The Future of Anti-Money Laundering: Behavioral Analytics on Public Blockchains

Sanctions lists and address blacklists are obsolete the moment they're published. They miss sophisticated obfuscation like nested smart contracts, cross-chain bridges, and privacy mixers. This creates a cat-and-mouse game where compliance lags behind crime by weeks or months.

• High False Positives: Flagging innocent DeFi users interacting with sanctioned protocols.
• Zero Coverage: Missing first-party fraud and novel laundering patterns.
• Reactive, Not Proactive: Action is only taken after funds are long gone.

Map the entity graph, not the address graph. Cluster related wallets (EOAs, multisigs, contracts) into holistic user profiles by analyzing funding sources, transaction patterns, and smart contract interactions. This turns raw blockchain data into a persistent identity layer for risk scoring.

• Pattern Recognition: Identify money muling, layering, and structured transactions across protocols like Uniswap, Aave, and MakerDAO.
• Proactive Risk Scoring: Assign real-time risk scores based on behavioral history, not just a single transaction.
• Attribution: Link off-chain KYC data (via zk-proofs) to on-chain behavior for regulated entities.

Make compliance a verifiable, privacy-preserving feature of the protocol itself. Use zero-knowledge proofs to allow users to prove they are not sanctioned or engaging in illicit activity without revealing their entire transaction history. This enables programmable policy engines at the wallet or protocol level.

• Selective Disclosure: Users prove compliance for specific jurisdictions (e.g., Tornado Cash-related bans) via zk-attestations.
• Automated Enforcement: Smart contracts can programmatically restrict interactions based on verified risk scores from oracles like Chainalysis or TRM Labs.
• Auditability: All policy logic and proofs are on-chain, creating a transparent and contestable compliance record.

Moving beyond simple attribution to behavioral clustering and transaction graph risk scoring. Their KYT (Know Your Transaction) product analyzes patterns, not just addresses, to flag high-risk DeFi interactions and cross-chain laundering.

• Key Benefit: Integrates with TRM Labs, Elliptic data for holistic risk picture.
• Key Benefit: Used by OFAC for sanctions enforcement, creating a de facto regulatory standard.

Builds a real-time, cross-chain behavioral graph mapping entities (wallets, services, mixers) by their on-chain activity patterns. Focuses on predictive risk, not just post-hoc forensic analysis.

• Key Benefit: Real-time API for exchanges like Circle and FTX (historically) to screen deposits.
• Key Benefit: Identifies behavioral clusters for illicit actors using Tornado Cash, Railgun with high accuracy.

A radical approach: a decentralized protocol for wallet reputation. Users build a verifiable, privacy-preserving attestation graph (like a credit score for on-chain behavior) to prove they are not bad actors.

• Key Benefit: Shifts burden from surveillance to self-sovereign proof, compatible with Worldcoin, ENS.
• Key Benefit: Enables Uniswap, Aave to implement risk-based access without doxxing all users.

Combines on-chain behavioral analytics with off-chain intelligence (dark web, forums) to map sophisticated laundering networks. Specializes in detecting fiat off-ramps and nested service risks.

• Key Benefit: VASP-focused intelligence, crucial for the Binance, Coinbase choke points in the laundering cycle.
• Key Benefit: Layered analysis that tracks funds through cross-chain bridges like LayerZero, Wormhole.

Static lists and simple heuristics (e.g., ">10k ETH tx") are trivial to evade. They create >99% false positive rates, wasting analyst time and missing sophisticated laundering patterns like tornado cash obfuscation or cross-chain hopping via layerzero and wormhole.

• Cost: Wastes $10B+ annually on manual review.
• Effectiveness: Catches <1% of illicit funds.
• UX: Cripples legitimate users with unnecessary friction.

Map wallets to real-world entities (CEXs, OTC desks, protocols) and analyze transaction patterns over time, not single events. This shifts from "was this address sanctioned?" to "does this behavioral cluster act like a money launderer?"

• Key Tech: Uses graph databases (Neo4j, TigerGraph) to track fund flows.
• Signal: Identifies layering & integration stages of laundering.
• Precision: Reduces false positives by ~80% vs. rules.

Privacy (e.g., aztec, monero) and compliance are not opposites. Zero-Knowledge Proofs allow users to prove AML compliance (e.g., "funds are from a known source") without revealing the entire graph. Protocols like penumbra and nocturne are building this natively.

• Compliance: Enables selective disclosure to regulators.
• Scale: ZK-SNARK verification in ~100ms.
• Future: Mandatory for institutional DeFi adoption on ethereum L2s.

Tools like chainalysis, elliptic, and trmlabs are evolving from forensics to real-time risk scoring APIs. The frontier is modular scoring: a wallet's risk score for uniswap liquidity provision differs from its score for an across protocol bridge transaction.

• Integration: APIs with <100ms latency for real-time dApp integration.
• Coverage: Monitor 50+ chains and 1000+ assets.
• Output: Dynamic risk scores, not binary flags.