What is crypto AML?

Anti-money laundering (AML) refers to the set of regulations, policies, and procedures designed to prevent and detect money laundering and other illicit activities. Crypto AML measures aim to ensure that cryptocurrency exchanges, wallet providers, and other virtual asset service providers (VASPs) comply with regulatory requirements. VASPs must therefore comply with applicable AML regulations and licensing requirements in the jurisdictions where they operate. This may include registering with regulatory authorities, obtaining licenses or approvals, and undergoing periodic audits or examinations to ensure compliance.

What is a crypto KYC/AML policy?

Know Your Customer (KYC) and Anti-Money Laundering (AML) policies outline the procedures and requirements crypto businesses must follow to verify the identities of their customers and prevent illicit activities such as money laundering and terrorism financing. While specific policies may vary depending on the jurisdiction and the nature of the cryptocurrency business, here is a general overview:

Customer identification. Cryptocurrency businesses are required to collect personal information from their customers, including government-issued identification documents (e.g., passport, driver’s license) and proof of address (e.g., utility bills, bank statements).
Identity verification. Cryptocurrency businesses must verify the authenticity of the information provided by customers through various verification methods, such as identity document scans, biometric verification, or third-party identity verification services.
Risk assessment. Cryptocurrency businesses must conduct risk assessments to determine the level of risk associated with each customer and transaction. This may involve assessing factors such as the customer’s location, transaction volume, and source of funds.
Enhanced Due Diligence (EDD). For high-risk customers or transactions, cryptocurrency businesses are required to conduct enhanced due diligence, which may include additional verification steps, ongoing monitoring, and increased scrutiny of transactions.
Crypto transaction monitoring and ongoing monitoring. Cryptocurrency businesses must monitor transactions on their platforms for suspicious activity, such as large or unusual transactions, transactions involving high-risk jurisdictions, or patterns indicative of money laundering or other illicit activities.

How AML Works

When employed correctly, AML processes interrupt the typical cryptocurrency money laundering process of entering illicit funds into the licit financial system before layering and integrating “clean” funds into circulation. However, AML processes can also identify other financial crimes linked to laundering, such as sanctions violations.

What are the AML requirements for cryptocurrency?

The FATF establishes global standards for AML legislation. In 2014, the FATF published cryptocurrency AML guidance, and as a result, policymakers in FATF member jurisdictions acted rapidly. The United States Financial Crimes Enforcement Network (FinCEN), the European Commission, and dozens of other regulatory organizations have already legally codified most of FATF’s cryptocurrency AML recommendations.

The onus is then placed on cryptocurrency exchanges, stablecoin issuers, and, on a case-by-case basis, some DeFi protocols and NFT marketplaces, all of which the FATF defines as VASPs. Going forward, VASP’s Compliance Officers must mandate KYC checks and regularly monitor suspicious activity to thwart nefarious transactions that could be linked to money laundering and terrorist financing.

Additionally, VASPs must report suspicious activity to the relevant regulators and agencies who are responsible for analyzing the flow of funds and tracing unlawful activities to real-world identifiers using various tools, including blockchain analysis.