Earlier this week, HMRC announced that it was the first UK law enforcement entity to seize an NFT. The turn of phrase struck me - how exactly does one go about seizing a cryptoasset?
The difficulty is not that NFTs, like all cryptoassets, are at their root nothing more than lines of code on a blockchain. After all, as I have mentioned before, bank balances are no longer Gringotts-esque vaults of gold but simply numbers on a ledger.
What makes cryptoassets different is that there is no one definitive ledger. That means there is no one "gatekeeper" bank to comply with a freezing order from the courts, or a hold or deduction notice under HMRC's Direct Recovery of Debts regime.
Rather, a person requesting a transaction must authorise it using their private key (authenticating their ownership). It is absolutely possible to seize someone's private key - the staggering figures for cryptocurrency theft are proof enough of that - but that won't always be sufficient to lock down the asset.
The most common form of cryptocurrency theft involves hacking exchanges or other decentralised finance platforms to access private keys, then using those keys to transfer assets elsewhere. That second step is necessary because the private key can exist in more than one place - you may know my key, you might even seize the device or block access to the system on which I have stored that key, but if I've stored it elsewhere, committed it to memory, or just scribbled it on the back of my hand, I can still authorise transactions.
So are authorities transferring cryptoassets into their own wallets? While HMRC hasn't confirmed either way, it seems likely: a seizure warrant issued to the US Department of Justice for USD 2.3m of bitcoin last year noted that the FBI already had access to the private key, but authorised seizure of the funds themselves. Once the cryptoassets are transferred, only the seizing authority will have the private key: an effective seizure.
Of course, the point of seizure is to take control of a valuable asset. With a cryptocurrency all of the value exists solely on the blockchain. That blockchain records the transfer of cryptocurrency coins to the seizing authority, which retains control unless and until it authorises a transfer to someone else. The effect is the same as seizing fiat currency. NFTs have another layer of complexity because they usually reference an associated asset, which is commonly data hosted off-chain such as a digital image file hosted on a web server. That means that even after an authority seizes control of the NFT itself, a secondary risk remains that someone could remove or otherwise interfere with the associated asset (for example, by deleting the image file from the web server), which may significantly affect the value of the NFT. It's all a bit tricky.
HMRC is aware that its existing powers are predicated on a long-gone world of physical goods and physical presence: the ongoing call for evidence on modernising tax debt collection asks specifically for views on whether HMRC should adapt to increased use of intangible assets and digital wallets. Given the outcry when the Direct Recovery of Debts regime was introduced, granting HMRC power to access taxpayers' digital assets directly seems a very hard sell - but, more fundamentally, difficult to achieve in practice.
The call for evidence closes on 22 February.