AB 2335 extends California’s unclaimed property framework to "digital financial assets" held by business associations by creating a three-year dormancy trigger and a prescriptive notice regime before transfer to the state. The bill ties dormancy to either returned communications or the absence of any owner activity, spells out what counts as "exercise" of ownership, and requires holders to document owner contact that restarts the dormancy clock.
The bill matters because it forces custodial platforms, exchanges, and other business holders of digital assets to build unclaimed-property workflows that track communications, owner interactions, and partial-key situations, and to deposit escheated assets into a Digital Asset Reserve Fund. That raises operational, custody, and legal questions for firms that already struggle with private-key mechanics and volatile asset custody.
At a Glance
What It Does
AB 2335 treats digital financial assets held by business associations as escheatable after three years of inactivity measured either from a returned written/electronic communication or from the last exercise of ownership. It mandates a specific notice form and window, allows electronic notice with owner consent, and requires holders of partial keys to try to obtain remaining keys within 60 days.
Who It Affects
Custodial crypto exchanges, custodial wallet providers, payment processors and any "business association" holding digital financial assets on behalf of customers, plus the California State Controller who will receive and hold escheated digital assets in a new Digital Asset Reserve Fund.
Why It Matters
The bill brings digital assets squarely within California’s Unclaimed Property Law, creating new compliance obligations and operational risks—especially around key management, notice delivery to pseudonymous accounts, and secure state custody of volatile tokens.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
AB 2335 grafts digital financial assets onto California’s Unclaimed Property Law by defining when those assets become "unclaimed" and by prescribing how holders must notify owners before turning assets over to the state. The bill gives two alternative dormancy triggers: (1) a written or electronic communication that is returned undelivered, or (2) three years from the last exercise of an ownership interest when the holder either does not send communications or cannot systematically track nondelivery.
The Legislature uses the ordinary escheat backstop in Section 1510 to bring assets to the Controller once the dormancy and notice requirements are satisfied.
The bill supplies a working definition of what counts as an "exercise of an act of ownership," including transacting (buys, sells, deposits, withdrawals), electronic access to the account, activity with another account held by the same holder, or any other act demonstrating that the owner knows the property exists. Crucially for operations, the holder must record communications or contacts (including telephone or electronic contact) in a memorandum; that documentation restarts the three-year clock.
If the holder has a mailing address it must send certified mail (return receipt requested); otherwise, an owner who has consented to electronic service may be contacted electronically.Notice timing and content are tightly specified. Holders must send the required notice between six and 12 months before the asset becomes reportable to the Controller.
The notice must display a required heading, warn that property may be transferred to the state, identify the asset by a short identifier (no more than four digits), state that assets will be placed into a Digital Asset Reserve Fund if escheated, and include a Controller-prescribed form by which the owner can confirm an address and restart the dormancy period. The holder can accept a returned signed form or document a telephone/electronic contact as evidence that restarts the period.Operationally the bill also addresses partial-key situations: any holder who possesses part of a key for a digital asset set for escheat must attempt to obtain the minimum number of keys required to transfer the asset within 60 days of determining the asset is eligible.
That provision forces holders to engage in key-recovery or coordination efforts before surrendering the asset, which creates practical and security challenges. Finally, once assets are escheated they are to be transferred under the existing Controller process and held in a Digital Asset Reserve Fund pending identification of the rightful owner.
The Five Things You Need to Know
AB 2335 makes digital financial assets escheatable after three years measured from either a returned written/electronic communication or the last exercise of ownership.
If a holder has a mailing address not known to be inaccurate, it must send certified mail (return receipt requested); otherwise, notice may be electronic with owner consent.
Holders must send the statutorily prescribed notice not less than 6 months and not more than 12 months before the asset becomes reportable to the State Controller.
The notice must identify the asset by an identifier (no more than four digits), warn of escheat, state assets will go into a Digital Asset Reserve Fund, and include a Controller-prescribed address-confirmation form that restarts the dormancy period if returned.
A holder who controls any partial key for an asset subject to escheat must attempt to obtain the minimum keys required to transfer the asset within 60 days of determining eligibility for escheatment.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Escheat triggers and three‑year dormancy rule
This subsection creates the core escheat rule for digital financial assets: they escheat to the state if unclaimed for more than three years measured either from a returned written/electronic communication or from the date of the last exercise of ownership when the holder does not send communications or cannot monitor nondelivery. Practically, it forces holders to choose and document a dormancy measurement approach and to build systems to detect returned electronic communications as well as postal returns.
Stopping the clock: owner activity and records
Subdivision (b) stops the dormancy clock immediately upon an owner’s exercise of ownership or any written, oral, or electronic contact with the holder, provided the holder keeps a memorandum or other record. Subdivision (c) lists what constitutes an "exercise"—transactions, electronic access, activity in another account with the same holder, or any action reasonably showing the owner knows the asset exists. For compliance teams this creates a record-keeping trigger: documented contact (even telephone or electronic) restarts the three‑year period.
Determining jurisdiction: last known address rules
This subsection defines the "last known address" for jurisdictional purposes as either the address used for first‑class mail delivery or any state-identifying code/description. If both exist and conflict, the first-class mail address controls. This matters for holders with scant address data or only state codes—jurisdictional disputes and reporting obligations hinge on which data point is authoritative.
Notice mechanics, timing, and content requirements
If a holder has a mailing address not known to be inaccurate it must send certified mail; absent a mailing address but with owner consent, notice may be electronic. Notices must go out between six and 12 months before the asset is reportable to the Controller and must carry a prominent heading and prescribed language. The statute prescribes several formatting and content requirements: a boldface or larger-font callout that there’s been no owner interest, a short asset identifier (up to four digits), a clear statement that assets are in danger of escheat, and inclusion of a Controller-prescribed form to confirm address. The holder can also accept a telephone or electronic contact as a restart event, but it must document that contact in a memorandum.
Address-confirmation form and restart mechanics
The Controller-prescribed form lets an owner confirm current address; returning a signed form or otherwise contacting the holder restarts dormancy. Holders may instead provide a phone number or electronic means for owners to contact them; documented contact in the holder’s records functions as the same restart. This is a practical compliance control: holders must store the form or contact memorandum and wire that evidence into their escheat workflows.
Additional notices and partial-key obligations
Holders may give extra notices between last owner interest and transfer to the Controller. Importantly, subdivision (i) compels any holder of a partial key for a digital asset to attempt to obtain the minimum number of keys necessary to transfer the asset within 60 days of determining the asset is eligible for escheatment. This introduces a duty to perform key-recovery or coordination activities before surrendering custody, which has both operational and security implications for multi-signature or split-key custody arrangements.
This bill is one of many.
Codify tracks hundreds of bills on Finance across all five countries.
Explore Finance in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Owners of dormant accounts — the statutory notice requirements and restart mechanics increase the chances that rightful owners will be contacted and can reclaim assets before escheat.
- California State Controller — receives a defined process and a Digital Asset Reserve Fund to centralize escheated digital assets and manage claims, simplifying state-level custody and claims workflows.
- Recipients of escheated assets in the interim — by requiring a reserve fund rather than immediate liquidation, the bill provides the Controller a vehicle to hold assets while owners claim them, preserving the possibility of asset return rather than forced conversion.
Who Bears the Cost
- Custodial exchanges and custodial wallet providers — must implement tracking for communications, activity, documentation, certified-mail workflows, and key-recovery processes, creating compliance, operational, and security costs.
- Holders with partial-key custody arrangements (multi-sig services, custodial partners) — must undertake sometimes difficult and risky attempts to assemble missing keys within 60 days, potentially exposing operations to coordination or security trade-offs.
- California State Controller’s office — assumes custody, security, and administrative burdens of holding volatile digital assets in the Digital Asset Reserve Fund and adjudicating future claims, likely requiring technical, legal, and security resources.
Key Issues
The Core Tension
The central dilemma is between protecting owners (by requiring robust notice and preserving assets in a reserve fund so owners can reclaim them) and imposing demanding operational and security responsibilities on holders and the state (key recovery, certified notices, custody of volatile assets) that could increase costs, create security risks, and strain enforcement capacity without clear technical standards.
The bill resolves a policy gap by targeting business-held digital assets, but it leaves several operational and legal questions open. First, the requirement to attempt to obtain missing keys in 60 days places holders between competing priorities: they must avoid weakening security or creating new attack vectors while attempting key recovery, yet they face an obligation to effectuate transfers before escheat.
The statute does not specify safe, standardized recovery procedures, dispute-resolution rules when multiple parties claim keys, or how to treat keys held by third-party custodians across jurisdictions.
Second, the notice regime relies on mailing addresses and owner consent to electronic service, which clashes with the pseudonymous nature of many crypto accounts and with holders that do not collect verifiable postal addresses. Requiring certified mail for holders that do have addresses may be awkward or impossible in cases where the owner’s contact information is an on‑chain identifier.
The statute’s formatting and identification prescriptions (e.g., four-digit identifiers) are practical but create edge cases: how to identify token contracts, NFTs, or asset baskets that lack a conventional account number.
Third, placing escheated digital assets into a Digital Asset Reserve Fund raises custody, valuation, and risk-management questions: who secures private keys for the state, how will the Controller handle forks, airdrops, token upgrades, or illiquid assets, and will the state liquidate volatile tokens? The bill does not provide operational standards for the Controller’s custody, insurance, or valuation practices, nor does it address conflicts with federal law, cross-border issues, or how taxes and reporting will be handled on escheated assets.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.