European Regulators Investigate OKX for Web3 Money Laundering
European regulators have begun an investigation into crypto exchange OKX after hackers allegedly used its web3 platform to launder part of the $1.46 billion stolen from Bybit. The matter was reportedly discussed during a meeting of the European Securities and Markets Authority’s (ESMA) Standing Committee on Digital Finance on March 6, according to sources cited by Bloomberg.
The focus is on OKX’s web3 service, which includes a decentralized finance (DeFi) platform and a self-custody wallet. It is alleged that hackers supported by North Korea funneled about $100 million through this service. Authorities are now determining whether this branch of the exchange should be subject to the European MiCA (Markets in Crypto-Assets) regulation, which came into effect in late 2024.
Debate over Regulation of DeFi Services
OKX argues that its Web3 service is fully decentralized and therefore cannot be regulated under MiCA. However, some regulators, notably in Austria and Croatia, believe that the integration of this service with the centralized exchange OKX calls into question this decentralization. If authorities conclude that the platform must comply with MiCA, OKX may be forced to strengthen its anti-money laundering controls and comply with transparency requirements under the European regulatory framework.
The stakes are high: MiCA imposes severe sanctions on platforms that do not comply with its standards, including through Article 64, which allows regulators to withdraw a license if a company fails to implement effective systems to prevent money laundering.
A Massive Heist and Compromised Traceability
The attack on Bybit, which occurred in late February, is the largest hack in the history of cryptocurrencies. Hackers compromised the computer of a Safe employee, Bybit’s technology provider, allowing them to siphon off nearly $1.46 billion. Less than two weeks after the hack, Bybit CEO Ben Zhou stated that about 20% of the stolen funds had become untraceable, as the hackers used mixing services.
These concealment methods complicate the work of regulators, who must now determine whether OKX facilitated, intentionally or not, the laundering of the stolen funds. In a statement to Bloomberg, OKX firmly denied any involvement, dismissing the accusations as “inaccurate and absurd.”
Risk of Sanctions for OKX in Europe
The outcome of the investigation remains uncertain, but the implications could be significant for OKX. If regulators conclude that its Web3 service must comply with MiCA and it fails to meet anti-money laundering obligations, the exchange could lose its authorization to operate in Europe.
This case represents a crucial test for the regulation of DeFi platforms and centralized exchanges integrating decentralized services. As Europe seeks to impose a strict framework with MiCA, this case could set a determining precedent for the future of the sector.
