European regulators are scrutinizing OKX’s Web3 platform following allegations that North Korean hackers laundered $100 million in stolen cryptocurrency through the service after breaching digital asset exchange Bybit. 

The investigation raises questions about whether OKX’s Web3 service falls under the EU’s Markets in Crypto-Assets (MiCA) regulations and whether the exchange could face penalties.

According to sources familiar with the matter, national regulators from the EU’s 27 member states discussed the case in a March 6 meeting hosted by the European Securities and Markets Authority’s (ESMA) Digital Finance Standing Committee. 

According to a report from Bloomberg, the watchdogs are determining whether OKX’s Web3 platform, marketed as a decentralized finance (DeFi) service, should be subject to MiCA oversight.

The Bybit exploit, the largest crypto hack to date, saw hackers linked to North Korea steal approximately $1.5 billion. The attackers reportedly funneled a portion of the funds—mostly in Ether—through decentralized platforms and cross-chain bridges, leveraging OKX’s Web3 service to move illicit assets.‍

Regulators Question MiCA Compliance

While fully decentralized platforms are generally exempt from MiCA, several EU regulators, including those from Austria and Croatia, argued that OKX’s Web3 platform should fall within the regulatory framework.

A presentation at the meeting highlighted that the user interface for swapping tokens and connecting wallets is integrated into OKX’s website. It also pointed to the platform’s terms of use, which list an OKX Singapore entity as its main operator.

Malta, which granted OKX a MiCA pre-authorization in January and later allowed it to “passport” its services across the European Economic Area (EEA), is under pressure to reassess the exchange’s compliance. EU regulators urged ESMA and the European Banking Authority (EBA) to take action against OKX, including potential penalties or even revoking its license.‍

OKX Denies Wrongdoing

OKX has denied any involvement in laundering illicit funds and stated that it has been actively assisting Bybit in tracking and blocking suspicious wallet addresses.

“Claims of OKX’s involvement in laundering any funds are inaccurate and preposterous,” the company said in an emailed statement. “We follow local laws, work closely with regulators, and respond to inquiries as they come in.”

Malta’s financial watchdog has scheduled meetings with OKX’s senior management to discuss the incident but has not committed to taking formal action. ESMA, meanwhile, stated that it “stands ready to deploy all available regulatory tools, if necessary, to safeguard market integrity and investor protection.”‍

Potential Consequences Under MiCA’s Article 64

Under MiCA’s Article 64, regulators can withdraw a firm’s license if it fails to implement effective anti-money laundering measures or violates regulatory requirements in other serious ways. The provision also empowers ESMA and the EBA to request national regulators to reassess a company’s compliance.

The investigation into OKX’s Web3 service adds to the exchange’s recent regulatory challenges. Last month, OKX pleaded guilty to processing over $1 trillion in transactions by U.S. customers without a proper license, agreeing to pay more than $504 million in penalties.

As the EU tightens its grip on the digital asset industry, the outcome of this probe could set a precedent for how regulators approach centralized companies offering Web3 and decentralized finance services. For now, OKX remains under scrutiny, and further regulatory action remains a possibility.