The Bank for International Settlements (BIS) has published a bulletin outlining a new approach to anti-money laundering (AML) compliance for cryptoassets, whereby digital asset holdings are given compliance scores before they are exchanged for fiat currency.
In an August 23 bulletin, the BIS—an organization made up of central banks from around the world that aims to foster international monetary and financial cooperation, while serving as a bank for central banks—argued that existing AML approaches relying on trusted intermediaries have “limited effectiveness” with decentralized record-keeping in permissionless public blockchains.
For this reason, a new approach is required, and the bulletin suggested that utilizing the unique features of blockchain technology may provide the answer. Specifically, the immutable ledgers and public transaction history on blockchains can enable AML and other compliance efforts by “leveraging the provenance and history” of any particular unit or balance of a digital asset.
“An AML compliance score based on the likelihood that a particular cryptoasset unit or balance is linked with illicit activity may be referenced at points of contact with the banking system (“off-ramps”),” said the BIS, adding that this would “prevent inflows of the proceeds of illicit activity and supporting a culture of “duty of care” among crypto market participants.”
In the digital asset space, an “off-ramp” is when a person or entity buys goods or services listed in fiat currency using digital currency or stablecoins, which are then sent to fiat cards or fiat bank accounts. In other words, off-ramps enable users to sell digital assets, transforming them into fiat currency or other tangible assets.
Naturally, banks and financial institutions do not want to accidentally facilitate money laundering by exchanging fiat currency for digital assets that have been involved in illicit or criminal activity. Unfortunately, if one side of a transaction is an unhosted wallet with a pseudonymous account, transacting in a digital asset verified by the consensus of a distributed and decentralized group of validators, then there is no trusted intermediary applying know-your-customer (KYC) and AML compliance checks.
Based on the BIS’s new compliance score proposal, digital assets with a better compliance score—determined by an assessment of their public transaction/wallet history and connection to illicit activity—can be readily accepted and exchanged, while transactions involving low-scoring assets can be queried or rejected.
According to the bulletin, the benefit of this approach is that it uses the very features that make blockchains impervious to traditional approaches. As the BIS pointed out: “As the full history of transactions on the blockchain is publicly available, it could inform an assessment of how closely a particular unit of a cryptoasset is associated with past or current illicit activity.”
The problem
The digital asset sector’s connection with illicit finance is well-documented. Peer-to-peer transactions, decentralized finance (DeFi), pseudoanonymity, and notorious digital asset mixer platforms all provide a certain amount of appeal to criminals and money launderers.
As the industry has grown, so too has its illicit use expanded. In January, New York-based blockchain security firm CertiK published its Web3 Security Report 2024, which revealed that digital asset criminals had a record-breaking year in 2024, stealing over $2.3 billion from victims across 760 reported on-chain incidents. This was supported by data from blockchain analytics firm Chainalysis, which also noted in its January report that “2024 was likely a record year for inflows to illicit actors.”
Another more recent report from Chainalysis indicated that this upward trend is likely to continue, with the digital asset industry on track to witness record-breaking thefts this year.
“With over $2.17 billion stolen from cryptocurrency services so far in 2025, this year is more devastating than the entirety of 2024,” said the firm.
This is a cause for concern for traditional banks as much as for digital asset industry player, as noted by the BIS: “With growing interconnections between the crypto world and the traditional financial system, strengthening the integrity of payment activity—by guarding against money laundering and other forms of illicit activity—has become more urgently necessary.”
However, when it comes to combating illicit finance, current rules to ensure AML compliance rely on regulated financial intermediaries, especially in the banking sector. In a traditional intermediary-based monetary system, a payment is executed by debiting the sender’s account and crediting the receiver’s account. Customer checks can be conducted at the time of account updates, and the duty to perform those checks falls on the intermediary.
In its bulletin, the BIS lamented that existing international standards for AML compliance for digital assets attempt to apply this intermediary-based system to the crypto world, without considering the unique features of that world and how it differs from traditional finance (TradFi).
“Permissionless public blockchains rely on the operation of decentralised consensus mechanisms sustained by a dispersed set of self-interested ‘validators’ who jointly maintain the records of transfers between addresses on the blockchain in a decentralised way,” BIS explained in its bulletin. “No individual intermediary may be held accountable for the account update.”
This means that customer verification can only be performed at the points of contact with the conventional monetary system, such as digital asset exchanges, at the time of fund transfers into and out of the exchange. Once the claims move to ‘unhosted wallets’ on the permissionless blockchain, the transactions are out of reach of conventional checks.
“Unlike hosted wallets, which are offered by a crypto exchange that does know-your-customer checks, unhosted wallets allow users to transact without identification,” said the BIS.
If the funds aren’t in a centralized exchange or wallet, then the ball is in the court of the digital asset issuer. Depending on the blockchain, it can be difficult—in some cases impossible—to get a consensus on drastic action to prevent money laundering and theft, such as freezing or reassigning assets.
For this reason, relying on the issuers is not always a viable solution, as noted by the BIS: “While stablecoin issuers have frozen balances at authorities’ request in high-profile cases of financial crime, such an approach is unrealistic to cover billions of day-to-day transactions.”
Fortunately, according to the BIS, the unique features of permissionless blockchains may also provide a novel solution to their unique challenge.
The solution
Thanks to blockchain technology’s distributed immutable ledgers, the full history of transactions is publicly available, including—in some cases—the full history of the wallets they have passed through. According to the BIS, this feature could be used to inform an assessment of how closely any particular unit of a cryptoasset is associated with past or current illicit activity.
After assigning assets a diagnostic “AML compliance score,” this could then be referenced in any future interventions by authorities when digital assets, including stablecoins, are presented for conversion to fiat currency at the off-ramps.
In terms of scoring, a higher value (e.g., maximum 100) could denote relatively clean funds, coming mostly from “allow-listed” wallets, while a lower value (e.g., minimum zero) could denote funds that are tainted by being associated with one or more wallets known to be on a “deny list.”
“Crypto exchanges, stablecoin issuers and banks could apply safeguards by considering minimum AML compliance score requirements for cashing out crypto coins, helping to prevent funds from illicit activities from entering the conventional monetary system,” said the bulletin.
Further, AML scoring could be designed to reflect compliance with various existing rules. For example, “by incorporating jurisdiction-specific requirements, the scoring system can reference local rules and adapt to the specific regulatory needs of different jurisdictions.”
One important consideration is defining which actor is responsible for preventing illicit flows. This could be the individual user, the digital asset intermediary, such as an exchange or virtual asset service provider (VASP), or another party.
On this point, the BIS suggested that “a pragmatic approach is to rely on the points where cryptoassets and stablecoins are converted into fiat currency.”
Summing up its proposal, the BIS argued that such a scoring system would hopefully create a situation whereby digital asset users, businesses, and those who interact with them are incentivized to avoid accepting or paying out tainted coins, as failure to comply could result in fines or other penalties.
“In such a setting, users could reasonably be expected to exercise a duty of care in transacting with crypto tokens by checking beforehand if a crypto coin is known to be compromised,” said the BIS. “Approaches that clearly define responsibility create incentives for good actors to seek out illicit activity and report it to authorities.”
Watch: Richard Baker on engineering a smarter financial world with blockchain
title=”YouTube video player” frameborder=”0″ allow=”accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share” referrerpolicy=”strict-origin-when-cross-origin” allowfullscreen=””>
Source: https://coingeek.com/bis-eyes-crypto-scoring-to-fight-illicit-finance-boost-aml/