Wallet Screening
Managing compliance requirements for cryptocurrency address and wallet screening.
Wallet Screening
Wallet screening involves checking cryptocurrency addresses against sanctions lists, known illicit addresses, and risk databases. PartnerAlly helps you document and manage your wallet screening compliance program.
What is Wallet Screening?
Purpose
Wallet screening helps prevent:
- Transactions with sanctioned entities
- Funds from illicit sources
- Money laundering
- Terrorist financing
- Regulatory violations
How It Works
Typical screening process:
- Transaction initiated
- Address checked against databases
- Risk score assigned
- Decision made (approve/review/block)
- Records maintained
Screening Requirements
Regulatory Basis
Wallet screening stems from:
- OFAC sanctions compliance (US)
- EU sanctions regulations
- FATF recommendations
- Local AML requirements
- License conditions
What to Screen
| Item | Description |
|---|---|
| Deposit addresses | Incoming funds sources |
| Withdrawal addresses | Outgoing funds destinations |
| Counterparty addresses | Transaction partners |
| Self-hosted wallets | Personal wallet connections |
Screening requirements and depth vary by jurisdiction and risk appetite. Consult compliance professionals for your specific needs.
Compliance Program Elements
Policy Requirements
Your wallet screening policy should cover:
- When screening occurs
- What databases are used
- Risk thresholds
- Decision criteria
- Escalation procedures
Procedural Requirements
Document procedures for:
- Real-time screening
- Batch screening
- Hit handling
- Investigation process
- False positive management
Technology Requirements
Address system needs:
- Screening tool selection
- Integration approach
- Performance requirements
- Data retention
Managing Wallet Screening in PartnerAlly
Document Your Program
Upload screening documentation:
- Wallet screening policy
- Standard operating procedures
- Risk assessment methodology
- Vendor documentation
Identify Gaps
AI analyzes for gaps:
- Missing policy elements
- Incomplete procedures
- Documentation weaknesses
- Control gaps
Track Implementation
Use PartnerAlly to:
- Monitor compliance status
- Track remediation
- Collect evidence
- Prepare for audits
Policy Development
Key Policy Elements
A complete policy includes:
| Section | Content |
|---|---|
| Scope | What transactions are screened |
| Timing | When screening occurs |
| Sources | Databases and data providers |
| Thresholds | Risk scores and limits |
| Decisions | Actions for different results |
| Escalation | Review and approval process |
| Documentation | Record keeping requirements |
| Review | Policy update schedule |
Risk-Based Approach
Tailor screening to risk:
- Higher risk = more scrutiny
- Lower risk = streamlined process
- Document risk assessment
- Review periodically
Screening Implementation
Screening Tools
Common approaches:
- Third-party screening services
- Blockchain analytics platforms
- Combined AML solutions
- Custom implementations
Integration Points
Where to integrate screening:
- Deposit processing
- Withdrawal requests
- Account onboarding
- Periodic reviews
Real-Time vs. Batch
| Approach | Use Case |
|---|---|
| Real-time | Transaction-time screening |
| Batch | Periodic portfolio review |
| Both | Comprehensive coverage |
Handling Screening Results
Negative Results (No Hit)
When address is clear:
- Transaction proceeds normally
- Record the screening
- Maintain audit trail
Positive Results (Hit)
When potential match found:
Pause Transaction
Hold pending investigation.
Investigate
Determine if hit is genuine.
Document Findings
Record investigation results.
Make Decision
Proceed, block, or escalate.
Report if Required
File SAR if applicable.
False Positives
Managing false positives:
- Investigation process
- Documentation requirements
- Approval for override
- Audit trail
Data Sources
Sanctions Lists
Screen against:
- OFAC SDN List (US)
- EU Consolidated List
- UN Sanctions Lists
- Local sanctions lists
Blockchain Analytics
Additional screening data:
- Known illicit addresses
- Mixer/tumbler connections
- Ransomware addresses
- Dark web marketplace links
Risk Scoring
Many tools provide:
- Address risk scores
- Transaction risk indicators
- Counterparty analysis
- Network visualization
Evidence Collection
What to Document
Maintain evidence of:
- Screening policy
- Tool implementation
- Sample screening records
- Investigation procedures
- Training completion
Audit Trail
Keep records showing:
- Every address screened
- Screening results
- Decisions made
- Investigation outcomes
Creating Remediation Workflows
For Screening Gaps
When gaps are identified:
Review Gap Details
Understand what's missing.
Generate Workflow
Create remediation plan.
Customize for Your Needs
Adjust tasks appropriately.
Execute Workflow
Work through tasks.
Document Completion
Upload evidence.
Typical Tasks
Screening implementation often includes:
- Policy development
- Tool selection
- Integration planning
- Implementation
- Testing
- Training
- Go-live
- Monitoring setup
Audit Preparation
Common Questions
Auditors may ask:
- What sources do you screen against?
- How often is screening performed?
- What is your hit handling process?
- How do you document false positives?
- What is your escalation procedure?
Demonstrating Compliance
Be prepared to show:
- Written policies
- Screening tool documentation
- Sample screening logs
- Investigation records
- Training evidence
Best Practices
Screening Program
- Screen comprehensively
- Use reputable data sources
- Document everything
- Review regularly
Hit Management
- Investigate promptly
- Document thoroughly
- Escalate appropriately
- Report when required
Ongoing Management
- Update screening sources
- Review policies regularly
- Train staff continuously
- Monitor effectiveness
Challenges and Solutions
Common Challenges
| Challenge | Solution |
|---|---|
| False positives | Tuning and review process |
| Screening speed | Appropriate tool selection |
| Data quality | Multiple data sources |
| Coverage gaps | Regular review and updates |
Emerging Issues
Stay aware of:
- New illicit address types
- Privacy coin challenges
- DeFi protocol screening
- Cross-chain complexity
Common Questions
How often should we screen?
At minimum, screen for every transaction. Many organizations also do periodic portfolio reviews.
What if our screening tool misses something?
Document your reasonable procedures, use reputable tools, and stay current with updates. Perfect detection isn't expected, reasonable procedures are.
Do we need to screen internal transfers?
Generally, screen external-facing transactions. Internal transfers between verified accounts may have reduced requirements.
How long do we keep screening records?
Follow your jurisdiction's requirements, typically 5-7 years. Document your retention policy.
What about privacy coins?
Address per your risk assessment. Many organizations have restrictions or enhanced procedures for privacy-focused cryptocurrencies.
Next Steps
- Travel Rule - Related compliance requirement
- Crypto Compliance - Overview
- Risk Registry - Managing screening risks