How to Detect Money Laundering for Crypto Firms

Cryptocurrencies are the closest equivalent there is to digital cash. And, just like fiat currencies, they too can be used to launder money – an estimated $8.6 billion in 2021.

Let’s see why that’s an issue for your crypto company.

Why Is Money Laundering a Problem in Crypto?

Cryptocurrencies can be pseudonymous or fully anonymous, which is attractive to criminals who wish to launder money without attracting the authorities’ attention. 

Policymakers and government regulators, however, have caught on and are increasingly attempting to associate crypto holdings with a real-life identity. 

In fact, in June 2022, the EU announced new rules designed to trace transfers of crypto-assets such as bitcoins and other electronic money tokens. 

With stronger crypto KYC and AML regulations in the works, crypto firms have to work twice as hard to detect money laundering in order to remain compliant, avoid fines, and continue operating without having to rethink their business goals. 

Last but not least, the travel rule – which forces crypto firms to collect data in a standardized way – can make it challenging to streamline their crypto KYC and AML processes with a global client base. 

Beat Crypto Fraud Today

SEON’s granular, fully customizable fraud protection safeguards crypto firms and minimizes user friction.

Ask an Expert

How Can Crypto Firms Detect Money Laundering and Improve AML in Cryptocurrency?

Just like in any other industry, detecting potential money laundering starts by identifying risky users. This involves screening at the onboarding stage by:

  • looking at connections that point to sanctioned countries
  • checking user identities on PEP and sanction lists

Importantly, crypto firms can do a lot to monitor crypto transactions.

It is arguably where the worlds of crypto and traditional finance diverge the most in terms of AML, as the speed and volume of crypto transactions and conversions can be overwhelming. 

And while cryptocurrencies benefit from the visibility of public ledger records, it is still an operational challenge to monitor: 

  • fiat deposits on an exchange
  • fiat to crypto conversions
  • crypto transfers and withdrawals to external wallets
  • crypto to fiat conversions
  • crypto to crypto conversions

Some crypto firms may even deal with fiat withdrawals to a bank account or card payments, which adds another layer of complexity to transaction monitoring.

Top 3 Custom Rules for Crypto AML

Let’s now look at some of the most effective rules you can put in place to improve your crypto AML process. 

#1 Email Address Or Phone Doesn’t Have a Social Presence

It may seem counterintuitive to look up social media profiles to spot money launderers, but chances are that people moving illicit money on your crypto site aren’t who they say they are.

This is why authenticating users with a digital profile can instantly flag highly suspicious money mules, synthetic ID fraudsters, and general criminals. 

Now, the reasons why criminals don’t have a social presence are evident:

  • Creating an email address or phone number is easy
  • Building a full social media profile is more time consuming
  • Fraudsters, criminals and money launderers need to move fast, and at scale.
Social Media Profiles

Of course, a lack of social presence isn’t grounds for instantly blocking a user. But it should be a data point that is carefully gauged and measured as part of your risk scoring strategy. And the advantages are manifold:

  • You can identify high-risk customers without asking for extra information or ID documents.
  • Checking regional social networks means you can use the same strategy globally.
  • The results come in real-time and with zero added friction.

#2 Transactions Volumes Suddenly Increasing

Money launderers are either sophisticated criminals with calculated plans or opportunists who need to work fast. To catch the latter, you need to monitor crypto transactions (exchange, conversion, transfer), and establish whether there are suspicious patterns.

Suspicious patterns include

  • large numbers of small transactions to numerous wallets
  • multiple rapid trades between unusual token pairs
  • several low-value conversions that may point to layering by a money mule

In the example below, we’ve set up SEON’s software to flag a 200%+ increase in transactions over a 24-hour period. 

Note that per the screenshot, we have configured this action to increase our risk score by 20 points. But everything on SEON’s platform can be adjusted and fine-tuned, so you could just as well instantly block the transaction that pushes it over the threshold or send it to manual review. 

The key is that you should have complete control over the risk thresholds to align them with your risk appetite and industry landscape. Some crypto firms will know that their users increase transactions seasonally or depending on a token’s value, for instance, so their rulesets can be set to reflect that insight.

#3 IP Address Points to a Sanctioned Country

A classic AML rule in every vertical involves identifying the origin of a user’s connection. This is expected to be used in addition to the classic AML screening, which checks the person’s name against known sanctions lists.

Such a rule would add points to the risk score of customers in countries that are sanctioned or are considered high risk.

high risk countries

The key is to start with a basic IP lookup to understand the basics:

  • Is the IP address pointing to a sanctioned country?
  • Is it from a proxy – and if so, residential, mobile or commercial?
  • Does the geolocation appear suspicious? 
IP Geolocation
Reduce fraud rates by 70-90%

Deliver a frictionless experience to customers while reducing fraud rates with real time data enrichment and modular, advanced APIs.

Ask an Expert

How SEON Helps Crypto Firms With AML

SEON offers a dedicated AML API that takes care of customer AML screening against PEP lists, RCA lists, crime watchlists, sanctions lists and other law enforcement blacklists – all of which you ought to check in order to comply with your AML mandates. In fact, you can schedule regular checks on SEON’s platform, if this is required, and easily export data for reporting.

Powerful customizable risk rules such as the ones we’ve seen above help you comply with any transaction monitoring requirements you may have, as well as more.

Beyond this, SEON helps crypto firms by taking the little data they are given by customers, such as their email or IP address, and enriching it to create complete profiles of who they really are. The results are combined with robust velocity checks and device fingerprinting modules, helping fill out the blanks by spotting suspicious activity and configuration.

This reduces friction, keeps invasive KYC checks to a minimum, and enables you to fully align with your users’ ethos around privacy and security. You can then use this data to measure risk throughout the customer journey: at onboarding, transaction, and login stage (to prevent account takeovers). 

In short, it’s a full end-to-end fraud prevention suite designed to help you onboard better users, remain compliant with KYC and AML legislation, and focus on what matters the most: growing your crypto firm with complete peace of mind.


  • Europarl: Crypto assets: deal on new rules to stop illicit flows in the EU
  • BBC: Crypto money laundering rises 30%, report finds

Share article

Speak with a fraud fighter.

Click here

Author avatar
Bence Jendruszak

Bence Jendruszák is the Chief Operating Officer and co-founder of SEON. Thanks to his leadership, the company received the biggest Series A in Hungarian history in 2021. Bence is passionate about cybersecurity and its overlap with business success. You can find him leading webinars with industry leaders on topics such as iGaming fraud, identity proofing or machine learning (when he’s not brewing questionable coffee for his colleagues).

Sign up for our newsletter

The top stories of the month delivered straight to your inbox