ZachXBT: Circle’s compliance enforcement has been inadequate; multiple security incidents involve amounts exceeding $420 million

Gate News, April 4, on-chain investigator ZachXBT released an investigation report into Circle, pointing out that since 2022 the company has had poor compliance enforcement in multiple incidents involving illicit funds, with a total amount exceeding $420 million. The report states that as the issuer of USDC, Circle has the ability to freeze and blacklist addresses and, in its Terms of Service, retains the right to restrict suspicious accounts; however, in several major security incidents, these mechanisms were not used in a timely and effective manner. The report particularly highlights the April 1 Drift Protocol attack, in which about $280 million in assets were stolen. The attacker used Circle’s cross-chain bridge CCTP to move more than $232 million in USDC from Solana to Ethereum within 6 hours, during which no assets were frozen. Similar situations also occurred in attack incidents involving SwapNet, Cetus Protocol, Mango Markets, and others. In some cases, even after law enforcement agencies and industry experts had already issued freeze requests, Circle still did not take action promptly. In addition, in investigations into money laundering involving the hacker group Lazarus Group, Circle’s response was noticeably slower than other stablecoin issuers (such as Tether, Paxos, etc.), and in some cases the freeze operations were delayed by as long as several months. In the report, ZachXBT said that this disclosure does not deny the value of Circle’s products or the stablecoin itself, but emphasized that its compliance-enforcement decision-making has caused real and significant losses to the industry. He noted that over the past three years, due to repeated failures to take action in a timely manner, DeFi ecosystem losses have accumulated to nine-figure amounts in dollars, while the $420 million figure is only a conservative estimate of public cases, and the actual scale may be larger.