According to Bloomberg, the exchange’s Web3 tools were allegedly used to launder funds from the $1.5 billion hack suffered by Bybit. Could OKX now face MiCA license revocation?
According to Bloomberg, European regulators are investigating OKX following the use of its non-custodial Web3 tools to launder part of the funds stolen in the $1.5 billion hack that targeted Bybit last February.
The report states that the OKX case was discussed during a meeting of the European Securities and Markets Authority (ESMA) Standing Committee on Digital Finance, held on March 6. The meeting included various regulatory agencies from the 27 EU member states, as well as oversight bodies such as ESMA and the European Banking Authority.
During the meeting, regulators raised concerns about the compliance of OKX’s permissionless tools with the European Union’s Markets in Crypto Assets (MiCA) guidelines. Although the regulation, which came into full effect late last year, provides exemptions for decentralized applications, some regulators argue that OKX’s Web3 service (wallet and swap functionalities) should fall within MiCA’s scope.
OKX denied the allegations of being under investigation via its official X account. The exchange, which obtained its MiCA license last February, now risks losing it. The company emphasized that its non-custodial Web3 offerings are “no different” from those “offered by other industry players.”
The Bybit hack connection
The investigation is linked to the $1.5 billion hack suffered by Bybit on February 21. Hackers from the Lazarus Group, a North Korean state-affiliated entity, allegedly compromised Safe wallet’s infrastructure to gain access to the exchange’s Ethereum cold wallet.
Bybit CEO Ben Zhou stated that at least $100 million in Ether were moved through OKX’s Web3 service. The Lazarus Group reportedly used multiple protocols and mixers to obfuscate the stolen funds. It is estimated that 20% of the total stolen amount is untraceable.
OKX CEO Xu Mingxing responded:
“OKX’s Web3 wallet is a pure self custody software, as everyone knows,” arguing that there is little the exchange can do to assist in recovering the funds, despite “technical controls” implemented to block IPs from restricted countries. Mingxing continued:
“I don’t understand why Bybit keeps making these ridiculous claims without showing any understanding of the fundamental facts about self-custody technology.”
OKX stated that it froze funds associated with Bybit that flowed into its centralized exchange and cooperated with law enforcement and Bybit’s legal team. Mingxing also revealed that its incident response team provided technical support to Bybit’s researchers and developed a tool to track the hackers’ latest wallet addresses in real-time.
OKX President Hong Fang commented:
“Regardless of what others do or say, we take our compliance commitments seriously.”
Last month, OKX agreed to pay over $504 million in penalties after pleading guilty to serving U.S. customers without a license.
