⌨ Template Preview
☎ Call Today
Criminal Defense • Frisco, Texas
Serving 9 DFW Counties — Collin • Dallas • Denton • Tarrant • Rockwall • Kaufman • Ellis • Johnson • Hunt — Available 24/7
18 U.S.C. §§ 1343, 1956, 1960
White Collar Fraud · Cryptocurrency Fraud

Federal cryptocurrency fraud defense

A federal cryptocurrency-fraud prosecution does not flow from a single dedicated crypto statute — the Department of Justice applies its standard federal toolkit (18 U.S.C. § 1343 wire fraud, §§ 1956/1957 money laundering, § 1960 unlicensed money-transmitting business, 15 U.S.C. § 78j(b) securities fraud where the token qualifies as a security under Howey, and 50 U.S.C. § 1701 IEEPA for sanctions violations) to digital-asset facts. Post-FTX, Voyager, Celsius, and Tornado Cash, the National Cryptocurrency Enforcement Team (NCET) coordinates a sharply escalated enforcement posture, and the Northern District of Texas has become an active forum for crypto-fraud prosecutions. Defense work hinges on Howey-test challenges where token classification is contested, fair-notice and regulatory-ambiguity defenses under the Ripple/Coinbase line, intent and good-faith reliance on counsel, loss-amount disputes under U.S.S.G. § 2B1.1, and forum strategy across NDTX, EDTX, and SDNY.

15 min read 3,500 words Reviewed May 17, 2026 By Reggie London
Direct Answer

A federal cryptocurrency-fraud prosecution does not arise from a single dedicated crypto statute — the Department of Justice applies its standard federal toolkit (18 U.S.C. § 1343 wire fraud, §§ 1956/1957 money laundering, § 1960 unlicensed money-transmitting business, 15 U.S.C. § 78j(b) and Rule 10b-5 securities fraud where the token qualifies as a security under the Howey test, 7 U.S.C. § 13 commodities fraud through the CFTC, 26 U.S.C. § 7201 tax evasion on unreported crypto gains, and 50 U.S.C. § 1701 IEEPA sanctions violations) to digital-asset facts. The DOJ National Cryptocurrency Enforcement Team (NCET) coordinates prosecutions across multiple districts post-FTX, Voyager, Celsius, and Tornado Cash, with NDTX and EDTX emerging as growing forums. Defense work hinges on Howey-test challenges where token classification is contested, fair-notice and regulatory-ambiguity defenses under the Ripple/Coinbase line, intent and good-faith-reliance-on-counsel arguments going to willfulness, cooperation under § 5K1.1, loss-amount disputes under U.S.S.G. § 2B1.1 (with crypto-price-volatility complications on valuation), Tornado Cash precedent on the limits of service-provider liability for non-custodial protocols, and forum strategy across NDTX, EDTX, SDNY, and parallel SEC/CFTC enforcement.

Free case review
Key Takeaways
  • No single statute — DOJ overlays § 1343 wire fraud, §§ 1956/1957 money laundering, § 1960 unlicensed MSB, § 78j(b) securities fraud, and IEEPA onto digital-asset facts.
  • NCET coordinates — DOJ National Cryptocurrency Enforcement Team prioritizes crypto-fraud across districts; NDTX/EDTX dockets are growing.
  • Howey test is the threshold securities-classification question — Ripple (2023) and Coinbase (2024) produced fact-specific frameworks.
  • § 1960 unlicensed MSB targets exchanges, mixers, OTC desks — Sterlingov/Bitcoin Fog and Storm/Tornado Cash are the leading recent cases.
  • IEEPA sanctions exposure follows any transaction touching OFAC-sanctioned wallets — Tornado Cash and DPRK-linked addresses are the highest-risk vectors.
Quick Case Review · 24/7

Get a free review

Direct to attorney — no call center. Most clients hear back within an hour.

By submitting, you agree to our Privacy Policy. No attorney-client relationship is formed until a written engagement is signed.

Texas Bar
Licensed since 2004
TXND · TXED
Federal Court Admitted
4.8 ★
Google Reviewed
9 DFW
Counties Served
24/7
Direct-to-Attorney Line
40+
Years Combined
Texas Bar Licensed TXND & TXED Federal 24/7 Jail Release Se Habla Español
Texas Legal Context

What the statute actually requires

Controlling statute 18 U.S.C. §§ 1343, 1956, 1960 + 15 U.S.C. § 78j(b)
Analytical framework Federal cryptocurrency fraud is not a single statute — it is an overlay architecture. DOJ applies 18 U.S.C. § 1343 (wire fraud, predominant), §§ 1956/1957 (money laundering), § 1960 (unlicensed money-transmitting business), 15 U.S.C. § 78j(b) and Rule 10b-5 (securities fraud where the token is a security under Howey), 7 U.S.C. § 13 (commodities fraud), 26 U.S.C. § 7201 (tax evasion), and 50 U.S.C. § 1701 (IEEPA sanctions) to digital-asset facts. The DOJ National Cryptocurrency Enforcement Team (NCET), established October 2021, coordinates prosecutions across districts. Post-FTX (November 2022), Voyager (2022), Celsius (2022), and Tornado Cash (sanctions August 2022 / indictment August 2024), enforcement has materially escalated. NDTX and EDTX have growing dockets alongside the SDNY headline venue.
5 Texas-specific insights
  1. No single crypto statute — stacked overlay architecture. DOJ has no dedicated cryptocurrency-fraud statute. Instead, the standard federal fraud and financial-crime toolkit is overlaid onto digital-asset facts. A single course of conduct typically produces wire-fraud counts (interstate wires inherent in crypto), money-laundering counts (on-chain movement of proceeds), unlicensed MSB counts (operating without FinCEN registration), securities-fraud counts (where tokens qualify under Howey), and IEEPA counts (where sanctioned wallets are touched). The Bankman-Fried FTX prosecution exemplified the stacked architecture; the Mango Markets/Eisenberg case produced a similar stack on smaller facts.
  2. Howey is the threshold securities question. SEC v. W.J. Howey Co., 328 U.S. 293 (1946), four-part test (investment of money + common enterprise + reasonable expectation of profits + derived from others' efforts) determines whether a token is a "security." SEC v. Ripple Labs (S.D.N.Y. 2023) produced the first major framework — institutional XRP sales satisfied Howey, programmatic exchange sales did not. SEC v. Terraform Labs (S.D.N.Y. 2023) and SEC v. Coinbase (S.D.N.Y. 2024) refined the analysis. Token-by-token, sale-by-sale fact-specific analysis is the operative framework.
  3. Section 1960 targets exchanges and mixers. Operating an unlicensed money-transmitting business under 18 U.S.C. § 1960 is the structural statute against crypto exchanges, mixers, peer-to-peer traders, and OTC desks without FinCEN MSB registration under 31 U.S.C. § 5330. United States v. Sterlingov (2024 D.D.C.) — Bitcoin Fog conviction. Helix — operator Larry Harmon guilty plea. Storm/Tornado Cash (SDNY 2024) tests whether non-custodial smart-contract protocols can be "operated" within § 1960's meaning. FinCEN guidance FIN-2013-G001 treats virtual-currency exchangers as MSBs.
  4. IEEPA sanctions extend criminal exposure. Any crypto transaction touching an OFAC-sanctioned wallet address is potentially within IEEPA. The August 2022 Tornado Cash designation sanctioned a smart-contract protocol rather than a person — a foundational moment in crypto enforcement. The Storm indictment (SDNY 2024) charges § 1960 and IEEPA counts together. DPRK-related cases (Lazarus Group bridge hacks, North Korean IT-worker schemes) routinely produce IEEPA exposure. Willful violation is a 20-year felony under 50 U.S.C. § 1705. OFAC sanctions screening is now table-stakes compliance for any U.S.-facing crypto business.
  5. Fair-notice / regulatory-ambiguity defense. Where the SEC has issued contradictory guidance, where courts have split on token classification, or where the defendant relied on advice of counsel concluding the token was not a security, due-process arguments under FCC v. Fox Television Stations, Inc., 567 U.S. 239 (2012), and constitutional avoidance principles support a fair-notice defense. Rarely a winner at motion-to-dismiss; more frequently effective at sentencing and in plea negotiation. The Ripple/Coinbase line provides material judicial-confusion evidence that supports the argument.
  6. NCET coordination signals case prioritization. The DOJ National Cryptocurrency Enforcement Team, established October 2021, brings senior crypto-fraud prosecutors into trial teams across districts. When NCET assigns a senior prosecutor to a case, Main Justice prioritization is engaged — cases tend to receive higher resource allocation, broader investigative scope, and stronger asset-forfeiture coordination. NCET coordinated the Bankman-Fried (FTX), Mango Markets/Eisenberg, Storm/Tornado Cash, and Sterlingov/Bitcoin Fog prosecutions. The team's involvement is a signal that the case is being treated as a national-significance matter.

The federal cryptocurrency fraud framework — no single statute, full DOJ toolkit

There is no single federal cryptocurrency-fraud statute. DOJ overlays its standard fraud and financial-crime toolkit — wire fraud, money laundering, unlicensed money-transmitting business, securities fraud, IEEPA sanctions — onto digital-asset facts, producing high-exposure stacked charges from a single course of conduct.

18 U.S.C. § 1343 — wire fraud (the predominant charge)
Virtually every cryptocurrency transaction involves interstate or international wires. The wire-fraud statute reaches anyone who, having devised a scheme to defraud, transmits or causes to be transmitted by wire any writings, signs, signals, pictures, or sounds for the purpose of executing the scheme. Statutory maximum is 20 years (30 years if the offense affects a financial institution) per count plus a fine. The Bankman-Fried FTX prosecution, the Mango Markets/Eisenberg case, and most NCET-coordinated crypto-fraud indictments lead with wire-fraud counts because the elements track cleanly to nearly any deceptive crypto scheme — token sales, exchange operations, lending platforms, NFT projects, and rug pulls all involve scheme + intent + interstate wire.
18 U.S.C. §§ 1956 and 1957 — money laundering
Section 1956 reaches financial transactions involving the proceeds of specified unlawful activity (SUA) — including wire fraud, securities fraud, and most predicate offenses — undertaken with intent to promote SUA, to conceal the source, or to evade reporting requirements. Section 1957 reaches monetary transactions in property derived from SUA where the value exceeds $10,000. Crypto-fraud indictments routinely stack these counts because token sales, exchange operations, and DeFi transactions involve readily traceable on-chain movements that prosecutors map to the statutory elements. The Sterlingov/Bitcoin Fog conviction (2024 D.D.C.) and the Storm/Tornado Cash indictment both include § 1956 counts alongside § 1960.
18 U.S.C. § 1960 — unlicensed money-transmitting business
The structural statute targeting cryptocurrency exchanges, mixers, peer-to-peer traders, and OTC desks that operate without FinCEN MSB registration under 31 U.S.C. § 5330 or without required state money-transmitter licenses. Statutory maximum is 5 years per count. The Sterlingov Bitcoin Fog conviction and the Helix guilty plea (operator Larry Harmon) established the framework for custodial-mixer prosecutions; the Storm Tornado Cash indictment tests whether non-custodial smart-contract protocols can be reached. FinCEN guidance FIN-2013-G001 and the 2019 FinCEN CVC Guidance treat virtual-currency exchangers and administrators as MSBs.
15 U.S.C. § 78j(b), Rule 10b-5, and the Howey test
Where a token qualifies as a "security" under the four-part Howey test, federal securities-fraud charges become available. The SEC has pursued aggressive enforcement; criminal referrals to DOJ for parallel § 78j(b) and Rule 10b-5 prosecution have followed in several major cases. The SEC v. Ripple Labs (S.D.N.Y. 2023) partial-win held that institutional XRP sales were investment contracts but programmatic exchange sales were not — establishing a fact-specific application of Howey. SEC v. Terraform Labs (S.D.N.Y. 2023) and SEC v. Coinbase (S.D.N.Y. 2024) refined the analysis further. Token classification is a threshold defense battleground in any criminal securities-fraud crypto case.

The architectural feature of federal cryptocurrency-fraud enforcement is the absence of any single crypto-specific criminal statute. Instead, DOJ overlays its existing fraud and financial-crime toolkit onto digital-asset facts. The same conduct — say, operating a centralized exchange that misappropriated customer assets — produces wire-fraud counts under § 1343 (interstate wires used to execute the scheme), money-laundering counts under §§ 1956/1957 (proceeds moved through bank accounts, exchanges, and on-chain transactions), unlicensed money-transmitting business counts under § 1960 (operating without FinCEN MSB registration), and, if the token qualifies as a security under Howey, securities-fraud counts under § 78j(b) and Rule 10b-5. The FTX prosecution against Sam Bankman-Fried produced exactly this stacked architecture; the Mango Markets/Eisenberg case produced a similar stack on smaller facts.

The post-FTX enforcement era is meaningfully different from the pre-FTX era. The DOJ National Cryptocurrency Enforcement Team (NCET), established in October 2021, now coordinates digital-asset prosecutions across multiple districts — bringing Main Justice prioritization, asset-forfeiture coordination, and cross-district resource pooling that materially escalates case complexity. The collapse of FTX in November 2022, the prior collapse of Voyager and Celsius in summer 2022, and the Tornado Cash sanctions designation in August 2022 each triggered enforcement cascades that produced indictments throughout 2023-2024. The Northern District of Texas has become an active forum for crypto-fraud prosecutions, both because of the DFW area's concentration of fintech and crypto businesses and because NDTX has historically been an aggressive financial-crime venue.

The practical sentencing calculus is driven by U.S.S.G. § 2B1.1 loss calculations rather than the statutory maxima. A defendant convicted on wire-fraud counts with a $10 million loss faces a base level of 7 plus a +20 loss enhancement (level 27) — yielding 70-87 months at criminal history I, before considering sophisticated-means (+2), mass-victim (+2 to +6), and money-laundering grouping enhancements. A defendant in the FTX-scale prosecutions faces +30 loss levels (loss exceeding $550 million) — pushing guideline ranges into the 240-month-plus territory and producing the headline-grabbing sentences seen in the SDNY crypto docket. Loss-amount disputes therefore drive crypto-fraud sentencing strategy more than any other guideline calculation.

Wire fraud as the primary charge — § 1343 in crypto prosecutions

Section 1343 wire fraud is the workhorse charge in virtually every crypto-fraud prosecution. Interstate or international wires are inherent in cryptocurrency transactions, and the scheme + intent + wire elements track cleanly to token sales, exchange operations, lending platforms, NFT projects, and rug pulls.

Wire fraud under 18 U.S.C. § 1343 is the central charge in virtually every federal cryptocurrency-fraud prosecution. The statute reaches anyone who, "having devised or intending to devise any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises," transmits or causes to be transmitted by means of wire communication in interstate or foreign commerce "any writings, signs, signals, pictures, or sounds for the purpose of executing such scheme or artifice." The elements are deception, materiality under Neder v. United States, 527 U.S. 1 (1999), specific intent to defraud, and use of interstate wires in furtherance of the scheme. Cryptocurrency transactions inherently satisfy the wires element — blockchain transactions traverse internet infrastructure spanning multiple jurisdictions, and exchange-side interactions involve wire transfers, ACH, and other electronic banking communications.

The Bankman-Fried FTX prosecution exemplified the wire-fraud-centered architecture. The SDNY indictment charged seven counts including wire fraud against FTX customers, wire fraud against Alameda Research lenders, securities fraud, commodities fraud, conspiracy to commit money laundering, and campaign-finance violations. The wire-fraud counts carried the bulk of the loss enhancement at sentencing — the loss table calculations produced enhancements at the top end of § 2B1.1, yielding the eventual 25-year sentence. The case demonstrated how a single course of conduct (alleged misappropriation of FTX customer assets to cover Alameda losses) can support multiple wire-fraud theories — customer fraud, investor fraud, lender fraud — each with separate count structure.

The Mango Markets / Eisenberg case in the SDNY (2024) tested the wire-fraud theory on a smaller scale and on more contested facts. The defendant manipulated the price of the MNGO perpetual futures contract on the Mango Markets DeFi exchange, then used the inflated collateral value to borrow and withdraw approximately $110 million in tokens from the platform. The defense argued that the conduct was legitimate "market action" within the platform's rules — a defense rooted in the open-source code of decentralized finance protocols and the concept that "the code is the law." The jury rejected this defense and convicted on wire fraud, commodities fraud, and commodities manipulation. The case is on appeal and the Second Circuit is expected to address the contours of wire fraud and commodities manipulation as applied to DeFi exploits.

Materiality challenges under Neder are a recurring defense battleground in crypto wire-fraud cases. The government must prove that the false statements had a "natural tendency to influence, or be capable of influencing, the decision of the decisionmaker." In crypto contexts, the relevant decisionmakers may be token purchasers, exchange depositors, DeFi liquidity providers, NFT collectors, or institutional investors — and what constitutes a "material" misrepresentation depends on what those investors reasonably relied on. Was a white-paper exaggeration about a project's technical capabilities material to investment decisions? Were statements about treasury reserves or audit status material to depositor decisions? Were tokenomics promises material to retail token purchasers? These are jury questions, and the defense develops the record on materiality through investor-testimony cross-examination, expert work on crypto-investor behavior, and contemporaneous documentary evidence.

Money laundering and the unlicensed MSB structural overlay

Sections 1956/1957 money laundering and § 1960 unlicensed money-transmitting business are the structural overlays in cryptocurrency prosecutions — converting on-chain movement of proceeds and unregistered exchange/mixer operations into stacked federal charges with substantial guideline exposure.

Money-laundering charges under 18 U.S.C. §§ 1956 and 1957 are the structural overlay in nearly every cryptocurrency-fraud prosecution. Section 1956 reaches anyone who conducts or attempts to conduct a financial transaction involving the proceeds of specified unlawful activity (SUA) with one of four mens-rea theories — (1) intent to promote SUA, (2) intent to engage in tax evasion, (3) knowledge that the transaction is designed to conceal the nature, source, ownership, or control of the proceeds, or (4) knowledge that the transaction is designed to avoid a reporting requirement. The statutory maximum is 20 years per count plus a fine of up to $500,000 or twice the value of the monetary instrument involved, whichever is greater. Wire fraud, securities fraud, and most predicate federal financial crimes are SUAs under § 1956(c)(7), so any subsequent transaction involving proceeds becomes a money-laundering count.

Section 1957 reaches monetary transactions in criminally derived property of a value greater than $10,000 — a lower mens-rea threshold than § 1956 (knowledge of derivation from some criminal offense is sufficient, no concealment intent required). The 10-year statutory maximum is lower than § 1956, but the structural simplicity of § 1957 makes it easier to charge — virtually any movement of crypto proceeds above the $10,000 threshold triggers liability. Prosecutors routinely stack § 1956 and § 1957 counts against the same conduct, with charging decisions driven by the strength of available mens-rea evidence on each transaction.

Section 1960 — operating an unlicensed money-transmitting business — is the structural statute targeting exchanges, mixers, peer-to-peer traders, and over-the-counter desks that operate without FinCEN MSB registration or required state money-transmitter licenses. FinCEN guidance FIN-2013-G001 (issued March 2013) and the 2019 CVC Guidance treat virtual-currency exchangers and administrators as money transmitters required to register as MSBs under 31 U.S.C. § 5330. Operating without that registration — or without a required state license in any state where the business has customers — is a 5-year felony under § 1960. The United States v. Sterlingov, 2024 D.D.C. conviction (Bitcoin Fog operator), the Helix guilty plea (operator Larry Harmon), and the Storm Tornado Cash indictment are the leading recent § 1960 prosecutions targeting crypto mixers and exchanges.

The Storm / Tornado Cash indictment is the most consequential active § 1960 case. Tornado Cash is a non-custodial smart-contract privacy mixer deployed on the Ethereum blockchain — users send ETH to the protocol, which mixes their deposits with those of other users and allows withdrawals from a different address, breaking the on-chain link. OFAC designated Tornado Cash and several associated wallet addresses in August 2022 under IEEPA. The August 2024 SDNY indictment of co-founder Roman Storm charges § 1960 unlicensed money-transmitting and IEEPA sanctions-violation counts together, alleging that Tornado Cash was "operated" by its developers despite being a non-custodial smart-contract protocol. The case tests whether mere code deployment and ongoing infrastructure maintenance can constitute "operating" a money-transmitting business under § 1960 — a foundational question for the future of decentralized financial protocols and the criminal liability of developer-anonymous-protocol architectures.

The Howey test and the securities-fraud overlay

Where a digital asset qualifies as a "security" under the four-part Howey test, federal securities-fraud charges become available. SEC v. Ripple Labs (2023) and SEC v. Coinbase (2024) have produced a fact-specific application — institutional sales may be investment contracts while exchange sales may not be.

The Howey test from SEC v. W.J. Howey Co., 328 U.S. 293 (1946), is the controlling framework for whether a digital asset qualifies as an "investment contract" — and therefore a "security" — under the federal securities laws. A transaction is an investment contract if there is (1) an investment of money, (2) in a common enterprise, (3) with a reasonable expectation of profits, (4) to be derived from the entrepreneurial or managerial efforts of others. If a token sale satisfies all four prongs, the sale was an unregistered securities offering under 15 U.S.C. § 77e, and post-sale conduct involving misrepresentations may constitute securities fraud under 15 U.S.C. § 78j(b) and Rule 10b-5.

SEC v. Ripple Labs Inc., 682 F. Supp. 3d 308 (S.D.N.Y. 2023), produced the first major judicial framework for applying Howey to crypto tokens. Judge Torres held that Ripple's institutional sales of XRP satisfied Howey — the institutional purchasers were sophisticated investors who acquired XRP with an expectation of profits derived from Ripple's managerial efforts. But Judge Torres further held that Ripple's programmatic sales of XRP on cryptocurrency exchanges did NOT satisfy Howey, because retail purchasers on exchanges typically had no privity or contractual relationship with Ripple and could not reasonably have expected profits derived from Ripple's specific managerial efforts as opposed to general market dynamics. The bifurcated ruling — institutional sales yes, programmatic sales no — fragmented the regulatory landscape and produced significant defense leverage in subsequent cases.

SEC v. Terraform Labs, 684 F. Supp. 3d 170 (S.D.N.Y. 2023), and SEC v. Coinbase, 2024 WL 1304037 (S.D.N.Y. 2024), have further refined the analysis. Judge Rakoff in Terraform rejected the Ripple bifurcation, holding that the manner of sale (institutional vs. programmatic) does not change the underlying Howey analysis — what matters is whether the purchaser had an expectation of profits from the issuer's efforts. Judge Failla in Coinbase allowed the SEC's case to proceed on the theory that several specific tokens traded on the Coinbase exchange qualified as securities under Howey, while dismissing parallel claims against Coinbase's wallet service. The combined effect of these decisions is a fact-specific, token-by-token, sale-by-sale analysis that produces meaningful defense room in any criminal securities-fraud crypto prosecution.

The fair-notice / regulatory-ambiguity defense has emerged as a corollary of the Ripple/Coinbase line. The argument runs: if courts themselves cannot agree on whether a particular token is a security, and if the SEC itself has historically declined to provide bright-line guidance, then a defendant could not have had the requisite fair notice that her conduct was criminal. The defense draws on due-process principles, FCC v. Fox Television Stations, Inc., 567 U.S. 239 (2012), and the constitutional avoidance canon. In practice, the defense rarely succeeds at the motion-to-dismiss stage but provides material mitigation argument at sentencing and shapes plea negotiation posture. Several courts have noted the regulatory ambiguity in suppression rulings and have given fair-notice arguments respectful treatment even where the prosecution ultimately prevailed.

Defense strategies in crypto-fraud prosecutions

Crypto-fraud defense work integrates Howey-test challenges, fair-notice and regulatory-ambiguity arguments, intent and good-faith-reliance defenses, loss-amount disputes under § 2B1.1, Tornado Cash precedent on service-provider liability, and forum strategy across multiple federal districts.

Howey-test challenges are the threshold defense in any crypto-securities prosecution. The defense develops a fact-specific record on each of the four Howey prongs — was the transaction structured as an investment, or as a consumptive use? Was there a "common enterprise" — pooling of investor funds with profits shared on a pro-rata basis? Was there a reasonable expectation of profits, or was the token marketed as a utility-only access token? Were the expected profits derived from the issuer's managerial efforts, or from general market dynamics, network effects, or holder community efforts? The defense typically retains experts on tokenomics, white-paper analysis, marketing materials, and contemporaneous investor communications to develop the record. The Ripple bifurcation suggests that institutional and programmatic sales may receive different treatment, and the defense develops the differential analysis where applicable.

Fair-notice and regulatory-ambiguity arguments are the related second-line defense. Where the SEC itself has issued contradictory guidance, where courts have split on classification, or where the defendant relied on advice of counsel concluding that the token was not a security, the defense argues that due process required clearer notice before criminal liability attached. The argument leverages FCC v. Fox Television Stations, Inc., 567 U.S. 239 (2012), Sessions v. Dimaya, 584 U.S. 148 (2018) (void-for-vagueness in deportation context, but with broader doctrinal application), and constitutional avoidance principles. Rarely a winner at the motion-to-dismiss stage; more frequently effective at sentencing and in plea negotiation.

Intent and good-faith-reliance-on-counsel defenses go to the willfulness element. Federal wire fraud, securities fraud, and money laundering require specific intent — the defendant must have intended to deceive, intended to defraud, or knowingly engaged in the prohibited transaction. Where the defendant retained securities counsel, blockchain counsel, or AML/MSB compliance counsel and relied in good faith on their advice, that reliance can negate the requisite mens rea. The defense must establish (1) full and accurate disclosure of facts to counsel, (2) actual advice received, (3) good-faith reliance on that advice, and (4) conduct consistent with the advice. The advice-of-counsel defense is a recurring element in crypto prosecutions because nearly every legitimate digital-asset business retained outside counsel at some stage.

Cooperation under U.S.S.G. § 5K1.1 is a structural feature of crypto-fraud sentencing. The interlocking nature of crypto-fraud schemes — exchanges, lending platforms, market makers, token issuers, and DeFi protocols all interact — creates webs of potential cooperator targets. A defendant who provides substantial assistance against co-defendants, related entities, or upstream/downstream actors can substantially reduce her own guideline exposure. Caroline Ellison's cooperation against Sam Bankman-Fried in the FTX prosecution is the highest-profile recent example. Cooperation posture has to be evaluated against (a) the strength of the government's case against the defendant herself, (b) the value of available cooperation, (c) the risk of self-incrimination on uncharged conduct, and (d) the long-term reputational and civil-liability consequences.

Loss-amount disputes under U.S.S.G. § 2B1.1 are the central sentencing battle. The loss table drives the offense level, and at the upper levels of crypto-fraud cases the difference between, say, a $10 million loss (+20 levels) and a $50 million loss (+22 levels) can mean years of additional incarceration. Defense forensic-accounting expert work focuses on (1) the proper measure of loss — actual loss to victims vs. intended loss vs. gain to defendant; (2) timing — value of the misappropriated assets at the time of offense vs. at sentencing (especially contentious in crypto because of price volatility); (3) credits against loss for assets returned, restitution paid, or recoveries made by victims; and (4) attribution — what portion of the total scheme loss is reasonably attributable to this defendant's relevant conduct rather than to co-conspirators or to the scheme as a whole.

The Tornado Cash / Storm precedent is the active defense leverage for non-custodial protocol developers and code contributors. The argument that mere code deployment and infrastructure maintenance do not constitute "operating" a money-transmitting business under § 1960 has substantial structural support — the Tornado Cash protocol is a non-custodial smart contract that does not take custody of user funds and cannot be modified by its developers after deployment. The defense draws on First Amendment principles (code as speech), the limits of secondary liability in financial-services regulation, and the structural impossibility of "operating" an autonomous smart contract. The Storm case is on appeal and will set the framework for service-provider liability in DeFi.

Forum strategy involves negotiation across multiple federal districts. The SDNY has been the headline venue for major crypto-fraud cases (FTX, Mango Markets, Tornado Cash), but NDTX and EDTX have growing dockets and the DOJ NCET coordinates case placement. Where conduct occurred in multiple districts, the defense can sometimes negotiate a more favorable forum based on the office's charging practices, judicial composition, and resource constraints. Forum considerations also implicate parallel SEC, CFTC, and state-AG enforcement — the defense develops a coordinated multi-track posture to avoid prejudicial admissions in civil actions that could be used in the criminal case.

IEEPA, Tornado Cash, and the sanctions frontier

IEEPA sanctions violations are the highest-stakes overlay in crypto prosecutions. The Tornado Cash designation and Storm indictment test the limits of developer liability for downstream sanctions evasion; DPRK and OFAC-related cases routinely produce IEEPA exposure alongside fraud and money-laundering counts.

The International Emergency Economic Powers Act (IEEPA), 50 U.S.C. §§ 1701-1708, gives the President broad authority to impose sanctions on foreign persons, entities, and transactions in response to threats to national security, foreign policy, or the economy. OFAC administers the resulting sanctions regimes through the SDN list, sectoral sanctions, and program-specific designations. Willful violation of OFAC sanctions is a felony under 50 U.S.C. § 1705 — up to 20 years in BOP custody plus a fine of up to $1,000,000 per violation. Civil penalties run separately and can compound criminal exposure. IEEPA is increasingly central to cryptocurrency enforcement because crypto transactions are easy to direct toward sanctioned jurisdictions (DPRK, Iran, Russia) and sanctioned actors (Lazarus Group, designated wallet addresses), and the on-chain transparency that historically made such transactions tractable for law enforcement is being challenged by privacy mixers, cross-chain bridges, and DeFi.

The August 2022 OFAC designation of Tornado Cash and several associated Ethereum wallet addresses was a foundational moment in crypto sanctions enforcement. For the first time, OFAC sanctioned a smart-contract protocol rather than a specific person or entity. The designation prohibited U.S. persons from interacting with the protocol, effectively criminalizing routine privacy transactions for the protocol's American users. The designation faced immediate constitutional challenge in Van Loon v. Department of Treasury, 1:23-cv-312 (W.D. Tex. 2023), where Tornado Cash users sued OFAC arguing that the smart contract was not "property" within the meaning of IEEPA and that the designation exceeded OFAC's statutory authority. The district court ruled for the government; the case is on appeal to the Fifth Circuit, and the outcome will shape future OFAC designations of decentralized protocols.

The criminal indictment of Roman Storm — a Tornado Cash co-founder — in the SDNY in August 2024 brought the IEEPA exposure into a criminal trial setting. The indictment charges § 1960 unlicensed money-transmitting business counts together with IEEPA sanctions-violation counts, alleging that Storm and his co-defendants continued to operate the Tornado Cash protocol after the OFAC designation, including by maintaining the protocol's front-end interface and processing transactions for DPRK-linked addresses associated with the Lazarus Group. The case is the highest-stakes test of whether non-custodial protocol developers can be criminally liable for downstream sanctions evasion by third-party users — and the outcome will materially shape the future of DeFi development and the criminal liability of open-source contributors.

DPRK-related cases routinely produce IEEPA exposure alongside fraud and money-laundering counts. The Lazarus Group and related North Korean actors have repeatedly attacked crypto bridges and exchanges — the Ronin Network bridge ($625 million, 2022), the Harmony bridge ($100 million, 2022), and various centralized-exchange compromises. Crypto businesses that knowingly process Lazarus-linked transactions, that fail to implement adequate sanctions screening, or that recruit North Korean IT workers (a separate growing fact pattern in 2024-2025) face stacked IEEPA, § 1956, and § 1960 exposure. The North Korean IT-worker schemes — where North Korean nationals obtain remote IT contracts at U.S. crypto firms using fraudulent identities, then exfiltrate funds — have produced indictments against both the workers and the U.S. firms that hired them.

Local DFW practice — NDTX, EDTX, NCET coordination

The Northern and Eastern Districts of Texas have emerged as active forums for federal cryptocurrency-fraud prosecutions. NCET coordination, the DFW concentration of fintech and crypto businesses, and historically aggressive NDTX financial-crime practice combine to produce growing case volume.

The Northern District of Texas (NDTX) — covering Dallas, Fort Worth, Plano, Frisco, Wichita Falls, Amarillo, Lubbock, and Abilene — has emerged as an active forum for federal cryptocurrency-fraud prosecutions. Three factors combine to produce the growing docket. First, the DFW Metroplex hosts a substantial concentration of fintech and crypto businesses — exchanges with regional headquarters, mining operations, blockchain analytics firms, NFT marketplaces, and venture-capital-backed startups. Second, NDTX has historically been an aggressive financial-crime venue with experienced Assistant U.S. Attorneys handling complex fraud cases. Third, the NCET assignment model places senior crypto-fraud prosecutors in coordination with NDTX trial teams for cases of national significance, producing higher-resource prosecutions than NDTX could otherwise field.

The Eastern District of Texas (EDTX) — covering Sherman, Plano, Tyler, Marshall, Beaumont, and Texarkana — also handles crypto-fraud cases, often for conduct that originated in the DFW area but with venue in the EDTX based on where electronic transmissions occurred. EDTX is sometimes preferred by the government in patent-related contexts and has a sophisticated bench, but the cryptocurrency-fraud docket is still smaller than NDTX. Venue selection between NDTX and EDTX can be a meaningful defense lever where the conduct touched both districts, and the relative speed of EDTX dockets and the differing local rules can produce differential outcomes.

Local DFW defense practice integrates several practical considerations. Bond posture in federal crypto cases is structured around (1) the loss amount alleged, (2) the defendant's international connections (many crypto-fraud defendants have offshore exchange accounts, foreign business interests, or family abroad), (3) the access to liquid assets that could be moved on-chain, and (4) the cooperation posture. Federal magistrates in NDTX have grown experienced with crypto-asset surrender as a bond condition — requiring defendants to transfer their wallet seed phrases to court custody, to disable hardware wallets, or to provide blockchain-analytics firms with view-only access. These conditions are uncommon in non-crypto cases and require defense planning to avoid inadvertent forfeitures or compliance violations.

The NCET coordination model affects local practice substantially. When NCET assigns a senior prosecutor to a NDTX case, the local AUSA typically retains lead trial responsibility but the NCET prosecutor provides subject-matter expertise on tokenomics, blockchain forensics, multi-district coordination, and asset-forfeiture strategy. Defense counsel must navigate the dual-prosecutor structure, identify where local NDTX practices diverge from main-justice positions, and develop relationships with both trial-team layers. The DOJ Civil Division's Asset Forfeiture and Money Laundering Section also coordinates on cryptocurrency seizures and forfeitures, adding a third prosecutor layer in cases with significant asset-forfeiture stakes.

When to retain counsel — early intervention is critical

Early defense intervention in cryptocurrency-fraud cases is materially more valuable than in most other criminal practice areas. Subpoena response, voluntary-disclosure decisions, target-letter response, and pre-indictment plea negotiation all create high-leverage opportunities that disappear after indictment.

Early retention of experienced federal defense counsel is more valuable in cryptocurrency-fraud cases than in almost any other criminal practice area. The pre-indictment window — typically opening with a grand-jury subpoena to a business, a target letter to an individual, a search warrant on an exchange or office, or an SEC/CFTC parallel inquiry — is when the most consequential strategic decisions get made. Defendants who retain counsel only after indictment have foreclosed several high-leverage options: voluntary self-disclosure to reduce charges, pre-indictment plea negotiation, Wells submission to the SEC challenging the underlying securities-law theory, target-letter response controlling the scope of the investigation, and coordinated multi-agency posture across DOJ, SEC, CFTC, FinCEN, and state authorities.

Subpoena response is the first high-leverage step. A grand-jury subpoena to a crypto business — whether for documents, testimony, or both — creates immediate obligations to preserve evidence, respond truthfully, and avoid obstruction. The natural impulse to "cooperate fully" can be self-defeating if the subpoena reaches privileged communications, work product, attorney-client materials, or evidence of uncharged conduct. Counsel reviews the subpoena scope, asserts applicable privileges, negotiates production schedules and search terms with the AUSA, and identifies which witnesses (if any) should be made available for testimony. A subpoena recipient should never produce documents or send witnesses to the grand jury without first having an experienced federal-defense lawyer review the subpoena and the underlying conduct.

Target-letter response is the second critical window. A target letter notifies an individual that she is a target — meaning the prosecutor has substantial evidence linking her to a crime and is considering charging her. The natural impulse to "explain the misunderstanding" by writing to the AUSA or by sending a representative to the grand jury is almost always wrong. Target letters create an opportunity for defense counsel to (1) understand the prosecutor's theory, (2) develop a coordinated response strategy, (3) negotiate pre-indictment plea or non-prosecution agreement options, (4) prepare a Queen-for-a-Day or proffer interview to test the strength of available defenses, and (5) coordinate parallel SEC/CFTC posture to avoid creating prejudicial admissions in the civil case. The 60-90 days following a target letter are typically the most leverage-rich window in the entire case.

Voluntary self-disclosure decisions can dramatically alter the trajectory. The DOJ Corporate Enforcement Policy and the National Cryptocurrency Enforcement Team guidance create reduced-penalty pathways for companies and individuals who voluntarily self-disclose violations, cooperate substantially, and remediate underlying conduct. The decision to self-disclose is irreversible — once made, it surrenders defense leverage even if the cooperation does not produce expected benefits. The decision requires experienced counsel evaluation of the underlying conduct, the realistic charging exposure if non-disclosed, the comparative benefits of voluntary disclosure under DOJ policy, and the parallel civil and reputational consequences. For individuals, the calculus often turns on whether the conduct is likely to come to DOJ attention through other channels — bankruptcy filings, civil discovery, regulator referrals, whistleblower complaints — and on the strength of available cooperation against co-conspirators.

Post-indictment, the case shifts to standard federal defense practice — bond posture, Article III discovery under Rule 16, suppression motions, expert development, plea negotiation, and trial preparation — but with crypto-specific complications: forfeiture proceedings against on-chain assets, parallel civil enforcement actions running in coordinated districts, international cooperation issues if exchanges or counterparties are offshore, and continuing media exposure that can prejudice the jury pool. The L and L Law Group team coordinates with co-counsel where the case spans multiple districts or requires specialized blockchain-forensics expert work, and develops the integrated defense posture across all parallel proceedings.

Defense Strategy

What we evaluate first

Five defense levers do most of the work in Texas evading cases. We evaluate every one before charting a path — suppression first, then knowledge, intent, necessity, and charge-reduction posture together set the strategy.

  1. Howey-test challenge — token is not a security
    In any criminal securities-fraud prosecution, the threshold defense is whether the token qualifies as an "investment contract" under the four-part Howey test. The defense develops a fact-specific record on each prong — investment of money, common enterprise, reasonable expectation of profits, derived from others' efforts. The Ripple bifurcation (institutional sales yes, programmatic exchange sales no) suggests differential treatment may apply. Defense experts on tokenomics, white-paper analysis, marketing materials, and contemporaneous investor communications develop the record. A successful Howey challenge defeats the securities-fraud counts entirely and can shape the materiality analysis on parallel wire-fraud counts.
  2. Fair-notice / regulatory-ambiguity defense (Coinbase/Ripple line)
    Where the SEC itself has issued contradictory guidance and where courts have split on token classification, due process required clearer notice before criminal liability attached. The argument leverages FCC v. Fox Television Stations, Inc., 567 U.S. 239 (2012), constitutional avoidance principles, and the recent Ripple/Coinbase/Terraform line of district-court decisions. Rarely successful at motion-to-dismiss but provides material mitigation argument at sentencing and shapes plea-negotiation posture. The defense develops the regulatory-confusion record through SEC enforcement-action history, contemporaneous guidance documents, and academic commentary.
  3. Insufficient intent and good-faith reliance on counsel
    Federal wire fraud, securities fraud, and money laundering require specific intent. Where the defendant retained securities counsel, blockchain counsel, or AML/MSB compliance counsel and relied in good faith on their advice, that reliance can negate the requisite mens rea. The defense must establish (1) full and accurate disclosure of facts to counsel, (2) actual advice received, (3) good-faith reliance on that advice, and (4) conduct consistent with the advice. Nearly every legitimate crypto business retained outside counsel at some stage, making the advice-of-counsel defense available in many crypto-fraud prosecutions.
  4. Cooperation under U.S.S.G. § 5K1.1
    Crypto-fraud schemes typically involve webs of co-conspirators, related entities, and upstream/downstream actors. A defendant who provides substantial assistance can substantially reduce her guideline exposure under § 5K1.1. Caroline Ellison's cooperation against Sam Bankman-Fried in the FTX prosecution is the high-profile recent example. Cooperation posture has to be evaluated against the strength of the government's case against the defendant, the value of available cooperation, the risk of self-incrimination on uncharged conduct, and the long-term reputational and civil-liability consequences. The decision is irreversible once made and requires experienced federal-defense counsel evaluation.
  5. Loss-amount challenge under U.S.S.G. § 2B1.1 — value at offense vs. at sentencing
    The § 2B1.1 loss table drives the offense level, and crypto-price volatility creates particular complications. Defense forensic-accounting expert work focuses on (1) the proper measure of loss — actual vs. intended vs. gain; (2) timing — value at the time of offense vs. at sentencing (price volatility cuts both directions); (3) credits against loss for assets returned, restitution paid, or recoveries made by victims (often substantial in crypto cases where on-chain assets are recoverable); and (4) attribution — what portion is reasonably attributable to this defendant's relevant conduct vs. co-conspirators. At the upper levels, differences between loss tiers can mean years of additional incarceration.
  6. Tornado Cash precedent — service-provider liability limits for non-custodial protocols
    For defendants associated with non-custodial smart-contract protocols, the Storm/Tornado Cash case provides the framework for arguing that mere code deployment and infrastructure maintenance do not constitute "operating" a money-transmitting business under § 1960. The defense draws on First Amendment principles (code as speech), the limits of secondary liability in financial-services regulation, and the structural impossibility of "operating" an autonomous smart contract. The argument has substantial structural support but is untested at the appellate level; the Storm case outcome will shape future DeFi developer prosecutions and the criminal liability of open-source contributors.
  7. Forum-shift / venue negotiation
    Cryptocurrency-fraud cases often involve conduct touching multiple federal districts — exchanges with regional headquarters, transactions traversing multiple states, and developers/operators distributed across jurisdictions. The defense can sometimes negotiate a more favorable forum based on the office's charging practices, judicial composition, and resource constraints. The SDNY has been the headline venue but NDTX/EDTX have growing dockets. Forum considerations also implicate parallel SEC, CFTC, and state-AG enforcement — the defense develops a coordinated multi-track posture to avoid prejudicial admissions in civil actions that could be used in the criminal case.
Defense Timeline

How we build the case

Texas evading defense follows a predictable four-phase arc — stabilize and discover (0-15 days), build the suppression record (15-90 days), motion practice and posture (3-6 months), then trial readiness or resolution (6 months+).

  1. Day 0-30
    Counsel, preservation, parallel-track assessment
    Retain experienced federal-defense counsel immediately on receipt of subpoena, target letter, or knowledge of investigation; preserve all crypto wallets, exchange accounts, communications, and corporate records via written holds; assess parallel SEC/CFTC/FinCEN/state-AG enforcement posture and coordinate; assemble compliance-counsel and outside-counsel privilege logs; identify potential cooperation targets; bond posture if arrest has occurred (international-flight risk and digital-asset access drive bond conditions); invoke Fifth Amendment and assume all communications are subject to seizure.
  2. Day 30-90
    Subpoena response, target-letter posture, expert retention
    Negotiate subpoena scope and search terms with AUSA; assert applicable privileges; develop coordinated subpoena-response strategy across parallel SEC/CFTC inquiries; target-letter response if applicable — Queen-for-a-Day proffer evaluation, pre-indictment plea negotiation; retain blockchain-forensics experts (Chainalysis, TRM Labs, Elliptic, etc.) for case-specific tracing analysis; retain tokenomics and securities-law experts for Howey-test development; preliminary defense theory across wire-fraud, money-laundering, § 1960, and securities-fraud counts.
  3. Month 3-12
    Grand jury, indictment, motion practice
    Grand jury presentment and indictment (if not resolved pre-indictment); Article 39.14 / Rule 16 discovery requests; suppression motions on warrant execution and electronic seizures; motions to dismiss on Howey, fair-notice, and statutory-construction grounds; Rule 404(b) admissibility briefing on prior conduct and related schemes; Brady/Giglio discovery on cooperator witnesses; expert development across blockchain forensics, tokenomics, securities classification, and loss accounting; cooperation evaluation if applicable; plea-negotiation posture refinement.
  4. Month 12+
    Trial readiness or resolution
    Trial settings typically 18-36 months from indictment in complex crypto cases. Trial proceeds with extensive expert testimony on both sides — blockchain forensics, tokenomics, securities classification, AML compliance; loss-amount sentencing hearings if conviction; restitution proceedings under MVRA; asset-forfeiture proceedings against on-chain holdings; parallel SEC/CFTC civil-action resolution coordination; appellate posture preparation; collateral consequences planning — bar discipline, professional licensing, immigration consequences, civil-litigation exposure from defrauded investors.

Charged with evading arrest in Collin, Denton, Dallas, or Tarrant County?

L and L Law Group defends evading-arrest cases at every level — misdemeanor through second-degree felony. Free initial consultation.

Call (972) 370-5060

Frequently asked questions

Twelve questions we answer most often about Texas evading-arrest cases — penalties, defenses, expunction, court timeline, license impact, and federal-case interaction.

What is federal cryptocurrency fraud?

There is no single federal statute defining "cryptocurrency fraud." The Department of Justice overlays its standard fraud and financial-crime toolkit onto digital-asset facts. The predominant charge is 18 U.S.C. § 1343 wire fraud — virtually every cryptocurrency transaction involves interstate or international wires. Common companion charges include § 1349 conspiracy, §§ 1956/1957 money laundering, § 1960 unlicensed money-transmitting business, 15 U.S.C. § 78j(b) and Rule 10b-5 securities fraud where the token qualifies as a security under the Howey test, 7 U.S.C. § 13 commodities fraud through the CFTC, 26 U.S.C. § 7201 tax evasion on unreported crypto gains, and 50 U.S.C. § 1701 IEEPA sanctions violations. The overlay architecture allows prosecutors to stack high-exposure charges from a single course of conduct, with the DOJ National Cryptocurrency Enforcement Team (NCET) coordinating prosecutions across districts.

Is cryptocurrency a security under federal law?

It depends on the token and the manner of sale. The four-part Howey test from SEC v. W.J. Howey Co., 328 U.S. 293 (1946), controls whether a digital asset is an "investment contract" and therefore a "security" under 15 U.S.C. § 77b(a)(1) and § 78c(a)(10). The test requires (1) an investment of money, (2) in a common enterprise, (3) with a reasonable expectation of profits, (4) to be derived from the entrepreneurial or managerial efforts of others. SEC v. Ripple Labs (S.D.N.Y. 2023) produced the first major framework — institutional XRP sales satisfied Howey, but programmatic exchange sales did not. SEC v. Terraform Labs (S.D.N.Y. 2023) and SEC v. Coinbase (S.D.N.Y. 2024) refined the analysis. Bitcoin and Ethereum are widely treated by the SEC as non-securities; many altcoins, ICO tokens, and DeFi protocol tokens remain contested.

How does the DOJ prosecute cryptocurrency fraud without a single statute?

DOJ uses the overlay-architecture approach — applying its existing federal fraud and financial-crime statutes to digital-asset facts. Wire fraud under 18 U.S.C. § 1343 is the predominant charge because virtually every cryptocurrency transaction involves interstate wires, satisfying the wires element. Money laundering under §§ 1956 and 1957 follows because the proceeds of wire fraud (and most other federal crimes) are specified unlawful activity, and any subsequent transaction involving those proceeds becomes a money-laundering count. Section 1960 reaches unlicensed money-transmitting businesses — exchanges, mixers, peer-to-peer traders, and OTC desks operating without FinCEN MSB registration. Securities fraud under § 78j(b) applies where the token qualifies as a security under Howey. The DOJ National Cryptocurrency Enforcement Team (NCET), established October 2021, coordinates prosecutions across districts and brings senior subject-matter expertise to local trial teams.

What was the FTX case about and what charges were brought?

The FTX case — United States v. Samuel Bankman-Fried, 1:22-cr-00673 (S.D.N.Y.) — was the highest-profile cryptocurrency-fraud prosecution to date. The SDNY indictment charged seven counts: wire fraud on FTX customers, wire fraud on Alameda Research lenders, conspiracy to commit wire fraud on FTX customers, conspiracy to commit wire fraud on Alameda lenders, conspiracy to commit securities fraud, conspiracy to commit commodities fraud, and conspiracy to commit money laundering. The case alleged that FTX co-founder Bankman-Fried misappropriated approximately $8 billion in customer assets to cover trading losses at the affiliated Alameda Research hedge fund. After a five-week jury trial in October-November 2023, Bankman-Fried was convicted on all seven counts. He was sentenced in March 2024 to 25 years in BOP custody. The case exemplifies the stacked-charge architecture of federal cryptocurrency-fraud prosecutions and the loss-amount-driven sentencing under U.S.S.G. § 2B1.1.

What is the Tornado Cash case and why is it important?

United States v. Roman Storm, 1:23-cr-00430 (S.D.N.Y.), is the most consequential active cryptocurrency case. Tornado Cash is a non-custodial smart-contract privacy mixer on the Ethereum blockchain. In August 2022, OFAC designated Tornado Cash and several associated wallet addresses under IEEPA — the first sanctions designation of a smart-contract protocol rather than a person or entity. In August 2024, the SDNY indicted co-founder Roman Storm on counts of conspiring to commit money laundering, conspiring to violate IEEPA sanctions, and conspiring to operate an unlicensed money-transmitting business. The case tests whether mere code deployment and infrastructure maintenance can constitute "operating" a money-transmitting business under § 1960, and whether non-custodial smart-contract developers can be criminally liable for downstream user sanctions violations. The outcome will materially shape the future of decentralized finance and developer criminal liability.

What is an unlicensed money-transmitting business under § 1960?

Operating an unlicensed money-transmitting business is a federal felony under 18 U.S.C. § 1960 — up to 5 years in BOP custody per count. The statute reaches anyone who knowingly conducts, controls, manages, supervises, directs, or owns all or part of an unlicensed money-transmitting business. "Money-transmitting business" includes businesses required to register with FinCEN under 31 U.S.C. § 5330 but failing to do so, businesses operating without required state money-transmitter licenses, and businesses transmitting funds known to be derived from criminal activity or intended to promote unlawful activity. FinCEN guidance FIN-2013-G001 (March 2013) and the 2019 CVC Guidance treat virtual-currency exchangers and administrators as money transmitters required to register as MSBs. United States v. Sterlingov (D.D.C. 2024 — Bitcoin Fog conviction), United States v. Harmon (Helix guilty plea), and the Storm/Tornado Cash indictment are the leading recent § 1960 prosecutions.

Can I be charged with IEEPA sanctions violation in a crypto case?

Yes. The International Emergency Economic Powers Act (IEEPA), 50 U.S.C. §§ 1701-1708, gives the President authority to impose sanctions on foreign persons, entities, and transactions. Willful violation under 50 U.S.C. § 1705 is a felony — up to 20 years in BOP custody plus a fine of up to $1,000,000 per violation. IEEPA exposure arises in cryptocurrency cases whenever a transaction touches an OFAC-sanctioned wallet address — including the August 2022 Tornado Cash designation and various DPRK-linked addresses associated with the Lazarus Group. The Storm/Tornado Cash indictment (SDNY 2024) charges § 1960 unlicensed-MSB and IEEPA counts together. DPRK-related cases — Ronin Network bridge hack ($625 million, 2022), Harmony bridge ($100 million, 2022), and North Korean IT-worker schemes — routinely produce stacked IEEPA, § 1956, and § 1960 exposure. OFAC sanctions screening is now table-stakes compliance for any U.S.-facing crypto business.

What is the role of the DOJ National Cryptocurrency Enforcement Team (NCET)?

NCET is a DOJ Criminal Division task force established in October 2021 to coordinate federal cryptocurrency-fraud and digital-asset enforcement. NCET combines prosecutors with backgrounds in computer crime, intellectual property, money laundering, fraud, and asset forfeiture, and partners with the FBI Virtual Asset Exploitation Unit, IRS Criminal Investigation, the Secret Service, and U.S. Attorney's Offices nationwide. NCET coordinated the Bankman-Fried (FTX) prosecution in the SDNY, the Mango Markets/Eisenberg case, the Storm/Tornado Cash indictments, and seizures of Bitcoin Fog (operator Sterlingov) and Hydra Marketplace. When NCET assigns a senior prosecutor to a case, Main Justice prioritization is engaged — cases tend to receive higher resource allocation, broader investigative scope, and stronger asset-forfeiture coordination. The team's involvement signals national-significance treatment of the case.

What are the sentencing exposure levels for federal cryptocurrency fraud?

Sentencing is driven by U.S.S.G. § 2B1.1 loss calculations rather than the statutory maxima. Base offense level for wire-fraud-driven cases is 7. The loss table under § 2B1.1(b)(1) adds enhancements scaling from +2 levels for loss exceeding $6,500 to +30 levels for loss exceeding $550,000,000. Additional specific-offense characteristics include +2 to +6 for number of victims, +2 for sophisticated means, +2 for substantial financial hardship to victims, and money-laundering grouping enhancements under § 3D1.2. A defendant with a $10 million loss faces approximately +20 loss levels (level 27) — yielding 70-87 months at criminal history I. A defendant with a $100 million loss faces +24 levels (level 31) — yielding 108-135 months. The FTX-scale cases with loss exceeding $550 million face +30 levels and guideline ranges of 240-plus months, producing the 25-year Bankman-Fried sentence.

How much does a federal cryptocurrency-fraud defense cost?

Federal cryptocurrency-fraud defense is among the most expensive criminal-defense practice areas. Legal fees typically run $100,000-$500,000 or more depending on case complexity, expert needs, and trial readiness. A flat fee of $75,000-$150,000 is common for cases resolving at pre-indictment plea or non-prosecution agreement. Substantive motion practice and parallel SEC/CFTC coordination runs $150,000-$300,000. Trial-ready defense including all expert work, pretrial motion hearings, and full discovery review runs $300,000-$500,000-plus. Expert costs add substantially — blockchain-forensics analysts ($25,000-$100,000+), tokenomics and securities-law experts ($25,000-$75,000), forensic accountants for loss analysis ($25,000-$100,000+), and digital-evidence specialists ($25,000-$75,000). Court-appointed counsel under the CJA is available for indigent defendants but is uncommon in major crypto-fraud cases given defendant asset profiles. Costs scale with case complexity, parallel-track coordination demands, and the duration of trial preparation.

How long does a federal cryptocurrency-fraud case take?

Federal cryptocurrency-fraud cases typically take 18-36 months from indictment to disposition, with complex multi-defendant cases extending to 36-60 months. The pre-indictment investigation often runs 12-24 months on top of that. Several factors drive the timeline. First, digital-evidence discovery is enormous — exchange records, blockchain data, electronic communications, smart-contract code, and internal corporate documents typically produce terabytes of material. Second, expert development requires substantial time — blockchain forensics, tokenomics, securities classification, AML compliance, and loss accounting each requires expert engagement, report preparation, and Daubert review. Third, parallel SEC/CFTC/state-AG enforcement coordination adds complexity. Fourth, jury selection and trial in complex crypto cases typically requires 4-8 weeks. The Bankman-Fried trial ran approximately 5 weeks; the Mango Markets/Eisenberg trial ran approximately 2 weeks. Sentencing follows trial by 3-6 months in most cases.

When should I retain counsel in a crypto investigation?

Immediately upon learning of any investigation — receipt of a grand-jury subpoena (to you personally or to a business you control), receipt of a target letter, execution of a search warrant at your residence or office, contact from FBI/IRS-CI/SEC/CFTC investigators, or contact from any cooperating witness. The pre-indictment window is when the most consequential strategic decisions get made — subpoena response, voluntary-disclosure decisions, target-letter response, pre-indictment plea negotiation, and parallel-agency coordination across DOJ, SEC, CFTC, FinCEN, and state authorities. Defendants who retain counsel only after indictment have foreclosed several high-leverage options. The 60-90 days following a target letter are typically the most leverage-rich window in the entire case. Never produce documents under subpoena, never send witnesses to the grand jury, and never give voluntary statements to investigators without first having an experienced federal-defense lawyer review the situation and the underlying conduct.

References

All citations link to statutes.capitol.texas.gov for primary text. Footnote numbers in the body link here; the arrow returns to the citing paragraph.

  1. Tex. Penal Code § 38.04 — Evading arrest or detention.
  2. Tex. Penal Code § 12.21 — Class A misdemeanor punishment range.
  3. Tex. Penal Code § 12.34 — Third-degree felony punishment range.
  4. Tex. Penal Code § 12.33 — Second-degree felony punishment range.
  5. Tex. Penal Code § 9.22 — Necessity affirmative defense.
  6. Tex. Code Crim. Proc. art. 38.23 — Suppression of evidence from unlawful search/detention.
  7. Tex. Code Crim. Proc. art. 39.14 — Michael Morton Act discovery.
  8. Tex. Code Crim. Proc. art. 42A.054 — 3g offenses (not including evading).

Related resources

Related reading

40+
Years
Combined defense experience
$0
Consult
Free initial consultation
24/7
Available
Direct-to-attorney for jail release
About the authors

The attorneys behind this page

Reggie London

Reggie London

Co-Founding Partner · Criminal Defense Attorney

Admitted in Texas, TXND, TXED, and the U.S. Court of Appeals for the Fifth Circuit. Practice spans DWI, drug, weapons, theft, and process crimes — plus federal practice.

Texas Bar No. 24043514 · Read full bio →
Njeri London

Njeri London

Co-Founding Partner · Criminal Defense Attorney

Texas-licensed criminal defense attorney with deep Fourth Amendment motion practice. Focus: suppression hearings, drug-crime defense, federal-practice support.

Texas Bar No. 24043266 · Read full bio →
Free Consultation · 24/7

Talk to an attorney — not a screener.

Tell us about your case. Most clients hear back within an hour. Often within minutes.

(972) 370-5060
5899 Preston Rd, Ste 101 · Frisco, TX 75034

By submitting, you agree to our Privacy Policy.

Call (972) 370-5060

Attorney Advertising

This website is for general information purposes only and constitutes attorney advertising under the Texas Disciplinary Rules of Professional Conduct. Nothing on this site should be taken as legal advice for any individual case or situation. Receipt or viewing does not create an attorney–client relationship.

Past results do not guarantee similar outcomes. Each case is unique and must be evaluated on its own facts and circumstances.

L and L Law Group, PLLC attorneys are licensed to practice in the State of Texas. Njeri London (Texas Bar No. 24043266) and Reggie London (Texas Bar No. 24043514) are the attorneys responsible for the content of this site. None of the attorneys at L and L Law Group, PLLC are Board Certified by the Texas Board of Legal Specialization unless specifically and separately stated.

Please do not transmit any confidential information to L and L Law Group, PLLC by email, web form, or telephone before a written engagement is in place. Privacy Policy.

Service Areas

L&L Law Group represents clients across North Texas counties for DWI, assault, drug crimes, juvenile defense, outstanding warrants, bond reduction, and expunction matters.

DWI

Assault

Drug Crimes

Juvenile Defense

Outstanding Warrant

Bond Reduction

Expunction

By City & County

Federal Districts
Northern District of Texas (TXND) Eastern District of Texas (TXED)
En Español
Inicio Abogado Criminalista Frisco Abogado DWI Frisco

Defense by County

Collin County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Dallas County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Denton County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Tarrant County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Rockwall County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Kaufman County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Ellis County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Johnson County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants
Hunt County
Criminal Defense DWI Defense Assault Defense Drug Crimes Expunctions Juvenile Defense Bond Reduction Outstanding Warrants

Cities We Defend

Collin County
Frisco Plano McKinney Allen
Dallas County
Dallas Garland Irving Mesquite Carrollton Richardson
Tarrant County
Fort Worth Arlington Grand Prairie Cleburne
Denton County
Denton Lewisville
Rockwall County
Rockwall
Kaufman County
Kaufman
Ellis County
Waxahachie
Hunt County
Greenville
Call Email Map Top
developed by MPR Digital Legal Services