Two possible legal consequences of this information I can think of off the top of my head (please consult your lawyer about your individual legal situation!):

• Some people may be counting on a limited protection from fraudulent-conveyance actions for certain charitable contributions made by natural persons. See 11 USC 548(a)(2). The allegations would make FTX closer to something like a Ponzi scheme, and the (a)(2) exception does not even potentially apply where the obligation or transfer was made with "actual intent to hinder, delay, or defraud" a creditor. One might think that straight-out stealing money out of customer accounts and then immediately turning it over to a charity would count.
• Certain defenses are available to some transferees who act(ed) in good faith. E.g., 11 USC 550(b)(1) protects certain non-initial transferees who take "for value, . . . in good faith, and without knowledge of the voidability of the transfer avoided." Although one could argue about whether a person or entity already had enough notice about the possibly embezzled nature of the funds, it would seem difficult to establish good faith / without knowledge for any transfers made after senior government officials at SDNY, SEC, and CFTC have made this accusation so clearly.
• Edit to add: It increases the likelihood that everyone involved was "insolvent" when all relevant transfers were made, or were "engaged in business or a transaction . . .  for which any property remaining with the debtor was an unreasonably small capital" for purposes of 11 USC 548(a)(1)(B). That satisfies one of the two major requirements for fraudulent conveyance. 
  • I already thought this was highly probable, so I didn't think to add it at first. (Given FTX's professed business model, I would characterize having assets that were less than 100% of customer deposits as an unreasonably small capital,  but maybe that's just me . . .).

Disclaimer: I am a lawyer, but I am only able to advise on the law of England and Wales.  I have no particular knowledge of the law of the Bahamas, New York or Delaware.  What follows in any case are generic comments: any particular situation will depend on its own facts and you should take specific legal advice.

We have laws to decide what happens in this situation.  These laws generally strike a reasonable balance between the interests of the various groups affected, which is necessarily complex given that some people are bound to get burnt in an insolvency.  This will be a particularly complex case because of the numerous entities involved and the cross-jurisdictional elements.

There is probably a right answer.  Charity trustees must use their funds for their charitable purposes, so unless they are obliged to return the funds, they may well be forbidden from doing so.  If funds are returned, they must only returned to a person who can give good receipt for them, and there may be a dispute as to who that person is.  I would suggest that no funds be returned until confirmation has been obtained from all relevant jurisdictions, and this may take some time.  In particular, it's unclear to me how the US Attorney for SDNY is getting in on this.

In these circumstances, I would strongly suggest that for now, any funds which might be FTX customer funds or otherwise the proceeds of fraud should be held separately pending confirmation of the position.  Where funds have already been disbursed it's probably unnecessary (and not legally possible) to require the grantees to return them, but having been put on notice that the funds may be the proceeds of fraud, making further disbursements risks an accessory liability (which may attach to the individuals responsible).

If a UK charity is uncertain how to proceed, it may well be worth consulting the Charity Commission.  I think particularly it would be worthwhile getting the Charity Commission to approve anything which might look like a voluntary transfer (e.g. if the trustees were minded to comply with a request from a liquidator to return funds without being compelled to do so).

As for an ethical answer, I think it strengthens the argument that many (probably not all!) organizations have been unjustly enriched and need to return some money, even if it has already been "spent." I propose a presumptive guidepost that each grantee has an obligation to return money equal to the benefit it derived from the ill-gotten funds. I don't think "we spent it" is necessarily a sufficient ethical defense, but the calculus will depend on the individual grantee's situation.

Let's take "DonateWisely" as our first hypothetical -- I am basing this off of an organization that I don't think has any significant exposure but for which the concept would be easy to understand. DonateWisely received $125MM from FTX. As a result, it lowered its funding bar from 10 utilions per dollar to 8 utilions per dollar, and the marginal effect of the extra $125MM was that a project at 8 utilons got funded. So DonateWisely's charitable mission has been unjustly enriched to the tune of 1 billion utilons. 

Absent special circumstances, it now needs to disgorge itself of 1 billion utilons to restore itself to the financial state it would be in but for its acceptance of FTX money. But the funding bar is now back to 10 utilons because of the lower amount of funding available to DonateWisely. Thus, disgorgement requires a return of at least $100MM to disgorge 1 billion utilons. (I am not expressing an opinion in this post about whether DonateWisely should return $125MM; the point of this exercise is to set a floor for the principle that the organization should not retain any benefit from the ill-gotten funds, a floor that accounts for certain reliance interests.)

On the other side of the spectrum, we have Jane Smith, an individual who received a $50,000 research grant and actually performed the research before learning of the fraud. But for FTX funding, Jane would have gotten a job at Google at which she would have earned more than $50,000. Jane has not been unjustly enriched at all. (This will generally be the analysis for all employees, vendors, etc. of grantees -- they do not need to feel unjustly enriched.)

I can see two adjustments people may wish to make that I would not generally consider:

• The grantee might have gotten other funding but for FTX. This is speculative. To the extent this is based on an assumption that other funders would have spent more in this space but for FTX, those funders can now demonstrate that by choosing to backfill money for FTX grantees. To the extent a grantee believes that another funder (AF) would have funded them instead of one of AF's actual grantees, I think the grantee is stuck with their choice of funder. In that counterfactual world, someone else got money they would not have received but for FTX's activity -- but there's no way to identify them or persuade them to cough up some repayments. So there is no practical way to offload the FTX grantee's ethical burden onto organizations which received grants from other funders. Of course, if AF-funded organizations wish to share in the pain, that would be ethically salutary but not obligatory. 
• The grantee has probably suffered non-financial damages like reputational loss, stress, disruption, etc. But no one is getting compensated for these sorts of damages (which the depositors have as well), and I think they have to fall where they lie. Otherwise, the grantee is claiming a right to keep some of the benefit of the depositor's funds to offset damages caused by FTX's misconduct. The depositors didn't compel anyone to take FTX money, and the partial relief they will receive should not be further diminished by shielding grantees from the indirect costs of their decision to take money from FTX.
  • That is not intended as a criticism of grantees that took money from FTX -- at least most of whom were innocent and non-negligent. Counterparty risk sucks, and there is a lot of unfair pain that must be distributed somehow. In my opinion, it's not appropriate to ask the depositors to suffer more to cover indirect harms to the grantee attributable to the grantee's choice of counterparty.

Responding to Jason’s comment asking for an example of potential criminal liability: a recent example comes from the ongoing Tom Girardi bankruptcy in Los Angeles, and what is happening with his ex-wife Erika Jayne’s $750,000 diamond earrings.

As background, Girardi was a prominent lawyer in California. It turns out he was stealing his clients’ settlement money and running his law firm as a Ponzi scheme. It imploded in 2021. The firm is now in bankruptcy, and Girardi (who has Alzheimer’s) is in a conservator ship.

Back in 2007, Girardi gave his wife Erika a $750,000 pair of earrings. The jewelry was paid for out of stolen client funds. The bankruptcy trustee wants the earrings returned, to be sold to benefit creditors. Erika claims she innocently received the jewelry and wants to keep it.

The bankruptcy judge ruled for the trustee, accepting the trustee’s argument that once Erika was informed the earrings were proceeds of stolen money, and refused to return them, she then had committed a potential criminal violation of California Penal Code 496 by refusing to return known stolen property.

Here is how the trustee phrased the issue: “Her refusal to turn over the stolen property [the earrings] upon demand when told of its status is a crime, freshly committed, under California’s Penal Code [section] 496(a); and, under 496(c) subjects her to treble damage civil liability.”

And later the trustee states: “when Mrs. Girardi refused to turn over the Earrings to the Trustee, and refused to relinquish her claim of ownership to the Earrings after being advised of her husband’s conduct, she violated California Penal Code [section] 496(a) (refusing to turn over stolen property, after demand, to the rightful owner upon learning the property was obtained by theft or fraud) subjecting her to potential criminal prosecution.”

Erika has appealed the bankruptcy judge’s ruling to the district court, where the appeal is pending.

This is all publicly available, the bankruptcy case number is 2:20-BK-21020-BR; the adversary action against Erika Jayne is 2:21-AP-01255-BR; Erika’s appeal to the district court is 2:22-CV-05176-DSF.

Erika may be in more trouble, according to public reports she may have surrendered less valuable earrings to the trustee than the ones that were purchased for $750,000.

The example that Jason cited does not address the retaining stolen property issue. Minnesota simply reduced its state civil fraudulent transfer statute of limitations to two years, to harmonize with federal bankruptcy law; previously the state statute of limitations had been longer. Significantly, St. Benedict college had spent the donated Ponzi funds years before, so the issue of retaining known stolen proceeds did not arise. That case cite is 901 F.Supp.2d 1233 (D. Minn. 2012).

If a person or entity is still holding unspent donated funds from FTX they may want to read the briefs in the Erika Girardi matter - and consult a lawyer.

(Again, I have never owned any cryptocurrency, and I have no connection whatsoever with FTX or any crypto entity, I am simply an outside observer.)