Crypto Regulations | December 8, 2020

FATF red flag indicators for crypto service providers

by the Crystal analytics team

When do VASPs need to employ the services of crypto AML and KYT compliance software companies to adhere to the FATF “red flag risk indicator” guidelines?

Background to the 2020 Virtual Asset Red Flag Indicators

In July 2020 there was a review of 2019 Financial Action Task Force (FATF) guidelines for virtual assets. As part of the review, it was stated that specific red flag indicators would be provided to service providers by Autumn, to give Virtual Asset Service Providers (VASPs) further risk monitoring and risk assessment guidelines for spotting potential money laundering, or terrorist financing, or other illicit activities using cryptocurrencies through their services.

The September 2020 report on “Virtual Assets Red Flag Indicators of Money Laundering and Terrorist Financing” describes potential cases that may indicate a connection with money laundering and other illegal activities. The focus of monitoring potential ML and TF is on the patterns of deposits and withdrawals, as well as on the use of IP and other data to assess risk.

What the VA Red Flag Indicators mean for Service Providers

The red flag indicators included in this report are based on more than one hundred case studies contributed by various jurisdictions ranging from 2017-2020. This report should also facilitate entities who are submitting applications of risk-based approaches to meet particular Customer Due Diligence requirements. These reports require knowing who their clients are and who the beneficial owners are while understanding the nature and purpose of the business relationship between client and beneficial owner and also understanding the source of crypto funds.

The mere presence of a red flag indicator is not necessarily a basis for a suspicion of money-laundering (ML) or terrorist financing (TF) but the indicators could prompt further monitoring and examination of the same. Ultimately, a client may be able to provide an explanation to justify the red flag, with business or economic purposes for the transaction.

Cryptocurrency service providers should keep in mind that right now a broad target audience is being affected by these indicators, and therefore risk indicators should be taken within context. But the guidelines must also be taken seriously as implementation will eventually be mandatory.

What tools do VASPs need to comply fully and manage their risk with crypto transactions?

How Crystal’s Compliance Software Works for Determining Red Flag Indicators

With Crystal Blockchain’s automated service, VASPs can monitor potentially risky transactions and transaction patterns, identify and highlight any possible risky sender or recipient Information, and observe and assess likely risky sources of funds or wealth.

Try Crystal Blockchain to meet your crypto compliance requirements

Monitoring Transactions and Transaction Patterns

Crypto service providers can monitor transactions on all major blockchains 24/7, in real-time, to assess the risk of incoming and outgoing transactions, whether they be high-value (staggered or regular) transactions, transactions involving multiple virtual assets, multiple accounts, or transactions with no logical business explanation. They can also monitor entities making frequent transfers in a certain period to the same account by more than one person, from the same IP address, or with transactions concerning large cryptocurrency amounts.

Users can assess the language in virtual asset message fields to understand if they are indicative of illicit activity. They can follow unknown sources of funds and they can monitor the structuring of transactions in small amounts, or in amounts under record-keeping or reporting thresholds, similar to structuring cash transactions to identify potentially illicit activity.

They can identify if funds are suspected as stolen or fraudulent, by assessing if the crypto transferred to or from wallets are connected with mixers or P2P services. Users can spot transactions from mixers, or those with exposure to dark markets, mixers, questionable gambling, ransomware, or theft reports. They can also identify the use of ATMs by location.

Assessing Sender or Recipient Information

Transactions initiated from non-trusted IP addresses or IP addresses from sanctioned jurisdictions can be monitored by crypto service providers. VASPs can also see where entities provide inaccurate information about the transaction or the source of funds. As well as that, they can monitor transactions that have been made with attempts to obfuscate the source of funds.

Understanding Sources of Funds or Wealth

VASPs can monitor and assess entities transacting with virtual asset addresses or bank cards that are connected to known fraud, extortion, or ransomware schemes, sanctioned addresses, darknet marketplaces, or other illicit websites. Service providers can see where virtual asset transactions originated from or if the funds are destined for online gambling services. They can also tell if a customer’s funds are sourced directly from third-party mixing services or wallet tumblers.

Taking Account of Geographical Risk

VASPs can identify where a customer’s funds originate from or are sent to, and they can see if it is an exchange that is not registered in the jurisdiction where either the customer or exchange is located. Service providers can also see if a customer utilizes a virtual asset exchange or foreign-located Money or Value Transfer Services (MVTS) in a high-risk jurisdiction. They can also tell if a customer sends funds to VASPs operating in jurisdictions that have no virtual asset regulation, or have not implemented AML/CFT controls.

Sign up for the Crystal Blockchain monthly newsletter for important regulatory updates

Be the first to get news from Crystal