AML Glossary

Key terms in blockchain compliance, AML regulation, and Ethereum ecosystem analytics — defined clearly for practitioners and developers alike.

AML (Anti-Money Laundering): A set of laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as legitimate income. In the context of cryptocurrency, AML encompasses wallet screening, transaction monitoring, and suspicious activity reporting.

Blockchain Analytics: The practice of examining on-chain data — transaction graphs, address clusters, token flows — to identify patterns, trace funds, and attribute addresses to real-world entities. Blockchain analytics tools are the primary technology layer underpinning crypto AML compliance.
Bridge: A cross-chain protocol that allows tokens to move between different blockchains (e.g., from Ethereum to other networks). Bridges can be used legitimately for interoperability but are also exploited for value obfuscation since cross-chain transfers break traditional on-chain tracing.

CDD (Customer Due Diligence): The process by which a financial institution or regulated entity verifies the identity of its customers and assesses the risk they pose. Standard CDD includes identity verification (KYC), understanding the nature of the business relationship, and ongoing transaction monitoring.
CFT (Combating the Financing of Terrorism): Regulatory and operational measures aimed at identifying, freezing, and disrupting financial flows that fund terrorist activities. CFT is closely linked to AML and is often addressed in the same legislative frameworks, such as the FATF Recommendations.

Darknet: A part of the internet accessible only through specialised software (e.g., Tor) and typically hosting illicit marketplaces. Darknet markets frequently use cryptocurrency, including Ethereum-based stablecoins, as a payment rail. Addresses linked to darknet activity receive the highest risk classifications.
DeFi (Decentralised Finance): Financial services built on programmable blockchains using smart contracts, without central intermediaries. DeFi protocols on Ethereum (e.g., decentralised exchanges, lending platforms) introduce AML challenges because they are permissionless and can facilitate rapid, automated value transfers.

EDD (Enhanced Due Diligence): A heightened level of due diligence applied to higher-risk customers, relationships, or transactions — such as those involving Politically Exposed Persons (PEPs), high-risk jurisdictions, or addresses flagged by blockchain analytics tools. EDD typically requires deeper identity verification, source-of-funds documentation, and senior management approval.
ERC-20: The Ethereum token standard for fungible tokens. Most stablecoins on Ethereum — including USDT, USDC, and TUSD — are issued as ERC-20 tokens. ShieldScan monitors ERC-20 transfers as part of its full-portfolio risk assessment.

FATF (Financial Action Task Force): An intergovernmental body that sets international standards for AML/CFT policy. FATF's 40 Recommendations serve as the global benchmark for financial crime compliance. FATF Guidance for Virtual Assets (2019, updated 2021) extended these obligations to cryptocurrency businesses including exchanges and wallet providers.

KYC (Know Your Customer): The process of verifying the identity of customers before or during the time they use a service. In crypto, KYC typically involves collecting government-issued ID, proof of address, and sometimes source-of-funds documentation. It is the identity-verification component of a broader CDD program.
KYT (Know Your Transaction): The ongoing monitoring of cryptocurrency transactions associated with a customer or address to detect suspicious patterns in real time. KYT complements KYC by shifting the focus from identity to behaviour, flagging anomalies such as large unusual transfers, interactions with high-risk counterparties, or rapid layering activity.

Mixer: A service that pools cryptocurrency from many users and redistributes equivalent amounts to obscure the transaction trail. Mixers are specifically designed to break the on-chain link between the source and destination of funds and are classified as high-risk by FATF. Interaction with a known mixer address typically results in an elevated risk score.

PEP (Politically Exposed Person): An individual who holds or has held a prominent public position — such as a head of state, senior government official, or executive of a state-owned enterprise. PEPs are considered higher-risk for bribery and corruption and require enhanced due diligence under FATF Recommendations.

Risk Score: A numerical measure (typically 0–100) quantifying the likelihood that a wallet address or transaction is associated with illicit activity. Risk scores are computed from direct sanctions exposure, indirect exposure via on-chain hops, entity labels, transaction behaviour, and machine-learning models.

Sanctions: Restrictions imposed by governments or international bodies (e.g., OFAC, UN Security Council, EU) on individuals, entities, or jurisdictions. Transacting with a sanctioned address may result in severe legal penalties. ShieldScan cross-references wallet addresses against all major sanctions lists in real time.
SAR / STR (Suspicious Activity Report / Suspicious Transaction Report): A mandatory report filed by regulated financial institutions with their national financial intelligence unit (FIU) when they detect activity that may constitute money laundering or terrorist financing. SARs/STRs are confidential and filing them is a legal obligation in most jurisdictions.
Smart Contract: Self-executing code deployed on a blockchain that automatically enforces the terms of an agreement when predefined conditions are met. On Ethereum, smart contracts are written in Solidity and deployed as EVM-compatible bytecode. Smart contract interactions are analysed by ShieldScan as part of transaction risk assessment.

Transaction Monitoring: The automated process of reviewing financial transactions on an ongoing basis to detect patterns indicative of money laundering, terrorist financing, or other financial crime. In crypto AML, transaction monitoring ingests blockchain data and applies rule-based and ML-based detection models.
Tumbler: Another term for a cryptocurrency mixer, sometimes used specifically to describe services that repeatedly split and re-combine transaction outputs to obscure the flow of funds. Tumblers and mixers are treated identically by financial regulators and risk-scoring engines.

Wallet Screening: The process of checking a cryptocurrency address against watchlists, sanctions databases, and blockchain analytics risk models before processing a transaction or onboarding a customer. Wallet screening is the primary use case of the ShieldScan API.

Start screening wallets today

Apply this knowledge with ShieldScan's API — 100 free scans, no card required.