D’Aloia v Persons Unknown: Words of Warning for Cryptoexchanges and Implications for Victims of Crypto Fraud

BACKGROUND

In late 2021, the Claimant, Fabrizio D’Aloia, opened an account on a website which he believed to be associated with a regulated US brokerage that would allow him to trade cryptocurrency, but was in fact a website set up by fraudsters.

The Claimant transferred cryptocurrency in the form of Tether (USDT) to a wallet controlled by the fraudsters. Cryptocurrency was transferred out of that wallet without the Claimant’s consent and after a series of transfers between numerous intermediate wallets (with some wallets being mixed funds), USDT 400,000 was paid into a custodial wallet[2] controlled by one of the fraudsters. This particular custodial wallet was maintained by Bitkub, a Thai cryptoexchange provider.  Shortly prior to receipt of the USDT, there were withdrawals from the custodial account breaching Bitkub’s daily withdrawal limits which, it was found, should have caused automatic blocks on the wallet pending further investigation.

Subsequently, the USDT was “swept” (that is, automatically transferred) into an unsegregated Bitkub “hot wallet”[3] with a corresponding credit added to the custodial wallet; the credit was then converted and withdrawn as Thai baht.  Bitkub could not provide any evidence as to why the withdrawals had been permitted notwithstanding the automatic block on the wallet.

The Claimant sought to trace his USDT into the USDT 400,000 paid into the Bitkub wallet, and also made claims against Bitkub on the basis of unjust enrichment and a constructive trust over his USDT.

Bitkub relied on the defences of change of position, ministerial receipt and impossibility of counter-restitution against the unjust enrichment claim.  In response to the constructive trust claim, Bitkub argued that it was a bona fide purchaser without notice, or alternatively that it should fairly be excused from any breach of duty as trustee as it had acted honestly and reasonably.

THE COURT’S DECISION

The Court dismissed the claims against Bitkub on the basis that that the Claimant failed to prove that his USDT had reached the Bitkub account.  The Court found that the expert tracing evidence relied on by the Plaintiff was unreliable, and that there were critical deficiencies in the Claimant’s pleading of his case.

However, the Court also considered a number of related questions.

Notice of fraud on the part of cryptoexchanges

Despite the failure of the Claimant’s claims, the Court found that Bitkub “had good reason to believe that the sums received into the [wallet] were tainted”.  The Court found that Bitkub’s daily withdrawal limits were measures to address money laundering risks. Consequently, the account block, followed by the receipt of the further USDT 400,000 in the custodial wallet (an amount that would have taken the accountholder 36 years to earn based on their declared income), should have raised alarm on the part of Bitkub as to potential suspicious activity or money laundering.

The Court held that Bitkub had sufficient knowledge to constitute actual notice of suspicious account activity, such that it could not proceed to pay away that sum without conducting further enquiry.   (Notably, the Court made these findings despite the absence of any expert evidence on Thai law or commercial practice.)

As a result, Bitkub was unable to rely on any defence premised on good faith or lack of notice, such as ministerial receipt, change of position or status as bona fide purchaser without notice; nor could Bitkub argue that it should be excused for any breach of duty as a constructive trustee on the basis of its acting honestly or reasonably.

USDT as property

The Court held that USDT attracts property rights under English law, following the line of English authorities that specifically recognised bitcoin as property in AA v Persons Unknown [2019] EWHC 3556 (Comm) and Tulip Trading v Van Der Laan [2023] EWCA Civ 83. USDT was neither a chose in possession nor a chose in action, but rather property premised on an expectation of performance based upon the cryptographic security of the blockchain.  Further, the Court held that the property was not only the underlying data, but rather the combination of that data with the transactional functionalities associated with that data (including the capacity of the holder of a private key to effect transactions that will be validated by the rules of the system).

Following versus tracing USDT

The Court found that USDT appeared to be a “persistent” thing that maintains a distinct transactional functionality across different transactions and despite mixing.  It was therefore held that, at least in theory, it would be possible at law to follow (as opposed to trace) USDT, as though it were a chose in possession, even if it were co-mingled with other USDT (for example in an unsegregated hot wallet or wallets containing USDT from other crypto-fraud victims).

Further, the Court noted that Tether Ltd (the issuer of USDT) appeared to hold sufficient records to enable it to undertake such a following exercise.  However, in this particular case, there was no evidence before the Court to allow the exercise to be undertaken.

Methods of tracing

Where applicants attempt to trace through a mixed fund, the default basis upon which to trace would be the first-in-first-out (FIFO) method, though this could be displaced by pari passu (or “equal ranking”) distribution or “rolling charge” method (which combines the pari passu approach with the “lowest intermediate balance” principle).

However, especially in light of the increasingly complex methods used by scammers to obfuscate the flow of funds, the Court recognised that at least in cases involving fraud, applicants would not necessarily be limited to the FIFO, pari passu or “rolling charge” methods and could therefore trace on another basis or method, as long as that method was properly evidence and treated all innocent claimants equally.

 KEY TAKEAWAYS

This English High Court judgment will serve as useful guidance should claims in similar contexts be brought in the Cayman Islands. This should serve as words of warning for cryptoexchange service providers based in Cayman and a useful guidepost for anyone impacted by crypto-fraud in the Cayman Islands.

Key points to note are:

1. Vigilance by cryptoexchanges against suspicious transactions: This ruling highlights the importance of cryptoexchanges having in place and monitoring adequate control systems – particularly those that manage custodial wallets on behalf of accountholders – to identify suspicious transactions and address AML risks.  Failure to take adequate action in the face of suspicious activity can suffice to put cryptoexchanges on notice of potential fraud and disentitle them from relying upon any defences premised on good faith or lack of notice.
2. Consideration of cryptocurrency characteristics:  Although this judgment is largely confined to issues concerning USDT, its analysis could be applied in relation to other forms of crypto-assets or cryptocurrency.  Persons impacted by crypto-fraud would be wise to consider (likely with the assistance of appropriate experts): (a) the type and characteristics of the cryptocurrency in question, especially including whether there may be any information available from any source that could allow for misappropriated crypto-assets to remain identifiable despite mixing; and (b) whether, in light of those characteristics, it would be appropriate to attempt to “follow” misappropriated crypto-assets or alternatively consider an alternative to the FIFO, pari passu distribution or “rolling charge” methods of tracing.
3. Nature of cryptocurrency as property:  It will doubtless be important to note the position that cryptocurrency will likely not be a chose in action.  We consider that this will be significant even in non-fraud contexts, such as in liquidations of crypto-asset funds where “investors” in those funds may hold crypto-assets issued by such funds in lieu of shares.

[1] [2024] EWHC 2342 (Ch).

[2] That is, a wallet whose private key is managed by the cryptoexchange, as opposed to a “non-custodial” wallet whose private key is managed by the accountholder.

[3] In this context, a “hot wallet” refers to an unsegregated wallet that operates as a central pool of assets. USDT swept into the hot wallet is treated as part of the cryptoexchange provider’s general assets.