AML & blockchain forensics glossary
The terms exchange compliance uses to describe your case — explained in plain language, without legal fog. Every definition is self-contained: link to any term directly via its anchor.
AML (Anti-Money Laundering)
The body of laws and procedures obliging financial institutions — crypto exchanges included — to verify the origin of client money. When an exchange "freezes pending review", it is discharging an AML obligation to its regulator, not acting on a whim.
KYC (Know Your Customer)
Client identification: passport, selfie, proof of address. KYC answers "who you are"; Source of Funds answers "where your money comes from". A fresh account instead of a frozen one fails precisely because of KYC: documents and devices link you back (ban evasion).
KYT (Know Your Transaction)
Real-time transaction monitoring: every deposit runs through scoring engines (Chainalysis, TRM, Elliptic) before it even credits. It is the KYT engine, not a human, that puts the first flag on your transfer.
Source of Funds (SoF)
The origin of the money in a specific operation: which documents prove these particular funds were earned legally. The most common compliance request and the most common failure point — chaotic submission. How the dossier is verified — our guide; a ready skeleton — open template.
Source of Wealth (SoW)
The origin of your wealth overall — not one transfer but your entire capital: business, career, inheritance, investments. Requested for large amounts under EDD. SoF is "where did these $20,000 come from"; SoW is "where does your money come from at all".
EDD (Enhanced Due Diligence)
Deepened review for elevated risk: large volumes, complex fund routes, matches with risk patterns. In practice — an extended document package (income, taxes, wealth) and a longer review cycle. Refusing to answer = the withdrawal stays closed.
Risk score
A numeric estimate of how "tainted" an address or transaction is, computed by analytics engines from links to known clusters (mixers, darknet, scams, sanctions). Every exchange sets its own trigger threshold. Key point: the score looks at the path of the funds, not at your person — honesty does not lower it; proven distance from risk clusters does.
USDT blacklist (isBlackListed)
Addresses frozen by Tether at smart-contract level: the isBlackListed function in the USDT contracts on Ethereum and TRON. A blacklisted address cannot move USDT at all — harder than any exchange freeze. Check any address with our free checker; what to do if blacklisted — the USDT guide.
Freeze vs confiscation
A freeze is a temporary restriction on disposing of funds until a review completes; the money remains yours. Confiscation is seizure by court or regulator order — a rare scenario requiring a proven crime. An exchange cannot confiscate on its own; it can, however, hold a freeze until the review closes.
Mixer (tumbler)
A service that pools many users' crypto and severs the link between input and output (Tornado Cash, ChipMixer). For AML engines a mixer trail is among the heaviest flags: even 2–3 hops after a mixer, a deposit almost certainly goes to manual review.
Cluster analysis
The forensics method of grouping addresses controlled by one entity, based on co-spending and behavioral patterns. This is how engines "know" an address belongs to an exchange, a darknet market or a scam project even when it is new. Our forensic reports use the same method — which is why compliance understands them.
Hop
One transfer in a chain of fund movements. "Dirty money two hops away" means two transfers separate you from the risky address. Scoring weighs hop distance and the share of tainted volume; unfortunately, you inherit the path's risk even if you knew nothing about it.
TxID (transaction hash)
The unique identifier of a blockchain transaction — the primary "document number" in crypto disputes. Any explanation to compliance without TxIDs is words; with TxIDs it is fact, verifiable in seconds. Keep the TxID of every significant transfer.
P2P triangulation
A fraud scheme where a victim pays you for a scammer's P2P order: the money is stolen, the complaint lands on you. The top cause of freezes hitting bona fide P2P sellers. Mechanics and defense — our breakdown; the evidence that decides the dispute — the checklist.
Money mule
A person whose accounts are used to pass other people's (usually criminal) money — for a cut or "as a favor". Bank algorithms hunt the mule pattern: many inbound payments from different individuals plus fast onward transit. Honest P2P traders match this pattern regularly — how to get out.
Chargeback
A forced reversal of a card payment through the payer's bank. In crypto: a P2P buyer pays by card, receives the crypto, then disputes the payment — the fiat is clawed back while the crypto is gone. Exchanges hold the seller's withdrawals until the dispute closes.
Compliance
The exchange unit responsible for meeting regulators' AML and sanctions requirements. It is compliance — not support — that decides on freezes and releases. Hence the rule: one precise reply to the competent addressee outweighs ten support tickets. How to answer their letters.
FIU (Financial Intelligence Unit)
The national financial-intelligence body (Ukraine's State Financial Monitoring Service, Kazakhstan's AFM, etc.). Banks report suspicious activity to it; P2P trading patterns regularly end up in those reports, after which the bank blocks the card "pending clarification".
FATF
The intergovernmental body that sets global AML standards (the 40 Recommendations). Its grey and black country lists feed directly into risk scoring: transactions touching listed jurisdictions get harder checks. FATF standards are why exchange AML requirements look alike everywhere.
Travel Rule
FATF Recommendation 16: VASP-to-VASP transfers must carry originator and beneficiary data — like banks do over SWIFT. Because of the Travel Rule, inter-exchange transfers increasingly require "confirm the recipient account", and transfers to or from unidentified wallets attract extra scoring.
MiCA
Markets in Crypto-Assets — the EU regulation rolling out unified licensing of crypto platforms across 2024–2026. Unlicensed platforms lose the right to serve EU clients — hence the waves of "account closures before the deadline". What it means for your funds — the July 1, 2026 deadline breakdown.
VASP / CASP
Virtual Asset Service Provider (FATF terminology) / Crypto-Asset Service Provider (MiCA terminology) — any crypto service provider: exchanges, custodians, OTC desks. VASP/CASP status obliges the platform to run AML procedures, freezes on flags included.
Sanctions exposure
A link between funds and addresses on sanctions lists (OFAC SDN and counterparts) — the heaviest flag type: here the exchange acts under law, not internal policy, and has almost no discretion. We do not take cases with genuine sanctions trails — fixed in our screening rules.
Ban evasion
Trying to bypass a block with a new account — your own or a relative's. Exchanges link accounts via KYC data, devices and behavioral patterns; detection = the new account banned and the old freeze still in place, now aggravated by "flight". The worst move after a freeze.
Blockchain forensics
The discipline of reconstructing fund movements on public blockchains: address clustering, hop-by-hop tracing, source attribution. The same toolchain (Chainalysis/TRM-grade) the exchange points at you — in independent hands it shows what exactly triggered the flag and your real distance from risk.
Free preliminary case assessment
Describe your situation — we will return an honest assessment: what is realistically possible, how long it takes and what it costs. No "guaranteed unlocks" — they do not exist; compliance decides.