Since privacy is a key principle of blockchain technology, transactions on the blockchain do not contain any information about the people or organizations involved. However, criminals may try to use this anonymity to hide illicit fund transfers. To prevent funds from being sent to criminals or sanctioned parties, regulators in many jurisdictions have begun mandating the collection of personal data for users transacting on the blockchain.

The Fireblocks AML feature allows you to automate real-time monitoring of your crypto transactions in order to ensure compliance with Anti-Money Laundering/Counter Financing of Terrorism (AML/CFT) regulations, prevent interactions with sanctioned entities, and identify customer behavior. You can integrate your Fireblocks account with Chainalysis or Elliptic, our third-party transaction monitoring providers, to retrieve AML/CFT information on your incoming and outgoing transactions. You can also implement your own custom screening logic for AML providers that are not natively supported.

In either case, your AML provider analyzes your transactions in real time and screens them based on the policy you create. The provider then returns a risk profile based on the transaction details (including addresses). You can approve, reject, or receive alerts for transactions in response to the provided risk information.

You, the transaction owner, are responsible for compliance reporting. Fireblocks and the AML provider make reporting easy with auditable risk information available for export. In the event of a risky transaction in a jurisdiction that requires reporting, your compliance officer will need to file any regulatory requirements with the appropriate authorities.

Transaction Screening Flow

Outgoing

1. You initiate a transaction in your Fireblocks workspace.
2. The transaction passes through your AML Transaction Screening Policy to determine whether it should then be sent to your AML provider for screening.
3. If the transaction should be screened according to your policy, Fireblocks sends the transaction’s details to the provider to receive the transaction’s risk information and to be registered for further monitoring. Fireblocks shares the following transaction information with your AML provider:
   1. Asset
   2. Amount
   3. Origin address
   4. Beneficiary address
   5. Blockchain hash
4. Your AML provider determines the transaction’s risk score and sends the result to your Fireblocks workspace. Learn how Fireblocks handles outgoing transactions when risk scores are not available immediately .
5. The integration approves or rejects the transaction based on its risk information and your Post-Screening Policy.

You can configure your Post-Screening Policy so that you receive alerts when the transaction’s risk information becomes available from your AML provider. After the screening, recorded information can be viewed in your Transaction History, the Audit Log, and your provider’s interface for auditing by your compliance team.

Incoming

1. Fireblocks detects an incoming transaction to your workspace.
2. The transaction passes through your AML Transaction Screening Policy to determine whether it should then be sent to your AML provider for screening.
3. If the transaction should be screened according to your policy, Fireblocks sends the transaction’s details to the provider to receive the transaction’s risk information and to be registered for further monitoring. Fireblocks shares the following transaction information with your AML provider:
   1. Asset
   2. Amount
   3. Origin address
   4. Beneficiary address
   5. Blockchain hash
4. Your AML provider determines the transaction’s risk score and sends the result to your Fireblocks workspace. Learn how Fireblocks handles incoming transactions when risk scores are not available immediately .
5. The integration approves or rejects the transaction based on its risk information and your Post-Screening Policy.

You can configure your Post-Screening Policy so that you receive alerts when the transaction’s risk information becomes available from your AML provider. After the screening, recorded information can be viewed in the Transaction History, the Audit Log, and your provider’s interface for auditing by your compliance team.

📘

Learn more about AML:

1. Check out the following guide for more information about Fireblocks AML integration
2. Check out the AML API endpoints in the API Reference

Best Practices

Fireblocks supports native integrations with AML providers such as Chainalysis and Elliptic. Alternatively, you can use your own integration. Regardless of your provider, the following recommendations will help you configure a reliable and effective AML setup.

• Keep your policies as simple as possible. Overly complicated rules can make it difficult to understand what is being screened.
• Configure AML provider risk rating parameters to align with your compliance needs. Be aware that risk ratings vary by provider.
  • For example, a risk rating of 4 might be considered high risk by one provider, but only moderate risk by another.
  • Some providers also allow the option to ignore risk rating entirely and focus only on categories.
• Use the "Skip on failure" option to control the screening process when an AML provider service is down or unreachable.

Screening Timeouts

Fireblocks applies different timeout windows depending on the direction of the transaction:

• Incoming transactions: 10 minutes
• Outgoing transactions: 1 minute

This difference exists because AML providers need time to index transactions. Incoming transactions are resolved by transaction hash, while outgoing transactions are resolved by address. The indexing process only begins after a certain number of blockchain confirmations is completed, which means incoming transactions require more time before a risk score can be returned.

Custom 3rd party AML Providers

Fireblocks offers direct integrations with AML providers Chainalysis and Elliptic. If you prefer to use a different provider, we recommend setting up workflows for integrating third parties with your workspace as described in the following guide.

Freeze & Unfreeze Transactions

Auto Freeze allows you to set rules to automatically freeze an incoming transaction’s assets in your workspace for further review upon receiving funds from a suspicious sender. Fireblocks allows you to automatically freeze incoming transactions based on the default policy or a custom policy. You can also manually freeze an incoming transaction using the Freeze Transaction API endpoint.

• For UTXO-based assets, Fireblocks marks the specific transaction's inputs as unspendable.
• For account-based assets, Fireblocks marks the transaction's balance as unspendable. This means you can still use the rest of your wallet or vault account's balance for other transactions.

Once Auto Freeze takes place, the transaction does not continue to other steps in transaction screening. For example, if you have both AML and Travel Rule enabled and an incoming transaction is automatically frozen during the AML Transaction Screening Policy, the transaction does not proceed to Travel Rule transaction screening.

Users assigned an Owner or Admin role can unfreeze these funds using the Fireblocks Console or the Fireblocks API.

📘

Check out the Unfreeze Transaction API in the Fireblocks API Reference