European Union regulators scrutinise cryptocurrency exchange OKX after reports surfaced that hackers laundered approximately $100 million through its Web3 platform, following a significant breach of rival exchange Bybit.
This investigation, if followed through, is poised to severely scrutinize OKX’s compliance with the EU’s Markets in Crypto-Assets (MiCA) regulations and could potentially impact its operating license within the bloc, according to Bloomberg sources.
In late February 2025, Bybit, the Dubai-based cryptocurrency exchange, suffered a massive security breach resulting in the theft of approximately $1.5 billion in digital assets, marking one of the largest crypto heists to date. The attackers reportedly exploited vulnerabilities in Bybit’s security infrastructure to execute the hack.
Subsequently, Bybit’s CEO, Ben Zhou, claimed that around $100 million of the stolen funds were laundered through OKX’s Web3 platform, a decentralized finance (DeFi) service offering self-custodial wallet functionalities. This allegation has prompted EU regulators to assess whether OKX’s Web3 services fall under the purview of MiCA regulations and if the exchange has adequate anti-money laundering (AML) protocols in place.
“40,233 ETH or $100M, which is 8% was through OKX web3 proxy. Out of them, 16,680 ETH we can trace 23,553 ETH or $65M (~5%) is untraceable which require info from OKX web3,” Zhou wrote
Regulatory Scrutiny and Potential Implications
On March 6, 2025, national watchdogs from the EU’s 27 member states convened under the European Securities and Markets Authority’s (ESMA) Digital Finance Standing Committee to discuss the allegations against OKX. The central issue is whether OKX’s Web3 platform, despite its decentralized nature, should be subject to MiCA regulations due to its integration with the main exchange platform.
Regulators from countries such as Austria and Croatia have argued that OKX’s Web3 services should fall under MiCA’s jurisdiction. If found non-compliant, OKX risks facing penalties, including the potential revocation of its MiCA license, which would significantly impact its operations within the European Economic Area (EEA).
OKX’s Response to the Allegations
OKX has firmly denied any wrongdoing or regulatory investigation concerning its platform. In a statement, the exchange refuted claims of involvement in laundering stolen funds, labeling such allegations “inaccurate and preposterous.” OKX emphasized that its Web3 wallet services comply with existing regulatory standards and are similar to offerings by other industry players.
Furthermore, OKX accused Bybit of spreading misinformation regarding the incident, highlighting that it had proactively cooperated with authorities to freeze stolen assets and assist in the investigation.
Broader Implications for the DeFi Industry
Bybit’s $1.5 billion security breach on February 21 is now the largest crypto exploit in history, surpassing previous high-profile exchange hacks. The attack, allegedly orchestrated by North Korea’s Lazarus Group, targeted Bybit’s Ethereum cold wallet.
Meanwhile, OKX is one of the largest centralized crypto exchanges. The exchange saw $108.6 billion in spot trading volume in February, making it a dominant player in the industry. However, regulatory pressure is mounting, with OKX recently agreeing to pay over $504 million in penalties after admitting to illegally servicing U.S. customers without proper licensing.
As European regulators tighten oversight on crypto platforms and DeFi tools, the Bybit hack and the OKX investigation could set a critical precedent for exchange compliance and security protocols. With MiCA regulations coming into full effect, exchanges operating in the region face growing pressure to enhance anti-money laundering (AML) measures and tighten user verification procedures to prevent illicit financial activities.
Quick Facts:
- In February 2025, Bybit experienced a security breach resulting in the theft of approximately $1.5 billion in digital assets.
- Bybit’s CEO alleged that around $100 million of the stolen funds were laundered through OKX’s Web3 platform.
- EU regulators are assessing whether OKX’s Web3 services comply with MiCA regulations, with potential penalties including the revocation of its operating license.
- OKX denies any involvement in laundering activities and refutes claims of an ongoing regulatory investigation.
