AML Compliance Crypto: BIS Approach to Anti-Money Laundering for Cryptoassets

Understanding AML Compliance Crypto: The BIS Bulletin Overview

The Bank for International Settlements (BIS) has published a groundbreaking bulletin proposing a novel approach to AML compliance crypto challenges that leverages the inherent transparency of blockchain technology. BIS Bulletin No. 111, authored by Iñaki Aldasoro, Jon Frost, Sang Hyuk Lim, Fernando Perez-Cruz, and Hyun Song Shin, addresses one of the most pressing regulatory challenges in the digital asset ecosystem: how to effectively combat money laundering in a decentralized financial environment where traditional intermediary-based compliance mechanisms have limited effectiveness.

The publication arrives at a critical moment for the crypto industry. Cryptoassets circulating on permissionless public blockchains have grown rapidly and are becoming increasingly integrated with the mainstream financial system. As their usage expands, concerns about illicit activity have intensified, with stablecoins overtaking bitcoin as the preferred instrument for criminal transactions since 2022. According to data from Chainalysis and TRM Labs, stablecoins accounted for approximately 63% of all illicit crypto transactions as of 2024.

This analysis of the BIS bulletin explores how the proposed AML compliance crypto framework could reshape the regulatory landscape for digital assets. For more insights on crypto regulation and financial compliance, explore the Libertify Interactive Library.

The Limitations of Traditional AML Compliance for Crypto

Current rules for anti-money laundering compliance in the crypto space attempt to apply intermediary-based principles that were designed for traditional financial systems. In a conventional monetary system, payments are executed by debiting the sender’s account and crediting the receiver’s account through trusted financial intermediaries — typically banks. Customer checks, including Know Your Customer (KYC) and transaction monitoring, are conducted by these intermediaries, which bear the legal duty to perform them. This principle applies both domestically and internationally through the correspondent banking network.

However, permissionless public blockchains fundamentally challenge this model. These systems rely on decentralized consensus mechanisms sustained by dispersed sets of self-interested “validators” who jointly maintain records of transfers between addresses on the blockchain. There is no single intermediary that controls account access or has the authority to block transactions. Anyone can create a blockchain address and initiate transactions without providing identity information, making traditional AML compliance crypto approaches based on intermediary-level KYC inherently limited.

The international standards framework, including the Financial Action Task Force (FATF) guidelines, has attempted to extend the intermediary-based AML model to crypto by requiring virtual asset service providers (VASPs) to implement KYC procedures. While this approach captures activity at centralized exchanges and custodial services, it leaves a significant gap for peer-to-peer transactions, decentralized finance (DeFi) protocols, and self-hosted wallets. The BIS bulletin argues that a fundamentally different approach is needed — one that leverages the unique properties of blockchain technology itself.

Blockchain Transparency: A New Tool for AML Compliance Crypto

The central innovation proposed in the BIS bulletin is the recognition that the very feature that makes crypto challenging for traditional AML — decentralized, public record-keeping — can also be turned into a powerful compliance tool. Unlike traditional financial systems where transaction records are held privately by intermediaries and accessible only through legal processes, public blockchains maintain a complete, immutable, and transparent history of every transaction ever conducted on the network.

This transparency enables something that is impossible in the traditional financial system: the ability to trace the complete provenance and history of any particular unit or balance of a cryptoasset, including stablecoins. By analyzing the full transaction graph, it becomes possible to compute AML compliance scores that reflect the likelihood that a specific crypto unit or balance is linked to illicit activity. This approach shifts the compliance focus from the identity of the transacting party (as in traditional KYC) to the history and characteristics of the assets themselves.

The BIS researchers propose that these compliance scores can be calculated by analyzing patterns in blockchain transaction data, including connections to known illicit addresses, interaction with mixing services or privacy protocols, transaction patterns consistent with layering or structuring, and the overall risk profile of the transaction history. Advanced machine learning and graph analysis techniques can process the massive volumes of on-chain data to generate meaningful risk assessments in real-time, creating a scalable compliance infrastructure that grows organically with the blockchain itself.

The AML Compliance Score Framework for Cryptoassets

At the heart of the BIS proposal is the concept of an AML compliance crypto score — a quantitative metric that represents the risk profile of a particular cryptoasset unit or balance based on its transaction history. This score would be calculated using sophisticated algorithms that analyze the entire chain of transactions that have contributed to the creation or transfer of a particular balance, identifying patterns and connections that indicate potential illicit origin or use.

The compliance score framework operates on the principle that cryptoasset units carry their history with them. Unlike cash, where physical currency notes are fungible and untraceable, blockchain-based assets maintain a permanent record of their movement through the network. This means that a stablecoin balance that has passed through addresses associated with sanctioned entities, darknet markets, or known scam operations would carry a lower compliance score than one with a clean transaction history.

The practical implementation of such a scoring system would involve several components: data collection and aggregation from blockchain networks, graph analysis to map transaction relationships, machine learning models trained on known illicit activity patterns, and a scoring engine that produces standardized risk assessments. Several blockchain analytics firms already provide similar services, but the BIS proposal envisions a more standardized and potentially centralized approach that could be adopted as a regulatory standard.

Off-Ramps: The Critical Point for AML Compliance Crypto Enforcement

The BIS bulletin identifies crypto “off-ramps” — the points at which cryptoassets are converted back into fiat currency through the banking system — as the most critical enforcement point for the proposed AML compliance crypto framework. By requiring that AML compliance scores be checked when crypto holders attempt to access the traditional financial system, regulators can create a powerful incentive structure that discourages illicit activity throughout the crypto ecosystem.

The off-ramp strategy is elegant in its simplicity. While it may be impossible to prevent all illicit transactions on decentralized blockchains, the vast majority of criminal actors ultimately need to convert their crypto proceeds into fiat currency to derive real-world economic benefit. By making this conversion conditional on the cleanliness of the assets’ transaction history, the BIS approach creates a deterrent that extends backward through the entire transaction chain. If crypto users know that tainted assets will be blocked at off-ramps, they have a strong incentive to avoid receiving or holding assets with questionable provenance.

This approach also has implications for centralized exchanges, banks, and payment processors that serve as the primary off-ramp infrastructure. These institutions would be required to integrate compliance score checking into their transaction processing workflows, adding a new layer to their existing AML programs. The Financial Action Task Force has already established expectations for VASPs to conduct risk-based transaction monitoring, and the compliance score framework could provide a standardized and technologically sophisticated method for meeting these obligations.

Stablecoin AML Compliance: The Crypto Crime Paradigm Shift

The BIS bulletin highlights a significant shift in the crypto crime landscape that has direct implications for AML compliance crypto strategies. Since 2022, stablecoins have overtaken bitcoin as the cryptoasset of choice among criminals, accounting for approximately 63% of all illicit transactions by 2024. This shift reflects the practical advantages of stablecoins for illicit purposes: they maintain stable value (eliminating the risk of price volatility during laundering cycles), are widely accepted across DeFi protocols, and can be transferred quickly and cheaply across borders.

The dominance of stablecoins in illicit activity creates both challenges and opportunities for AML compliance. On the challenge side, stablecoins like USDT and USDC are the most widely used cryptoassets in legitimate commerce, making it more difficult to distinguish illicit from legitimate usage based on asset type alone. On the opportunity side, major stablecoin issuers maintain centralized control over their tokens and have the technical ability to freeze or blacklist specific addresses — a capability that could be integrated with the compliance score framework proposed by the BIS.

The intersection of stablecoin regulation and AML compliance represents one of the most active areas of policy development globally. The European Union’s Markets in Crypto-Assets (MiCA) regulation, the UK’s evolving crypto regulatory framework, and various Asian regulatory initiatives all include specific provisions for stablecoin oversight that could incorporate blockchain-based compliance scoring. The BIS approach provides a technically sound foundation that policymakers can adapt to their specific regulatory contexts.

Technical Implementation of AML Compliance Crypto Scoring

Implementing the AML compliance crypto scoring system proposed by the BIS requires sophisticated technical infrastructure. The system must process massive volumes of blockchain transaction data in real-time, apply complex graph analysis algorithms to trace asset provenance, and generate meaningful risk scores that balance sensitivity (identifying genuinely illicit activity) with specificity (avoiding false positives that would disrupt legitimate transactions).

Graph analysis is the foundational technology for compliance scoring. Blockchain transactions naturally form directed graphs where addresses are nodes and transactions are edges. By analyzing these graphs, it is possible to trace the flow of funds from source to destination, identify clusters of related addresses (potentially belonging to the same entity), and detect patterns consistent with money laundering techniques such as chain-hopping, peel chains, and mixing. Advanced techniques including community detection, centrality analysis, and temporal pattern recognition enhance the analytical capabilities of these systems.

Machine learning models, particularly those designed for graph-structured data, play a crucial role in automating the scoring process. These models can be trained on labeled datasets of known illicit and legitimate transactions to identify subtle patterns that would be invisible to rule-based systems. The Bank for International Settlements has been actively researching the application of AI and machine learning to financial regulation, and the compliance score framework builds on this broader research agenda. Deep learning approaches, including graph neural networks, offer particularly promising capabilities for processing the complex relational structures inherent in blockchain transaction data.

Implications for the Crypto Industry and AML Compliance

The BIS bulletin’s proposed approach to AML compliance crypto would have far-reaching implications for the entire digital asset ecosystem if adopted as a regulatory standard. For crypto exchanges and custodians, the compliance score framework would add a new dimension to their transaction monitoring obligations, requiring investment in blockchain analytics capabilities and integration with scoring systems. For DeFi protocols, the implications are more complex, as decentralized systems lack the centralized control points necessary for traditional compliance enforcement.

The concept of “duty of care” introduced in the bulletin is particularly significant. By creating a system where crypto users and businesses can assess the compliance risk of their holdings and transactions, the BIS approach encourages a culture of voluntary compliance that extends beyond the regulatory requirements placed on centralized intermediaries. Users who routinely transact in high-compliance-score assets would benefit from smoother access to banking services, while those dealing in tainted assets would face increasing friction.

For the broader crypto compliance landscape, the BIS approach represents a philosophical shift from attempting to replicate traditional financial compliance in a decentralized environment to embracing the unique properties of blockchain technology as a compliance tool. This pragmatic approach acknowledges that while perfect AML compliance may be impossible in a permissionless system, significant improvements are achievable by leveraging the transparency that is built into the technology itself.

Global Regulatory Landscape for Crypto AML Compliance

The BIS bulletin exists within a rapidly evolving global regulatory landscape for AML compliance crypto. Different jurisdictions are taking varied approaches to crypto regulation, creating a complex patchwork of rules that international crypto businesses must navigate. The Financial Action Task Force continues to update its guidance on virtual assets, while major economic blocs are implementing comprehensive regulatory frameworks.

The European Union’s MiCA regulation, which began applying from December 2024, establishes a comprehensive framework for crypto-asset markets in the EU, including specific provisions for AML compliance. The regulation requires crypto-asset service providers to implement robust AML programs and submit suspicious transaction reports. The European Securities and Markets Authority (ESMA) has published guidelines on supervisory practices for market abuse under MiCA, creating a framework that could incorporate the compliance scoring approach proposed by the BIS.

In the United States, the regulatory landscape for crypto AML remains fragmented across multiple agencies, including the Financial Crimes Enforcement Network (FinCEN), the Securities and Exchange Commission (SEC), and the Commodity Futures Trading Commission (CFTC). The proposed BIS framework could provide a unifying technical standard that bridges these regulatory silos, enabling more coordinated and effective enforcement. Asian markets, including Japan, Singapore, and Hong Kong, have also been actively developing crypto regulatory frameworks that balance innovation promotion with AML compliance requirements, creating potential adoption pathways for blockchain-based compliance scoring systems.