TL;DR: FATF’s newest asset recovery guidance is pushing governments and investigators toward more standardised seizure, custody, inventory, and liquidation processes for digital assets, according to Chainalysis. The operational lesson is broader than crypto: recovery fails when governance, chain of custody, and cross-border coordination are treated as afterthoughts rather than controls.
NHIMG editorial — based on content published by Chainalysis: Public Key Episode 175 on seizing crypto and global asset recovery
Questions worth separating out
Q: What breaks when seized crypto assets are not placed under formal custody controls?
A: Without formal custody controls, seized crypto can become difficult to defend legally and operationally.
Q: Why do digital asset recovery cases need privileged access governance?
A: They need privileged access governance because wallet control, exchange administration, and disposition decisions are all high-risk actions.
Q: How do teams know whether asset management is actually working?
A: It is working when discovery data matches the system of record, renewal decisions are based on usage, and retirement happens cleanly without leftover rights or spend.
Practitioner guidance
- Define seizure custody runbooks Map the approval chain, wallet creation process, evidence handling steps, and disposition authority before any digital asset seizure occurs.
- Separate wallet access from case ownership Ensure the investigator who owns the case cannot independently move seized assets without a second approved role.
- Standardise seized-asset registers Create a mandatory asset inventory with fields for asset type, address, seizure authority, custodian, timestamp, and disposition status.
What's in the full article
Chainalysis's full episode covers the operational detail this post intentionally leaves for the source:
- How investigators and partners structure seizure, custody, and liquidation workflows in real cases
- Why public-private partnerships change the speed and quality of cross-border recovery operations
- How standardised seized-asset data could support better reporting, benchmarking, and oversight
- What practitioners learn from the episode’s discussion of Operation Shamrock and operational support models
👉 Read Chainalysis' episode on FATF asset recovery guidance and crypto seizures →
FATF asset recovery guidance: what it means for crypto seizures?
Explore further
Seized digital assets expose a custody governance gap, not a tracing gap. The article makes clear that investigators increasingly know where assets are, but still struggle to control them securely after seizure. That distinction matters because the failure point is often the operational custody layer, not the investigative analytics layer. For identity programmes, the lesson is that privileged access and evidence handling must be designed together, or recovery workflows become fragile.
A question worth separating out:
Q: Who is accountable when cross-border crypto recovery fails?
A: Accountability usually spans law enforcement, legal counsel, custodians, and any private partners involved in the case. The key question is whether the organisation has explicit authority boundaries and documented escalation paths. Without that, failures are often blamed on process complexity rather than a specific control owner, which slows correction and weakens oversight.
👉 Read our full editorial: FATF asset recovery guidance raises the bar for crypto seizures