What Is anti-money laundering (AML)?
Anti-money laundering (AML) refers to the comprehensive framework of laws, regulations, policies, and procedures that financial institutions, cryptocurrency exchanges, and other regulated entities implement to detect, prevent, and report money laundering, terrorist financing, and other financial crimes. AML compliance is a legal obligation enforced by regulators including FinCEN (the Financial Crimes Enforcement Network), the Financial Action Task Force (FATF), and supervisory authorities in every major jurisdiction.
In the cryptocurrency industry, AML obligations extend to virtual asset service providers (VASPs)—exchanges, custodians, payment processors, and stablecoin issuers—that must implement AML programs equivalent to those required of traditional financial institutions. Blockchain analytics has transformed crypto AML compliance by making on-chain transactions traceable and attributable, giving compliance teams and law enforcement agencies visibility into suspicious activity that would be difficult or impossible to detect through traditional monitoring alone.
An effective AML compliance program integrates know your customer (KYC) verification, transaction monitoring, sanctions screening, suspicious activity reporting (SAR filing), employee training, and independent auditing into a unified framework designed to combat money laundering at every stage.
Why does anti-money laundering matter?
Scale of Global Money Laundering
The United Nations estimates that between 2% and 5% of global GDP—approximately $800 billion to $2 trillion—is laundered annually. Money laundering enables drug trafficking, terrorist financing, human trafficking, tax evasion, corruption, and sanctions evasion. Without AML infrastructure, the financial system becomes a vehicle for criminal organizations to convert proceeds of crime into usable funds.
Financial institutions that fail to combat money laundering face consequences beyond regulatory fines. They risk becoming conduits for illicit activity, suffering reputational damage, losing banking relationships, and exposing the broader financial system to systemic risk.
Regulatory Mandate and Penalties
AML regulations carry severe penalties for non-compliance. In the past five years alone, global AML fines have exceeded $10 billion. Individual enforcement actions have reached into the billions: Binance paid $4.3 billion (2023), Danske Bank paid $2 billion (2022), and Westpac paid AUD $1.3 billion (2020). Beyond monetary penalties, AML failures can result in criminal prosecution of executives, revocation of licenses, and forced exit from markets.
The regulatory mandate is clear and expanding. The Bank Secrecy Act (BSA), the Anti-Money Laundering Act of 2020 (AMLA), MiCA, and FATF Recommendations all require regulated entities to maintain AML programs proportionate to their risk exposure. FinCEN, the Department of the Treasury, and their international counterparts actively examine and enforce these requirements.
The Cryptocurrency Dimension
Cryptocurrency was once perceived as a blind spot for AML compliance. That perception is outdated. Blockchain analytics now enables real-time monitoring of on-chain transactions across 1,000+ assets and protocols, with Chainalysis providing attribution for over 40% of global crypto activity. Every transaction on a public blockchain leaves a permanent, auditable record—making crypto, in many ways, more transparent than traditional cash-based financial transactions.
The challenge is not that crypto is anonymous; it is that crypto AML requires specialized tools and expertise. Traditional AML software designed for wire transfers and bank account monitoring cannot interpret blockchain data. Crypto AML compliance requires blockchain-native infrastructure that understands on-chain risk indicators, cross-chain fund flows, and the typologies specific to digital asset money laundering activities.
How does AML work? Key components
An effective AML program is built on regulatory requirements codified in the BSA and reinforced by FATF standards. The following components represent the operational core of AML compliance.
The Five Pillars of AML
The five pillars of AML are the foundational requirements for every AML compliance program in the United States. Regulators evaluate AML programs against these pillars during examinations:
- Designation of an AML Compliance Officer: A qualified individual with authority, resources, and direct access to senior management, responsible for the design and day-to-day management of the AML program.
- Internal Policies, Procedures, and Controls: Written AML policies that define how the organization identifies, monitors, and reports suspicious activity, including escalation procedures and record keeping requirements.
- Ongoing Employee Training: Regular AML training for all relevant staff, covering regulatory requirements, red flag identification, SAR filing procedures, and crypto-specific typologies where applicable.
- Independent Testing / Audit: Regular independent review of the AML program’s design and effectiveness by qualified internal or external auditors.
- Risk-Based Customer Due Diligence (CDD): Procedures for verifying customer identity, assessing customer risk, and conducting enhanced due diligence on higher-risk relationships.
AML Screening
AML screening checks customers, counterparties, and transactions against sanctions lists (OFAC SDN, EU, UN), politically exposed person (PEP) databases, and adverse media sources. Screening occurs at onboarding and on an ongoing basis to ensure that organizations do not facilitate transactions with sanctioned entities or individuals involved in illicit activity.
In crypto, AML screening extends to wallet addresses. Compliance teams screen deposit and withdrawal addresses for connections to sanctioned entities, darknet markets, mixers, scam wallets, ransomware, and other high-risk categories using blockchain analytics. This wallet-level screening is unique to crypto AML and represents a critical layer that traditional AML software cannot provide.
AML Transaction Monitoring
AML transaction monitoring is the ongoing review of customer transactions to detect suspicious patterns: unusual volumes, rapid movement of funds, structuring below reporting thresholds (the $3,000 or $10,000 rules for currency transaction reports), and interactions with high-risk entities. Effective transaction monitoring generates risk-based alerts that compliance analysts investigate and, where warranted, escalate to suspicious activity reports.
In crypto, transaction monitoring is performed through KYT (Know Your Transaction) systems that screen every on-chain transaction in real-time against risk indicators. Chainalysis KYT monitors transactions across 1,000+ assets and protocols, reducing false positives by up to 90% compared to rules-based systems and enabling compliance teams to focus on genuinely suspicious transactions.
AML Risk Assessment
An AML risk assessment evaluates the money laundering and terrorist financing risks an organization faces based on its customers, products, services, geographic exposure, and delivery channels. Risk assessments inform the calibration of monitoring rules, screening thresholds, and due diligence requirements. Regulators expect documented, regularly updated risk assessments as part of every AML program.
In crypto, AML risk assessments must account for exposure to DeFi protocols, cross-chain bridges, privacy coins, mixers, and unhosted wallets. These risk factors are unique to digital assets and require blockchain-specific data to evaluate accurately.
AML Compliance Program
An AML compliance program is the comprehensive system of policies, procedures, controls, and personnel that an organization implements to meet its anti-money laundering obligations. An effective AML program integrates KYC, transaction monitoring, sanctions screening, suspicious activity reporting, training, and independent testing into a unified compliance framework aligned with the five pillars.
For crypto businesses, an AML compliance program must also address crypto-specific requirements: blockchain analytics integration, VASP-to-VASP information sharing under the Travel Rule, wallet screening procedures, and protocols for handling exposure to illicit on-chain activity. The AML program must be documented, regularly reviewed, and updated as AML regulations evolve.
AML Audit
An AML audit is an independent review of an organization’s AML program to evaluate its design, implementation, and effectiveness. Audits identify weaknesses in transaction monitoring, customer due diligence, SAR filing practices, record keeping, training, and overall compliance posture. Regulators expect regular independent AML audits—typically annual—conducted by qualified parties with no operational role in the AML program.
AML audits in the crypto industry should include review of blockchain analytics tool configuration, alert disposition practices, screening coverage across supported assets, and compliance with jurisdiction-specific crypto AML regulations.
AML Red Flags
AML red flags are indicators of potentially suspicious activity that should trigger further investigation. In traditional finance: transactions just below reporting thresholds (structuring), rapid movement of funds through multiple accounts, transactions with no apparent economic purpose, and cross-border wire transfers to high-risk jurisdictions.
In crypto, AML red flags include: mixer or tumbler usage, interactions with sanctioned addresses, deposits from darknet markets, rapid cross-chain bridging to obscure fund trails, peel chain patterns, large-value transactions inconsistent with customer profile, and exposure to wallets associated with ransomware, scams, or stolen funds. Blockchain analytics tools automate the detection of these on-chain red flags in real-time.
AML Framework and Regulatory Landscape
The global AML framework is built on overlapping national and international regulations:
FATF (Financial Action Task Force): Sets the international AML/CFT standards. FATF Recommendations are the baseline that national regulators implement. FATF guidance extends AML obligations to VASPs and defines the Travel Rule for crypto.
Bank Secrecy Act (BSA) / FinCEN: The foundational U.S. AML law (1970). Requires financial institutions to maintain AML programs, file SARs and currency transaction reports (CTRs), and maintain records. FinCEN is the primary U.S. AML enforcement body.
USA PATRIOT Act (2001): Expanded BSA requirements, added customer identification program (CIP) mandates, and introduced enhanced due diligence for correspondent banking and foreign bank relationships.
Anti-Money Laundering Act of 2020 (AMLA): The most significant update to U.S. AML law in decades. Expanded beneficial ownership requirements, mandated studies on emerging technologies and virtual currencies, and enhanced whistleblower protections.
EU Anti-Money Laundering Directives (AMLD) / MiCA: The EU’s AML framework, now in its sixth directive. MiCA (2024–2025) establishes a comprehensive crypto regulatory framework including AML obligations for all crypto-asset service providers operating in the EU.
AML Officer
The AML compliance officer (or BSA officer in the U.S.) is the designated individual responsible for the design, implementation, and day-to-day management of the AML program. The AML officer must have sufficient authority, resources, and access to senior management to ensure the program’s effectiveness. Regulators evaluate whether the AML officer has adequate independence and decision-making power.
In crypto, the AML officer must understand blockchain analytics, on-chain risk indicators, and crypto-specific typologies such as layering through DeFi protocols, mixer usage, and cross-chain obfuscation. Chainalysis Academy has certified over 50,000 professionals to help close this expertise gap across financial institutions and VASPs.
How is AML used in cryptocurrency compliance and blockchain investigations?
Crypto AML compliance goes beyond traditional banking AML in both scope and methodology. Where traditional AML monitors account-level activity, crypto AML monitors on-chain transactions across public blockchains, creating an entirely new layer of compliance infrastructure.
Blockchain Analytics as AML Infrastructure. Blockchain analytics platforms are the backbone of crypto AML compliance. They provide the data layer that enables transaction monitoring, wallet screening, counterparty risk assessment, and investigation. Chainalysis provides attribution for over 40% of global crypto transaction volume, covering 1,000+ assets and protocols including DeFi, Layer 2 networks, and cross-chain bridges.
VASP Compliance Obligations. VASPs are subject to AML obligations in every jurisdiction where they operate. This includes implementing the five pillars of AML, filing suspicious activity reports, screening against sanctions lists, and maintaining records. The FATF Travel Rule requires VASPs to share originator and beneficiary information for crypto transfers above jurisdiction-specific thresholds.
Suspicious Activity Reporting in Crypto. When transaction monitoring or blockchain analytics identify suspicious activity, VASPs must file SARs with the appropriate financial intelligence unit (FinCEN in the U.S.). Effective SAR filing in crypto requires blockchain evidence—transaction hashes, address clusters, exposure to known illicit entities—that supplements traditional narrative reporting. Record 2.6 million SARs are filed annually across U.S. financial institutions (7,100 per day), and crypto-related SARs are a growing category.
The Travel Rule for Cryptocurrency. The FATF Travel Rule mandates that VASPs exchange originator and beneficiary information for qualifying transactions. Compliance requires VASPs to identify counterparty VASPs, verify their compliance posture, and transmit required data. This creates a compliance chain that depends on robust AML infrastructure at every node in the crypto ecosystem.
DeFi AML Challenges. Decentralized finance protocols present novel AML challenges. Permissionless smart contracts, automated market makers, and cross-chain bridges can be used for layering and obfuscation. Regulators are signaling that DeFi platforms with identifiable governance or administrative control may be classified as VASPs subject to full AML obligations. Blockchain analytics tools are adapting to trace fund flows through DeFi protocols and identify AML red flags in decentralized environments.
AML vs. KYC: what’s the difference?
AML and KYC are closely linked but serve different functions within the compliance framework.
AML (Anti-Money Laundering) is the comprehensive program of laws, regulations, policies, and procedures designed to detect, prevent, and report financial crimes. AML encompasses all compliance activities: customer verification, transaction monitoring, sanctions screening, suspicious activity reporting, training, and audit.
KYC (Know Your Customer) is the specific process of verifying a customer’s identity and assessing their risk profile. KYC answers the question: Who is this customer, and what risk do they present?
The key distinction: AML is the umbrella; KYC is one pillar within it. An AML program requires KYC, but KYC alone does not constitute AML compliance. A platform can verify every customer’s identity perfectly and still fail its AML obligations if it lacks transaction monitoring, does not file SARs, or ignores sanctions screening.
| AML | KYC | |
| Scope | Full anti-money laundering program | Customer identity and risk assessment |
| Components | KYC + KYT + SAR filing + sanctions + training + audit | CIP, CDD, EDD, ongoing monitoring |
| Focus | Detecting and preventing financial crimes | Verifying who the customer is |
| Regulatory basis | BSA, AMLA, FATF, MiCA, AMLD | BSA/CIP Rule, FATF Rec. 10, MiCA |
Risks and common misconceptions about AML
Misconceptions
“AML compliance is just a cost center.” AML compliance protects organizations from billion-dollar penalties, criminal prosecution, and reputational destruction. Binance’s $4.3 billion settlement and Danske Bank’s $2 billion penalty demonstrate the cost of non-compliance. Beyond risk avoidance, a strong AML program enables organizations to enter new markets, secure banking partnerships, and serve institutional customers.
“Rules-based AML catches everything.” Traditional rules-based transaction monitoring generates high volumes of false positives—often exceeding 95%—while sophisticated money laundering activities evade static thresholds. Risk-based, analytics-driven AML approaches that use blockchain analytics and artificial intelligence significantly improve detection rates while reducing false positive overload.
“Crypto is too anonymous for AML.” Public blockchains are pseudonymous, not anonymous. Every transaction is recorded on an immutable ledger. Blockchain analytics tools can trace fund flows across chains, identify connections to known illicit entities, and provide attribution for a significant share of global crypto activity. In many cases, crypto AML provides more granular visibility than traditional AML monitoring of cash or wire transfers.
“Small businesses don’t need AML programs.” Any business classified as a money services business (MSB), including crypto businesses of any size, must implement an AML program if it operates in a regulated jurisdiction. FinCEN registration and AML obligations apply regardless of transaction volume or company size.
Risks
Regulatory fragmentation across jurisdictions creates compliance complexity. AML requirements vary significantly between the U.S., EU, UK, and APAC—and crypto-specific AML regulations are still emerging in many jurisdictions. Organizations operating cross-border must navigate overlapping mandates and sometimes conflicting regulatory requirements.
Evolving criminal typologies mean that AML programs must continuously adapt. Money laundering techniques evolve rapidly in crypto: new mixing protocols, cross-chain bridges, DeFi layering strategies, and privacy-enhancing technologies require AML programs to update their risk models and monitoring rules.
False positive overload remains one of the most significant operational challenges in AML. High false positive rates drain analyst resources and can cause genuine suspicious activity to be missed. Blockchain analytics and risk-based alerting significantly reduce false positives in crypto AML.
AML program effectiveness measurement is an ongoing challenge. Regulators are increasingly asking not just whether an AML program exists, but whether it works. Organizations must demonstrate measurable outcomes: detection rates, SAR quality, investigation resolution times, and risk coverage metrics.
Real-world examples of AML in action
AML Enforcement Failures
Binance — $4.3B Settlement (2023). The world’s largest crypto exchange paid $4.3 billion to settle charges from the DOJ, FinCEN, and OFAC for systemic AML failures. Binance failed to implement an adequate AML program, did not file suspicious activity reports, and allowed users in sanctioned jurisdictions to access the platform. The CEO pleaded guilty to violating the Bank Secrecy Act.
Danske Bank — $2B Penalty (2022). Danske Bank’s Estonian branch processed approximately $230 billion in suspicious transactions over nine years through its non-resident portfolio. The bank’s AML controls failed to detect or report the activity, resulting in a combined $2 billion penalty from U.S. and European regulators.
Westpac — AUD $1.3B Fine (2020). Australia’s Westpac paid AUD $1.3 billion—the largest fine in Australian corporate history—for 23 million AML breaches, including failure to report international fund transfers and inadequate due diligence on transactions linked to child exploitation.
BitMEX — $100M Settlement (2021). BitMEX settled with FinCEN and the CFTC for $100 million for willfully failing to implement an AML program. The platform operated without KYC or transaction monitoring, enabling money laundering and sanctions evasion through its derivatives exchange.
Robinhood Crypto — $30M Fine (2022). NYDFS fined Robinhood Crypto $30 million for AML program deficiencies including inadequate transaction monitoring, insufficient compliance staffing, and failure to transition from a manual to automated AML process as the business scaled.
AML-Enabled Investigation Successes
Bitfinex Hack Recovery — $3.6B (2022). The DOJ recovered $3.6 billion in stolen Bitcoin using blockchain analytics combined with KYC records at exchanges where suspects attempted to liquidate funds. The investigation demonstrated how AML infrastructure—transaction monitoring, screening, and identity verification—enables large-scale asset recovery.
Colonial Pipeline Ransomware Recovery — $2.3M (2021). The DOJ recovered $2.3 million of the $4.4 million ransom paid to the DarkSide ransomware group. Blockchain analytics traced the Bitcoin through multiple wallets to an address where law enforcement was able to seize the funds—an AML success story enabled by on-chain transparency.
Hydra Market Takedown (2022). German and U.S. law enforcement seized Hydra, the world’s largest darknet marketplace, and $25 million in Bitcoin. AML infrastructure at fiat off-ramp exchanges—transaction monitoring, suspicious activity reporting, and KYC records—helped investigators identify and prosecute operators and major vendors.
How Chainalysis helps organizations build and strengthen AML programs
Chainalysis provides the blockchain intelligence platform that powers crypto AML compliance end-to-end. Each Chainalysis product maps directly to the five pillars of AML:
Chainalysis KYT (Know Your Transaction): AML transaction monitoring for crypto. KYT screens every on-chain transaction in real-time, generating risk-based alerts across 27+ blockchains and 40 million+ assets. KYT reduces false positives by up to 90%, enabling compliance teams to focus on genuinely suspicious transactions and file higher-quality SARs.
Chainalysis Address Screening: AML screening at the wallet level. Address Screening checks deposit and withdrawal addresses against sanctions lists, known illicit entities, and risk categories before transactions are processed. This is the crypto-native equivalent of traditional name and entity screening.
Chainalysis Reactor: Investigation and reporting. When KYT or screening flags suspicious activity, Reactor enables compliance teams and law enforcement agencies to trace fund flows across blockchains, visualize transaction patterns, and build evidence packages for SAR filings or criminal referrals. Reactor’s analysis has been validated under the Daubert standard in U.S. courts—a unique structural advantage that no other blockchain analytics provider offers.
Chainalysis VASP Risking: AML risk assessment for counterparties. VASP Risking evaluates the compliance posture of crypto platforms that an organization interacts with, enabling risk-based decisions about which counterparties to engage and at what level of due diligence.
Chainalysis Academy: AML training and certification. Academy has certified over 50,000 professionals in blockchain analytics and crypto compliance, directly supporting the training pillar of AML programs at financial institutions and VASPs worldwide.
Frequently asked questions about anti-money laundering
Q: What is anti-money laundering (AML)?
A: Anti-money laundering (AML) is the framework of laws, regulations, policies, and procedures that financial institutions and crypto platforms implement to detect, prevent, and report money laundering, terrorist financing, and other financial crimes. AML compliance is a legal requirement enforced by regulators including FinCEN, the FATF, and supervisory authorities worldwide.
Q: What are the five pillars of AML?
A: The five pillars of AML are: (1) designation of an AML compliance officer; (2) internal policies, procedures, and controls; (3) ongoing employee training; (4) independent testing and audit; and (5) risk-based customer due diligence (CDD). These five pillars form the regulatory standard against which AML programs are evaluated during examinations.
Q: What is the difference between AML and KYC?
A: AML is the comprehensive anti-money laundering program; KYC (Know Your Customer) is one component within it. AML encompasses KYC, transaction monitoring, sanctions screening, SAR filing, training, and audit. KYC focuses specifically on verifying customer identity and assessing risk. An effective AML program requires KYC, but KYC alone is not sufficient for AML compliance.
Q: How do cryptocurrency exchanges comply with AML regulations?
A: Cryptocurrency exchanges comply with AML regulations by implementing the same five pillars required of traditional financial institutions: appointing an AML officer, establishing policies and procedures, training staff, conducting independent audits, and performing customer due diligence. In addition, crypto exchanges use blockchain analytics tools for transaction monitoring, wallet screening, and sanctions compliance to address crypto-specific AML requirements.
Q: What is a Suspicious Activity Report (SAR)?
A: A Suspicious Activity Report (SAR) is a filing that financial institutions and VASPs submit to FinCEN (or equivalent national financial intelligence units) when they detect transactions or activity that may involve money laundering, terrorist financing, or other financial crimes. SARs are a core output of the AML process. Over 2.6 million SARs are filed annually in the United States.
Q: What are the three stages of money laundering?
A: The three stages of money laundering are: (1) Placement—introducing illicit funds into the financial system; (2) Layering—moving funds through complex transactions to obscure their origin; and (3) Integration—reintroducing laundered funds into the legitimate economy. AML programs are designed to detect suspicious activity at each stage.
See how Chainalysis helps you stay compliant and secure.
Explore Chainalysis KYT for crypto transaction monitoring