What it is: When the U.S. Department of Justice seizes assets from a crypto-fraud scheme, those assets don't automatically reach victims. They flow into the Asset Forfeiture Fund, and victims get paid only if they file a petition for remission with DOJ's Money Laundering and Asset Recovery Section (MLARS), per 28 CFR Part 9.
The scale: DOJ has returned more than $12.5 billion to fraud victims through remission and restoration since 2000. Active crypto remission programs include OneCoin (deadline 30 June 2026, ~$40M available), BitConnect, BitClub Network, Cypher Exchange, and earlier programs like Liberty Reserve.
The honest part: Most crypto-fraud victims never learn remission exists. Many petitions get denied for inadequate proof of net loss. Recoveries are pro rata — you should expect a partial payment, not a full refund. The single biggest reason a complex petition gets accepted is documented evidence linking the petitioner's payments to the specific assets the government seized.
In This Article
- Why most crypto-fraud victims never see the money even after seizure
- Restitution vs Remission vs Restoration: three different things
- The OneCoin remission window: $40M, deadline 30 June 2026
- Other active crypto remission programs in 2026
- How the remission process actually works, indictment to payout
- What goes in a winning remission petition
- Why a forensic trace matters even after seizure
- The realistic timeline: 6 months to 3+ years
- Common reasons remission petitions get denied
- What to do if you were a victim of OneCoin, BitConnect, or BitClub
- Frequently asked questions
Why Most Crypto-Fraud Victims Never See the Money Even After Seizure
There's a moment that recurs in this work that I have come to think of as the second blow. A victim has already lost the money once — to a fake exchange, a romance scammer, a Ponzi token, a kiosk-funneled imposter call. Months or years later, they read a news headline: FBI seizes $X million in cryptocurrency tied to the [BitConnect / OneCoin / BitClub / Cypher] fraud. They feel a brief, electric relief. The money was found. The government has it. Surely now it comes back.
It doesn't come back. Not automatically, not soon, and for most victims, never in full. The seizure headline isn't the end of the story. It is roughly the middle of a process that runs eighteen months to three years longer, that requires the victim to act on their own behalf inside a small filing window, and that the government has almost no obligation to tell each individual victim about. The mechanism that pays victims out of seized assets is called remission, and it is governed by an unglamorous regulation — 28 CFR Part 9 — that almost no one outside the federal forfeiture bar has ever read.
I'm writing this because I've lost count of the times a client has asked me, after a major crypto-fraud seizure made the news, whether their money was now effectively on its way back. The answer isn't a flat no. The answer is: there's a path, the path works, the U.S. government has paid more than $12.5 billion to fraud victims through this exact mechanism since 2000, and you have to walk the path yourself. If you don't file the petition, the assets don't come to you. They go to other victims who did file, to law enforcement equitable sharing, or eventually back into the Asset Forfeiture Fund's general pool to fund future operations. Default outcome of doing nothing is being paid nothing.
What follows is the working-investigator account of how this process actually moves: the difference between restitution and remission and restoration (three terms that get used interchangeably and mean very different things), what the active 2026 crypto remission windows are, what a complete petition contains, why on-chain forensic evidence has become the deciding factor in disputed claims, and what realistic expectations look like at the end. There are no recovery promises in this article. The bar is real and many victims don't clear it. But the bar is clearable, the deadlines are public, and the process pays.
Restitution vs Remission vs Restoration: Three Different Things
The vocabulary problem is real. Plaintiffs' lawyers, journalists, and even some federal agents use these three words as if they were synonyms. They aren't. They're three different mechanisms, with three different decision-makers, three different evidence standards, and three very different probabilities of actually paying you.
Restitution
Restitution is what the sentencing judge orders against the defendant in the criminal case. The Mandatory Victims Restitution Act (18 USC 3663A) requires courts in most fraud convictions to order the defendant to pay each identifiable victim's loss. The number that ends up in the judgment is often very large — a Ponzi defendant might have a billion-dollar restitution order entered against them.
The problem is collection. A defendant doing thirty years in federal prison with no remaining assets can't pay a billion dollars. Restitution orders sit on the books and the U.S. Attorney's Office's Financial Litigation Unit pursues them, but the realistic collection rate against incarcerated fraud defendants is very low. The order exists; the money mostly doesn't. Restitution is the right of the victim; it is rarely the cash the victim sees.
Remission
Remission is administrative, not judicial. It is run by the DOJ's Money Laundering and Asset Recovery Section (MLARS) under 28 CFR Part 9. After the government forfeits assets in a case — through criminal forfeiture under 21 USC 853 or civil forfeiture under 18 USC 981/983 — those assets become property of the United States and are deposited into the Asset Forfeiture Fund (AFF). Victims who suffered a verifiable net pecuniary loss as a result of the offense can petition MLARS to receive a share of the forfeited proceeds.
remission is paid out of the assets the government already controls. There's no collection problem. If you're a verified victim and there are forfeited proceeds in the case, you get paid — pro rata, but you get paid. This is the path that most crypto-fraud victims who actually receive a check are paid through, and it is the path almost no one knows to walk.
Restoration
Restoration is the hybrid. When a case has both an entered restitution order and forfeited assets, MLARS can request — and the Deputy Attorney General can authorize — the transfer of forfeited funds to the court's restitution fund to satisfy the order. The procedural details live at 28 CFR § 9.8(g) and DOJ's internal policy. From the victim's perspective, restoration looks like restitution being paid — the check arrives through the court — but the source is the forfeited pool.
Restoration is meaningful when the case has a clean restitution order and a willing prosecutor pushing the request. It is unavailable when one of the two pieces is missing. For pure civil-forfeiture matters where there was never a criminal conviction (and therefore no restitution order), remission is the only path.
If your scam happened, the government seized assets, and you're sitting on the sidelines waiting for restitution to come through — you may be waiting forever. Remission is filed by you, on your own initiative, on your own deadline. The government won't file the petition for you. If you do nothing, you get nothing.
The OneCoin Remission Window: $40M, Deadline 30 June 2026
If there's one currently-open crypto remission program that ought to be on every blockchain investigator's and victims'-rights attorney's desk in May 2026, it is OneCoin. The program is funded with approximately $40 million in forfeited assets. The petition window closes 30 June 2026. The administrator is Kroll Settlement Administration LLC. The portal is onecoinremission.com. The phone line is 1-833-421-9748.
OneCoin is the right case to anchor a current article because it is the largest crypto-fraud victim base ever to enter a remission distribution and because the deadline is genuinely close. The scheme — pitched between roughly 2014 and 2017 by Ruja Ignatova ("the Cryptoqueen," still a fugitive on the FBI's Top Ten Most Wanted list) and her co-conspirators — took an estimated $4 billion or more from victims worldwide. OneCoin marketed itself as the next Bitcoin; the underlying token had no real blockchain. The Southern District of New York unsealed an indictment in 2017, the related civil and criminal forfeiture proceedings have run for years, and the resulting victim-payout program is now in its claims-collection phase.
Two things to understand about OneCoin specifically. First, the $40 million pool is being distributed against billions of dollars of claimed victim losses. The pro rata math is unforgiving: most petitioners will recover a small percentage of what they actually lost. That isn't a reason to skip filing — some recovery is meaningfully better than none, and the act of filing is also how victim losses get formally tallied for any future supplemental distributions. But it is the honest expectation. Second, the petition still requires real documentation: identity proof, the case identifier from the published notice, transaction records of every payment into OneCoin or its related entities, and ideally an attribution narrative showing how the petitioner's funds reached the assets the government ultimately seized. Petitions that arrive with "I lost $50,000 to OneCoin, please pay me" and no underlying records don't get paid.
The 30 June 2026 deadline is hard. Petitions postmarked or submitted after that date face an uphill late-filing standard with no guarantee of acceptance. If you paid OneCoin between roughly 2014 and 2017 and have any records of the payments — bank wires to the entities Ignatova and her co-conspirators controlled, exchange withdrawals routed to OneCoin platform deposits, "education package" purchases — visit onecoinremission.com or call 1-833-421-9748 immediately and start a claim. Even an incomplete claim filed in time can be supplemented; a complete claim filed late is much harder to revive.
Other Active and Recent Crypto Remission Programs in 2026
OneCoin is the most pressing current window, but it isn't alone. The table below summarizes the major crypto-fraud remission programs that have either run or are running in the 2024–2026 window. Status is current to mid-May 2026; if you're reading this later, check the DOJ MLARS victims page for the latest case-by-case status.
| Case | Pool | Window | What it is |
|---|---|---|---|
| OneCoin | ~$40M | Closes 30 Jun 2026 | Multibillion-dollar pseudo-cryptocurrency Ponzi scheme. Portal: onecoinremission.com. Administrator: Kroll Settlement Administration LLC. Active. |
| BitConnect | $56M+ (initial) | Distributions ongoing | Lending-platform Ponzi (2016–2018). Initial victim distribution ordered by USAO — SDCA in 2022; supplemental distributions have followed. Largest single crypto-victim cash payment in U.S. history at the time. |
| BitClub Network | Pending | Forfeiture and remission phase | Mining-pool Ponzi (~2014–2019). Multi-defendant criminal case in District of New Jersey. Forfeited assets being processed for victim distribution. |
| Cypher Exchange | Variable | Recent / ongoing | Recent example of a crypto-fraud-related forfeiture flowing to victim remission via MLARS. Shows the program's reach beyond the headline Ponzi cases. |
| Liberty Reserve | Distributions completed | Closed | Centralized digital-currency money-laundering case (2013 indictment). Large-scale remission program processed years later. Cited as historical precedent for how the long-tail timeline runs. |
| Different pig-butchering forfeitures | Case-by-case | Ongoing | USDT seizures from pig-butchering rings (often via Tether freezes followed by U.S. forfeiture) increasingly run through remission. Pools are smaller but more frequent. |
A pattern in this table: the gap between the underlying fraud and the remission window is consistently long. Liberty Reserve was indicted in 2013 and its remission program ran years later. BitConnect collapsed in 2018 and the first major distribution went out in 2022. OneCoin's indictment was 2017 and the current claims window closes in 2026. The lag is structural — multi-defendant criminal forfeiture, asset liquidation, and notice publication all take time. Victims who assume nothing is happening are usually wrong; the case is moving, just at the timescale of federal asset forfeiture rather than the timescale of consumer expectation.
How the Remission Process Actually Works, Indictment to Payout
The full process is best understood as seven discrete stages. The hero illustration at the top of this article shows them on a timeline. Below is what each stage actually involves.
Stage 1: Indictment or civil complaint (Month 0)
The federal investigation matures into either a criminal indictment (a grand jury returns charges and the U.S. Attorney's Office unseals them) or a civil forfeiture complaint (the United States files an in rem action against specific assets without necessarily charging an individual defendant). For complex multi-defendant crypto cases the indictment is usually the first publicly visible step, and it is when most victims first hear the case name in the news.
Stage 2: Seizure (Month 0 to 6)
Federal agents — FBI, IRS Criminal Investigation, Homeland Security Investigations, sometimes the U.S. Postal Inspection Service depending on the predicate offense — execute seizure warrants on identified wallets, exchange accounts, real property, vehicles, and bank accounts. In crypto cases, this is the stage where the famous "FBI seizes $X million in Bitcoin" headlines hit. The seizure mechanically transfers control of the assets to the government but doesn't yet vest title; that comes later. For a working overview of how the underlying seizure mechanics work in stablecoin cases, see our piece on stolen USDT recovery, which walks through the freeze process that often precedes the formal seizure.
Stage 3: Conviction or civil forfeiture order (Month 6 to 18)
For criminal forfeiture: the defendant is convicted, either by plea or trial. The sentencing court enters a forfeiture order under 21 USC 853 (drug-predicate cases) or 18 USC 982 (money-laundering and most fraud-predicate cases) identifying the specific assets to be forfeited. For civil forfeiture: the United States proceeds in rem under 18 USC 981/983 and obtains a judicial decree of forfeiture, often by default if no third party files a verified claim within the statutory deadline. Either way, this is the stage at which the legal fight over title is resolved.
Stage 4: Forfeiture final, asset liquidation (Month 12 to 30)
Title vests in the United States. The U.S. Marshals Service's Asset Forfeiture Division takes custody, manages the assets, and liquidates them — cryptocurrency is usually auctioned in tranches; real property is sold; financial accounts are closed and proceeds wired to the AFF. The proceeds, net of administrative expenses, become the pool available for remission, restoration, equitable sharing with state and local law enforcement, and other authorized uses.
Stage 5: Remission notice (Month 18 to 36)
Once the case-specific forfeited pool is identified and the prosecutor coordinates with MLARS, a remission notice is published. For high-victim-count cases the notice usually appears in the Federal Register, on the DOJ website, on a case-specific portal (often run by a third-party administrator like Kroll, BMC, or Epiq), and via direct mail or email to known victims if the prosecutor and case agents have a victim list. For smaller cases the notice may be much narrower — just a posting on the DOJ's forfeiture website. This is the moment where victims who aren't actively watching the case usually miss the window.
Stage 6: Petition window (Month 18 to 36)
Petitioners have a defined window — usually 30 to 90 days from publication, sometimes longer for major multi-victim programs — to file a verified petition showing eligibility and net pecuniary loss. The petition goes to MLARS or to the case administrator named in the notice. Late-filed petitions face an uphill standard under 28 CFR § 9.5(b) and are often denied on timeliness alone unless the petitioner can show extraordinary circumstances.
Stage 7: Pro rata distribution (Month 24 to 42+)
MLARS reviews petitions, accepts or denies them, calculates total verified loss across accepted petitioners, and authorizes a pro rata distribution. The administrator issues payments — check, ACH, or in some recent cases stablecoin to a verified wallet. Supplemental distributions sometimes follow if additional forfeited assets become available later in the case. The first distribution check is the moment the process pays.
The key procedural authorities are 28 CFR Part 9 (the regulation), the Asset Forfeiture Policy Manual (the operational playbook), and the case-specific notice (the binding filing instructions). For trial strategy on the parallel civil-litigation track, see our blockchain forensic evidence in federal civil litigation piece. For the broader question of when civil litigation is even worth filing alongside the federal case, see can you sue a crypto scammer.
What Goes In a Winning Remission Petition
The MLARS reviewer evaluating a petition doesn't investigate. They decide on the file in front of them. A petition that arrives with the right elements assembled cleanly is far more likely to be accepted than one that requires the reviewer to chase down ambiguity. The diagram below maps the elements that an accepted petition contains; the prose that follows explains each.
1. Petitioner identity
Full legal name, current address, Social Security number or taxpayer ID, and a copy of a government-issued photo ID. For non-U.S. petitioners (which OneCoin in particular involves at scale), passport and country-of-residence equivalents. The reviewer won't pay an unidentified petitioner.
2. Case identifier and notice reference
The petition has to be tied to a specific forfeiture case. The notice will provide a docket number, case caption, and often an internal MLARS reference number. The petition must reference these so the case file is locatable. Generic "I was a OneCoin victim" filings without a notice-tied case identifier risk being treated as misdirected mail.
3. Verified net pecuniary loss
This is the dollar amount the petitioner is claiming. "Net pecuniary loss" has a specific meaning: it is what the petitioner paid in, minus what the petitioner received back (withdrawals, partial returns, the value of any tokens or instruments still held that have residual value). Inflated valuations — "OneCoin tokens were marketed at $50, I had 10,000 of them, my loss is $500,000" — don't survive review. The reviewer is calculating dollars in versus dollars out, not paper losses on a worthless instrument.
4. Transaction records
The receipts. Bank wire confirmations, ACH records, exchange withdrawal CSVs showing the destination, credit card statements, on-chain transaction IDs (TXIDs) for any direct cryptocurrency payments. The reviewer is looking for a documented payment trail from the petitioner's identifiable source of funds to the scheme. Verbal recollection isn't evidence; bank statements are.
5. On-chain attribution to the seized assets
This is where forensic work increasingly carries the petition. For cryptocurrency cases, MLARS often wants to see a demonstrable nexus between the petitioner's payments and the specific assets the government seized — i.e., the trace from the petitioner's wallet or exchange withdrawal to the cluster of addresses that the forfeiture order names. In simple cases (one wire to one beneficial account that the government seized) this nexus is obvious from the bank record. In complex cases (multi-hop deposits into a Ponzi's commingled wallet system) the nexus requires actual blockchain analysis. We discuss this further in the next section because it is the area where well-meaning petitioners most often fall short and where forensic work most often makes the difference between acceptance and denial.
6. Sworn statement
The petition is signed under penalty of perjury per 18 USC § 1001. False statements in a federal petition are themselves a federal crime. This isn't an obstacle for honest victims; it is a screen against opportunistic claims. The petition's integrity is what makes the entire system administrable at scale.
Why a Forensic Trace Matters Even After Seizure
This is the section that I think most distinguishes this article from the general legal-content piece on remission. It is the area where my own work most directly intersects with the petition process and where the dynamics are least well understood by victims and even by some attorneys.
The intuitive picture victims have is: the FBI seized the scammer's wallet, that wallet contained their money among other victims' money, the government will figure out who is owed what and pay accordingly. That picture is wrong in one important way. The government doesn't, do the attribution work for individual victims. The government's seizure is at the cluster level — "this set of addresses is the OneCoin cluster" or "this set of wallets controlled by Defendant X" — and the forfeiture order operates on those clusters as a whole. The mapping of which dollars in the seized cluster correspond to which victim is delegated, in effect, to the petition process. The petitioner has to make their own case that their money reached those addresses.
For a fiat-only victim — someone who wired $50,000 from their bank to a OneCoin entity's bank account — this is straightforward. The bank wire is the proof. For a victim whose payment path went through cryptocurrency — bought BTC at Coinbase, sent it to a OneCoin platform deposit address, which the platform commingled with thousands of other victim deposits before some portion of those funds eventually flowed to the addresses the government later seized — this is genuinely hard. The petition needs to show:
- Identification of the petitioner's outflow. Exchange withdrawal records, including the destination address, amount, and timestamp.
- Identification of the recipient platform's deposit address as a known scheme address. Public attribution data, prior law enforcement filings, court documents, or proprietary clustering analysis tying that address to the named scheme.
- The flow from that deposit address into the broader scheme cluster the government seized. Often multi-hop, often commingled, often crossing chains via bridges or swaps.
- The link between the cluster the petitioner's funds reached and the specific assets named in the forfeiture order. This is the closing of the loop: the funds the petitioner sent, demonstrably, became part of the pool the government took.
None of those four elements is unprovable, but none of them is automatic. Each of them is forensic work. In a recent OneCoin-adjacent matter I worked, the petitioner had clean records of three exchange withdrawals to addresses they were told were OneCoin "education package" deposit endpoints, and no idea what happened next. The actual on-chain path took those three withdrawals through OneCoin's layered platform infrastructure, into a commingled pooling wallet, and then forward via bridge transactions into the addresses that ultimately became part of the SDNY forfeiture. Without the trace narrative, the petition was a payment-plus-faith filing. With the trace narrative, it was a documented nexus between the petitioner's identified funds and the seized cluster, which is the form the reviewer can act on.
This dynamic is becoming more pronounced as crypto-fraud forfeiture programs mature. The first wave of programs (Liberty Reserve, early BitConnect distributions) ran on simple fiat-traceable nexus. The current and coming wave (OneCoin's long-tail crypto payments, pig-butchering ring forfeitures, mixer-laundered Ponzi proceeds) increasingly require chain-analytics-grade attribution to convert a victim's good-faith claim into a payable petition. A documented forensic trace is the difference, between "petitioner alleges loss" and "petitioner has showed loss tied to the seized assets."
This is the work my practice does daily on the parallel civil-litigation track — and the same evidence package that a court accepts to support a freeze motion or a subpoena to an exchange is largely the same evidence package that supports a remission petition's nexus showing. For the broader picture of how that evidence is assembled, see digital asset tracing and blockchain forensic analysis.
If your scam payment went through cryptocurrency, the petition needs a story that ends with "and that's how my money became part of what the government seized." For simple paths that story is one paragraph. For complex paths the story is a forensic report with addresses, transaction hashes, hop counts, and an attribution methodology a reviewer can verify. Either way: the story is your responsibility, not the government's.
The Realistic Timeline: 6 Months to 3+ Years
Setting expectations honestly is part of the job. The remission timeline isn't measured in weeks. The cleanest cases — small civil-forfeiture matters with one defendant, one set of assets, and a small known victim list — can resolve from seizure to first distribution check in roughly six to twelve months. The complex cases that produce the headlines and the largest victim pools take much longer.
OneCoin is illustrative. The first U.S. indictments were unsealed in 2017. The forfeiture proceedings, plea agreements, and asset liquidation that produced the current $40 million pool ran across the late 2010s and early 2020s. The current claims window closes in mid-2026 — nearly nine years after the original indictment. BitConnect collapsed in early 2018, and the first major victim distribution went out in 2022 — roughly four years later. Liberty Reserve was indicted in 2013 and its full distribution cycle ran through the mid-to-late 2010s.
The lag isn't bureaucratic incompetence. It is the structural reality of multi-defendant federal forfeiture: the government has to win the underlying case (or default the in rem action), survive third-party claims, liquidate assets through the U.S. Marshals Service, coordinate with often-foreign asset custodians, publish notice, process petitions, and finally distribute. Every one of those steps takes months. The combined pipeline takes years.
For victims, the practical implication is twofold. First, don't assume nothing is happening just because nothing is visible. The case is moving in chambers, in the U.S. Marshals warehouse, and in MLARS' queue. Second, when the notice does drop, the petition window is short relative to the years that came before. Missing a 60-day window after waiting four years for the notice is a particularly painful failure mode — and it is one of the most common reasons otherwise-eligible victims don't get paid. Sign up for case-specific notice lists where available; check the DOJ MLARS victims page periodically; for cases as visible as OneCoin, the administrator's portal is the primary source. For the broader question of how recovery timelines work across the crypto-fraud landscape, see our realistic recovery timelines guide.
Common Reasons Remission Petitions Get Denied
Petitions get denied. The denial rate varies by program but is substantial in every program I have seen data on. The reasons cluster into a small set of patterns. Most of them are avoidable.
Late filing
The single most common denial. Petitions filed after the published deadline face the late-filing standard at 28 CFR § 9.5(b), which requires the petitioner to show that the failure to file timely was the result of conditions beyond the petitioner's control. Standards are interpreted strictly. "I didn't know about the program" is generally not enough. Sign up for case notices; check periodically; don't wait.
Inadequate proof of loss
Petitions that arrive with claimed loss amounts but no underlying transaction records get denied or are returned with requests for supplementation. Bank statements showing the wires, exchange CSVs showing the withdrawals, on-chain TXIDs for direct crypto payments — these are the proof. Sworn affidavits about remembered amounts without supporting documentation don't establish loss to the standard MLARS uses.
Inflated or speculative loss valuation
Claiming the marketed value of worthless tokens (the OneCoin pattern), claiming opportunity cost or expected future returns, claiming consequential damages beyond the direct payment — these get reduced or rejected. Net pecuniary loss is dollars paid in minus dollars received back. The reviewer is calculating, not estimating.
No nexus to the forfeited assets
Petitioner shows they paid into the scheme. Petitioner doesn't show that their payment reached the assets the government actually forfeited. For schemes where the scammer dissipated some funds (cars, mansions, lifestyle spending) and the government only recovered a portion, the question of which victims' funds are represented in the recovered portion can become the contested question. A documented forensic trace addresses this directly.
Eligibility exclusions
Certain categories of claimants are excluded from remission: persons criminally complicit in the underlying offense (a OneCoin recruiter who was themselves charged, for example), claims that have already been satisfied through other compensation, and claims by entities that the regulation specifically excludes. The exclusions are narrow but they exist; review 28 CFR § 9.8 for the full list before filing.
Petition went to the wrong place
Petitions sent to the U.S. Attorney's Office, to the FBI, to the trial court, or to a member of Congress — rather than to MLARS or to the case administrator named in the notice — can sit indefinitely. The notice tells you where to file. File there.
What to Do If You Were a Victim of OneCoin, BitConnect, or BitClub
The steps below are the action checklist. They apply directly if you were a victim of a major named crypto-fraud scheme; the same framework applies to smaller cases with case-specific adjustments.
Step 1: Identify whether your scheme has an active or recent forfeiture program
Visit the DOJ MLARS victims page. Search for the scheme name. If a program is listed, note the case identifier, the administrator (often Kroll, Epiq, or BMC), the notice publication date, and the filing deadline. For OneCoin specifically, the active portal is onecoinremission.com and the deadline is 30 June 2026. For BitConnect-related distributions, the operative case is in the Southern District of California.
Step 2: Gather all documentation of your payments
Bank statements covering the period of your involvement with the scheme. Wire confirmations. Exchange account statements (Coinbase, Kraken, Binance, etc., depending on where you bought the crypto you sent in). On-chain transaction IDs if you sent cryptocurrency directly. Email records of any "package" purchases, "investment" agreements, communications with promoters. Anything dated, anything signed, anything transactional. The IRS Criminal Investigation page on OneCoin (IRS-CI Investigations) is also a useful confirmation source for the basic case timeline.
Step 3: Calculate your net pecuniary loss
Total dollars in. Subtract total dollars out (any withdrawals, refunds, payouts you received). The remaining number is your net loss for petition purposes. Resist the urge to inflate using marketed token values; the reviewer will discount it.
Step 4: Decide whether your case needs forensic support
If your payment trail is fiat-only (bank wires to scheme bank accounts) and your records are clean, you can likely file pro se. If your payment trail went through crypto and the path is multi-hop, multi-exchange, or chain-bridging, a forensic trace narrative materially strengthens the petition. The threshold I use in practice for recommending forensic support is roughly $10,000+ in claimed loss with a non-trivial crypto path, but the calculus depends on the specific case. For the broader question of when to engage a blockchain investigator at all, see our piece on can you get crypto back after being scammed.
Step 5: File the petition before the deadline
Submit through the channel the notice specifies. For administrator-run programs, this is usually the portal's online form plus uploaded supporting documents. For MLARS-direct filings, the regulation specifies the mailing address. Get a confirmation of receipt and keep it. If you're filing close to the deadline, consider both the portal submission and a backup mailed copy with tracked delivery.
Step 6: Wait, and respond promptly to any requests
The reviewer may request supplemental documentation. Respond within the requested timeframe; non-response is treated as abandonment. Decisions can take many months after filing for large programs; this is normal.
Step 7: If denied, evaluate appeal options
Most remission denials are subject to a request-for-reconsideration process, with a tight deadline. If you receive a denial and believe it is incorrect on the merits, treat the reconsideration window with the same urgency as the original deadline.
For broader pre-petition steps — reporting the underlying fraud to law enforcement, preserving evidence, documenting the scam — see our companion pieces on how to report a crypto scam to the FBI, the IC3 complaint guide, and pig butchering scam recovery for the romance-investment subset that has produced significant USDT forfeitures in recent years. For the legal-options side, see legal actions and can you sue a crypto scammer.
Need a forensic trace to support your petition?
If you paid into OneCoin, BitConnect, BitClub, Cypher, or another scheme that has entered a remission program, and your payment path went through cryptocurrency, the forensic nexus is often the deciding piece. We will scope the trace and tell you honestly what an evidence package can and can't do for your specific petition. Initial assessments are free and we respond within 24 hours.
Start a Free Case ReviewFrequently Asked Questions
For the underlying pre-seizure reporting workflow that gets cases into the federal pipeline in the first place, see how to report a crypto scam to the FBI. For the freeze process that often precedes formal forfeiture in stablecoin cases, see stolen USDT recovery. For the broader picture of what civil and criminal recovery options realistically deliver, see can you get crypto back after being scammed.