This week’s top crypto stories highlight a growing trend: governments around the world are stepping in to tighten oversight and improve digital asset security.
In El Salvador, the National Bitcoin Office is shifting $682 million worth of Bitcoin into multiple wallets to boost transparency and reduce risk. Meanwhile, in Tokyo, over 130 stakeholders from government and industry met to coordinate efforts against North Korea’s covert IT worker operations; schemes that are not only bypassing sanctions but funding weapons programs. And in Ukraine, new research shows that regulatory delays are costing the war-torn country billions in lost revenue and enabling a surge in crypto-related crime.
Each story points to a clear message: without strong, coordinated regulation, the risks of crypto misuse – whether for fraud, warfare, or economic damage – remain dangerously high.
El Salvador to split Bitcoin reserves across multiple wallets
El Salvador is changing how it stores its national Bitcoin holdings. The country’s National Bitcoin Office announced it will move its entire reserve,currently worth $682 million,from a single wallet into multiple new addresses with each holding a maximum of 500 BTC (around $54 million).
The move is aimed at improving security and transparency. A public dashboard will allow citizens and observers to track the total balance across all addresses. El Salvador became the first country to make Bitcoin legal tender in 2021 and has steadily built up its holdings since.
Why this matters:
El Salvador’s move reflects the growing maturity of government management of crypto assets. By splitting funds across multiple wallets and offering real-time transparency, the country is addressing security risks while reinforcing its long-term Bitcoin strategy. It’s a notable example of how sovereign crypto holdings can be managed with greater accountability.
Read more on Reuters.
Global forum tackles North Korea’s fake IT worker scheme
More than 130 stakeholders from governments and tech companies gathered in Tokyo this week to discuss how to disrupt North Korea’s covert IT worker operations. Co-hosted by the U.S. Department of State, Japan’s Ministry of Foreign Affairs, South Korea’s Ministry of Foreign Affairs, and cybersecurity firm Mandiant, the forum focused on how to counter deceptive hiring schemes that funnel illicit revenue to North Korea’s weapons programs.
There has been evidence in multiple cases that North Korean state-backed IT workers, often operating from China, Russia, or Southeast Asia, use stolen U.S. or European IDs to land freelance jobs across the crypto, AI, and Web3 industries. These roles help the regime bypass international sanctions and fund weapons of mass destruction and ballistic missile development, violating multiple UN Security Council resolutions.
The scheme has already cost crypto firms hundreds of millions in losses, with DMM Bitcoin, WazirX, Upbit, and others among the victims. While some companies reported competent work, U.S. officials warned of serious consequences, including exposure of sensitive data, reputational damage, legal risks, and potential follow-up attacks from North Korean hackers.
Why this matters:
This is far more than a hiring scam. North Korea’s fake IT freelancers are helping bankroll weapons development while gaining inside access to global companies. Tackling this threat requires close coordination between governments, freelance platforms, crypto firms, and cybersecurity providers.
Read more on US Department of State.
RUSI: Ukraine can recover funds with stronger crypto oversight
A new taskforce report from the Royal United Services Institute (RUSI) says Ukraine could recover up to $10B with tighter oversight of crypto markets and better public–private coordination.
Ukraine’s parliament passed a Law on Virtual Assets in 2022, but it has not yet come into force while tax code amendments are pending.
A new draft bill (No. 10225-d), submitted in April 2025, aims to align Ukraine’s framework with the EU’s MiCA regulation which introduces licensing requirements, KYC standards, and reporting obligations for virtual asset service providers (VASPs).
Experts at the RUSI meeting identified several Ukraine-specific risks: the growth of over-the-counter (OTC) brokers used to evade oversight; organized “drops” (money mule) schemes costing the state an estimated UAH 1B ($24M) each month; and Russian actors exploiting wartime conditions for procurement and sanctions evasion. They also noted the role of Telegram groups in facilitating drug sales paid in crypto, adding further strain to enforcement capacity.
The report stresses that Ukraine’s vulnerabilities are being exploited primarily by criminal groups and foreign actors. It highlights solutions, including investment in blockchain analytics, building investigative capacity, clarifying supervisory responsibilities, and strengthening public–private partnerships (PPPs) to improve the rapid detection of illicit flows.
Why this matters:
RUSI’s findings highlight that stronger oversight could help Ukraine recover billions while reducing exposure to sanctions evasion and organized crime. For regulators and law enforcement, it underlines the urgency of enacting clear rules, enhancing PPPs, and building investigative capacity to safeguard both Ukraine’s economy and Europe’s financial system.
Read more at rusi.org
