How do you freeze funds stolen by criminals? How long does it take to trace them? Is recovery always possible?
ForkLog put these and other questions to Taras Podgorodetsky — chief executive of StarCompliance, a firm that helps owners recover stolen cryptocurrencies and tokens.
ForkLog: Let’s start with definitions. What counts as the theft of cryptoassets?
Taras Podgorodetsky: That is decided not by us but by law enforcement in the client’s jurisdiction. Our job is to locate the funds and provide recommendations on recovery. Sometimes the police are willing to work, but their knowledge is only basic.
StarCompliance checks the information provided by the client, but from a legal standpoint it is law enforcement that launches an investigation. There is a criminal article for misleading them.
First, we are responsible only for the accuracy of information on wallets, transactions and asset movements. Second, we accompany the client and their lawyers through interactions with law enforcement. And third, we are focused on results.
ForkLog: What does the result of your work look like: identifying where the funds went, or actual recovery?
Taras: Recovery. However, not all services can find cryptocurrencies if seasoned criminals stole them.
We constantly test new transaction-tracing software and can say that none of the 25 on-chain analytics companies provides truly universal solutions.
The StarCompliance team combines different software to build an overall picture of fund flows. We also explain to lawyers and law enforcement how to draft requests that crypto exchanges will not be able to reject.
Our advantage is speed. Law enforcement will study 10,000–15,000 transactions in a month; StarCompliance — in up to a week. This greatly accelerates investigators’ work: they receive a ready answer to where the cryptoassets went.
ForkLog: How long does recovery typically take?
Taras: When working with stablecoin issuers, the recovery cycle can take up to two to three years: they block a wallet address relatively quickly, but the client does not receive tokens immediately.
For example, Tether has a specific procedure and issuance schedule for such situations. As a rule, the company credits tokens each quarter. The larger the amount to be returned, the longer the payout period.
Tether’s goal is to minimise its risks: to await the end of the investigation and ensure that other users do not claim these funds.
Exchanges respond to requests much more slowly. Many platforms are only now hiring people to liaise with law enforcement. Some venues already have dedicated units; for example, OKX has 20–30 people in such a department.
ForkLog: Which assets do clients most often ask you to trace?
Taras: USDT. Our target audience is professional market participants, OTC traders. We constantly develop new, non-standard products for them.
For example, StarCompliance recently launched a service that performs AML checks on incoming and outgoing USDT (TRC-20) transactions. Its users also save up to 20% on blockchain fees.
ForkLog: When do you plan to roll this out?
Taras: There will be no public release. The service is available to our current clients and those they recommend.
ForkLog: Should retail investors who have fallen victim to fraud contact StarCompliance?
Taras: Each case needs to be considered separately. The main problem with victims of pyramids and other scam projects is that they are usually in different countries, so it is quite difficult to combine cases into one proceeding.
But we can help such users as well. We have tested several hypotheses and started developing a separate product specifically for such situations. We plan to launch it at the end of the year.
ForkLog: Is it possible to recover assets on your own?
Taras: You can contact law enforcement, but my experience suggests that without a competent lawyer and on-chain analysts there is no point. You will simply go from office to office without understanding the process and waste time that is critical for recovery.
An alternative is to choose StarCompliance or our competitors. There are not that many of them. Many provide only information about fund movements and ask from $30,000. Prices for those who work more or less effectively start at $50,000.
For example, one well-known on-chain analytics service has an investigations department where, to my knowledge, the starting price can exceed $100,000. A user who lost $200,000 is unlikely to want to give up half for a possible recovery.
We offer an individual approach and quote an approximate cost only after a preliminary assessment of the case. When a client contacts StarCompliance, we analyse the situation within a day or even a few hours to understand whether recovery is realistic.
We then work on a pay-as-you-go model, meaning we charge as the case progresses. Freezing is only 30–50% of the journey. The recovery itself is a very routine process that can drag on for a year or more.
ForkLog: What should people not do when crypto is stolen?
Taras: Above all, do not do nothing. I also would not recommend relying only on your own efforts and understanding of the situation.
Investigating the theft of cryptoassets can be compared to medical treatment: there are tools for “diagnostics,” algorithms for interacting with other participants in the process, and a multi-stage procedure for returning funds. You are unlikely to perform surgery yourself; this should be done by a team of doctors with the appropriate skills. The same can be said about recovering cryptocurrencies.
It is important to understand: a call to the police does not equal results. Sometimes investigators lack expertise, sometimes time, sometimes both. A case may end even at the statement-submission stage.
ForkLog: Can law enforcement officers themselves abuse victims’ trust?
Taras: Yes. I am familiar with one episode where several officers are already behind bars. This is another reason to contact StarCompliance right away: we not only trace asset movements, but also advise clients and lawyers so they can interact effectively with the police. In the crypto industry, the principle “trust, but verify” is always relevant.
ForkLog: In a previous interview you said that the anonymity of cryptocurrencies is just a pretty story. Over the past year, US authorities arrested the developers of the Tornado Cash mixer and the founders of the Samourai Wallet. What is your view of transaction-anonymising services? Can they really obscure traces on the blockchain?
Taras: I will not disclose details of deanonymising funds that passed through bitcoin mixers — I do not want to give criminals hints. Tools to trace such transactions have existed for a long time.
I do not rule out that the arrested developers have already made a deal with investigators: they may have said how much shadow money passed through the services or explained their algorithms so that law enforcement can carry out a retrospective assessment of transactions.
I would recommend not using mixers at all to avoid potential problems with the law. Instead, businesses should focus on embedding compliance into their processes, and ordinary users on AML checks for transactions and secure key storage.