Taxpayers can take a tax deduction with respect to “theft” losses that result from an illegal “taking of property” done with criminal intent.[1] Among various other types of criminal activities, fraud is treated as theft under Internal Revenue Code (Code) §165(a). We have seen that fraud losses have proven to be quite common in connection with cryptocurrencies, digital tokens, and NFTs (collectively, digital assets). In this article, I identify some popular fraud schemes that have been used to trick investors out of their investment or their digital assets; the tax treatment of these losses; and the special, optional procedure that is available for deducting theft losses resulting from so-called Ponzi schemes.
Fraud Schemes Involving Digital Assets
Perpetrators of fraud are nothing if not creative in designing scams involving digital assets. Thus, such fraud scheme comes in many flavors, including the following:
Exit Scams/Rug Pulls
The exit scam involves soliciting funds for a digital project—say, the development of a new digital application or token type—in which the operator abruptly stops work, withdraws investor funds, and disappears.[2] For example, a fraudster created an NFT project called Baller Ape Club (which was a play on the popular Bored Ape NFT) that sold NFTs of cartoon monkeys. Once the fraudster had collected some $26 million from investors, the project abruptly ended, deleting the website, and disappearing with the investors’ money. In June 2022, the U.S. Department of Justice charged the perpetrator with conspiracy to commit wire fraud and conspiracy to commit international money laundering.[3]
Phishing
Phishing involves the use of fraudulent emails, websites, or messaging in an effort to trick recipients into revealing sensitive information, such as private keys, log in information, or sensitive financial information. Phishing attacks are particularly common in connection with NFT projects.[4]
False address phishing is also common. It is when the fraudster sends small amounts of cryptocurrency to an intended victim from a website that has a similar address to one that the target had previously sent funds. The objective is to have the victim send a future quantity of cryptocurrency to that fraudulent address.[5] Phishing is often facilitated by the use of so-called drainware or wallet drainers. These tools allow someone to quickly and automatically empty a digital wallet.[6]
Misrepresentation/Pig Butchering
In the digital asset space, impersonation scams run rampant. One common type involves fraudsters pretending to be representatives of exchanges, wallet providers, or other services. By offering assistance with technical issues or account problems, the fraudsters are often able to persuade victims to share their log in credentials, private keys, and other sensitive information.[7]
Another prevalent cryptocurrency scam is commonly known as pig butchering. Pig butchering scams involve fraudsters who use fictitious identities, develop fact relationships, and create “elaborate storylines to ‘fatten up’ the victim into believing they are in trusted partnerships.”[8] These scams are also referred to as “confidence scams” and “romance scams” because the scammers use these techniques to gain the victim’s confidence before tricking them into making fraudulent investments in virtual currency trading platforms.[9]
Extortion/Ransomware
Cryptocurrency adds a new twist to the old extortion criminal activity. For example, blackmail payoff can be demanded in cryptocurrency and so-called ransomware can be used to shut down critical aspects of a company’s business until payment is made in cryptocurrency.[10]
Ponzi Schemes
Essentially a Ponzi scheme relies on obtaining money from new investors to generate funds to pay existing investors purported “returns.” It is named after Charles Ponzi, who peddled a massive investment fraud in the 1920s. According to the SEC, for example, Trade Coin Club promised investors profits from the trading activities of a purported “crypto trading bot.” The promoters made false representations that the bot made “millions of micro transactions” every second, and investors would receive a minimum return of 35 percent daily. Trade Coin Club’s sole source of funding investor withdrawals and redemptions was by using payments received from new investors. Because the Trade Club “membership packages” constituted “investment contracts,” they were considered to be securities for federal securities law purposes. As a result, the SEC shut the operation down in 2022.[11]
Another example of a Ponzi scheme involving digital assets is Forsage, a purportedly decentralized finance (DeFi) cryptocurrency platform that raised $340 million from investors. The scheme involved automatically diverting new investors’ purchases of a “slot” in a Forsage smart contract to other Forsage investors so that earlier investors were paid off with funds from newer investors. Over 50 percent of the investors never received a single payment, and the majority of money invested in Forsage’s smart contracts were fraudulently siphoned out into cryptocurrency accounts in the promoters’ control. The SEC shut Forsage down in 2022.[12]
Looking further back in time, the first reported cryptocurrency Ponzi scheme was brought by the SEC in 2016. The defendant, Trendon Shavers, was sentenced to 18 months in prison and ordered to pay over $1.2 million in penalties and over $2 million in restitution. Shavers had solicited investors to lend his company their Bitcoin in return for which they would be paid 7 percent interest per week. Shavers never implemented the crypto arbitrage strategy that he had promoted. Instead, he used Bitcoin from new investors to make the purported “interest” payments and cover withdrawals of older investors.[13]
Ponzi schemes involving cryptocurrency can also fall within the CFTC’s jurisdiction. For example, in 2022 the CFTC filed civil charges against Mirror Trading International Proprietary Limited (MTI) and its CEO for running a fraudulent commodity pool. MTI solicited Bitcoin online, purportedly to trade off-exchange retail foreign currency on a leveraged basis. MTI raised $1.7 billion from investors worldwide, including 23,000 Americans. Instead of trading foreign currency, MTI misappropriated pool funds, misrepresented trading and performance, falsified account statements, and lied about the use of a broker. Just a fraction of the pooled Bitcoins was ever invested. The CFTC ordered the CEO to pay $3.4 billion in restitution and penalties.[14]
Deduction of Theft Losses
While there are undoubtedly an infinite number of other fraud schemes and many variations on those I have just summarized, taxpayer losses in all of them except one are treated as straightforward theft losses for tax purposes. That one exception is for Ponzi schemes. In order for taxpayers to be able to deduct losses from the types of fraud I have just summarized, taxpayers must establish a number of factors.
They must show that the loss resulted from an illegal “taking of property” done with criminal intent. This means a taxpayer must show that the thief had the intent to deprive the taxpayer of money or property. Thus, there must be a showing that there was a theft under state or federal law. The taxpayer does not, however, need to show the thief has been convicted of a crime. Of course, a loss is not deductible if it is compensated for by insurance or otherwise.
A theft loss is deductible in the year the taxpayer discovers the fraud, provided the fraud is evidenced by a closed and completed transaction and the loss is fixed by identifiable events. Further, the loss must not be subject to a claim for reimbursement or recovery, where there is a reasonable prospect of recovery. The amount of a theft loss depends on whether the loss is from a transaction entered into for profit. If the taxpayer has a profit motive, the loss is subject to Code §165(c)(2) and the amount that can be deducted is generally the sum of the amount invested minus amounts withdrawn, if any, plus purported gains that had been included in the taxpayer’s taxable income, reduced by reimbursements or recoveries, and further reduced by claims as to which there is a reasonable prospect of recovery. Theft losses of digital assets that were not purchased for profit—for example, an NFT purchased as a collectible or a cryptocurrency purchased to be used to acquire specific property—are subject to Code §165(c)(3), not Code §165(c)(2). Code §165(c)(3) losses are subject to significant limitations that do not apply to theft losses under Code §165(c)(2). As a result, theft losses under Code §165(c)(3) are subject to the deduction limitations in Code §165(h). This means that the taxpayer’s loss must exceed $100 and the deduction is limited to the amount by which the loss exceeds 10 percent of the taxpayer’s adjusted gross income for the years in which the deduction may be taken.
Whether subject to Code §165(c)(2) or Code §165(c)(3), there are complicated requirements and calculations under various code sections to determine the amount of a deductible loss. For example, a loss is not allowed under Code §62 (deductions taken in calculating adjustable gross income) and, therefore, is treated as an itemized deduction. Likewise, such losses are excluded from the definition of miscellaneous itemized deductions and, therefore, are not subject to the limitation on itemized deduction contained in Code §67(a). Such losses are also exempt from the Code §68 limitations on the overall limit on itemized deductions, based on a percentage of adjusted gross income or total itemized deductions.
A taxpayer’s digital asset theft loss is deductible in the year the theft loss is discovered, provided that the loss is not covered by a claim for reimbursement or other recovery as to which the taxpayer has a reasonable prospect of recovery. Recoveries on such a claim in a subsequent tax year are not included in gross income. If the taxpayer recovers an amount greater than the amount of the claim, the excess recovery is included in gross income. Should the amount recovered be less than the claim, a deduction of such amount is allowed in the year in which the amount of the recovery is ascertained with reasonable certainty.
The requirement that a fraud loss must be “fixed” by identifiable events should be relatively easy to establish for cryptocurrency that is stolen from a taxpayer’s digital wallet, but it is not be so clear with respect to NFTs and other theft schemes. For example, in the case of a scam such as the Baller Ape Club—where the promoters shut down the website eliminating any liquidity for the NFTs—is the transaction closed and completed? After all, the taxpayer still has the NFT, the NFT might have some value, and the possibility still exists that the website could be reinstated.
More troubling is the situation in which there is a claim for reimbursement by the SEC or CFTC. For example, in the case of MTI, the CFTC ordered restitution. But how is a taxpayer to know whether there is a “reasonable prospect of recovery” and if so, how much? In such a circumstance, it appears that a taxpayer cannot take a tax deduction until it can be ascertained with reasonable certainty whether there will be reimbursement. The determination of a “reasonable prospect of recovery” is a question of fact. It must be determined based on an examination of all the facts and circumstances. As a result, it may be difficult for individual taxpayers who are adversely affected by fraud to determine whether and when there has been a definitive settlement or adjustment of the claim. In such circumstances, a taxpayer might seek to abandon its claim to any portion of such reimbursement.[15] Abandonment must be shown by objective evidence, such as a written release. But is it enough for the taxpayer to file a statement with the SEC or CFTC, for example, the taxpayer intends to abandon the property? A further complication is that a suit for reimbursement can remain open for many, many years while the defendant is sought or prosecuted, or the defendant’s assets are sought to be discovered. For example, money is still being recovered from the Bernard Madoff Ponzi scheme more than 15 years after the crime was discovered.
The Safe Harbor Procedure for Ponzi Schemes
Digital assets are a prime target for fraudsters peddling Ponzi schemes. Average investors seldom fully understand the operation of the technology that powers digital assets or have the means to evaluate whether such assets are sound investments. Unlike traditional investments in securities, commodities, and physical property, digital asset investors cannot obtain earning reports, third-party research reports, audited financial statements, or regulatory filings. Few digital asset investment opportunities are regulated and their promoters are often anonymous. As a result, in 2022 alone more than 10 Ponzi schemes came to light involving digital assets.[16]
In fact, investors in what turns out to be a Ponzi scheme often cannot determine “with certainty” the year in which their loss is discovered. In 2009, shortly after the Bernard Madoff Ponzi scheme was uncovered in 2008, the IRS issued a revenue ruling (Rev. Rul. 2009-9)[17] and a revenue procedure (Rev. Proc. 2009-20)[18] to provide victims with tax guidance and an elective safe harbor procedure.
Rev. Rul. 2009-9 provides that Ponzi scheme theft losses may be deducted under Code §165(c)(2) as losses incurred in a transaction entered for profit, rather than resulting from a casualty or theft under Code §165(c)(3).[19] This means that victims can deduct the full amount of their theft loss even if it does not exceed 10 percent of their adjusted gross income as would otherwise be required by Code §165(h) for casualty or theft losses under Code §165(c)(3). It also means that losses are not limited by the limitations on itemized deductions in Code §§67 and 68.
The Revenue Procedure provides for an optional Safe Harbor designed to avoid “potentially difficult problems of proof… and alleviated compliance and administrative burdens on both taxpayers and the Service.” The safe harbor applies to taxpayer losses where “the party perpetrating the fraud received cash or property from investors, purports to earn income for the investors, and reports income amounts to the investors that are wholly or partially fraudulent. Payments, if any, of purported income or principal are made from cash or property that other investors have invested in the fraudulent arrangement. To be eligible for the safe harbor, the arrangement must not be a tax shelter under Code §6662(d)(2)(C)(ii). In other words, the safe harbor is limited solely to Ponzi schemes.
To qualify for the safe harbor, the “lead figure” must have been criminally charged, by indictment or information under state or federal law, with the commission of fraud or embezzlement. If the lead figure is only subject to a criminal complaint, the lead figure must admit to the crime or a receiver or trustee must be appointed with respect to the arrangement or its assets must be frozen. In 2011 the revenue procedure was modified by Rev. Proc. 2011-58 to address those situations in which death of the lead figure eliminates the possibility of criminal charges. In the event of such death, the safe harbor is still available if the lead figure “or an associated entity” was the subject of one or more civil complaints or similar documents filed with a court or in an administrative proceeding providing the alleged facts cover all of the elements of a fraudulent Ponzi scheme. In addition, either a receiver or a trustee was appointed or the assets were frozen.[20]
The safe harbor is only available to taxpayers that have directly invested in the fraudulent arrangement. Thus, if a taxpayer invested in a fund that invested in the Ponzi scheme arrangement, the taxpayer cannot rely on the safe harbor. The investment fund, itself, could seek to apply the safe harbor. Whoever seeks to utilize the safe harbor must not have known of the fraud prior to its being known to the general public.
A taxpayer that is eligible to use the safe harbor can deduct losses in the “discovery year,” which is (as that term was modified by the 2011 revenue procedure) either the year when the indictment, information, or complaint was filed against the lead figure, or the year when the criminal complaint was filed and the death of the lead figure occurs, whichever is later. The amount of the deduction a qualified taxpayer can take in the discovery year is based on the excess, if any, of the sum of total amount of cash or the basis of property invest in the arrangement, plus the total amount of the net income from the arrangement included in the taxpayer’s income for federal tax purposes for all years prior to the discovery year over the total amount of cash or property that the taxpayer withdrew from the arrangement. This is referred to in the revenue procedure as the “qualified investment.”
If a taxpayer complies with the safe harbor requirements, the actual amount the taxpayer can deduct in the discovery year is either 95 percent of the qualified investment (if the taxpayer does not pursue a potential third-party recovery) or 75 percent of the qualified investment if the taxpayer is pursuing or intends to pursue third-party recovery. In both cases, the permissible deductible amount is reduced by any actual recovery (amounts the taxpayer actually receives in the discovery year from any sources, or as reimbursement or recovery for the loss) and any potential insurance/SIPC recovery.
The revenue procedure specifies the steps taxpayers must follow to claim deductions under the safe harbor. As long as taxpayers follow these procedures, the IRS will not challenge their claims of a theft loss, the taxable year in which the loss is deducted, or the amount of the deduction. A taxpayer relying on the safe harbor must also submit the statement in the form specified in Appendix A to the revenue procedure, declaring among other things, that the taxpayer has written documentation to support the amount of the deduction as the deduction is calculated in the statement.
The safe harbor provides taxpayers with certainty as to their ability to deduct their losses in connection with a criminally fraudulent investment arrangement in the form of a Ponzi scheme. It is unlikely, however, that all Ponzi schemes involving digital assets will be subject to criminal proceedings, either because there are a small number of victims or the lead figure (and anyone else involved in the fraud) is unknown and cannot be identified.
[1] Code §165(a).
[2] “Exit Scams in the Cryptocurrency World,” NordVPN, “What is a Cryptocurrency Exit Scam?” What is a Cryptocurrency Exit Scam? | The Motley Fool; “What is a Crypto Exit Scam?” Crypto Adventure, https://cryptoadventure.com/community/articles/short-series-what-is-a-crypto-exit-scam/.
[3] “DOJ Files Charges Against Baller Ape Club ‘Rug Pull,’” Decrypt, June 30, 2022, https://decrypt.co/104220/dog-files-charges-against-baller-ape-club-rug-pull.
[4] “What is a Phishing Attack in Crypto, and How to Prevent It?” Cointelegraph, https://cointelegraph.com/learn/what-is-a-phishing-attack-in-crypto-and-how-to-prevent-it; “Exit Scam: How to Spot One,” NordVPN, Feb. 20, 2023, https://nordvpn.com/blog/exit-scam/#:~:text=Exit%20scams%20in%20the%20cryptocurrency,with%20their%20investor%20victims'%20money.
[5] “’Zero-value Transactions,’ Fooling Victims Into Sending Their Crypto to Fraudulent Addresses,” Elliptic Connect, Jan. 25, 2023 https://www.elliptic.co/blog/analysis/the-latest-scam-zero-value-transactions-fooling-victims-into-sending-their-crypto-to-fraudulent-addresses.
[6] “ELI5 – What is a Wallet Drainer?” https://crypto.bi/wallet-drainer/.
[7] “Digital Wallet Fraud–What It Is and How It’s Prevented,” Fraud.com Digital Wallet Fraud - What is it and how it's prevented | Fraud.com.
[8] “FinCen Alert on Prevalent Virtual Currency Investment Scam Commonly Known as ‘Pig Butchering,’” FinCent Alert, FIN-2023-Alert005, September 8, 2023. FinCEN Issues Alert on Prevalent Virtual Currency Investment Scam Commonly Known as “Pig Butchering” | FinCEN.gov.
[9] Id. See also, United States Secret Service (USSS), “Cryptocurrency Investment Scams” (USSS Alert) Cryptocurrency Investment Scams.pdf (secretservice.gov). These scams are also called “Sha Zhu Pan,” a Chinese term that loosely translates to pig butchering. See U.S. Department of Justice (DOJ), U.S. Attorney’s Office, Central District of California Press Release, “Justice Dept. Seizes Over $112M in Funds Linked to Cryptocurrency Investment Schemes. With Over Half Seized in Los Angeles Case” (Apr. 3, 2023) Central District of California | Justice Dept. Seizes Over $112M in Funds Linked to Cryptocurrency Investment Schemes, With Over Half Seized in Los Angeles Case | United States Department of Justice. Id., footnote 2.
[10] “What is Double Extortion Ransomware,” https://www.zscaler.com/resources/security-terms-glossary/what-is-double-extortion-ransomware; “Ransomware Attackers’ New Tactic: Double Extortion.” Security Intelligence, December 23, 2021, https://securityintelligence.com/articles/ransomware-double-extortion/.
[11] “SEC Charges Creator of Global Crypto Ponzi Scheme and Three US Promoters in Connection with $295 Million Fraud,” Securities and Exchange Commission, Press Release, November 4, 2022 https://www.sec.gov/news/press-release/2022-201.
[12] “Forsage Founders Indicted in $340M DeFi Crypto Scheme,” Department of Justice, Press Release, Feb. 22, 2023, https://www.justice.gov/opa/pr/forsage-founders-indicted-340M-defi-crypto-scheme.
[13] “Texas Man Sentenced For Operating Bitcoin Ponzi Scheme,” U.S. Attorney’s Office, S.D.N.Y. July 21, 2016, https://www.justice.gov/usao-sdny/pr/texas-man-sentenced-operating-bitcoin-ponzi-scheme.
[14] “Mirror Trading Boss Fined Over $3B in US Over Unlawful Crypto Ponzi Scheme,” Coingeek, May 2, 2023, https://coingeek.com/mirror-trading-boss-fined-over-3b-in-us-over-unlawful-crypto-ponzi-scheme; “CFTC Slaps Record $3.4b Fine on Crypto Ponzi Scheme Operator,” CryptoNews, April 28, 2023, https://crypto.news/cftc-slaps-record-3-4b-fine-on-crypto-ponzi-scheme-operator/
[15] For a discussion of the tax treatment of worthless and abandoned property, see https://www.askramerlaw.com/publications/are-crypto-losses-tax-deductible-as-worthless-or-abandoned-property
[16] “10 Crypto Ponzi Schemes that Ravaged the Digital Asset Market in 2022,” https://www.analyticsinsight.net/10-crypto-ponzi-schemes-that-ravaged-the-digital-asset-market-in-2022/
[17] 2009-14 I.R.B. 735.
[18] 2009-14 I.R.B. 749, as modified by Rev. Proc. 2011-58, which addresses death of a lead figure.
[19] Code §165(c)(3) casualty or theft losses involve losses other than those connected with a trade or business or a transaction entered into for profit.
[20] 2011-58 I.R.B. 849.