Client Who Aided Fraud Cannot Recover $240,000 in Crypto: Court

Cryptocurrency fraud continues to evolve, with scammers increasingly using social engineering tactics such as impersonating law‑enforcement or cyber‑crime agencies to gain remote access to victims' devices. In the Bue case, the fraudster obtained control of the client’s computer and email, directing Bitcoin purchases through HoneyBadger while the client believed he was recovering earlier losses. This pattern mirrors a broader trend where fraudsters exploit the speed and anonymity of crypto transactions, leaving victims and intermediaries scrambling to recover funds that often disappear into untraceable wallets.

The appellate court’s decision hinged on two legal nuances. First, the PAD (Pre‑Authorized Debit) agreement was interpreted correctly: the obligation to provide a password or security code rests with the client, not the broker, meaning HoneyBadger could not be blamed for a missing code. Second, the court applied the common‑law principle from Isaacs v. RBC, holding that a party who actively participates in a fraud bears the loss. By rejecting a Quebec civil‑code precedent, the Saskatchewan ruling clarifies that provincial courts will follow common‑law standards when assessing broker liability, especially where the client’s own negligence is evident.

For the crypto‑broking industry, the verdict sends a clear signal: robust KYC and AML procedures can shield firms from liability, but they do not absolve clients who willingly cooperate with impostors. Brokers should continue to document verification steps and educate clients about the risks of granting remote access. Meanwhile, investors must recognize that personal negligence—such as sharing passwords—can result in total financial responsibility, reinforcing the need for heightened cyber‑security awareness in the rapidly expanding digital asset market.