The Frankfurt am Main Prosecutor's Office and the Federal Criminal Police have shut down 47 cryptocurrency exchange services located in the country, citing violations of anti-money laundering laws. The platforms allegedly facilitated anonymous transactions for criminal activities, allowing ransomware groups, darknet traders, and other criminals to launder money.
According to the authorities, the platforms were “deliberately concealing the origin of criminally obtained funds,” enabling exchange transactions without going through a registration process and without implementing KYC procedures. These services are now liable for prosecution in cases of money laundering and operating criminal trading platforms on the Internet according to local laws. As of now, no formal charges or arrests have been announced, and it’s possible that this operation will primarily serve as a deterrent to future illegal crypto activity.
The press release acknowledged the challenges connected to the prosecution of some individuals. “Since cybercriminals are often abroad and are tolerated or even protected by some countries, they often remain inaccessible to German law enforcement."
Still, authorities claim to have obtained extensive data on the users of these exchanges, hinting at possible future investigations or arrests. The banned platforms now mainly redirect to a ‘Final Exchange’ operation website with a list of 47 exchanges and a threatening warning:
“This is for you, ransomware affiliates, botnet operators and darknet vendors. For years, the operators of these criminal exchange services have led you to believe that their hosting cannot be found… We have found their servers and seized them… We have their data – and therefore, we have your data. Our search for traces begins. See you soon.”
Despite the significant number of platforms involved, none of the exchanges that were shut down appear to be widely known. The largest and oldest of these services, Xchange.cash, active since 2012, had around 400,000 users, according to German investigators. Other relatively big exchanges include 60cek, Baksman, and Prostocash. Most of them served other countries as well, including the sanctioned Russian market, which might be one of the reasons for the ban.
The authorities seem to have effectively blocked access to these services globally: at the time of writing, these platforms were not accessible from major jurisdictions like the U.S., Russia, or Europe.
This operation follows a similar move by German regulators in August when they shut down 13 illegally installed crypto ATMs and seized €250,000 in connection with possible AML/CTF violations. Earlier this year, German authorities also took part in an international law enforcement action, Operation Endgame, aimed at taking down several malware families, including IcedID and Pikabot. The operation resulted in the seizure of more than 100 servers, multiple domain blocking, and the issue of several arrest warrants.
While individual countries enforce their own protection measures on the ground, the European Union is moving towards a unified regulatory framework through initiatives like the Markets in Crypto-Assets (MiCA) regulation. Leading blockchain projects have united to enhance compliance and withstand regulatory challenges. Recently, Hedera, Ripple, and Aptos Foundation joined forces to launch the MiCA Crypto Alliance, and one of the organization's first goals is to launch standardized templates for sustainability disclosures.