Custody Guidelines Ignored in Bitcoin Seizure Case
South Korean police officers at the Gangnam Police Station in Seoul apparently failed to follow proper cryptocurrency custody procedures. This resulted in a loss of over $1.4 million in Bitcoin at current prices, according to a local media report. The situation seems simple enough: they confiscated the Bitcoin, but then completely mismanaged it.
Here’s what happened, I think. In 2021, police seized 22 Bitcoins from a company that had been hacked. The standard procedure would have been to transfer these assets to a secure cold wallet controlled by the investigating agency. This is what the National Police Agency’s guidelines recommend, at least according to the report. But that’s not what they did.
Third-party custody without appropriate controls
Instead of securing the Bitcoins themselves, police allowed the funds to remain in a wallet managed by a third party. Worse yet, they didn’t even have the seed phrase to access the funds. It’s like locking something in a safe but giving the only key to someone else. This doesn’t make much sense from a security perspective.
Without oversight of the wallet, police lost track of the funds in 2022. The company that possessed the seed phrase apparently borrowed Bitcoin from an individual identified as “Jeong,” who was also given the wallet’s passphrase. The whole arrangement seems rather questionable when you think about it.
Missing Funds Discovered During Unrelated Examination
The missing Bitcoin was only discovered this year, and somewhat by accident. A review by the Gwangju District Prosecutor’s Office revealed a different case involving 320 missing Bitcoins, worth around $21 million. During this investigation, they came across the 22 Bitcoins missing from the Gangnam Police Station.
Two people were arrested by the North Gyeonggi Provincial Police in connection with the missing funds. A police official told Chosun Daily that they are investigating “how the Bitcoin was leaked.” Honestly, that seems like the right question to ask.
Broader context of corruption and regulatory oversight
Perhaps there is more to the story. As the investigation continues, we know that a member of the original hacking investigation team was charged with corruption last year. The third-party company in question allegedly offered bribes to influence the investigation in its favor, according to the Dong-A Ilbo report.
The incident comes at a time when South Korean financial regulators are facing increased scrutiny. Earlier this month, they failed to detect an internal system flaw that resulted in $43 billion in erroneous Bitcoin distributions on crypto exchange Bithumb. Instead of sending around $1.40 to users as part of a promotion, the exchange accidentally sent up to 2,000 Bitcoins, or around $135 million, to hundreds of users.
The pattern here is concerning, I would say. In both cases, significant amounts of cryptocurrencies were mismanaged due to procedural flaws. In the case of the police, this was a failure to comply with custody guidelines. In the case of the exchange, it was a technical error that went undetected.
What strikes me is how avoidable these situations seem. Proper custody procedures exist for a reason. Cold wallets, seed phrase security, internal controls: these are not new concepts in cryptocurrency management. Yet here we are with millions of dollars of Bitcoin disappearing or being misallocated.
These arrests suggest that authorities are taking the matter seriously, at least now that the damage is done. But the broader question remains whether institutional management of cryptocurrencies in South Korea needs to be fundamentally rethought. These are no longer isolated incidents: they are becoming a trend that is difficult to ignore.
