Google said it’s implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to “ensure a safe and compliant ecosystem for users.”
The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, Thailand, the United Arab Emirates, the United Kingdom, the United States, and the European Union. The changes do not apply to non-custodial wallets.
This means developers publishing cryptocurrency exchange and wallet apps have to hold appropriate licences or be registered with relevant authorities like the Financial Conduct Authority (FCA) or Financial Crimes Enforcement Network (FinCEN), or authorized as a crypto-asset service provider (CASP) under the Markets in Crypto-Assets (MiCA) regulation before distribution.
“If your targeted location is not on the list, you may continue to publish cryptocurrency exchanges and software wallets. However, due to the rapidly evolving regulatory landscape worldwide, developers are expected to obtain any additional licensure requirements per local laws,” the tech giant said.
Google noted that developers have to declare under the App Content section that their app is a cryptocurrency exchange and/or software wallet in the Financial Features Declaration. In addition, the company said it may request developers to provide more information regarding their compliance in a given jurisdiction that’s not covered in the aforementioned list.
Developers who don’t have the required registration or licensing information for certain locations are being urged to remove the apps from those targeting countries/regions.
The disclosure comes as the U.S. Federal Bureau of Investigation (FBI) issued an updated alert warning of cryptocurrency scams in which companies falsely claim to help victims recover their stolen funds to further defraud them.
Fraudsters have been observed posing as lawyers representing fictitious law firms, approaching scam victims on social media and other messaging platforms to assist with fund recovery, only to dupe them a second time under the pretext of receiving their information from the FBI, Consumer Financial Protection Bureau (CFPB), or other government agency.
“Between February 2023 and February 2024, cryptocurrency scam victims who were further exploited by fictitious law firms reported losses totaling over $9.9 million,” the FBI said in an alert last June.
The FBI also listed a number of potential red flags that users are advised to look for that could indicate a potential scam –
- Impersonation of government entities or actual lawyers
- References to fictitious government or regulatory entities
- Requesting payment in cryptocurrency or prepaid gift cards (the U.S. government does not request payment for law enforcement services provided)
- Having knowledge of the exact amounts and dates of previous wire transfers and the third-party company where the victim previously sent scammed funds
- Stating the victim was on a government-affiliated list of scam victims
- Referring victims to a “crypto recovery law firm”
- Stating the victims’ funds are in an account held at a foreign bank and instructing them to register an account at that bank
- Placing victims into a group chat on WhatsApp, or other messaging applications, for supposed client safety
- Requesting victims send payment to a third-party trading company for maintaining secrecy and safety
- Inability to provide credentials or a license
“Be cautious of law firms contacting you unexpectedly, especially if you have not reported the crime to any law enforcement or civil protection agencies,” the FBI said, urging citizens to exercise due diligence and adopt a zero-trust model.
“Request video verification or documentation or a photo of their law license. Request verification of employment for anyone claiming to work for the US Government or law enforcement.”
