Inside the IRS’s Expanding Surveillance of Crypto Investors

The Quiet Revolution in Tax Enforcement

Crypto once lived on the fringes — a hobby for early adopters and risk-takers. Now it’s the focus of one of the IRS’s most data-driven enforcement campaigns ever.

Since 2017, the IRS has been building a web of crypto enforcement. subpoenaing exchanges, mining blockchain data, and matching wallets to tax returns. What started as a handful of cases has become a full-fledged digital-asset enforcement regime.

If your clients trade, invest, divorce, refinance, or even get paid in crypto, this is already their problem — and by extension, yours.

Why This Matters to Every Advisor

In 2021 alone, the IRS seized $3.5 billion in crypto assets, making up 93 percent of all IRS seizures that year. That’s not a glitch; it’s a strategy.

The agency now treats digital assets the way it once treated offshore bank accounts. The tools are different, but the mindset is the same: trace, match, and enforce.

Four Enforcement Dynamics Redefining the Risk Landscape of Crypto

1. John Doe Summonses: The IRS’s Favorite Net

A John Doe summons lets the IRS demand records from an exchange without naming specific taxpayers. The requirements are minimal — the agency only has to show:

• there’s an identifiable group,

• a reasonable basis to believe some failed to comply, and

• the data isn’t available elsewhere.

Early on, the IRS had success with a John Doe summons sent to Coinbase, which then led them to send one to Kraken, Circle, and Poloniex, each time expanding the scope. Courts approved nearly every request.

Those rulings gave the IRS a treasure trove of user data — names, wallet addresses, and transaction histories — fueling both civil audits and criminal cases.

Clients often learn they were swept up in a summons when a “soft letter” arrives referencing “digital asset activity.” By then, the IRS already has their data.

2. The Death of the Privacy Argument

For years, taxpayers claimed crypto should enjoy privacy protections because it wasn’t held in banks. Courts disagreed.

In Harper v. IRS, a Coinbase user argued that government access to his account data violated the Fourth Amendment. The First Circuit rejected the claim, and the Supreme Court refused to hear the appeal.

The ruling extended the third-party doctrine — the same rule that lets law enforcement access bank records — to crypto exchanges.

Coinbase and privacy advocates warned that the IRS was creating a “real-time financial ankle monitor.” The courts weren’t persuaded.

The message is blunt: if an exchange has the data, the IRS can have it too.

3. The Analytics Arms Race

The IRS isn’t manually reviewing documents from exchanges.

The agency now contracts with blockchain-forensics firms and uses machine-learning models to identify relationships between wallets, exchanges, and tax returns.

According to the Treasury Inspector General for Tax Administration (TIGTA), by mid-2023 the IRS had:

• opened 216 crypto examinations,

• sent nearly 15,000 letters to suspected non-reporters, and

• identified a 75 percent potential noncompliance rate among taxpayers flagged by exchange data.

The agency’s Electronic Payment Systems Initiative, once focused on credit cards, now tracks crypto transactions. Once the data enters the system, it can be matched against tax returns in seconds.

Clients who assume “my trades were small” or “I never cashed out” misunderstand the technology. The IRS doesn’t need to see profit; it just needs to see activity.

4. The Coming Reporting Regime

Starting in 2025, exchanges must issue Form 1099-DA reporting gross proceeds from crypto transactions. In 2026, they’ll add cost-basis reporting for “covered” assets.

On paper, that should clarify crypto tax reporting. In reality, it’s going to cause chaos.

Each exchange only reports what happens on its platform. If a client buys Bitcoin on Kraken, transfers it to a wallet, and sells on Coinbase, those 1099s won’t reconcile. The IRS’s automated systems will flag the mismatch as unreported income.

Expect a surge of CP2000 notices claiming under-reported crypto gains — many of them wrong but still terrifying to the recipients.

It’s not malice. It’s automation. And automation doesn’t care that your client actually paid the right amount of tax.

The Bigger Picture

The IRS’s crypto initiative has shifted from voluntary compliance to what insiders call an “opt-out model.” In effect: you’re presumed non-compliant unless the data says otherwise.

That’s a fundamental change in how the IRS approaches enforcement — and a warning to every advisor whose clients own digital assets.

For CPAs, attorneys, and financial professionals, crypto isn’t a footnote anymore. It’s an absolute risk category. Knowing the warning signs before the IRS does is the difference between proactive prevention and damage control.

TL;DR (Too Long; Didn’t Read)

⏩ The IRS now uses John Doe summonses to pull massive user data from exchanges.

⏩ Courts have upheld these summonses, eliminating privacy defenses under the third-party doctrine.

⏩ The IRS employs AI-driven blockchain analytics to flag potential noncompliance.

⏩ The new 1099-DA reporting regime will trigger mismatches and mass IRS notices.

⏩ Crypto enforcement is no longer experimental — it’s institutional.