Blockchain intelligence firm Elliptic noted that AML false positives are a common operational challenge for crypto-assets compliance programs. According to insights from Elliptic, the key to effectively reducing them is configuring monitoring systems with improved data, risk-appropriate rules and wider overall blockchain visibility, so that alerts reflect genuine / real material risk instead of merely gaps in coverage and/or context.
Elliptic further explained that an AML false positive occurs when a legit transaction, wallet or client is flagged as having so-called material risk by an AML monitoring solution. Elliptic also pointed out that the type of alert then triggers a manual review by an analyst who actually finds no real material risk.
Elliptic added in a blog post that relatively high false positive rates are a significant problem across the financial services sector.
Elliptic also explained that they are not actually unique to digital assets, but the characteristics of blockchain transfers do tend to “amplify” them.
The blockchain intelligence firm further stated that crypto focused compliance programs often see considerably higher false positive rates (overall) as a result.
And higher rates of AML false positives in crypto are not actually due to cryptoassets being “inherently” more suspicious.
The blog post further explained that they tend to stem from structural differences between traditional financial channels and cryptoasset markets that AML programs have to reliably account for:
- Pseudonymous transfers: Wallet addresses don’t include identity information. Without rich customer data, monitoring systems have less context to differentiate legitimate activity from suspicious behavior, so systems default to broader, less precise alerting.
- High transaction volumes and speed: Rule-based monitoring systems often apply velocity and volume triggers designed for slower banking environments. In 24/7 cryptoasset markets, normal transaction volumes can trip established thresholds and generate a high volume of alerts that don’t reflect material risk.
- Cross-chain complexity: Cryptoassets frequently move across multiple blockchains using bridges and DEXes to create complex transaction trails. Without cross-chain visibility, partial transaction flows can look suspicious, and these visibility gaps are a major source of false positives.
- Indirect exposure to higher-risk services: Legit users frequently have indirect exposure to services that could actually be considered high risk, such as mixers, DEXs or privacy protocols. Overly broad risk rules that treat indirect exposure the same way as direct exposure may generate large volumes of false positives.
- Immature rule calibration: Many crypto focused compliance programs are still maturing at this time. And rule-based systems and alert thresholds carried over from TradFi might not include the appropriate data, intelligence and behavioral norms of cryptoasset markets, resulting in greater overall false positive alerts.
Elliptic Lens provides business organizations more control over how risk is actually defined and detected, with more than 10 million configurability permutations across risk thresholds, entity categories and exposure parameters.
According to the update from Elliptic, this level of control effectively filters out low-value alerts and provides considerably more alert precision, so that your crypto compliance team is able to investigate what really matters.