There can be distinguished four components of an Anti-Money Laundering (AML) risk evaluation in the blockchain; the address, asset, transaction and the beneficiary owner.
These critical ingredients are able to paint a comprehensive risk profile of any actor operating in the crypto world who may be associated with nefarious activities such as ransomware attacks, crypto exchange hacks, terrorism financing and a plethora of other blights on the integrity of the crypto space.
By analyzing these data points through intelligent algorithms, advanced RegTech AML solutions such as those provided by Coinfirm enable any obliged entity to comprehensively manage risk. Even when money launderers use layering of transactions, mixers/tumblers in the darknet and in-built privacy protocols in wallets or coins.
The address is defined by a unique string of characters to which funds are assigned in the ledger.
An individual or entity may possess multiple addresses on multiple blockchain networks whilst the same address may exist on a number of different blockchain networks.
Addresses comprise a major part of the ‘fingerprinting’ profile that helps to build the knowledge of compliance professionals/departments and regulators before launching investigations and criminal law enforcement. In blockchain AML, clustering algos are used to figure out from one address which are the other addresses of the owner.
An address is automatically generated by a wallet. Some wallets additionally cater to more privacy-orientated customers that abuse obfuscation techniques to carry out money laundering activities, such as CoinJoin-enabled wallets.
The crypto asset may be held on or transferred between addresses; there may be multiple different crypto asset types held on one blockchain address, for example, Ether and other tokens may be held on the same Ethereum blockchain address owing to them sharing the ERC-20 standard.
Some types of crypto assets have been built with total privacy in mind. These so-called ‘privacy coins’ can have different regulations around their usage and ownership, as they are more difficult – but not impossible – to trace.
The operation of funds transfer or other command sent between blockchain addresses; one blockchain transaction may transfer from the set of more than one blockchain addresses owned by the author of the transaction to another set of more than one blockchain addresses (so-called ‘multiple input-multiple output transactions’); the same addresses may occur both in inputs and outputs of the transaction; one blockchain transaction may contain the command to execute another blockchain transaction.
Many money launderers are transacting with themselves through numerous addresses or entities to attempt to obfuscate the source, path and final destination/beneficiary of the tainted funds, i.e. ‘transaction layering’.
One transaction may need to be signed by more than one entity to transfer funds from so-called multi-signature or ‘multisig’ addresses. These two or more entities are called ‘copayers’ and are typically composed of a number of devices.
The entity or individual identified found as managing (owning) the private keys, allowing to distribute funds from one or more addresses corresponding to these private keys; one owner may hold the private keys to multiple blockchain addresses; owner being an obliged institution may hold private keys on behalf of beneficiaries other than the owner themself (e.g. clients of the crypto exchange).
Identifying the beneficiary of addresses, funds and transactions is of critical importance in combatting money laundering. Hence, stringent Know Your Customer (KYC) checks must be utilized by all obliged entities that could unknowingly be part of the ‘transaction’ phase of money laundering activities, and Enhanced Due Diligence (EDD) policies followed when red flag indicators arise.
Transactions and owners frequently contain blockchain addresses of multiple various counterparties and beneficiaries. Therefore, the most accurate, prudent, and realistic risk evaluation is typically the evaluation of individual addresses.
Furthermore, the address evaluation should typically include transfers of all types of digital assets to and from that address as one asset may be clear and the other illicit. Additionally, illicit funds incoming to a specific blockchain address should automatically affect all known blockchain addresses belonging to the same beneficiary.
The risk evaluation of the transaction, owner or digital asset could provide an additional perspective, however, it should be usually supplemented with an evaluation of individual blockchain addresses contained within.