Share article

South Korea's cops are learning the hard way that "not your keys, not your coins" also applies to evidence lockers.

Local reporting says the Korean National Police Agency (KNPA) has drafted a new set of rules for how officers seize, store, and manage cryptocurrencies, after a string of custody mishaps raised uncomfortable questions about basic chain of custody. [1] [2]

The draft directive reportedly covers everything from the moment assets are identified to how they are transferred, stored, and eventually disposed of, and it explicitly includes privacy focused coins that are harder to trace. [3]

The big shift: police custody of seized crypto is getting standardized like any other high risk asset, with tighter controls and a plan to outsource storage to a professional custodian.
UK Court Hears Claim Wife Used Home CCTV to Drain $176M in Crypto From Husband

Enjoy articles without ads?

Register for free and get unlimited access to all articles.

Why the KNPA is rewriting the playbook

According to Asiae, the KNPA has completed a draft directive that lays out compliance requirements at each step of a crypto seizure. The move comes after reported lapses in how seized digital assets were handled, including allegations of unauthorized transfers and weak internal controls at the unit level, based on prior local coverage referenced by industry summaries. [4]
That context matters because crypto custody failures are not just "oops, we lost the password." If evidence wallets get drained, the state can lose restitution funds, cases can get contested, and defendants can argue evidence tampering. For police, it is also a reputational faceplant in a country that is already hypersensitive about financial crime and market integrity.

What the draft rules reportedly target: end to ad hoc wallets

The directive, as described in local reporting and echoed by secondary coverage, aims to replace scattered, officer managed practices with a consistent national standard. While the full text has not been publicly circulated in English, the intent is clear: treat seized crypto like controlled evidence, not like a hot wallet someone set up on a laptop.
Here are the pressure points the rules are likely designed to address, based on what police agencies typically standardize when they get serious about digital asset custody:

1) Chain of custody, but for private keys

A proper chain of custody for crypto means documenting:

  • Who generated or controlled the wallet
  • When access credentials were created, moved, or rotated
  • Which transactions were signed, by whom, and under what authorization
  • How addresses and transaction hashes map to specific cases

Without this, defense attorneys have a clean line of attack: "Prove the police did not move these funds."

2) Segregation of duties and approvals

One of the most obvious failure modes in seized crypto is single point of failure custody: one investigator controls the seed phrase, one person can sign transfers, one person can "make it go away."
A modern evidence workflow typically forces separation, such as multi person approvals (think multisig or institutional policy controls), plus audit trails that cannot be quietly edited later.

3) Storage standards: cold by default, hot only if necessary

If seized funds are left in online wallets for convenience, they become a honey pot. The KNPA's draft reportedly aims to standardize storage and management, which in practice usually means cold storage for long term holding, with strict procedures for any movement.

4) Handling privacy coins

Asiae's report notes the guidelines include privacy focused assets. That is a telling detail. Privacy coins can be seized like any other asset if the keys are obtained, but attribution and tracing are harder, and investigative steps differ. Standardizing how they are documented and stored reduces operational mistakes, even if it does not magically make them easy to track.

Roman Storm hits back as DOJ seeks October retrial in Tornado Cash case

The outsourcing angle: private custody provider targeted for H1 2026

One of the most market relevant points in the report is that the KNPA aims to select a private custody provider in the first half of 2026. [5]

That signals a shift away from trying to make every police unit a mini custodian. It also mirrors what other jurisdictions have done: law enforcement focuses on seizure authority, evidence handling, and legal process, while specialized firms handle key management, secure storage, and transaction policy controls.

For the custody industry, a national police mandate can be a meaningful contract. It is not just assets under custody, it is recurring compliance work, integrations with case management systems, and strict service level requirements around access, reporting, and audits.

For everyone else, it is also an implicit admission: self custody at institutional scale is hard, and getting it wrong gets people fired.

US, UK and Canada Kick Off Trilateral Operation to Disrupt Crypto Fraud Rings

Why this matters for Korea's broader crypto enforcement

South Korea already runs a relatively tight ship on centralized exchanges and VASPs, with strong expectations around AML controls and user verification. But seized asset handling is a separate operational layer, and historically it is where gaps show up because procedures lag behind technology.

Tightening custody rules has three knock on effects:

  1. Stronger prosecutions: Cleaner evidence trails reduce the odds that crypto related charges get messy in court.
  2. Better restitution outcomes: If seized assets are preserved properly, victims and the state are less likely to get rekt by preventable losses.
  3. More predictable enforcement: Exchanges and suspects alike can anticipate standardized seizure procedures, rather than inconsistent practices across jurisdictions.
This is also a quiet signal to criminals: the "maybe the cops will fumble the wallet" strategy is getting priced out.
Thailand's AML crackdown hits crypto as exchanges freeze 10,000 accounts: Report

Where the draft could face friction

Even if the directive is solid, implementation is where most government crypto projects go to die.

  • Training and tooling: Standard operating procedures mean nothing if frontline teams do not have tools that make compliance easier than shortcuts.
  • Procurement timelines: Selecting a custodian in H1 2026 is ambitious, especially if requirements include security certifications, insurance, key management architecture, and integration support.
  • Access control politics: Investigators want speed, auditors want controls, prosecutors want admissibility. Balancing those is harder than it sounds.
Also worth noting: outsourcing custody does not remove accountability. It shifts operational risk, but the KNPA still owns the legal risk.

What to watch next

If the KNPA publishes detailed requirements for the custodian selection, watch which domestic and global custody firms can meet the bar, especially on auditability, multi party approvals, and incident response.

If the directive mandates multi signature or equivalent policy based controls, expect fewer "internal transfer" scandals and more consistent reporting of seized amounts.

If procurement drags past mid 2026 or the rules stay vague, the same old problems will keep leaking through: fragmented custody, inconsistent documentation, and cases getting complicated when money moves without a paper trail.

Tags

#crypto custody#South Korea#law enforcement#privacy coins#Regulatory overhaul#Seized crypto#Korean National Police#Chain of custody#Custodian outsourcing#Evidence handling