1. Secure remaining crypto assets

It may be that the scammers have only targeted or been able to target specific parts of your crypto holdings. However, if your devices or email/social media accounts have been compromised, it is likely they know much more than you think – including what centralised exchange accounts and wallet addresses you have that they may wish to target next.

As such, you should immediately access and review all centralised exchange accounts you may hold online, and cold storage where applicable. Update your details held at these accounts, including email, contact information and passwords.

It is also crucial to strengthen your two-factor authentication and carefully review transactions to identify any activity you do not recognise which may be indicative of that account being compromised.

If you are holding any assets on these accounts, consider creating new, secure self custodial wallets on uncompromised devices and transferring remaining assets between multiple wallets.

If you have previously staked assets, check to see whether these remain staked or have been unstaked without your knowledge and are in any cooldown period. If unstaking has been initiated, try to take steps to ensure the unstaked assets can immediately be sent to your new, secure wallets as soon as possible.

  1. Engage with experts

Engaging promptly with specialist lawyers experienced in crypto asset disputes, particularly asset tracing on blockchains and recovery, can be vital ensuring the swift tracing and recovery of your assets.

Your legal team will quickly be able to identify suitable independent blockchain tracing specialists who will be tasked with conducting an initial tracing report to follow the movement of your crypto assets and their traceable proceeds. You will need to provide proof that you owned the assets (such as statements) as well as relevant transaction hashes or addresses as this will form the basis of asserting your proprietary claim to those assets. This is essential in recovering such assets.

Scammers typically seek to convert stolen crypto assets into cash, often using centralised exchanges as their off-ramp. The first step in any successful crypto asset recovery matter is identifying the exchanges used. These exchanges will have established payment rails which allow them to enable the transfer of fiat funds and are crucial to their business operations. 

As these payment rails exist within a regulated environment, banks must be comfortable with the funds handled by these exchanges. Consequently, exchanges are subject to a degree of regulatory oversight and compliance mechanisms to satisfy the requirements of typically highly regulated banking entities.

Once an investigator can identify exchanges which have received the stolen assets, your legal team should then enter into dialogue to place them on notice that they have received the proceeds of crime and request they take specific actions. These include freezing the relevant accounts to secure any assets held within, as well as requesting disclosure of any onward transfers and withdrawals from that account which can be used to further trace the stolen assets with a view to recovery.

This draws a line in the sand – the exchange is now aware of the issue and any funds held at or subsequently deposited at that account must now be frozen.

  1. Seek emotional support

Recognising that you have fallen victim to a scam can trigger intense emotional distress, anxiety, and feelings of isolation. It is important to recognise you are not alone and that these feelings, while overwhelming, are a common response to what can be a very personal breach of privacy, trust and security.

If you find yourself in such a position, consider reaching out to supportive friends and family. Whilst there are also online communities offering support to victims, you should treat these with caution, as these can present attractive hunting grounds for scammers seeking to exploit those at their most vulnerable.

If you find your emotional state severely impacted or you are feeling persistent low, anxious or overwhelmed, it is essential to seek professional medical or mental health support.

As outlined above, acting quickly and methodically within the immediate hours and days after discovering a scam or can significantly improve the prospects of recovery and limit the broader financial and emotional damage.

For more information on our services relating to technology disputes, please click here. For our cryptoassets services, please click here

Shaping Blockchain Law: Matt Green Reflects on Career and Landmark Crypto Cases in CDR

Posted on: May 14th, 2025 by Natasha Cox

Head of Blockchain and Digital Assets and Technology Disputes, Matt Green, speaks with Commercial Dispute Resolution (CDR) about his career in the crypto asset space and how some of the notable cases he has worked on have influenced legal precedent around blockchain and digital assets. 

Matt’s interview was published online in Commercial Dispute Resolution (CDR), 12 May 2025 and can be found here.

Discussing the first crypto case he was involved with, the landmark AA v Persons Unknown, Matt explains “I was enormously opportunistic, and I just rode with it… I was in the right place at the right time.”

He notes how there was “a big gap in the market” at the time, with many in the blockchain and digital asset space not knowing that there were legal routes to trace and recover their stolen or hacked assets.

Speaking on lessons learned during his career, Matt comments:“It is attrition, staying in the game, not overreaching. Being very aware that you don’t know everything. I don’t think anybody could say they did have all the answers, on the basis that the judiciary and the industry are trying to figure it out.”

Discussing the evolution of both his practice and the digital asset space itself, Matt explains that “there will be huge intellectual property battles about a variety of different things that we probably can’t even imagine yet, it’s almost unknowable.”

With many of Matt’s cases showing the “grizzly places” of the crypto world – from pig butchering scams on Facebook groups for grieving widows to tracing stolen assets to an organ farm in Southeast Asia, and the high-profile disputes over the identity of Satoshi Nakamoto.

Yet despite this, Matt encourages people to see the wider utility of this technology, telling CDR that he would like to see the “wider adoption and understanding of the applications of blockchain tech and digital assets.”

For junior lawyers looking to get into the constantly evolving world of digital assets and blockchain, Matt explains that there are plenty of ways: “set up a blog, write articles, start a podcast, join groups. If you get involved with the industry that you choose, you’re going to be much more valuable to a law firm than if you don’t, and there is no date by which you should start doing this.”

For more on our Blockchain, Digital Assets and Technology Disputes services, click here

Matt Green discusses crypto assets disputes and recovery with the Government of Gibraltar

Posted on: May 8th, 2025 by Natasha Cox

Director and Head of Blockchain Matt Green presented to the Ministry of Justice, Trade and Industry of the Government of Gibraltar, outlining the evolving legal status of digital assets alongside Scott Pounder, Founder and CEO of Prometheus Insights. 

Looking to the current legal landscape and potential future developments, Matt and Scott explained why recognising digital assets as property is essential, considering:

  • The definition of digital assets
  • The canon of common law, including Matt’s own cases, and how asset recovery cases created precedents globally
  • The role of legal definitions of property, now ratified in the Court of Appeal, from case law through to the Property (Digital Assets etc) Bill
  • Considering a draft statutory instrument designed to bring dealing with crypto assets into the remit of regulated activity under FSMA 2000.

The Government of Gibraltar’s official press release can be found here.

For more information on our digital assets expertise, please click here.

Matt Green discusses UK crypto innovation and regulation in The Times

Posted on: April 24th, 2025 by Natasha Cox

Writing in The Times, Director and Head of Blockchain and Digital Assets, Matt Green, argues that the UK government needs to adopt a clear big picture strategy on implementing blockchain technology if it is to maintain parity with competitors.
 
Matt’s article follows a recent letter he co-signed as chair of techUK’s Blockchain and Digital Assets working group, alongside a coalition of leading UK and global trade bodies in the crypto sector to the UK government urging them to advance its digital asset and blockchain policy.

Matt’s article was published in The Times, 24 April 2025, and can be found here.

Government must urgently delivery regulatory clarity for cryptoassets

It is roughly six months since the digital assets industry called on the Labour government to provide urgent “regulatory clarity” at the party’s annual conference. The then economic secretary to the Treasury, Tulip Siddiq, responded by confirming the government’s commitment to fostering innovation in financial services, but there is little meat on the bone.

It has also been three years since the previous government’s plan to make the UK a global cryptoasset technology hub. This ambiguity serves no one.

Helpfully, the Financial Conduct Authority (FCA) has since published key dates in a ‘crypto roadmap’ that details the development of comprehensive regulatory framework for the UK. Draft legal provisions are expected soon, with a series of consultation papers examining how the future regime will work and its content – such as stronger regulation for capital, liquidity and risk management of cryptoassets – to come. The roadmap anticipates that the rules will take effect late next year.

While that is welcome, the UK needs clarity and momentum to boost investment, growth and jobs, and to avoid falling behind competitors such as Singapore, the UAE or the US in technology investment and innovation. If the government is serious about making crypto a strategic priority, it should mirror the US by appointing a crypto special envoy – President Trump has appointed David Sacks, the former senior executive at PayPal, to that role.

The UK desperately needs a comparable appointee who can drive policy alignment, assimilate industry innovation and ensure that regulation and legislation are formulated and drafted with the UK’s best interests.

Our government also needs a plan that will focus on identifying opportunities and attracting investment. These could include an incentivisation programme to attract businesses with significant potential, explore elements of public sector integration and create a competitive tax and investment landscape.

Recognising the symbiosis of blockchain, artificial intelligence and quantum computing and their potential value is vital, both for preparing future regulatory frameworks, and considering use in daily life. Ultimately, this will improve efficiency for a swathe of crucial public services. Consider how the Land Registry and Companies House could hold important documents on the blockchain to simplify and accelerate property and share transfers. Key government procurement contracts and transmission of NHS data could also be transformed. 

According to the FCA, 12 per cent of UK adults – about 7 million people – owned cryptoassets last year. In contrast, according to the most recent data, only 8 per cent of global venture capital funding went into UK firms that specialise in that field, while the US dominates with 76%.

A clear direction, guided by a singular politically and sector agnostic driver, and with clear regulatory framework, could transform the UK economy for decades to come.

 

 

Matt Green comments on the Digital Assets Bill in eprivateclient

Posted on: November 18th, 2024 by Hugh Dineen-Lees

Director and Head of Blockchain and Digital Assets Matt Green comments on the introduction of the Property (Digital Assets etc) Bill, and argues that this legislation will provide greater clarity to the treatment of cryptocurrencies and digital assets under UK law.

Matt’s comments were published in eprivateclient, 15 November 2024, and can be found here.

“Property rights allow individuals to identify and demarcate ownership. In turn, being deprived of property creates a right in either damages or for that exact property to be owed. This ensures there’s greater market confidence when dealing with property, as there are clearer legal rights to ownership, control and general treatment of that property.”

“Historically property fell into two main categories – things that are tangible and exist physically or a contractual right enforced by a legal system (such as a debt claim or contractual right to goods). Digital assets (including cryptocurrencies, digital files and records, email accounts and certain in-game digital assets, domain names, even verified carbon credits) do not fall neatly into either category.”

“Use of a negative definition as proposed in the Digital Assets Bill, future proofs how property is treated, preventing the need to return to the issue for decades to come. To give an exhaustive list of what property is limits what may or may not exist going forward, so the wording is designed to ensure policymakers and the public at large are given that freedom to treat “things” as property when required, as well as the ability to sensibly divert from the rigid definition of property when required.”

“Although a welcome change for a legal system previously often unequipped to deal with such matters, enabling a “thing” to be property even where it is not tangible or creates a legal right may create inconsistencies at common law given the broad strokes definition. However the benefit of future proofing far outweighs the potential for inconsistencies and the Law Commission included guidelines as to what may constitute property under this Bill to assist decision makers.”

“As more “things” become property at a legal level, we may see the implementation of further laws, or even Judge’s decisions, which sweep up any unanswered issues. Overall, this Bill is a huge win for those dealing in digital assets, providing much needed clarity in an economy already utilising this technology at large.”

Asim Arshad and Ricardo Geada discuss crypto’s legitimate use in The Times

Posted on: November 23rd, 2023 by Maverick Freedlander

Senior Associate Asim Arshad and Director Ricardo Geada discuss the importance of crypto and its legitimate use cases, while contextualising the technology’s misuse, in The Times.

Asim and Ricardo’s article was published in The Times, 23 November 2023, and can be found here.

It is critical for regulators, officials and the public at large to differentiate between the technology of crypto assets and its potential misuse. A broad-brush approach due to the actions of a few is misleading, short-sighted, and indicates a limited understanding of the technology, thus hampering its development as a powerful force for progress and financial inclusion.

Collaboration should be key in any strategy to combat crypto’s misuse, and UK authorities should more actively engage with other regulatory bodies overseas in order to share insights and intelligence to address crypto-related crimes, while fostering the growth of legitimate crypto businesses. The misuse of crypto assets should not overshadow its broader, legitimate applications.

Contrary to common misconception, it is crucial to understand that most blockchains are inherently pseudonymous, rather than anonymous. Every transaction on public blockchain is recorded on a transparent ledger, making the transaction history traceable. This traceability can serve as a powerful tool for law enforcement. This perpetual audit trail enables authorities to trace illicit activities back to their source.

The UK’s ambition to position itself as a global hub for crypto innovation is commendable, and is one of the main reasons that growth of crypto in the UK has far outpaced the likes of the US, Germany and Japan in recent years. However, striking a balance between robust regulation and fostering innovation is crucial. Overly stringent regulations, arguably like we are seeing with the new crypto asset financial promotions regime, might stifle the growth of the sector, pushing innovators and investors towards more accommodating jurisdictions instead.

The emergence of crypto-related crimes underscores the need for a comprehensive educational push. Regulatory bodies, in conjunction with the industry itself, need to work towards educating law enforcement agencies, financial institutions, and the general public in what is a nascent and constantly developing technology.

It is also crucial to recognise that the relevance and utility of crypto assets differ across global contexts. For someone in a developed, politically stable country, the urgency or use case of crypto may not be plainly obvious. However, for individuals in countries with economic instability, hyperinflation, or restrictive financial systems, crypto offers a lifeline and can serve as an alternative financial system, providing financial inclusion and allowing people to preserve their wealth against devaluing local currencies. Dismissing crypto merely based on their irrelevance to certain regions or occasional misuse overlooks their broader potential and global impact.

Understanding and leveraging the technology of crypto assets and their underlying blockchains require a nuanced approach that recognises their potential use cases as well as the need for adequate regulation to mitigate misuse.

For more information on our Blockchain and Digital Assets services, click here

Crypto assets for businesses

Posted on: November 1st, 2023 by AlexT

The business landscape is continually evolving, with technology being a major catalyst for fostering progress, increasing capabilities, and maintaining a competitive edge.

Among the recent innovations capturing the interest of businesses is the rise of crypto assets and the blockchain technology that underpins them. Major brands such as Microsoft and Sotheby’s, as well as independent companies from travel agencies to cafés, are increasingly adopting crypto assets and harnessing their potential, seeking to position themselves to benefit immensely from these distinctive digital assets.

What’s in it for businesses?

One of the main appeals of crypto assets is the swift and transparent payment transaction mechanism that they provide. In an age where cash payments are on a significant decline, the ability to facilitate fast, transparent and secure payments is appealing to consumers and businesses alike.

Additionally, transactions with crypto often attract fewer charges compared to traditional payment methods. Crypto assets do not require intermediaries to facilitate transactions and the elimination of these intermediaries like banks and payment gateways in favour of a decentralised verification system (in other words, the blockchain) minimises the costs associated with traditional payment processing. Also, by merit of being exclusively digital, crypto assets negate the need for physical payment infrastructures such as card machines.

An undeniable upside for businesses adopting cryptocurrency payment is virtually zero risk of chargebacks. With every transaction confirmed and immortalised on the blockchain forming a secure, tamper-proof and transparent record, they cannot be reversed. Consequently, businesses no longer need to wrestle with drawn-out, expensive chargeback processes.

Adopting crypto assets also offers a broader customer outreach. By bypassing traditional financial institutions, businesses can access the 1.7 billion unbanked population globally, as well as the 1.2 million unbanked individuals in the UK. Allowing for crypto asset payment also caters to the growing population of crypto asset enthusiasts,  granting a unique selling proposition amidst a competitive market.

Moreover, due to the borderless nature of crypto assets, such transactions do not require conventional currency conversions and can be sent to or from anyone in the world with a smart device and internet connection. This makes crypto assets an ideal form of payment for businesses that wish to expand their operations into new jurisdictions, without the usual friction points involved in optimising cross border payments.

What are the challenges for businesses?

Whilst there are a number of advantages for businesses, integrating crypto assets as a form of payment is not without its risks. One such risk comes from the fact that crypto assets are extremely volatile, and it is not unheard of to have massive fluctuations in a crypto assets value over a relatively small time frame of days and hours. This volatility can present challenges for businesses in being able to predict how much it will generate from crypto asset payments, and it can also expose the business to losses if the value of its crypto assets falls. In the same vein, it can also present opportunities for gains if there is an increase in the price action of a crypto asset.

For example, a retailer may sell an item for 0.035 Bitcoin (BTC), which at the time of writing is around £766. In the days after the sale the value Bitcoin may increase, such that 0.035 BTC is now worth £800. On the flipside, the value of BTC may decrease, such that the 0.035 BTC is now worth £735.

Another challenge is security. Whilst crypto assets are secured utilising complex cryptographic algorithms, they aren’t invincible against cyberattacks, phishing or fraudulent schemes. Thus, businesses using crypto assets need to be proactive in establishing robust cybersecurity defences and countermeasure procedures.

The developing regulatory environment around cryptocurrencies presents another challenge. As the legislative and regulatory landscape is still maturing, businesses adopting crypto assets as a form of payment may need to comply with unforeseen regulatory requirements and make an effort to stay informed of ongoing developments in this area.

However, with diligent planning and careful strategies, these challenges and risks can be substantially offset and mitigated.

What must businesses consider?

For businesses considering crypto asset integration, an effective policy and strategy should take into account the specific nature and operation of the business, its goods/services, geographical scope, and clientele. Particular consideration should be given the following points:

  • Choice of crypto assets: Given the plethora of cryptocurrencies available, it is important to consider which crypto assets in particular should be allowed to facilitate payment for the business. Important points to consider here would be the crypto assets stability, liquidity, popularity, and confirmation times.
  • Payment processing: It may be worth trying an external payment processor who can simplify the process of crypto asset acceptance, albeit at a cost. Alternatively, it is entirely possible to set up your own crypto payment processing system, but will require some technological expertise and knowledge.
  • Formulating guidelines: Businesses adopting crypto assets should have defined guidelines addressing transaction disputes, and refund mechanisms. There should also be procedures in place for handling price volatility, for example, through stablecoins or immediate fiat conversion upon receipt.
  • Continuous transaction oversight: Businesses allowing crypto asset payments will need need to be able to track, record, and report transactions for tax compliance. Crypto assets are taxable, and businesses will need to consider whether they choose to hold crypto assets on their balance sheet as an asset, or if they would rather liquidate the crypto assets to fiat upon receipt or at regular intervals.
  • Selecting an appropriate digital wallet: Considering the scale of operations, anticipated crypto holdings, and security requirements is vital when choosing a digital wallet. There are a variety of different wallets including cold wallets, hot wallets, custodial wallets, non-custodial wallets, multi-sig wallets and many other variations. It is important for businesses to choose a wallet which is compatible with their needs, and which they are confident with and able to keep secure.

How Lawrence Stephens can assist with your crypto challenges

While venturing into the world of crypto assets does bring its set of challenges and intricacies, the potential benefits are substantial. As with any business decision, prudent planning, accompanied by knowledgeable legal consultation, is key to ensure regulatory compliance and adept risk management.

At Lawrence Stephens, our team is adept at assisting diverse businesses in harnessing the potential of crypto assets. With our bespoke legal insights, we ensure your cryptocurrency adoption journey is seamless, safeguarded, and aligned with the developing digital finance sector.