How to check a crypto address before sending funds: 5-minute AML hygiene

Why check if I'm not doing anything wrong

Exchange AML engines don't assess your person — they assess the transaction graph: where the tokens came from, through how many hops, and which clusters the path addresses are linked to. Accept a transfer from an address two steps away from a mixer, and a share of its risk is now in your score. Checking a counterparty's address before a deal is not paranoia — it is the same hygiene as vetting a counterparty in ordinary business. How it works under the hood — our breakdown of exchange AML screening.

Level 1: Tether's contract blacklist — free, seconds

If you deal in USDT, start with the hardest and most honest signal: whether the address is blacklisted by the issuer itself. Tether freezes addresses at the smart-contract level — the isBlackListed function in the USDT contracts on Ethereum and TRON. This is not a "risk estimate"; it is a binary fact: a blacklisted address cannot move USDT at all.

You can check with our free checker — it reads the contract state directly, no registration. Know the limits: the blacklist catches only the heaviest cases (sanctions, major thefts, authority requests). Not blacklisted ≠ clean — it only means the issuer hasn't frozen it.

Level 2: commercial risk scoring

Risk-scoring services (from AMLBot to exchangers' built-in checkers) sell a "contamination" estimate — a risk percentage across categories: mixers, darknet, scams, sanctions. Under the hood are the same cluster-attribution databases the exchanges use.

What to know about the limits of these scores:

Level 3: five minutes in an explorer — free and underrated

A basic manual check on Etherscan/Tronscan catches a large share of problem counterparties:

1. Address age and history: created yesterday but already moved millions — a typical transit wallet for someone else's flows.
2. Transit pattern: funds enter and leave within minutes, balance always near zero — a pass-through address.
3. A fan of small incoming transfers from dozens of addresses quickly swept into one — a collection pattern typical of scam projects and mule networks.
4. Explorer labels: major services and known incidents are often tagged right on the address page.
5. For P2P deals: save a dated screenshot of the check — together with the rest of the deal evidence, it is your line of defence against a possible complaint.

The address is dirty: now what

If the counterparty is on Tether's blacklist, there is no deal: their USDT technically cannot arrive. If scoring shows high risk — ask for a different address; a counterparty's refusal to provide a clean one is an answer in itself. If the transfer has already landed and the exchange is asking questions — don't panic and don't "shuffle" the funds onward: that only extends the dirty trail. The route is the same as in every AML case: preserve evidence, build Source of Funds, send one measured compliance response. First moves — our first-24-hours breakdown.

Checklist before a large transfer

1. USDT? — contract blacklist check on sender/recipient: free checker.
2. Significant amount? — commercial scoring of the counterparty address; save the report with its date.
3. Five minutes in an explorer: age, patterns, labels.
4. P2P? — evidence per the checklist: who the counterparty is, how they pay, the chat log.
5. Doubt = different address or different deal. Missed profit is smaller than a frozen deposit.

Bottom line

Address checking is the cheapest AML self-defence there is: the blacklist check is free, the explorer is free, commercial scoring costs less than a coffee. If the flag has already happened and the exchange is asking questions — that is a different discipline: assess your case or request a free assessment.