International Fraud & Asset Tracing 2025

Introduction

While 2023 saw major legislative changes aimed at strengthening fraud prevention and enforcement, such as the passing of the Financial Services and Markets Act 2023 and the Economic Crime and Corporate Transparency Act 2023 – which created the corporate offence of failure to prevent fraud – the key trends and developments in 2024 have focused on clarifying legal principles, issuing regulatory guidance, and expanding enforcement tools. For example, over the past year, significant legal developments have emerged across various areas, including the courts providing clearer guidance on freezing injunctions and asset tracing in crypto fraud cases.

Enforcement has also been the key focus of 2024, with welcomed further clarity on jurisdictional and enforcement issues, including the legal treatment of crypto-assets, and the enforcement of foreign judgments.

The continual development and changing landscape in the area of civil fraud mean that a guide of this nature is invaluable to practitioners in this area, and we commend this publication to you.

Legislative and Regulatory Developments

UK ratification of the Hague Convention on foreign judgments

On 27 June 2024, the UK government ratified the Hague Convention of 2 July 2019 on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters (Hague Convention 2019). This treaty establishes a framework for the recognition and enforcement of court judgments in civil and commercial matters among its contracting states (Contracting States). It governs how a judgment issued in one contracting state (State of origin) is treated in another (requested State).

The Hague Convention 2019 will come into force for the UK on 1 July 2025, providing a uniform mechanism for the enforcement of judgments between the UK and other contracting states, including all EU member states except Denmark.

The UK’s ratification is a significant and welcome development, particularly in the post-Brexit landscape, where the broad EU-wide regimes governing the enforcement of judgments no longer apply to the UK. This step will help facilitate the recognition and enforcement of English judgments abroad, something that is particularly welcomed by fraud practitioners who often need to enforce judgments across a number of jurisdictions, given the often cross-border nature of fraud.

The ratification was accompanied by a declaration under Article 25/30, limiting the Convention’s application to England and Wales. It remains unclear why Scotland and Northern Ireland have been excluded at this stage. However, as noted in the declaration – and as permitted under Article 30 – the UK retains the option to extend the Convention’s application to these jurisdictions in the future.

Although the Hague 2005 Convention on Choice of Court Agreements (Hague Convention 2005) currently allows for the enforcement of English judgments across the EU and other signatories, it is limited to cases where an exclusive English jurisdiction clause was agreed upon after Hague Convention 2005 took effect for the UK. Beyond Hague Convention 2005, enforcement of English judgments currently depends on:

• whether a reciprocal enforcement arrangement exists between the UK and the relevant country (such as a bilateral treaty); or
• the national enforcement rules of the foreign state in question.

In this context, Hague Convention 2019 therefore introduces much-needed clarity and consistency in the enforcement of English judgments within EU member states. At present, Ukraine and Uruguay are the only non-EU states (aside from the UK) to have ratified Hague Convention 2019. However, the Convention is expected to gain wider international acceptance in due course, attracting further state signatories and strengthening its role in cross-border judicial co-operation.

Judicial clarification of the approach to crypto fraud and asset tracing

Since the crypto-asset provisions of the Money Laundering and Terrorist Financing (Amendment) (No 2) Regulations 2022 came into effect on 1 September 2023, UK crypto-asset businesses have been required to collect, verify, and share information about crypto-asset transfers in line with the “Travel Rule”. This mandates that service providers should exchange originator and beneficiary identifying information during crypto-asset transfers with a view to increasing transparency in relation to crypto.

While this framework represents a positive step forward, the ever-evolving nature of money laundering continues to present significant challenges, particularly in the realm of crypto-assets. Clear forensic tracing remains crucial to establishing a direct link between stolen funds and the accused, yet tracking digital assets across commingled funds and multiple complex transactions poses a substantial barrier for claimants. At the same time, the court must develop a consistent and pragmatic approach that reflects the technical complexity inherent in such cases.

A recent case in the English High Court has provided important legal clarity on claims against exchanges. D’Aloia v Persons Unknown [2024] EWHC 2342 (Ch) was a rare full trial of a crypto fraud. Unlike previous judgments, which were largely decisions on interim applications, this case offers a detailed analysis of tracing, following, and unjust enrichment in crypto disputes. A few key points are summarised below:

• Need for Forensic Evidence: Mr D’Aloia alleged that GBP2.5 million in Tether, a stablecoin tied to the US dollar (USDT) had been fraudulently stolen from him and had then been transferred to a wallet on the Bitkub exchange. However, his claim failed because expert evidence did not sufficiently prove that his specific USDT had reached that particular wallet with Bitkub (Ms Hlangpan’s wallet).
• Nature of USDT: The court confirmed that USDT is property, though not a traditional chose in action or chose in possession. Instead, it falls into a distinct category that can be traced and treated as trust property. Whilst this is consistent with earlier authorities, D’Aloia is the first case to hold this following a full trial. It is therefore an important decision on this point.
• Tracing v Following: The court reaffirmed that tracing and following are legally distinct. “Following” refers to tracking the same asset as it changes hands, maintaining its original identity throughout the process. “Tracing”, on the other hand, involves identifying a new asset that has replaced the original, allowing claimants to pursue its value through a series of transactions. Since the court determined that USDT belongs to a distinct category of property, rather than a chose in action, this meant that it could, in principle, be followed even when mixed with other USDT in a wallet. This was because USDT retains a persistent identity, allowing it to be theoretically tracked through transactions. However, the evidence before the court on this issue was limited. While Tether’s own paper stated that only Tether can create or destroy USDT, no evidence was provided to confirm whether individual tokens could be uniquely traced. Crucially, Mr D’Aloia’s expert failed to establish that any specific portion of the USDT in Ms Hlangpan’s wallet originated from him. As a result, the following claim was unsuccessful.
• Unjust Enrichment: Although the court found that Bitkub had been unjustly enriched, the claim failed because Mr D’Aloia could not establish that Bitkub had been enriched at his expense. The court also emphasised that exchanges must act in good faith when handling suspicious transactions.

The judgment confirms that though crypto fraud victims have legal remedies, the success of claims depends on strong forensic evidence and may also turn on the precise rights and properties of the specific crypto-asset (which can vary). The also suggests that different cryptocurrencies may require different tracing approaches, depending on their characteristics.

If the court addressed the complexities of crypto-asset tracing in D’Aloia, it grappled with the tricky issue of enforcement of foreign judgments in Tai Mo Shan Ltd v Persons Unknown [2024] EWHC 1514 (Comm). The claimant had brought proceedings in England to seek to enforce a declaration it had obtained from the New York courts on cryptocurrency ownership following a major hack. The claimant sought (and obtained) permission from the English court to serve its claim out of the jurisdiction. The ruling offers early guidance on how English courts may enforce foreign judgments concerning crypto-assets under common law rules, which apply in the absence of an enforcement treaty or convention.

A key issue was the legal “location” of digital assets. The court accepted that the stolen cryptocurrency was situated in New York at the time of the hack, based on the claimant’s central management and control being located there, even though it was a Cayman-registered company. It also held that the recovered assets could now be treated as located in England, as they were held in a wallet controlled by English solicitors. These findings supported the court’s conclusion that England was the most appropriate forum for enforcement.

The judgment also refined the practice of serving crypto-asset claims via non-fungible tokens (NFTs). The court imposed conditions to ensure compliance with foreign laws, given that service via blockchain could be accessed from anywhere in the world. Additionally, it allowed password protection for confidential documents while ensuring publicly available court documents remained accessible.

It is therefore clear that the English courts are becoming increasingly sophisticated in dealing with crypto disputes, and willing to apply creative approaches (such as serving via NFTs) to enable victims of fraud to obtain redress through the English judicial process.

Failure to Prevent Fraud (FTP) Guidance published

On 6 November 2024, the Home Office issued the anticipated guidance on the Failure to Prevent Fraud (FTP Fraud) Offence, introduced as part of the Economic Crime and Corporate Transparency Act 2023 (ECCTA). Taking effect from 1 September 2025, this holds large organisations criminally responsible if an associated person commits fraud for their benefit, unless the company can demonstrate it had reasonable fraud prevention measures in place.

While not legally binding, the guidance provides clarity on how organisations can implement effective fraud prevention frameworks, particularly for those with international operations or complex supply chains. Courts will refer to this guidance when determining whether a company has taken adequate steps to prevent fraud. Although the offence applies only to large organisations, the guidance suggests that smaller businesses may also find its principles useful.

The guidance sets out six key principles for effective fraud prevention:

• Commitment from Senior Leadership: Executives and senior management should actively promote a strong anti-fraud culture within the organisation.
• Fraud Risk Assessment: Businesses must regularly assess their exposure to fraud risks and keep these evaluations updated. While certain risks may not require immediate measures, failing to conduct any assessment is unlikely to be seen as reasonable.
• Tailored Prevention Measures: Fraud prevention policies should be appropriate for the organisation’s risk profile, clearly implemented, and effectively enforced. If existing controls are already sufficient, additional measures are not required.
• Due Diligence: A risk-based approach should be applied when evaluating associated persons to reduce fraud risks.
• Clear Communication and Training: Fraud prevention policies should be well-communicated within the organisation and to external stakeholders to ensure awareness and compliance.
• Ongoing Monitoring and Improvement: Companies should routinely review their fraud prevention procedures, incorporating insights from investigations, whistleblowing reports, and industry best practices.

Whilst this is primarily a development in the criminal sphere, it is of relevance to civil fraud practitioners for a number of reasons. First, the creation of internal rules and guidelines within businesses will likely result in documentation being created which might be of assistance in civil claims. It will also likely be more straightforward for a civil claimant to demonstrate breaches of duty, which might give rise to claims (depending upon the facts and relationships) if a large organisation has failed to comply with its own internal risk assessment processes.

It is interesting to note that the government’s guidance includes eight hypothetical examples illustrating the scope of the FTP Fraud Offence, with three of them focusing on ESG-related fraud. This suggests an increasing regulatory interest in how businesses’ ESG commitments intersect with corporate fraud risks. Companies should be mindful that misleading or fraudulent ESG claims could expose them to potential liability under the new framework.