Chainalysis KYT Alerts: Detect and Prevent Crypto Crime in Real Time with Fewer False Positives

Chat With Us
Thanks for your interest! We'll be in touch shortly.
Oops! Something went wrong while submitting the form.

Although most economic activity involving Bitcoin and other cryptocurrencies is legal, bad actors use Bitcoin for illicit purposes. In most jurisdictions around the world, any business who transacts in cryptocurrency on behalf of customers is required to comply with anti-money laundering and counter financing of terrorism regulations (AML/CFT). This means cryptocurrency businesses are under regulatory obligation to have a compliance program to detect and prevent illicit activity.

Given the large transaction volumes of many cryptocurrency businesses, it's hard to detect all high risk activity without many false positives. Too many false positives create unnecessary work for compliance teams and can cause bad user experiences if the compliance team questions or suspends a user based on a false positive. 

Chainalysis KYT (Know Your Transaction) recently launched Alerts in beta to detect as much high risk cryptocurrency activity as possible with fewer false positives. Today, we're excited to announce that Alerts is out of beta and available to all Chainalysis customers.

Interested in learning more about KYT Alerts? Get in touch with our team

Don't miss important high risk activity

Data Advantage
With Chainalysis KYT Alerts, compliance teams are able to comprehensively detect high risk activity because Chainalysis has the largest dataset on illicit cryptocurrency addresses. Chainalysis will only label a cryptocurrency address with a real world entity name if we're 100% sure the address is controlled by the named entity. This limits false positives because you can be certain an address is controlled by the entity named in Chainalysis KYT. 

For more information on the wide range of high risk activities that Chainalysis identifies, check out our recent webinar on cryptocurrency typologies. The webinar covers many high risk typologies, including: darknet markets, terrorist financing, sanctioned cryptocurrency addresses, stolen funds, scams, ransomware, gambling services, mixers/tumblers, cryptocurrency ATMs, high risk exchanges, and fundraising for illicit or violent activity. Chainalysis continuously collects data on these activities in real time, and KYT generates Alerts for all of these typologies.

Ongoing Monitoring
Blockchains are constantly changing as more transactions are added to the ledger. This activity can significantly change the risk of a given transaction. For example, if a user of an exchange withdraws some Bitcoin to a previously unused Bitcoin address, it is difficult to assess the risk of the Bitcoin address immediately because it is brand new at the time of the withdrawal. But a few weeks later, the address may spend the funds from the exchange withdrawal. Chainalysis may then identify that this address belongs to a darknet market, for example.

Chainalysis is constantly monitoring the blockchain and sends Alerts through KYT whenever any high risk activity is detected. This ensures compliance teams won't miss anything, even if the high risk activity is detected after the time of the transaction.

Fewer false positives

Most comprehensive understanding of services
In order to prevent false positives, it's important to identify both high risk and low risk entities on the blockchain. Here's a simple example to illustrate why: suppose a customer of your exchange withdraws bitcoin to address A. Address A then sends those funds directly to a sanctioned address. While it might seem like your customer is very high risk, it's possible that address A is a deposit address at another exchange, and that exchange happened to use the funds from the deposit to address A to fund the withdrawal of another customer. In this case, your customer was simply withdrawing funds to another exchange. The other exchange is responsible for the exposure to the sanctioned addresses – not you. 

Knowing both high and low risk entities matters in analysis

Tuning and customization
Chainalysis has a transaction monitoring tuning team that can help adjust Alert rules to meet your compliance policies. The transaction monitoring tuning team can help you examine different scenarios based on your historic data in order to choose the thresholds that make sense for your business.

Intelligent prioritization
Chainalysis KYT uses machine learning to intelligently prioritize your Alerts based on your past compliance decisions. Your compliance team can review Alerts sorted by those most likely to be of concern, based on the actions your team took on previous Alerts that were similar. This feature is currently in beta - you can sign up here for early access.


If you're already using Chainalysis KYT and would like help getting started with Alerts, contact your customer support manager. And if detecting and preventing criminal use of Bitcoin and other cryptocurrency sounds interesting, we're hiring.

Read the Full Report

To see our full research on this topic, sign up to receive access to the complete Chainalysis Crypto Crime Report: Decoding hacks, darknet markets, and scams.

Get Access to the Report

Learn more about KYT for Stablecoins & Token Issuers

Monitor transactions across the token’s full lifecycle, from issuance to redemption—and any transaction in between.

Learn More

How Transaction Monitoring Works at Chainalysis

One of the reasons Chainalysis KYT is so popular is that it uses global anti-money laundering (AML) standards common across regulatory bodies. We apply these standards when each transaction is screened.

Cryptocurrency businesses also need to understand the aggregate risk profile of each of their users. That’s why Chainalysis KYT provides a view of risk profiles at the user level, which reflects all of a user’s screened transactions. For example, if an organization has a user who receives funds from a darknet market, our software automatically flags that transaction as high risk. If the user sends funds to a regulated exchange, our software marks that transaction as low risk. And so on. Every screened transaction feeds into a user’s risk profile. Chainalysis KYT displays all user profiles, sortable by high, medium or low risk (using traffic light colors) for easy scanning.

We apply our risk methodology in real time to all users within an organization’s user base. This saves compliance teams from laborious, manual screening work. They can instead focus on developing comprehensive compliance programs. Organizations that work with us tell us this has enabled them to meet regulatory expectations and launch or grow their businesses.

Customizable risk level

We’re now giving our customers the ability to adjust the risk level of a category or a service. For example, not all jurisdictions around the world treat gambling the same way. In some countries, gambling is not considered a legitimate business activity and thus online gambling sites would be treated as high risk. In other countries, gambling is not considered illicit, which means properly licensed online gambling sites would be treated as low risk.

The ability to customize the risk level of categories and specific services means our customers can automate even more of their compliance workflows.

Organization-wide dashboard

One of the most useful facets of Chainalysis KYT is having a view of all users and their risk profiles directly accessible upon first logging in. It provides a visual alert of which users have high risk profiles and therefore require the most immediate attention. In keeping with the spirit of simplified visual cues, we have now launched a dashboard that summarizes key indicators at the total organization level. For example, organizations can now see what percentage of their user base is falling under high, medium or low risk. They will soon be able to see things like total exposure by category, or total transaction volume per day. These and other metrics will provide our customers additional understanding of their organization’s total exposure trends over time.

In-app chat

At Chainalysis, we strive to provide as much support to our customers as we can. To make it easier to interact with us, we added in-app chat to Chainalysis KYT. This allows our customers to send us questions or feedback without having to leave the environment. Our team typically responds within minutes.

Looking ahead

We know software is most valuable when it makes the lives of our customers easier and more productive. This means we’ll continue to add intuitive capabilities to our compliance products while increasing versatility for ongoing transaction monitoring. In the coming months, we will improve how transaction information is displayed. We will also boost our monitoring capabilities for other cryptocurrencies beyond Bitcoin. And we will deepen the integration with Chainalysis Reactor, which is used for enhanced due diligence and investigations.

The momentum around cryptocurrency compliance is only just starting and we look forward to continuing to offer software that builds trust in blockchains.

Thank you! We'll be in touch shortly.
Oops! Something went wrong while submitting the form.
Thank you! We'll be in touch shortly.
Oops! Something went wrong while submitting the form.

We’re growing! Check out our 25+ open roles >

Thank you! We'll be in touch shortly.
Oops! Something went wrong while submitting the form.
Oops! Something went wrong while submitting the form.
Please check your mailbox for a copy of the report.
Oops! Something went wrong while submitting the form.
Next article

Chainalysis Team

Watch Our Exclusive Webinar

Jan 31, 12PM ET

Chainalysis senior economist, Kim Grauer, answers audience questions on our latest research in a recorded webinar.

Watch Recording