Losing crypto is not one tax problem. It can be a wallet hack, a scam transfer, a failed exchange, or a case where the assets are simply inaccessible and the taxpayer cannot prove when the loss became final. That is why this area feels uncertain. The facts matter much more here than they do in a straightforward buy-and-sell transaction.
The good news is that Canadian tax law does not ignore these situations altogether. CRA already has rules for capital losses, business losses, theft of property, valuation, and recordkeeping. The challenge is that CRA does not publish one neat crypto page that says exactly how every hacked wallet, scam, or exchange collapse should be reported. So the real work is figuring out which legal route fits the facts and then making sure the documentation is strong enough to support it.
For most taxpayers, the answer starts with two questions. First, was the crypto held as an investment on capital account, or as part of a trading business. Second, can you prove that a real loss occurred, when it became final, and whether there was still any realistic compensation or recovery left.
Key takeaways
- A stolen, hacked, or scam-related crypto loss is not automatically deductible just because the economic loss is real.
- The first tax question is whether the crypto was held on capital account or business account.
- Capital-account losses usually follow the Schedule 3 route and can only offset taxable capital gains.
- Business-account losses usually follow the T2125 route and may be deductible against business income, depending on the facts.
- The strongest claims usually involve clear evidence of ownership, the loss event, the date it was discovered, and the lack of recovery.
- Exchange collapses, scams, and lost private keys are often harder to claim than a straightforward theft because timing and finality are less clear.
Table of contents |
No credit card required
Why these losses are harder to claim than people expect
Most people asking about a crypto theft tax loss are really asking a practical question: “I lost the coins, so why would that not simply be deductible?” Tax law is slower and narrower than that. CRA generally wants to know what kind of property was lost, what legal event happened, and whether the loss is sufficiently real and final in the tax year being claimed.
That is why these cases are often harder than an ordinary capital loss on a sale. When you sell crypto, the disposal date and proceeds are usually clear. When crypto disappears in a scam or hack, there may be no cash proceeds, no immediate insurance payment, and no obvious moment when the loss becomes settled beyond dispute. If an exchange collapses, the problem can be even worse because balances may be frozen for years while insolvency or recovery processes continue.
The result is that two taxpayers can both say “I lost my crypto,” but one may have a claimable loss this year while the other may still be in a gray zone where the legal and factual outcome is too uncertain.
How CRA treats stolen, hacked, and lost crypto
CRA’s crypto guidance uses the same broad split it uses for other crypto activity. You report either business income or loss, or capital gain or loss, depending on the facts. That means a long-term investor and a highly active crypto trader may not report the same kind of loss even if both were affected by the same platform failure.
For capital property, CRA’s theft folio is the most useful official anchor. It says that when a taxpayer incurs a loss of a capital asset through theft or embezzlement, any compensation received is treated as proceeds of disposition. More importantly, where no compensation is received for unlawfully taken property, a disposition is considered to occur on the date the loss of the property was discovered.
That rule matters because it gives a legal basis for a capital-loss argument in some theft and hack cases. It does not mean every missing-crypto case qualifies automatically. It does mean CRA already has a framework for treating stolen capital property as disposed of, even where there was no voluntary sale.
For business property, the analysis changes. CRA says a theft loss of trading assets is normally deductible in computing business income if the loss is an inherent business risk and reasonably incidental to the normal income-earning activities of the business. That is why a highly active crypto trader or commercial operator may have a stronger business-loss case than a passive holder who simply lost investment property.
This distinction matters a lot in practice. A hacked wallet held for long-term investment usually points toward capital-loss analysis. A loss inside a genuine trading business may point toward income-account treatment instead.
When a crypto loss may actually be claimable
The key issue is not whether the taxpayer feels poorer. It is whether the loss fits a recognized tax route and has become clear enough to claim.
Here is the simplest way to think about the main scenarios.
That table is not meat to suggest that every case falls neatly into one box. It is there to show that "crypto gone" is not itself a tax cateogory. The legal theory still has to be identified.
A simple hacked-wallet example shows the difference. Suppose you bought ETH for C$8,000 and held it as an investment. Your wallet is drained in a hack, you receive no compensation, and your records clearly show the assets leaving your address on the date the loss was discovered. On a capital-account reading, the theft folio gives you a path to treat that as a disposition of unlawfully taken property where no compensation was received.
That is very different from an exchange freeze where you still have some legal right to recover assets through insolvency proceedings. In that kind of case, the economic pain is real, but the tax loss may be harder to pin to a specific year until the recovery picture becomes clearer.
A brief note on bad debts is also useful here. Taxpayers often use “bad debt” loosely when an exchange collapses or a platform stops responding. But CRA’s business bad-debt rule is much narrower than that. It generally applies where an amount was already included in income and later becomes uncollectible. So not every stuck balance or failed withdrawal can be treated as a bad debt just because recovery looks unlikely.
What proof matters most
This is where many claims succeed or fail.
CRA’s valuation and recordkeeping guidance already requires taxpayers to keep transaction records, determine fair market value when transactions occur, and use a reasonable and consistent valuation method. In a theft, scam, or exchange-collapse file, those same expectations become even more important because there may be no clean sale record to fall back on.
At a practical level, the file should usually preserve:
- wallet addresses and transaction hashes
- exchange statements or screenshots showing the balance before the loss
- the date the loss was discovered
- police reports, scam complaints, or platform incident reports where relevant
- support tickets, emails, or legal notices showing recovery efforts
- the fair market value in Canadian dollars on the relevant date
- adjusted cost base or business-cost support for the lost crypto
The point is not to drown the file in paper. The point is to show a coherent story. CRA is likely to care about four basic things: what you owned, what happened to it, when the loss became real, and whether any compensation or recovery remained possible.
This is why lost private key cases are so difficult. There may be no theft report, no third-party wrongdoer, and no formal insolvency file. The taxpayer may know the coins are gone in practical terms, but proving a completed tax loss can be much harder if the only evidence is “I cannot access the wallet anymore.”
Scam cases can be tricky for a different reason. The transfer may have been voluntary in form, even though it was induced by fraud. That does not automatically kill the loss claim, but it makes the documentation even more important. The stronger the scam evidence, the stronger the file.
How to report the loss
Once the tax route is clear, the reporting side becomes more mechanical. If the loss is on capital account, the normal route is Schedule 3 and then line 12700, with unused net capital losses handled under the usual carryback or carryforward rules. If the loss is on business account, the claim generally follows the T2125 business-income route.
So the clean filing map is:
- Capital-account loss → Schedule 3, capital-loss rules, line 12700, and potentially line 25300 in a later year if unused net capital losses are applied
- Business-account loss → T2125 and ordinary business-loss treatment
A recent example from the courts is helpful as a caution, not as a blanket rule. In the Quadriga-related case involving Bitcoin losses, the taxpayer succeeded on business-account treatment because the facts showed a highly active, profit-driven trading pattern. That does not mean every exchange-collapse victim has a business loss. It means the underlying character of the activity still matters. It is also worth noting that this was a Tax Court of Canada decision, not a CRA administrative position, so it should not be treated as settled policy for every exchange-collapse case.
How cryptact helps
Claims for stolen, hacked, or lost crypto usually become messy because the taxpayer is trying to reconstruct the file after the event. One screenshot shows the balance. Another email shows a support ticket. A blockchain explorer shows the transfer out. Somewhere else there is an old CSV with the original acquisition cost. The problem is not only legal. It is also documentary.
That is where cryptact helps in a practical way. It brings exchange and wallet records together, helps preserve the acquisition history, and makes it easier to support the value trail around the loss date. For users dealing with hacks, scams, or exchange failures, that structure is often the difference between a vague story and a defensible tax file.
In other words, cryptact does not make a weak loss claim magically valid. What it does do is make a valid claim easier to support because the underlying records are cleaner and easier to reconcile.
Conclusion
A good crypto-loss analysis in Canada starts with a simple distinction: was this an investment loss on capital account, or a business loss on income account. Once that is clear, the next issue is whether the loss was real, final, and well documented in the year being claimed.
That is why these cases are never just about the headline event. “Hacked,” “stolen,” “scammed,” or “exchange collapsed” may describe the real-world problem, but CRA still needs a tax route, a reporting form, and supporting records. For many taxpayers, the right route will be Schedule 3 and the capital-loss rules. For others, especially where the facts support business treatment, the loss may belong on T2125.
That is also where cryptact adds real value. It helps keep the acquisition records, wallet history, valuations, and loss-event trail organized enough that your final CRA reporting is much easier to prepare and much easier to defend.
