Selling cryptocurrency can lead to legitimate bank clients being included in the fraud database of the Central Bank (CB), which may result in restrictions on their transactions. As reported by Oleg Zamiralov, the head of the ecosystem protection center at T-Bank, for RBC, from July 2024, banks are required to suspend money transfers to accounts listed in this database for two days. Banks also have the right to block all transactions through cards and online banking if a client’s details are found in this list.
Experts interviewed by RBC-Crypto provided comments on the risks associated with money laundering and the distribution of stolen digital assets on the cryptocurrency exchange Bybit. Should Russian-speaking users of exchange platforms, P2P sites, and exchanges worry that they might end up purchasing assets linked to hacks, and what safety measures can they take?
Bybit is the second-largest cryptocurrency exchange by trading volume after Binance and one of the world’s largest platforms for trading crypto-assets. In January 2025, it accounted for more than 6% of the global cryptocurrency trading volume. The platform is also very popular in Russia, with nearly a third of its internet traffic coming from the country in January 2025. On February 21, Bybit was hacked, losing control of its so-called cold wallet, which contained Ethereum. Hackers managed to steal $1.4 billion in cryptocurrency at the time of the hack.
Banks Have No Choice
Regarding the exchange of cryptocurrency for national currency, the risks include funds being deposited into a bank account that could be linked to illegal activities. Being listed in the fraud database of the Central Bank can happen simply by filing a complaint with the Ministry of Internal Affairs (MVD), stating that money was transferred to the account through fraud. This process is governed by Law 161-FZ, with amendments made in the summer of 2024, as explained by Andrei Tugarin, the founder of the legal company GMT Legal.
“If a user’s details are added to the Central Bank’s fraud database through the Ministry of Internal Affairs, blocking will occur in a few days. Access to all banks and online applications will be blocked. The person will lose access to their funds in real-time,” said the expert.
Almost any user of a cryptocurrency exchange service can fall into this situation. As Tugarin pointed out, this can happen when submitting a request on a P2P exchange, where users can’t see who will send them funds. Later, they may be involved in a criminal case because funds were transferred to their details.
“No one is immune from this, as there is still no single legal act in Russia regulating the activities of cryptocurrency exchanges,” Tugarin stated.
Exchange Risks
Experts also commented on the risks of money laundering on exchanges. Nikita Zuborev, senior analyst at the exchange aggregator Bestchange, pointed out that while the risks of using P2P exchanges for buying cryptocurrency may seem exaggerated due to media coverage, they should still not be ignored.
“In typical P2P exchanges on major platforms, risks are not high, although they are not absent either. However, it is very important to pay attention to the transaction history, the attractiveness of the offered exchange rate compared to other offers, and the platform’s ‘age.’ Any deviation from the norm should raise concern,” shared the expert.
However, Tugarin believes the risk for Russian cryptocurrency users is quite high. Besides foreign platform sanctions, users need to be more careful when selecting exchanges to sell their digital assets.
“Exchanges where we cannot see the participants are the riskiest group of platforms. The risk of receiving ‘tainted’ cryptocurrency is very high because the user cannot verify the origin of the funds before receiving them,” commented Tugarin.
Blockchain transparency and monitoring tools on most crypto exchanges and legal services help track transactions associated with sanctioned exchanges, criminal wallets, or crypto mixers. If funds are received from such addresses, the cryptocurrency’s risk score increases, and the exchange’s compliance service may block the transaction. In many cases, these systems track the stolen funds’ path back in time, marking coins as ‘tainted.’
What to Do
To reduce risks when using exchange platforms, experts advise users to check the addresses from which they will receive cryptocurrency and use “trusted” services.
“The measures today are very simple — it’s a preliminary check of the address from which you plan to receive the cryptocurrency. ‘Digital hygiene’ is in trend these days,” said Tugarin.
The main advice given by Grigory Osipov, director of investigations at the company “Shard,” is also based on “elementary digital hygiene.”
“Use trusted exchanges with good reputations that comply with KYC and AML requirements, as such services act as a ‘buffer check.’”
Osipov added that if a counterparty doesn’t provide an address for the transaction, or if that address is linked to illegal activity, it’s better to refuse the deal.
According to the expert, the times of enthusiasts who want to stay anonymous, bypassing any verification and without using AML providers, are coming to an end.
Consequences of the Bybit Hack
Osipov estimates that the Bybit hack, the largest in cryptocurrency history, will drastically tighten regulations in countries where cryptocurrencies are legalized and will directly affect the Russian market, which predominantly uses foreign infrastructure.
Zuborev also noted the potential for increased control over exchange services:
“The Bybit hack could trigger a small crisis in the exchange market, as such ‘tainted’ cryptocurrency could enter through DEXs or exchanges without KYC, which will lead to investigations before completing the exchange.”
As another recommendation, Osipov suggested not using rare cryptocurrencies for exchanges, as hackers may try to exchange some of the stolen funds for such assets, which AML databases do not yet support.
Conclusion
Tugarin warns that users of cryptocurrency exchanges should not only be concerned with Russian speakers but with anyone conducting cryptocurrency operations.
“The primary risk remains the same as before — account blocking due to potential ‘connection to illegal activity.’ So, in the first period after the hack, AML systems on centralized exchanges will flag users accepting tokens linked, directly or indirectly, to the Bybit hack,” concluded the expert.