Explore & Design
API ReferenceTry in Sandbox

Integrating third-party AML providers

Fireblocks offers direct integrations with AML providers Chainalysis and Elliptic. If you prefer to use a different provider, you can use the workflows below to integrate a third-party service into your workspace.

📘

Note

AML screening policies within Fireblocks, including our Autofreeze functionality, are only supported by our direct integrations. These policies will not apply to third-party providers.

Outgoing transactions

There are two methods for screening outgoing transactions: manual pre-screening and automated screening.

Method 1: Manual pre-screening

You can manually send transaction details to your AML provider before sending the transaction to the blockchain. In this scenario, one of your users initiates the transaction and sends the details to your AML provider for screening.

Once you receive the screening results, you can either reject the transaction (if the risk profile is high) or accept it and send it to Fireblocks. You can also set up alerts to notify interested parties about the transaction.

Method 2: Automated screening using the Callback Handler

You can automate third-party AML screening for outgoing transactions using:

  • Fireblocks API: the endpoints used for initiating the transaction.
  • API Co-Signer: a Fireblocks-provided component that automates transaction signing and must be installed on an Intel SGX-enabled server you provide.
  • Callback Handler: an HTTPS server that receives the transaction details and automatically sends the details to your AML provider.

You must also develop a custom logic that determines whether to accept or reject transactions based on the AML screening result, as follows:

  1. You initiate a transaction using the Fireblocks API.
  2. The transaction goes through your Policies. If authorized, it is then sent to the co-signer gateway for signing.
  3. The API Co-Signer (located in your secure environment) long-polls and fetches the transaction details from the co-signer gateway.
  4. The API Co-Signer sends a request to the Callback Handler with the transaction details.
  5. The Callback Handler sends the transaction details to your third-party AML provider for screening.
  6. The AML provider responds with the screening result.
  7. According to your custom logic, the Callback Handler accepts or rejects the transaction based on the screening result.
    • If the risk profile is high, the Callback Handler responds to the API Co-Signer with Reject. The API Co-Signer does not sign the transaction, and the transaction is canceled.
    • If the risk profile is acceptable, the Callback Handler responds to the API Co-Signer with Accept. The API Co-Signer signs the transaction and sends it back to the co-signer gateway for broadcasting to the blockchain.

📘

Note

The API Co-Signer expects a response within 30 seconds of sending the initial request. If the Callback Handler does not respond within 30 seconds, the transaction is not signed and is canceled.

Incoming transactions

For incoming transactions, you have two options for managing the compliance status of your transactions: automated screening or manual review.

🚧

Important

The automated and manual methods cannot be used together. You must choose one method for screening incoming transactions.

Method 1: Automated Screening

You can use a custom workflow to send incoming transaction details to your AML provider for automated screening. To do this, you must configure a webhook that notifies you when a new transaction is received. The webhook also contains the transaction's details, which you can then send to your AML provider.

Once you receive the screening results, you have two options:

  1. You can freeze the transaction if the risk profile is high. An Admin can later unfreeze it.
  2. You can do nothing if the risk profile is acceptable, and the funds remain immediately spendable within your wallet.

You can also set up alerts to notify interested parties about the transaction.

Method 2: Manual Screening Verdict

📘

Note

This feature is currently available to a limited group of customers. To enable it, contact your Fireblocks Customer Success Manager.

The Manual Screening Verdict feature provides a simplified, manual process for managing the compliance status of incoming transactions. Instead of relying on automated screening, it gives you full control to manually review and decide on transactions using your own internal tools and procedures.
How it works:

  1. Pending Screening State: All incoming transactions are automatically flagged and placed in a PENDING_SCREENINGstate. In this state, the transaction is paused until your compliance team reviews it.
  2. Manual Review: Your compliance team reviews the transaction using your internal procedures (e.g., AML checks or other risk controls).
  3. Submit a Verdict: Once the review is complete, you submit your decision via the dedicated API endpoint: POST /aml/verdict/manual.
    1. ACCEPT: This releases the transaction from its pending state, allowing it to be processed.
    2. REJECT: This flags the transaction as rejected for AML reasons. Rejected transactions are automatically frozen in Fireblocks.
  4. Timeout: If no verdict is provided within the timeout window (default: one hour), Fireblocks will automatically REJECT the transaction.

📘

Note

Manual Screening Verdict applies only to incoming transactions. Outgoing transactions bypass this workflow and are not affected.

Updated 20 minutes ago