Anti-money laundering compliance on the chain cannot rely solely on the cognitive blind spot of using a single blockchain analysis tool (BATs): looking at the world with one eye, it also needs to be combined with off-chain fiat currency anti-money laundering (AML) transaction monitoring solutions.
Compiled by: Will Awang, Investment and Finance Lawyer, focusing on Web3 & Digital Assets; Independent Researcher, specializing in tokenization, RWA, payment, and DeSci
Currently, the anti-money laundering (AML) field in cryptocurrency is mainly dominated by blockchain analysis tools (Blockchain Analytics Tools, BATs), such as Chainalysis and Elliptic. Although these tools have strong on-chain capabilities, once cryptocurrencies are more integrated with real-world scenarios—such as stablecoin payments—how can one ensure on-chain fund/wallet safety and compliance while meeting off-chain real-world anti-money laundering compliance requirements? This is the most critical point of concern for stablecoin payment scenario expansion and a question that anti-money laundering compliance must answer.
While current crypto exchanges can use blockchain analysis tools (BATs) and bind the platform's user KYC information—KYA wallet + KYT asset + KYC user information—to achieve relatively compliant anti-money laundering measures and risk monitoring. However, for stablecoin payments in consumer scenarios, there are still loopholes, especially in current stablecoin retail payment social entertainment scenarios.
The latest research by Singapore-licensed digital asset service provider MetaComp has torn off the "fig leaf" of industry risk control. The report tracked over 7,000 real on-chain transactions and found that if relying only on 1-2 KYT (Know Your Transaction) tools for screening, about 25% of high-risk transactions would be misjudged as "safe" and allowed to proceed. In other words, a quarter of potential threats slip away right under their noses—this is no longer a risk control "blind spot" but a "black hole" that devours risks.
Therefore, anti-money laundering compliance on the chain cannot rely solely on the cognitive blind spot of using a single blockchain analysis tool (BATs): looking at the world with one eye, it also needs to be combined with off-chain fiat currency anti-money laundering (AML) transaction monitoring solutions. Thus, we have compiled an article from Deloitte: Conquering Crypto Crime to explore a solution that combines blockchain analysis with real-time transaction monitoring, believing this approach will promote further implementation of stablecoin payment scenarios.
Introduction
Blockchain technology and cryptocurrencies have received significant attention in recent years. However, their pseudo-anonymity—and in some cases complete anonymity—makes these technologies easily exploited for money laundering activities. Blockchain analysis tools (BATs) are currently at the forefront of combating money laundering threats in the crypto industry. Companies like Chainalysis, Elliptic, and Scorechain collect risk data about pseudo-anonymous and anonymous blockchain addresses and perform cluster analysis to integrate insights.
For example, if a blockchain analysis tool (BAT) identifies a blockchain address related to a ransomware attack, it will absorb and store the address and its associated risk information. However, despite their effectiveness, current methods and tools still have several limitations:
- End-to-end fiat and crypto asset monitoring: BATs often lack the ability to track the exchange flow between fiat currency and cryptocurrencies, which is a key link in the money laundering chain.
- Pattern analysis: BATs typically can only identify suspicious transactions or behavior patterns based on simple rules, making it difficult to detect more complex anomalies, which does not meet regulatory requirements and limits the depth of money laundering identification.
- Indirect risk scoring: Since only a few blockchain addresses are directly associated with confirmed criminal activities, BATs can only provide indirect risk scores. For such indirectly scored addresses, analysts often face significant subjective judgment space when deciding whether to submit a suspicious activity report (SAR).
In addition to low detection rates (thus increasing the risk of money laundering), these limitations can also lead to technical deficiencies in complying with current anti-money laundering laws and regulations. Regulators typically require (directly or indirectly) compliance with known crime typologies issued by financial intelligence units (FIU) and/or law enforcement agencies. Typology cases published by national financial intelligence units and the Financial Action Task Force (FATF) often cover mixed transactions between fiat and cryptocurrencies and more complex behavior patterns, which cannot be fully covered by blockchain analysis tools (BATs) alone.
Moreover, these shortcomings also lead to inefficient alert processing. Addresses with indirect associations with tainted addresses and in the medium risk level often trigger numerous alerts while providing limited additional risk information. These alerts are usually ultimately classified as false positives, forcing operational personnel to spend considerable time processing difficult-to-decide alerts—efforts that often prove futile.
I. Supplementing Blockchain Analysis Shortcomings with Real-time Transaction Monitoring
The above limitations highlight the necessity of complementing blockchain analysis tools (BATs) with anti-money laundering (AML) transaction monitoring systems widely used in fiat currency domains. These systems are designed to process fiat transactions and can analyze based on complex scenario models. Combining BAT with AML transaction monitoring systems "adapted to crypto assets" can jointly overcome their respective limitations.
1.1 Bridging Fiat and Crypto Asset Transactions
To achieve effective risk management, monitoring systems should link fiat and crypto asset transactions to present the customer's overall behavior, such as through customer numbers or account IDs. Especially for crypto exchanges with both transaction data types, this approach can reveal insights impossible to detect through a single dimension (crypto or fiat only). Key typologies focus on the complete crypto customer journey: from depositing fiat, trading various crypto assets, to ultimately withdrawing fiat to another bank account.
1.2 Complex Transaction Pattern Analysis
To achieve efficient and effective money laundering detection, known (but undetected) complex money laundering behavior patterns must be identified. While modern BATs allow rule creation, they are often limited to simple, one-dimensional standards (like amount thresholds). More complex rule sets, even AI-based models - as used by many modern AML transaction monitoring systems - can help operators discover common and complex suspicious behaviors like "money muling" and account passthrough.
1.3 Incorporating Customer Risk Data
Although the traditional fiat domain has not fully integrated static "Know Your Customer" (KYC) data with dynamic transaction data, modern AML transaction monitoring systems now support this comprehensive view, enabling operators to leverage all available customer data for optimal risk detection. In the crypto realm, due to the pseudo-anonymous nature of blockchain transactions, linking customer data with transaction data is particularly critical. To achieve comprehensive risk detection and cover all typology scenarios issued by regulators, static customer data, dynamic transaction data, and risk information provided by BATs must be integrated.
4.1 Bridging Fiat and Crypto
The Hawk platform can read various transaction data - including standard fiat transaction protocols like SWIFT and SEPA, and also covering crypto asset transaction data. The system can simultaneously capture fiat and crypto transactions, thus enabling cross-data source pattern identification.
For example: A new customer of a crypto exchange first deposits a large amount of fiat currency, then quickly converts it into multiple cryptocurrencies; within a short time, they transfer split small-amount crypto assets to multiple external addresses. Since BATs can only track on-chain crypto asset flows and cannot capture this classic "layering" technique often used by money launderers in crypto exchanges, Hawk can completely identify the entire money laundering chain by synchronously monitoring fiat and crypto transactions.
4.2 Integrating Blockchain Analysis and KYC Customer Risk Information
Besides simultaneously processing fiat and crypto transactions, Hawk has also established standardized integration with BAT suppliers, embedding BAT risk scores into its rules and models to provide additional anti-money laundering insights.
Using the previous example, applying BAT wallet risk scores to the identified money laundering scheme can provide further clues about external wallets used for fund extraction. These wallets might be directly or indirectly associated with marked illegal activity addresses, such as ransomware revenue receiving addresses. Consequently, alerts will obtain richer contextual information, helping operational staff more accurately determine whether the behavior is potentially illegal.
The out-of-the-box Hawk solution will also automatically inject other relevant customer risk information (KYC) into alerts. When suspicious activity is detected, the system synchronously attaches background information (such as geographical location, occupation information, watchlist, and negative media search results). In the aforementioned example, the customer is registered in Germany but logs in using a device with a Vietnamese IP address - these details provide valuable context for investigation.
Ultimately, all information is aggregated into a unified case management system, with transaction and customer-related data comprehensively presented at once. The system also supports maximizing subsequent process automation, such as automatically generating and submitting suspicious activity reports (SAR).
4.3 Overlaying AI, Entering a New Era of Crypto Transaction Monitoring
A core task of Hawk is to overlay transparent and explainable AI on all relevant data to further enhance transaction monitoring effectiveness. Hawk's AI models specifically incorporate crypto signals into detection and false positive reduction models, fully utilizing transaction data, customer information, and risk data provided by BATs.
This approach not only enables the model to precisely identify illegal money laundering techniques but also addresses the core challenge in current crypto transaction monitoring: many results from BATs fall in a "gray area" that analysts find difficult to definitively assess as suspicious. Hawk's crypto model integrates the latest data analysis technologies and leverages all transaction and customer data, allowing operational staff to precisely filter these "gray" alerts and avoid wasting significant human resources.
