South Korea’s National Police Agency is moving to tighten the way seized virtual assets are handled after a series of operational failures exposed serious weaknesses in public-sector crypto custody. The new administrative rules are meant to bring structure to areas such as wallet-address management, private-key control, and the storage of software and hot wallets.
The policy push follows a damaging run of mistakes that, contributed to losses of roughly $6 million and revealed vulnerabilities in the management of about 54.5 billion won, or $36.5 million, in digital assets seized over the past five years. The scale of those failures has turned crypto custody from a technical issue into a broader credibility problem for state authorities.
A Push Toward Standardized Public-Sector Crypto Custody
The draft rules seek to standardize how law enforcement handles seized digital assets, including privacy-focused tokens and assets stored in hot wallets. At the center of the proposal is a more disciplined framework for documenting wallet addresses, separating private-key access, and tightening operational controls around software wallets.
Those changes build on steps already taken by financial regulators. The Financial Services Commission has required multi-signature wallets for evidence handling, while the Financial Supervisory Service is introducing AI monitoring tools to strengthen broader oversight of digital-asset activity.
The urgency behind the reforms is rooted in several high-profile failures. The Gangnam Police Station lost 22 BTC because of weak private-key control and reliance on a third-party wallet arrangement, while the National Tax Service accidentally exposed a recovery phrase in a press release before roughly $4.8 million was stolen.
Another incident added to the pressure for reform. Prosecutors were hit by a phishing attack during an evidence transfer in August 2025 that briefly cost 320 BTC, even though those coins were later recovered and sold for $21.5 million.
Budget, Expertise and Execution Remain the Real Test
Officials have acknowledged that limited budgets and weak internal expertise made the custody problem harder to solve. The police allocated only 83 million won, about $55,600, for handling seized crypto assets, a level that critics say is badly out of step with the security and operational risks involved.
That mismatch has already complicated efforts to outsource the problem. Three attempts in 2025 to appoint a private custodian failed, pushing the KNPA to plan another selection process in the first half of 2026 while also exploring the option of a government-run public custodian.
Experts argue that better procedures alone will not be enough without deeper institutional capability. The bigger challenge is turning technical safeguards into routine practice by adding cryptographic-security professionals, forensic analysts, and custody specialists who can manage seized assets without repeating the same procedural mistakes.
The success of the new framework will depend on whether those practical gaps are closed. If South Korean authorities secure a qualified custodian and build the internal expertise to support the new rules, the risk around seized assets should fall meaningfully; if not, public confidence in state crypto custody will remain fragile.