Glossary

AML (Anti-Money Laundering)

The overarching framework of laws, regulations, and procedures intended to prevent criminals from disguising illegally obtained funds as legitimate income.

Blockchain Analytics

The use of specialized software to trace cryptocurrency transactions across the ledger to identify illicit activity, map wallet networks, and risk-score entities.

CASP (Crypto-Asset Service Provider)

The regulatory classification used within the EU's MiCA framework to describe businesses providing crypto services (analogous to the FATF term "VASP").

CDD (Customer Due Diligence)

The foundational process of verifying a customer's identity and assessing the risks associated with doing business with them.

CFT (Combating the Financing of Terrorism)

Policies and regulations specifically aimed at investigating, preventing, and cutting off funding to terrorist organizations.

Chain Hopping

The money laundering tactic of rapidly moving funds across different blockchains, often using cross-chain bridges, to obfuscate the money trail.

Counterparty VASP Due Diligence

The process of evaluating the regulatory status, security, and compliance posture of a partner exchange before transmitting Travel Rule data or user funds to them.

Custodial Wallet

A cryptocurrency wallet setup where a third-party business (like an exchange) manages the private keys and secures the user's digital assets.

Darknet Market (DNM)

Illegal commercial websites on the dark web where illicit goods (drugs, stolen data) are bought and sold, heavily reliant on cryptocurrencies for untraceable payments.

DeFi Compliance

The emerging, complex challenge of applying regulatory requirements (like KYC/AML) to decentralized, smart contract-driven protocols that lack central intermediaries.

Dusting Attack

A tactic where microscopic amounts of crypto ("dust") are sent to thousands of wallets. The goal is to track the subsequent flow of those funds to de-anonymize wallet owners.

EDD (Enhanced Due Diligence)

A stricter level of background checks, source-of-wealth requests, and ongoing monitoring applied specifically to high-risk customers.

FATF (Financial Action Task Force)

The inter-governmental body that sets global standards for combating money laundering and terrorist financing (creators of the VASP designation and Travel Rule).

FinCEN (Financial Crimes Enforcement Network)

A bureau of the U.S. Treasury Department that collects and analyzes information about financial transactions to combat domestic and international financial crimes.

FIU (Financial Intelligence Unit)

A national agency responsible for receiving, analyzing, and disseminating financial intelligence gathered from suspicious activity reports submitted by businesses.

Heuristics

In blockchain analytics, algorithms or rules of thumb used to cluster wallet addresses and identify behavioral patterns that indicate the true owner or risk level of an entity.

IVMS 101 (InterVASP Messaging Standard)

A universal data model standard developed by the crypto industry to format and exchange Travel Rule information smoothly between different businesses.

KYB (Know Your Business)

The due diligence procedures used to verify the legal existence, structure, licensing, and ownership of a corporate entity before doing business with them.

KYC (Know Your Customer)

The mandatory process of identifying and verifying the real-world identity of an individual client when opening an account.

KYT (Know Your Transaction)

The continuous monitoring of a user's financial transactions—specifically on-chain—to detect suspicious activity, trace fund flows, and assess real-time risk.

Layering

The second stage of money laundering, involving complex financial maneuvers (like moving crypto through mixers or multiple wallets) to distance funds from their illicit origin.

MiCA (Markets in Crypto-Assets)

The European Union's comprehensive, unified regulatory framework for crypto-assets, defining licensing, operational, and consumer protection rules.

Mixer / Tumbler

A service or smart contract that pools various cryptocurrency deposits together and redistributes them at random times and amounts to intentionally break the trail of funds.

OFAC (Office of Foreign Assets Control)

The U.S. Treasury agency that administers and enforces economic and trade sanctions based on U.S. foreign policy, frequently maintaining lists of sanctioned crypto addresses.

PEP (Politically Exposed Person)

An individual entrusted with a prominent public function (or their close associates), making them a higher risk for potential involvement in bribery and corruption.

Placement

The initial stage of money laundering, where illicitly obtained funds (e.g., stolen crypto or fiat) are first introduced into the legitimate financial system.

Privacy Coin

Cryptocurrencies (e.g., Monero, Zcash) built with advanced cryptographic techniques to intentionally hide transaction details (sender, receiver, amount) from public ledgers.

Proof of Reserves (PoR)

An independent audit or cryptographic proof demonstrating that a custodian holds sufficient on-chain assets to 1:1 cover all of its customers' fiat or crypto balances.

Risk Score

A numerical rating assigned by compliance software to a blockchain transaction, wallet address, or user profile indicating the likelihood of involvement in illicit activity.

Risk-Based Approach (RBA)

A core compliance methodology where a business assesses the specific risks it faces and allocates its compliance resources proportionately to mitigate the highest threats.

Sanctions Screening

The process of checking customers, business partners, and blockchain addresses against national or international watchlists to ensure they are not legally restricted.

SAR / STR (Suspicious Activity/Transaction Report)

A formal document filed by compliance officers to regulatory authorities (like FinCEN) when they detect user behavior that indicates potential criminal activity.

Smart Contract Audit

A rigorous, independent review of the code underpinning a crypto token or application to identify security vulnerabilities and ensure compliant execution.

Smurfing

A money laundering technique where a large sum of illicit money is broken down into many smaller transactions, carried out by multiple individuals ("smurfs").

Source of Funds (SoF)

The requirement to provide documentation showing the exact origin of the money or crypto being used in a specific transaction (e.g., a bank statement or trading receipt).

Source of Wealth (SoW)

A deeper compliance check requiring documentation that explains how a customer acquired their total net worth, usually required during Enhanced Due Diligence.

Structuring

The act of deliberately breaking up large transactions into smaller ones specifically to remain under the legal threshold that triggers mandatory regulatory reporting.

Sunrise Issue

The major compliance bottleneck caused by the Travel Rule taking effect at different times in different countries, creating a mismatch between regulated and unregulated exchanges.

Transaction Monitoring

The real-time or retroactive algorithmic screening of a customer's fiat and crypto transfers to flag anomalies, velocity breaches, or sanction hits.

Travel Rule Protocol (TRP)

An open standard messaging protocol created to allow VASPs to securely communicate and exchange required compliance data without a central intermediary.

UBO (Ultimate Beneficial Owner)

The natural person(s) who ultimately owns or controls a corporate entity, typically defined by crossing a specific percentage threshold of equity or voting rights.

Unhosted Wallet / Self-Hosted Wallet

A non-custodial cryptocurrency wallet (like MetaMask or Ledger) where the user retains complete, sole control over their private keys, heavily scrutinized by modern regulators.

VASP (Virtual Asset Service Provider)

FATF's global regulatory term for any business that conducts exchanges, transfers, safekeeping, or administration of virtual assets on behalf of customers.