Compliance Misconceptions That Web3 Entrepreneurs Often Overlook: Going Abroad Does Not Equal Compliance

Since 2021, many Web3 projects have claimed to stop providing services in mainland China and have relocated their entities overseas. However, in reality, many crypto companies are still providing services to users in mainland China.

At the same time, some developers are considering transitioning from Web2 to Web3. Compared to seasoned practitioners in Web3, newcomers are more concerned about the legality of projects and hope to determine whether to enter based on clearly defined legal boundaries and effective risk management.

Whether they are Web3 technical personnel who have already entered the field or engineers and development leaders preparing to transition from Web2, everyone faces a common question in the early stages of a project: Where should the project be set up?

Considering the strict regulations on Web3 projects in mainland China, many entrepreneurial teams tend to "go offshore"—registering overseas, with technical teams distributed in places like Hong Kong, Singapore, and Southeast Asia.

From the perspective of the technical founders or heads of Web3 projects, this "offshore registration + remote deployment" approach seems to inherently possess compliance advantages—since the project has not been established in China, it naturally falls outside the scope of Chinese legal constraints.

However, the reality is much more complex than imagined. Based on the experience of the legal team in representing multiple criminal cases in recent years, even if the project structure is overseas, as long as it touches the bottom line of Chinese law, there is still a high risk of being held accountable.

Therefore, this article aims to help technical decision-makers in Web3 startup teams understand a core issue: why "projects overseas" may also trigger legal risks in China?

Why do most Web3 projects choose to go abroad? Survival logic under the regulatory background

For most entrepreneurs, the core demand in the early stages is to "survive first." Compliance seems important, but in the early stages where resources are tight and the pace is urgent, it is often deprioritized.

However, those entrepreneurs with long-term plans will pay attention to regulatory policies earlier, understand legal boundaries, and determine what can be done and what cannot be done, thus deciding how to build the project and where to implement it.

Otherwise, the consequences of stepping on a landmine could be very serious. There have been Web3 projects that went from inception to demise in just 13 days, which is a typical negative case in a high-pressure regulatory environment.

What key regulatory documents does China currently have regarding Web3 that project technical leaders must focus on? From the perspective of criminal risk prevention, the following two points should be emphasized:

• The "Announcement on Preventing Risks of Token Issuance and Financing" issued in 2017 ( "94 Announcement" )
• The "Notice on Further Preventing and Dealing with Risks of Speculation in Virtual Currency Transactions" released in 2021 ( "924 Notice" )

The core spirit of these two policy documents is: to prohibit initial coin offerings (ICO), and to clearly identify virtual currency-related activities as illegal financial activities.

Especially the 924 notification, which is referred to by the industry as the "strongest regulatory document." It not only explicitly states that virtual currency trading activities are illegal, but also clearly states that "overseas virtual currency trading platforms engaged in related businesses are also prohibited from providing services to residents within China."

For this reason, most Web3 projects choose to "go overseas" to avoid risks.

But the question arises: once the project goes overseas, is it really safe?

Can Going Abroad Avoid Chinese Laws? Analysis of Common Misconceptions by Technical Leaders

Many project teams actively consult lawyers at the initial stage: Which country should the company be registered in? Should it choose the Cayman Islands, BVI, or Singapore? Should they set up a foundation or a parent-subsidiary structure? These questions may seem like corporate strategy, but they often hide a core assumption behind them - the belief that "registering overseas can evade Chinese law."

However, based on the experience of multiple criminal cases, it must be clearly stated: while offshore structures do have an effect in terms of isolating commercial risks, tax optimization, and capital operations, they cannot serve as a shield of exemption from Chinese law at the level of criminal responsibility.

In other words, the function of an offshore structure is "commercial isolation" rather than "criminal protection". Its main utility is reflected in:

• Avoid the constraints of securities laws imposed by regulatory authorities in the United States and other regions;
• Avoid double taxation and optimize global tax arrangements;
• Implement convenient capital-level solutions such as options incentives and financing structure design;
• Cut off accounts and liabilities with entities within China.

However, if the project itself involves activities that are explicitly prohibited by Chinese law, such as illegal operations, establishing casinos, money laundering, pyramid schemes, etc., even if the company is based overseas, according to the "territorial jurisdiction" or "personal jurisdiction" principles in our criminal law, Chinese judicial authorities still have the right to hold accountable.

As for whether there will really be accountability, this falls under "probabilistic risk".

Therefore, when providing structural design consultation for project parties, it is often necessary to first return to the project itself, to thoroughly understand its business model, funding paths, and target users, rather than discussing where to register and how to build the architecture from the very beginning. Only by understanding the essence of the project can one determine whether it has a compliance basis, and also provide the most practical problem-solving solutions.

What does "penetrating law enforcement" mean? Several dimensions that Web3 project parties need to focus on.

In daily work, we often encounter similar questions:

• If I set the project in the Cayman Islands or Singapore, is that okay?
• If the project server is located overseas and not open to Chinese users, does that mean there are no issues?
• I am just a technical consultant/outsourced developer, not involved in operations, and I don't handle funds. Is there still a risk?
• I found a foreign friend to be the nominal team founder, while I only work behind the scenes. Is this safer?
• If I declare in the white paper "not to provide services to Chinese users", am I exempt from liability?

These issues actually reflect a core misunderstanding - a lack of awareness of the "penetrating law enforcement" model of our judicial authorities.

The so-called "penetrating law enforcement" can be understood from two basic principles: the territorial principle and the personal principle.

Territoriality Principle: Even if the project is registered overseas, it may still be considered as "conduct occurring within the territory" and trigger Chinese law if the following situations exist:

• The project's users mainly come from China (, such as building a Chinese community, promoting the project to the Chinese people, etc. );
• The core members or technical team of the project are located within China;
• There are activities such as promotion, business cooperation, and settlement within the territory ( even if completed through outsourcing companies or agency companies ).

Principle of nationality: According to Article 7 of our Criminal Law, Chinese citizens who commit acts that "should be held criminally responsible under our laws" while abroad can also be held accountable.

For example, if Chinese developers participate in building on-chain gambling platforms, virtual currency fundraising platforms, or OTC settlement channels in Dubai, they may still be investigated and prosecuted by Chinese judicial authorities if they violate relevant provisions of China's criminal law.

For example, in a typical case jointly published by the Supreme People's Procuratorate and the State Administration of Foreign Exchange in 2023, an individual set up an illegal currency exchange website ( to facilitate transactions between RMB and foreign currencies using virtual currencies ), and was sentenced to five years of imprisonment for illegal business operations by a court in a district of Shanghai.

Therefore, the common manifestations of "penetrating law enforcement" in the Web3 field include:

• Penetrating registration location: Even if the company is in the Cayman Islands, BVI, or Singapore, if the user and operations are in China, it may still be deemed as "committing crimes domestically";
• Penetration technology identity: Even if the technical leader is only an advisor or developer externally, as long as there are actions such as code submissions, contract permission management, project profit sharing, or private key control, they may still be recognized as the "actual controller";
• Penetrating on-chain data: Regulators can confirm whether a project "serves Chinese users" or involves illegal risks such as gambling, fraud, or money laundering through on-chain traceability, KYT audits, user profiling, and other methods.

For technical leaders, understanding the basic logic of "penetrative law enforcement" is the first step in doing a good job of project risk control.

Conclusion

Many people think that as long as a project "goes overseas", it can permanently escape the supervision of Chinese laws. But the fact is, if a project has never undergone a legal risk assessment, it is difficult to claim safety, even if it is set up abroad.

I hope this article can remind entrepreneurs and technical leaders in the Web3 field: the key to whether a project has a compliance foundation does not lie in where it is registered, but in whether the project itself crosses the red lines defined by Chinese law.

Only by recognizing risk as a fundamental mindset in the early stages can a project go further and last longer.