Tainted cryptocurrency or suspicious transaction? What is the difference?

Crypto service providers are required by law to reduce the risk of money laundering or financing of criminal activities. In this article we will try to explain what are the risk indicators and how to interpret these signals from a compliance perspective. We will also explain the difference between a “tainted” cryptocurrency transaction and a suspicious transaction.

We first give some background information about why cryptocurrencies would be considered tainted and we have a look at existing regulations. This will provide some context and clarification from a compliance perspective. Then we will explain why considering cryptocurrencies as tainted is misleading and not practical.

Tainted crypto

What is a tainted cryptocurrency?

The term tainted cryptocurrency implies that the cryptocurrency was used for illicit activities. Due to the nature of the blockchain technology and its electronic ledger, all transactions that ever have been made on the blockchain are traceable, forever. This might concern individuals that they hold cryptocurrencies that are ‘dirty’.

Who declares that cryptocurrencies are tainted and when?

This is not as obvious as you might think. There is no regulatory authority that after careful consideration declares that a holder or transaction in the past was associated with illegal activities. A victim of a crypto scam might report the associated Bitcoin address to bitcoinabuse.com. This would trigger a warning that the associated address would be tainted. But the accused was never convicted of a crime. Is it fair to block the address, or the cryptocurrency originating from it, before the suspect is actually convicted for the crime by the proper authorities? It might be a signal for further due diligence especially if it would be considered a high risk transaction, but it is not a determinator to block the transaction.

This raises another question, when is the address or wallet declared tainted? The takedown of AlphaBay and Hansa in 2017 was an international cooperation between Federal Bureau of Investigation (FBI), the US Drug Enforcement Agency (DEA) and the Dutch National Police, with the support of Europol. The investigation took several years. In the meantime hundreds of thousands of transactions were made on the blockchain. The vast majority on the blockchain are genuine transactions that had no notion of the illicit activities. Can you link the holders of the cryptocurrency originating from associated addresses in retrospect to be associated with the crime?

There are plenty of examples how cryptocurrencies could be tainted without any knowledge or blame to the holder of the crypto. For example, in 2013/2014 Mt Gox was the biggest Bitcoin exchange. After a hack, they filed for bankruptcy and announced that approximately 850,000 bitcoins belonging to customers and the company were missing and likely stolen. There is a fair chance that you own Bitcoins that have been implied with this incident.

The point is, just because you can track all transactions on the blockchain, that does not imply that the current owner is in any way involved with the illicit activity in the past.

Nexus crypto brokerage platform

NEXUS, our platform for automated token, crypto and fiat transaction processing, enables you to start offering a variety of cryptocurrency services, such as brokerage, merchant or custodian services.

NEXUS includes extensive tools for customer management (AML, KYC, fraud prevention). For instance, it generates compliance reports accepted by an AA- (Fitch rating) bank. All fiat- and token transactions and operations are fully traceable and auditable.

Nexus crypto brokerage platform

Suspicious transactions

At the same time, the fact that current owners might not be involved with illicit activities in the past, doesn’t imply that you don’t have to monitor transactions. All crypto providers should, and are legally required to do so. The difference is that the monitoring is risk based, taking all kinds of information into account. A reference on the blockchain to a “tainted” event might trigger a closer inspection, but should not be used as the sole determiner if the transaction is suspicious. For example the transaction multiple steps back, or you received the funds via a reputable registered trading platform or exchange that complies with the strict AML/CTF regulations.

To combat that virtual assets are being used for criminal activity the Financial Action Task Force (FATF) published the guideline ‘Virtual Assets Red Flag Indicators of Money Laundering and Terrorist Financing”. The guidelines are based on more than 100 case studies collected by the 200 member states of the FATF Global Network; it highlights the most important red flag indicators that could suggest criminal behaviour. Key indicators are:

  • Technological features that increase anonymity – such as the use of peer-to-peer exchange websites, mixing or tumbling services or anonymity-enhanced cryptocurrencies
  • Geographical risks – criminals can exploit countries with weak, or absent, national measures for virtual assets
  • Transaction patterns – that are irregular, unusual or uncommon which can suggest criminal activity
  • Transaction size – if the amount and frequency has no logical business explanation
  • Sender or recipient profiles – unusual behaviour can suggest criminal activity
  • Source of funds or wealth – which can relate to criminal activity


The EU and their member states implemented these recommendations in the ​5th anti-money laundering Directive (AML5). The package harmonises AML/CFT rules across the EU. It also proposes the creation of a new EU authority to fight money laundering.

AML5 will ensure that custodial wallet providers and virtual currencies exchanges collect KYC/CDD information on customers such as name, address, nationality and identification. The customer still can trade crypto with all the benefits including less public visibility while the identity is known to the virtual currencies providers. Next to the identification of the customer (KYC) they are legally obliged to:

  • enhance due diligence to high risk customers;
  • monitor transactions; and
  • file STRs where they suspect illicit activity.

Financial institutions, money service businesses, and other non-financial services and professions (DNFPBs) that need to deal with virtual asset transactions, need to understand these requirements. In particular, how to apply the risk-based approach to their customer due diligence requirements, which require knowing who their clients and the beneficial owners are, understanding the nature and purpose of the business relationship, and understanding the source of funds and wealth.

Because of the strict regulation and the obligation of the registered virtual service providers, the risk that you receive “tainted” cryptocurrencies from these providers is extremely low.

Most individuals and companies buy and sell their crypto through these regulated companies. Thus decreasing the risk of being associated with any illicit activities.

Tainted cryptocurrency transaction

Compliance is key

The term “tainted cryptocurrencies” is misleading and not practical. From a compliance perspective the focus should be on customer due diligence and risk based transaction monitoring rather than a sole indicator that the cryptocurrency is “tainted”. The increased traceability of the blockchain does not equal that the holder is accountable or linked to the criminal offence.


There are tremendous opportunities in the cryptocurrency industry. But regulatory compliance is a complex subject and many businesses are unsure about the challenges that arise when connecting to public blockchains. For example, they are unsure how to handle transactions between fiat money in traditional financial systems and cryptocurrencies in public blockchains, how to comply with regulatory rules and procedures (KYC, AML) and how to properly manage their risks, such as trading risks, volatility risks and fraud prevention.

Our NEXUS platform for automated token, crypto and fiat transaction processing solves these problems. NEXUS offers functionality such as wallet management, minimizing price & counter party risk and compliant customer management tools. NEXUS is used by many companies in the cryptocurrency industry and last year we processed up to 200.000 on-chain transactions per day while keeping our partners and their customers safe.

Get in touch with us today to find out what we can do for your business!

Related posts