The list of Risk Score marks used in AML procedures

Based on the result of the AML analysis of a crypto wallet address, the data are sorted according to various parameters, the unifying element of which is information marks about the presence of low, medium, and high risks associated with the crypto address. The marks indicate the presence of direct or indirect connections with various sources, depending on the legitimacy of which the crypto address is assigned the corresponding Risk Score marks.

A specific set of Risk Score marks is assigned to a crypto address due to interaction with a blockchain. The scoring result depends on the crypto address's direct or indirect connections (incoming and outgoing transactions) with various sources, platforms, resources, and segments.

Danger

• Child exploitation — funds related to the implementation of child exploitation activities.
• Dark market — funds associated with illegal online markets, usually accessible through anonymous networks.
• Dark service — funds associated with services of an illegal nature that are offered on dark resources.
• Enforcement action — legal/regulatory measures against organizations/individuals that violate AML requirements.
• Exchange fraudulent — fraudulent activities associated with financial transactions on cryptocurrency exchanges or through exchange platforms, which may include improper market manipulation, use of insider information for enrichment, illegal movement of funds, and other forms of deception.
• Gambling — funds associated with various online gambling services that do not have the necessary licenses.
• Illegal service — funds associated with illegal activities in circumvention of existing laws.
• Mixer — services for mixing crypto assets to ensure anonymity. Such services are used to make tracking difficult or impossible, including for money laundering purposes.
• Ransom— funds associated with blackmail, often in the context of cyberattacks.
• Sanctions — funds associated with individuals or organizations under international sanctions. The main regulator of international sanctions activities at the moment is OFAC.
• Scam — funds obtained fraudulently with a direct/indirect connection to fraudulent activity.
• Stolen coins — funds obtained by stealing other people's crypto assets.
• Terrorism financing — funds associated with the financing of terrorist activities.

Suspicious sources

• ATM — funds received through a crypto ATM.
• Exchange unlicensed — a platform that conducts trading and exchange activities without the appropriate license.
• Liquidity pools — smart contracts in which tokens are locked to ensure liquidity. Typically, this is used in decentralized finance.
• P2P exchange unlicensed — organizing peer-to-peer transactions between individuals without the appropriate license.

Trusted sources

• Marketplace — funds obtained during trade and exchange operations to pay for legitimate activities.
• Miner — crypto assets obtained through mining.
• Exchange licensed — an officially licensed platform that conducts trading and exchange activities in accordance with established legislation.
• Other — funds received through airdrops, token sales, or other methods that do not fall into the standard categories.
• P2P exchange licensed — cryptocurrency transactions between individuals through licensed platforms where participants carry out exchange activities without intermediaries.
• Payment — funds received from a licensed payment system.
• Seized assets — assets seized as a result of law enforcement actions for the victim's benefit.
• Wallet — funds stored in verified crypto wallets.