Washington just signaled it wants to rebuild its crypto-crime fighting capacity — but read the fine print before you trade on it. What landed this week is a proposal, not a policy.
What Just Changed: A Bill, Not a Law
On June 11, 2026, two U.S. House members introduced the Federal Cryptocurrency Theft Enforcement and Coordination Act, a bill that would create a government-wide task force to coordinate investigations into crypto hacks, exploits, and fraud . This is a newly introduced bill — not an operational task force and not enacted law. For traders, it is a regulatory-signal event, not new enforcement on the ground.
The sponsors are Rep. Lance Gooden (R-Texas), a member of the House Judiciary Committee, and Rep. Josh Gottheimer (D-N.J.), of the House Financial Services Committee . The proposed task force would sit inside the Department of Justice, chaired by the U.S. Attorney General or a designee, with the FBI, the Department of Homeland Security, and the Treasury Department (including FinCEN) named as participants .
Two details matter most. First, this is a coordination hub, not a new regulator. The bill's scope is explicitly criminal-only — theft, hacks, and fraud — and it carries no mandate to regulate crypto markets, digital-asset products, or financial institutions. Coordination with state and local agencies is framed as voluntary.
Second, nothing has passed. As of mid-June 2026, the measure has not cleared committee, let alone been enacted, and it is unclear whether it advances this session. The actionable takeaway: treat it as direction-of-travel sentiment, not a fundamentals change.
"Victims need a single federal point of contact, an effective, coordinated response, and a clear playbook for going after the criminals robbing people blind," said Rep. Josh Gottheimer (source: PYMNTS).
Why Now: The NCET Gap and $11.4B in Losses
The timing traces to a coordination gap Washington created itself. In April 2025, the Justice Department disbanded the National Cryptocurrency Enforcement Team (NCET) via a memo from Deputy Attorney General Todd Blanche, ending what it called "regulation by prosecution" and redirecting prosecutors toward individual criminal misuse rather than the industry as a whole . That left no central federal hub for crypto-crime cases — the vacuum this bill aims to refill through legislation rather than executive action.
The data backdrop is what lawmakers keep citing. The FBI's Internet Crime Complaint Center logged 181,565 cryptocurrency-related complaints reporting $11.4 billion in losses in 2025 . State-linked theft is the sharper concern: per TRM Labs, North Korea-linked actors stole roughly $577 million through April 2026 alone, about 76% of all crypto hack losses year-to-date — the highest sustained share on record .
Two attacks drove nearly that entire figure. Both were DeFi exploits, and both expose recurring design and process flaws traders should track:
- Drift Protocol — roughly $285 million, April 1, 2026, via social engineering .
- KelpDAO — roughly $292 million, April 18, 2026, tied to single-verifier/bridge design weaknesses .
The concentration is not a one-year spike. TRM puts North Korea's cumulative attributed theft above $6 billion since 2017, with its share of global hack losses climbing steadily over six years .
| Period | DPRK share of global crypto hack losses |
|---|---|
| 2020–2021 | under 10% |
| 2022 | 22% |
| 2023 | 37% |
| 2024 | 39% |
| 2025 | 64% |
| 2026 YTD | 76% |
Source: TRM Labs . The trend explains the urgency: enforcement capacity shrank in 2025 just as the dominant loss vector grew more concentrated. That mismatch — fewer coordinated investigators, a single hostile actor taking three-quarters of stolen value — is the case Congress is making.
What It Means for Traders: Signal vs. Noise
For traders, the immediate takeaway is what this bill does not do: it imposes no new compliance burden. The Federal Cryptocurrency Theft Enforcement and Coordination Act, introduced June 11, 2026 , limits its mandate to criminal investigative coordination and victim support — it explicitly excludes regulation of crypto markets, products, and financial institutions . No new reporting rules land on exchanges or holders from the text as written.
The credibility signal is the bipartisan sponsorship. Rep. Lance Gooden (R-Texas) sits on House Judiciary; Rep. Josh Gottheimer (D-N.J.) sits on House Financial Services . That cross-committee, cross-party backing raises the odds the bill is taken seriously — but passage this session is far from certain. Treat the headline as a sentiment input, not a fundamentals change.
"This bill protects consumers, cracks down on thieves, and strengthens trust in the crypto ecosystem," — Rep. Lance Gooden (source: PYMNTS).
The more durable signal is direction of travel. Washington is hardening the line between criminal enforcement — theft, hacks, DPRK laundering — and market or product regulation. If that framing holds, it chips away at the "regulation-by-enforcement" overhang that pressured sentiment before the DOJ disbanded the NCET in April 2025 .
But the actionable read today is the hack data, not the bill. Two breaches drove most of 2026's losses: Drift Protocol (~$285M, April 1, social engineering) and KelpDAO (~$292M, April 18, design flaw) . Bridge and DeFi protocol risk remains the dominant loss vector. Where traders can act now:
- Weight security disclosures over headlines — read protocol audit and verifier-design notes at least as carefully as the legislative news.
- Scrutinize single-verifier and bridge architectures — the KelpDAO breach exploited exactly this class of flaw.
- Treat social-engineering as live — the Drift loss came through people, not just code.
Bottom line: a credible bipartisan signal that the U.S. wants to rebuild crypto-theft enforcement post-NCET, but it is an introduced bill, not law, and its operational impact today is zero. The persistent, concentrated hack risk the data exposes is the part you can trade around now.
Frequently asked questions
What is the Federal Cryptocurrency Theft Enforcement and Coordination Act?
It is a bipartisan U.S. House bill introduced on June 11, 2026 by Rep. Lance Gooden (R-Texas) and Rep. Josh Gottheimer (D-N.J.) . It would create a DOJ-housed "Federal Cryptocurrency Theft Task Force," chaired by the Attorney General, to coordinate crypto-theft investigations across the FBI, DHS, and Treasury . It is a proposed bill, not enacted law.
Does this bill create new compliance requirements for crypto traders or exchanges?
No. As written, the bill's scope is limited to criminal investigative coordination and victim support — it explicitly excludes regulation of crypto markets, digital-asset products, and financial institutions . There are no new reporting rules, registration requirements, or market regulations for traders or exchanges. Coordination with state and local agencies is described as voluntary .
Why did Congress introduce this bill now?
The proposal responds to an enforcement gap. In April 2025 the Justice Department disbanded its National Cryptocurrency Enforcement Team (NCET), ending what it called "regulation by prosecution" . Combined with FBI data showing 181,565 crypto-related complaints and $11.4 billion in reported losses in 2025 , plus surging North Korea-linked hacks, lawmakers moved to rebuild centralized enforcement capacity through legislation.
How much crypto has North Korea stolen in 2026?
TRM Labs estimates North Korea-linked actors stole roughly $577 million through April 2026, about 76% of all crypto hack losses in that window . That total came from just two attacks: the Drift Protocol breach (~$285M, April 1) and the KelpDAO breach (~$292M, April 18) . DPRK cumulative attributed theft since 2017 now exceeds $6 billion .
What should traders watch for as this bill progresses?
Three things. First, whether the bill advances past committee — passage in the current session is far from certain. Second, whether the criminal-only framing holds, which would signal Washington is separating theft enforcement from market regulation. Third, and more immediate, protocol-level security disclosures for bridges and DeFi projects, given that DPRK losses concentrated in single-verifier/bridge design flaws (KelpDAO) and social engineering (Drift) . Treat the bill as a sentiment input, not a fundamentals change.
