How to Report Crypto Scams as a Business

Crypto scam reporting is often written for individual victims: someone loses funds, contacts a platform, and files a complaint after the damage is done. When a business is affected, the process is more complex. The incident may touch payments, vendors, customers, internal access, brand impersonation, or operational wallets, while stolen assets can move across chains and platforms within hours.

That is why a business report has to do more than describe the scam. It should give banks, platforms, investigators, insurers, and authorities enough evidence to freeze accounts, preserve records, trace funds, escalate the case, and support internal response.

This guide explains what evidence to collect, who to contact, and where to file reports in the US, UK, Australia, Canada, the EU, and Switzerland.

The First 24 Hours Matter: What a Company Should Do First

If a business becomes the target of a crypto scam, the first hours matter. Evidence can disappear, stolen assets can move fast across wallets, chains, and platforms, and counterparties may need to act before the transaction trail becomes harder to follow. Here's what a business should do immediately after the scam is discovered.

1. Suspend exposed access or activity

• User accounts, wallets, and API keys;

• Sessions, integrations, or third-party vendors.

2. Preserve technical and blockchain evidence

• Wallet addresses, transaction hashes, and blockchain IDs;

• Exchange account IDs, deposit references, and API keys;

• Metadata: email headers, chat handles, and session tokens;

• Infrastructure: domains, SSL certificates, and server logs;

• Network and access logs, IP addresses, and device fingerprints;

• Financial and document logs, invoices, and KYC artifacts.

3. Classify the scam type

• Investment scam or fake platform using your name;

• Impersonation scam via docs, domains, or comms channels;

• Business email compromise with crypto payment;

• Fake vendor or payment diversion in crypto;

• Fraudulent OTC trade or escrow scheme;

• ‘Pig butchering’ scam using your app or comms.

4. Notify internal stakeholders

• Legal team;

• Compliance and reporting owner;

• Fraud and risk team;

• Security and IT ops;

• Exec owner (CEO, CTO, or product lead).

When these four steps are complete, the incident is contained, evidence is intact, and decision-makers are aligned. The next task is to build a report that external agencies can act on.

What Information to Collect Before Filing a Report

Agencies and crypto platforms don’t always formally state what kind of information they expect from a scam report, but some do.

For example, the European Securities and Markets Authority (ESMA) recommends that victims inform their crypto provider promptly, since the provider may still be able to freeze a scammer’s account on its platform or blacklist the wallet address. FBI’s IC3 has a dedicated cryptocurrency fraud page and advises victims to file complaints with supporting details.

In general, this means that both law enforcement and crypto industry partners expect structured information that can help escalate your report.

Once the evidence package is ready, the next matter is routing.

Crypto scam reports do not go to a single global authority. Depending on the case, a business may need to contact law enforcement, a financial regulator, a cybercrime unit, a platform compliance team, or a scam-intelligence database.

That makes jurisdiction important. The right reporting path depends on where the business is based, where the counterparty operated, where the funds moved, and what type of scam occurred. The overview below maps the main jurisdictions and the authorities businesses should contact for different crypto scam scenarios.

How to Report Crypto Scams in the USA

U.S.-based crypto scam reports can involve more than one agency because each route covers a different side of the incident.

FBI IC3 is the main route for internet-enabled fraud and cybercrime. The FTC handles consumer-facing scams and abusive business practices. The CFTC covers crypto cases with a trading or derivatives angle, while the SEC covers cases that look like securities fraud.

FBI / IC3

Reporting page: https://www.ic3.gov/Home/FileComplaint/

Use for:

• Internet-enabled crypto fraud;

• Cybercrime reports with wallet addresses, transaction hashes, or other evidence;
• BEC cases involving crypto payments or wallet transfers;
• Cross-state or cross-border cybercrime.

   

FTC

Reporting page: https://reportfraud.ftc.gov/

Use for:

• Consumer-facing crypto scams;

• Impersonation scams;

• Scam platforms, fake services, or abusive business practices;

• Suspicious crypto activity that may not require a criminal complaint.

CFTC

Reporting page: https://forms.cftc.gov/Forms/TipsAndComplaints/

Use for:

• Crypto fraud with a commodities or derivatives angle;

• Suspicious digital asset trading schemes;

• Fraudulent crypto or forex trading platforms;

• Unregistered derivatives, leveraged trading, or forex-style schemes involving digital assets.

SEC

Reporting page: https://www.sec.gov/tcr/

Use for:

• Crypto investment or token offering fraud;

• Possible securities law violations involving crypto assets;

• Ponzi schemes, market manipulation, or other securities-related wrongdoing involving crypto.

After filing, keep the IC3 complaint ID, FTC report confirmation, CFTC submission confirmation, or SEC TCR submission record with your incident file. U.S. reports are often triaged before any case officer engages, so continue internal monitoring and platform contacts while the filings move through federal queues.

How to Report Crypto Scams in the UK

The United Kingdom channels crypto-fraud reports through two main reporting routes.

If the issue is about the financial legitimacy of the business, service, or offer behind the scam, it goes to the Financial Conduct Authority (FCA), which is the UK’s financial regulator.

If it's about the scam as a crime, it goes through the police route: Report Fraud in England, Wales, and Northern Ireland, or Police Scotland in Scotland.

Some cases may need both reports–– when the same scam raises regulatory concerns and also needs to be recorded as a crime.

FCA

Reporting page: https://www.fca.org.uk/consumers/report-scam 

Use to report:

• Contact from a fraudster, unauthorised company, or clone firm.

• Scams related to investments, including crypto investments;

• Scams involving other FCA-relevant financial products, such as pensions, loans, credit, insurance, warranty products, or claims.

• Suspicious financial services you have already paid for.

Report Fraud

Reporting page: https://www.reportfraud.police.uk/

Report by phone: 0300 123 2040

Use to report:

• Criminal fraud complaints in England, Wales, and Northern Ireland. It replaced the older Action Fraud reporting route.

Police Scotland

Reporting page: https://www.scotland.police.uk/advice/scams-and-frauds/crypto-scams/

Report by phone: 101

Use when:

• The victim, business, or relevant activity is located in Scotland;

• A Scotland-based entity needs an official crime reference number for insurers, banks, or platform requests.
  

After reporting a crypto scam in the UK, keep the FCA case reference or crime reference number with your incident file and continue monitoring the affected wallets and accounts.

How to Report Crypto Scams in Canada

Canada has separate fraud-reporting and AML-intelligence channels.

Victims report to local police and the Canadian Anti-Fraud Centre (CAFC). FINTRAC separately receives transaction reports and voluntary information under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act framework, which also supports sanctions-evasion detection and deterrence.

If a scam transaction touches a FINTRAC reporting entity, such as a bank, money-services business, or crypto platform, that entity may have separate FINTRAC reporting obligations. Those reports can include transaction and customer information that may support financial-intelligence analysis, but they are separate from the victim’s police or CAFC report.

Investment-fraud cases should also be reported directly to the relevant provincial or territorial securities regulator, local police, and CAFC.

Canadian Anti-Fraud Centre (CAFC)

Report online: https://reportcyberandfraud.canada.ca/

Report by phone: 1-888-495-8501

Use to:

• Report fraud or attempted fraud, whether you are a victim, witness, or were targeted;

• Create a CAFC record and help law enforcement link related incidents;

• Support investigations and fraud-pattern detection.

Local police / provincial securities regulators

Cyber Centre guidance: https://www.cyber.gc.ca/en/guidance/have-you-been-victim-cybercrime

File to:

• Local police whenever your business is a victim of fraud or cybercrime, especially if funds, identity, accounts, or devices were affected.

• The securities regulator when the scam involves an investment, trading platform, token offering, adviser, exchange, or securities-law misconduct.

After filing, record every reference number: local police file number, CAFC/portal confirmation, exchange case IDs, bank fraud case IDs. Be ready to supply it to banks, exchanges, and custodians when requesting freezes, recovery, or trace assistance.

How to Report Crypto Scams in Australia

Australia uses several reporting routes for crypto scams, and a business may need one or several of them depending on what happened.

Start with Scamwatch to report the scam itself.

Add ReportCyber if the incident involved online fraud, cybercrime, compromised access, or a cyber security incident. Add ASIC if the scam involved an investment, financial service, market, credit, company, director, or adviser. Use AUSTRAC only if your business is a regulated reporting entity with AML/CTF duties.

Scamwatch

Reporting page: https://www.scamwatch.gov.au/report-a-scam

Use to report:

• Scam contact, fake offers, or suspicious activity;

• Impersonation of your business, staff, partners, or customers;

• Scam websites, ads, social media accounts, messages, or other materials that can help Scamwatch warn others or support scam disruption.

ReportCyber

Reporting page: https://www.cyber.gov.au/report-and-recover/report

Report by phone: 1300 CYBER1 (1300 292 371)

Use to report:

• Online fraud or cybercrime connected to crypto payments, wallet transfers, or business accounts;

• Account, email, device, wallet, exchange, credential, or system compromise;

• Cyber security incidents affecting customer data, business operations, or access to business systems.

ASIC

Reporting page: https://www.asic.gov.au/about-asic/contact-us/reporting-misconduct-to-asic/

Report by phone: 1300 300 630

Use to report:

• Crypto-related investment scams, fake investment platforms, or misleading financial offers;

• Unlicensed operators, suspicious advisers, or company misconduct linked to the scam;

• Cases where ASIC may be the relevant corporate, markets, financial services, or credit regulator.

AUSTRAC

AUSTRAC Online: https://online.austrac.gov.au/ao/login.seam

Use for:

• Submitting suspicious matter reports if your business is an AUSTRAC reporting entity;

• Reporting cases that trigger your AML/CTF obligations as a regulated business;

• Submitting required AUSTRAC reports when suspicious activity, large transactions, international transfers, sanctions-related concerns, or other AML/CTF risks are involved.

Keep reference numbers for follow-up with banks, exchanges, police, regulators, insurers, and internal compliance teams.

How to Report Crypto Scams in the EU

In the European Union, crypto scam reporting is handled at the national level. There is no single EU-wide crypto scam complaint form that replaces national reporting.

The first step is to identify the right national route, then choose the channel based on what the incident involves: a criminal or cybercrime report, a financial-supervision issue, provider-side action, or several of these at once.

National police / national cybercrime portal

Reporting resource: https://www.europol.europa.eu/report-a-crime/report-cybercrime-online

Use for reporting:

• Criminal or cybercrime cases involving online fraud, account compromise, or stolen crypto assets;

• Incidents where the business needs an official police or cybercrime report record;

• Cases that require follow-up with providers, banks, insurers, or investigators.

National financial supervisory authority

Reporting resource: https://www.esma.europa.eu/sites/default/files/2024-12/List_of_Competent_Authorities_notified_to_ESMA_under_MiCA.pdf

Use for reporting:

• Suspected misconduct involving a crypto-asset service provider, investment offer, trading platform, or marketing communication;

• Authorised or unauthorised crypto activity that may fall under MiCA, investment-services rules, or national financial-supervision rules;

• Cases where the issue needs supervisory review in addition to or instead of a police or cybercrime report.

Provider notification

Use when:

• The scam involved an account, wallet, transaction, or on-platform counterparty;

• The provider may still be able to freeze an on-platform account, blacklist a scam address, or flag affected transactions;

• You need provider case IDs, screenshots, account records, transaction hashes, or support replies for the police, supervisor, bank, insurer, or internal investigation team.

After filing, keep every reference number: police or cybercrime report ID, national supervisor complaint reference, provider case ID, bank case ID, and any insurer or internal incident number. Keep monitoring affected wallets, accounts, domains, and counterparties while the reports move through national channels.

How to Report Crypto Scams in Switzerland

Because Switzerland is not an EU member, crypto scam reporting goes through Swiss cyber, financial-supervision, AML, and criminal-justice channels.

For businesses, the right route depends on what the report needs to achieve. Cyber and technical incidents go to the NCSC. Financial-market misconduct belongs with FINMA. AML or terrorist-financing concerns go through MROS when the business is a reporting entity. Criminal complaints, including fraud, theft, extortion, and direct financial loss, go to cantonal police or the public prosecutor.

National Cyber Security Centre (NCSC)

Reporting page: https://www.report.ncsc.admin.ch/en/  

Use for reporting:

• Cyber incidents involving phishing, malware, hacked accounts, or fake platforms;

• Technical indicators that can help assess the incident, including malicious domains, emails, or online-account compromise;

• Mandatory cyberattack reports if your business operates critical infrastructure.

FINMA

Reporting page: https://www.finma.ch/en/finma-public/reporting-information/ 

General enquiries hotline: +41 31 327 98 88

Use for reporting:

• Crypto providers that appear to be operating on the Swiss financial market without required authorisation;

• Suspected irregularities by FINMA-supervised institutions;

• Possible breaches of Swiss financial-market law.

Money Laundering Reporting Office Switzerland (MROS)

Reporting is submitted through goAML; registration is required.

Reporting page (goAML): https://www.fedpol.admin.ch/en/entering-and-submitting

MROS phone contact: +41 58 463 40 40

Use for reporting:

• Suspicious activity reports if your business is a Swiss reporting entity;

• Cases that trigger your AML or terrorist-financing reporting obligations;

• Suspected money laundering or terrorist financing identified by a regulated Swiss business.

Cantonal police or public prosecutor

Reporting: File in person or in writing at any police station or public prosecutor’s office.

Suisse ePolice with online options and local police contacts: https://www.suisse-epolice.ch/

Use for reporting:

• Direct financial loss, fraud, identity misuse, theft, extortion, or compromised accounts where criminal conduct occurred;

• Criminal complaints that need a police or prosecutor record;

• Cases where you need a reference number for banks, insurers, exchanges, or custodians.

After filing, keep every reference number: NCSC report ID, FINMA submission reference, MROS or goAML record, police complaint number, provider case ID, bank case ID, and any insurer or internal incident number. Keep monitoring affected wallets, accounts, domains, and counterparties while the reports move through Swiss channels.

What Happens After You File a Crypto Scam Report

Filing a crypto scam report starts a longer response process. The authority may review the report, route it to another department or governmental body, link it to other cases, or add it to an intelligence database. Cross-border cases often take longer because several agencies or platforms may need to act.

For businesses, the work should not stop after submission. The follow-up can determine whether the case becomes a closed loss, a recoverable asset trail, or a blocked scam pattern.

Keep the report reference number, preserve the evidence package, and continue contacting any exchange, custodian, bank, payment provider, or platform that touched the funds or accounts.

In many cases, those providers are the fastest route to account freezes, record preservation, and wallet-link analysis. Although asset recovery is never guaranteed, reporting increases the chances and helps prevent attackers from repeating the misconduct.

Conclusion

Crypto-scam reporting works best when it is treated as part of a company’s fraud, AML, and incident-response system. The strongest reports connect wallet activity, transaction hashes, platform data, counterparties, timelines, and business impact into one evidence package.

For exchanges, fintechs, custodians, and compliance teams, that makes blockchain intelligence a practical part of the reporting process. Global Ledger’s blockchain analytics and investigation tools help teams trace suspicious flows, screen wallets, assess counterparty exposure, and turn fragmented incident data into clearer escalation materials.

FAQ