How crypto businesses can increase the effectiveness and efficiency of AML programs

Compliance officers face myriad challenges in their efforts to build anti-money laundering (AML) programs in the crypto space.

For starters, the crypto ecosystem and its underlying technology are not only evolving rapidly, but an increasing number of illicit networks are layering crypto transactions into their schemes. Historically, illicit actors used crypto mostly for scams, hacks, and darknet marketplace activity. Today, illicit use now extends to sophisticated market manipulation attempts, proliferation financing, terrorist financing, bribery, and other money laundering typologies.

Additionally, regulatory bodies continue to increase their focus on crypto activities. For instance, in 2023, the CFTC filed 96 enforcement actions, resulting in over $4.3 billion in penalties. Approximately half of those actions involved conduct related to crypto activities.

Relatedly, the FCA recently conducted reviews of 44 crypto firms who were registered with the FCA and found "significant levels of non-compliance" with their rules. 2023 also saw some of the largest penalties and criminal actions ever levied in the crypto space. What is clear across these and other regulatory actions against crypto firms is that regulators are increasingly narrowing in on the effectiveness of crypto AML programs.

Blockchain technology and analytics products offer an enhanced toolkit that compliance officers can use to build more effective programs, ultimately helping to better identify and prevent illicit activity on their platforms. Real-time threat intelligence, when integrated into traditional compliance frameworks, is a particularly important piece of this toolkit.

The challenges of a risk-based approach

Even the newest compliance officers will be familiar with the term, “risk-based approach” — the idea that a compliance program applies enhanced controls and processes to areas of the business and customers that present the highest risk. It’s considered one of the bedrock principles of AML compliance. In theory, risk-based approaches would be keyed off of an institution’s risk assessment, which provides guidelines on where one’s firm has the most amount of risk—and thus where to put the most stringent controls.

But in a rapidly evolving space like crypto, where bad actors iterate on tactics quickly, compliance programs anchored on a risk-based approach may struggle to reconcile the results of infrequent, drawn-out risk assessments that can quickly become stale against regulators’ expectations that a program is effective from the start.

Compliance officers in the crypto space have an even greater need for current and actionable intelligence in order to identify illicit actors and the typologies they use to launder funds. To achieve this, real-time threat intelligence can be a powerful tool to apply across your entire AML program: from risk assessments, to customer risk ranking models and enhanced due diligence, to transaction monitoring and sanctions screening. And this intelligence-based approach not only complements a risk-based approach, but can significantly enhance the effectiveness and efficiency of AML programs.

Bolstering a traditional risk-based approach with real-time threat intelligence

TRM generates several different types of intelligence to paint a dynamic picture of on-chain risk.

1. Open source intelligence (OSINT): generated by scraping data from hundreds of millions of websites, across dozens of languages and countries. This includes monitoring dark web posts, litigation documents, regulatory designations, social media platforms, and Telegram channels. Blockchain intelligence solutions like TRM incorporate this type of OSINT data to begin finding addresses and methods that bad actors are using involving crypto.
2. Threat intelligence: generated via a threat hunter approach to identify additional networks of bad actors, plus methods, preferred venues, and laundering typologies. This approach is critical in tracking the most elusive and hard to reach elements in the illicit crypto economy. It also ensures that TRM is identifying the most salient risks and typologies that illicit actors are using today in order to help compliance teams keep their programs agile and responsive.
3. Behavioral Intelligence: generated from models that surface suspicious behavioral anomalies across transactions that are unique to the blockchain. In 2020, TRM launched Signatures, allowing investigators to quickly find and plot sophisticated money laundering techniques and other typologies on-chain. These behavioral identifications are also specifically designed to identify bad actors that may be sophisticated in masking their connections to high-risk venues that would otherwise alert compliance teams (e.g., darknet markets).

These three layers create a robust, multi-dimensional intelligence collection framework that surfaces a more timely, actionable picture of risk, enhancing the effectiveness of a compliance team's risk identification and control mechanisms.

Beyond data collection: Making risk assessments more targeted

Leveraging real-time threat intelligence is not just about collecting data; it’s about transforming it into actionable insights that compliance officers can use.

By integrating these three sources of intelligence, your risk assessments can become more targeted, current and quantifiable. Additionally, it can enhance customer risk rankings, providing the precision needed to trigger investigations or refresh diligence.

To learn more about how these tools can be applied to the current state of digital asset regulation as part of an effective, future-thinking crypto compliance program, check out this whitepaper.