May crypto hacks caused $68.08M in losses across 47 incidents. See how Verus, TrustedVolumes, and StablR attacks unfolded on-chain.
Crypto has added a new visibility challenge to sanctions screening for banks. Major crypto exchanges have already faced multi-billion-dollar enforcement actions for AML, sanctions, and compliance failures, showing how quickly weak digital-asset controls can become an enforcement issue.
The pressure is both regulatory and operational: criminals move funds fast, sanctions and AML expectations differ across jurisdictions, and compliance teams still need clear evidence behind every decision.
A business client may pass onboarding checks while sanctions exposure may appear outside traditional customer data — in wallet activity, source and destination of funds, stablecoin payments and transfers, or counterparty relationships.
This article covers what sanctions screening means for banks, where crypto exposure appears, why traditional checks may miss it, and how to choose the right sanctions screening software for banks
What Is Sanctions Screening in Banking?
Sanctions screening in banking means checking whether customers, beneficial owners, counterparties, transactions, or related entities may expose the bank to sanctioned parties, restricted jurisdictions, or prohibited activity.
In a standard banking workflow, sanctions screening usually starts with customer and beneficial owner checks. It also includes transaction and payment screening, counterparty and entity screening, periodic rescreening, ongoing monitoring, alert review, escalation, and documentation.
For crypto-exposed relationships, the objective is the same, but the risk signals are different.
A customer or counterparty may not appear on a sanctions list, while exposure may appear through wallet activity, source or destination of funds, stablecoin flows, or indirect links to a sanctioned entity.
That is why crypto sanctions screening for banks needs to connect at least three levels of visibility:
How sanctions screening rules differ by jurisdiction
Sanctions screening is always jurisdiction-specific. A bank’s screening scope depends on where it is regulated, which customers and counterparties it serves, which currencies and payment rails it uses, and whether crypto exposure is part of the relationship.
Below is a short overview of key jurisdictions banks should consider when working across U.S., U.K., EU, and Swiss markets.
United States
-
Main authorities and references: the Office of Foreign Assets Control (OFAC), federal banking regulators, and the Financial Crimes Enforcement Network (FinCEN).
-
What to screen against: the Specially Designated Nationals and Blocked Persons List (SDN List), the Consolidated Sanctions List (Non-SDN Lists), and Additional Sanctions Lists.
United Kingdom
- Main authorities and references: the Office of Financial Sanctions Implementation (OFSI), the Financial Conduct Authority (FCA), and the Bank of England / Prudential Regulation Authority (PRA).
- What to screen against: the UK Sanctions List (the former OFSI Consolidated List closed in January 2026 and is no longer updated).
European Union
- Main authorities and references: the Council of the European Union, the European Commission, and national competent authorities of EU Member States.
- What to screen against: the Consolidated list of persons, groups and entities subject to EU financial sanctions (EU Consolidated List), and, where relevant, the UN list.
Switzerland
- Main authorities and references: the State Secretariat for Economic Affairs (SECO), the Federal Council, the Swiss Financial Market Supervisory Authority (FINMA), and the Embargo Act (EmbA).
- What to screen against: Swiss sanctions ordinances adopted under the Embargo Act, including their annexes, and SECO sanctions data, including the official search for subjects of sanctions.
Where Banks Need Crypto Sanctions Visibility
Customer sanctions screening is the starting point, but it is not the full picture. For banks working with crypto-exposed financial clients, sanctions risk can also appear in counterparties, wallets, payment routes, and downstream relationships connected to that customer.
Crypto sanctions visibility should therefore help compliance teams understand both who the bank is dealing with and what activity sits behind the relationship. In practice, this means expanding customer and counterparty sanctions screening beyond the legal entity and into the financial relationships, transaction flows, and crypto activity connected to it.
Some of the most common relationship types where this broader view matters include MSBs, securities-related firms, and correspondent banking relationships. These are not the only possible sources of crypto sanctions exposure, but they are important examples for banks because each can introduce risk beyond the direct customer profile.
Customer and counterparty sanctions screening
In banking, customer sanctions screening usually means checking the customer, beneficial owners, directors, signatories, and related entities.
For crypto-exposed clients, compliance teams also need to connect the legal entity with its on-chain behavior. That means checking:
- which wallets are associated with the customer
- where crypto funds come from
- where funds move after interacting with the customer
- whether there is exposure to digital currency addresses or wallets associated with sanctioned or blocked persons, entities, or high-risk services
- whether the risk is direct or indirect.
MSBs sanctions screening
MSBs are businesses that move money for customers, such as money transmitters, remittance providers, payment processors, fiat-to-crypto platforms, or crypto MSBs. For banks, MSBs can be direct customers or counterparties.
Crypto sanctions exposure may appear through:
- stablecoin payments
- wallet activity
- fiat-to-crypto transactions
- cross-border customer flows
- indirect links to sanctioned entities
Securities-related sanctions screening
Securities-related relationships may involve broker-dealers, custodians, trading platforms, investment firms, issuers, or tokenized asset platforms.
When digital assets are involved, crypto sanctions exposure may appear through:
- custody wallets
- tokenized asset platforms
- digital asset trading venues
- crypto counterparties
- transaction paths connected to investment activity.
Sanctions screening for correspondent banking
Correspondent banking is a bank-to-bank relationship where one bank provides services or payment access to another bank. The direct counterparty is usually the respondent bank, but sanctions risk may come from deeper in the relationship.
In correspondent banking, crypto sanctions exposure may appear through:
- foreign financial institutions
- nested correspondent relationships where downstream financial institutions access services through the respondent bank
- downstream customers
- cross-border payment chains
- MSBs or VASPs served by the respondent bank
- customers operating in higher-risk jurisdictions.
Why Traditional Sanctions Screening Misses Crypto Exposure
Standard sanctions screening remains essential for banks and financial firms. It helps detect exposure to designated persons or entities, restricted jurisdictions, and prohibited activity in customer or payment data. The gap appears when crypto-related risk sits outside the data points that standard screening usually reviews.
A crypto-exposed client may pass onboarding checks, while the risk appears in the blockchain activity behind the relationship.
For compliance teams, the weak spots in crypto sanctions screening usually fall into three “gaps”:
- The speed gap: illicit funds can move through wallets, bridges, stablecoins, and exchanges faster than manual review can follow.
- The evidence gap: many teams still rely on tools or workflows that do not provide enough transparent attribution, risk context, and verifiable data evidence.
- The rigidity gap: compliance rules shift across borders and criminal tactics evolve daily, but current tools are too rigid to update dynamically.
These gaps create a difficult operating environment for compliance teams. Regulators expect faster detection, clearer escalation, and better-documented decisions, while criminal networks keep adapting their laundering routes across wallets, services, and jurisdictions.
What recent investigations show
The Global Ledger investigation found that newly-sanctioned HTX processed over $21.06 billion in high-risk BTC, ETH, and USDT on TRON between 2021 and May 2026. Of that amount, at least $7.64 billion is connected to Russian high-risk entities such as Garantex, Grinex, A7A5, and darknet markets.
Global Ledger’s Nobitex analysis also showed that risk can be highly concentrated: nearly 85% of Nobitex volume comes from 4.2% of addresses transacting over $200K.
Nobitex transaction volume distribution by transfer size. Jan 2024 — mid-May 2026. Source: Global Ledger
Crypto Sanctions Screening Software for Banks: 6 Steps to Consider
The right sanctions screening tool makes crypto exposure visible before it becomes a significant compliance issue. It should show where the risk comes from, how it moves through wallets and counterparties, which alerts deserve attention, and what evidence supports the final decision.
Here’s what effective crypto sanctions screening software should do.
1) Screen crypto-exposed customers and beneficial owners
Problem addressed: the evidence gap.
For crypto-exposed customers, sanctions screening needs to connect the client profile with on-chain activity. A bank may know the legal entity, beneficial owners, and directors, but still need to understand whether the client’s wallets, flows, or linked entities create sanctions exposure.
The software should help banks:
- Link customers to associated wallets, entities, and blockchain activity.
- Review source and destination of funds behind the customer relationship.
- Detect exposure to wallets associated with sanctioned entities and high-risk services.
- Show a complete customer profile with legal entity details, operational regions, jurisdictions, and related entity data.
2) Assess counterparties and correspondent relationships
Problem addressed: the evidence gap and rigidity gap.
Crypto sanctions risk often enters through counterparties, not only direct customers. This is especially important when banks deal with VASPs, MSBs, OTC desks, custodians, liquidity providers, payment processors, or correspondent relationships with downstream crypto exposure.
The software should help banks:
- Assess crypto counterparties before onboarding or servicing them.
- Review incoming and outgoing exposure by source and use of funds.
- Detect direct and indirect exposure to sanctioned or high-risk entities.
- Understand whether risk comes from the entity, its wallets, or downstream flows.
- Generate complete entity reports to support audits, internal reviews, and regulatory inquiries.
Global Ledger’s KYB solution helps your team perform due diligence on crypto counterparties with visibility into source and destination of funds, entity exposure, and related risk data.
3) Screen crypto transactions in real time
Problem addressed: the speed gap.
Crypto funds can move through wallets, bridges, swaps, stablecoins, and exchanges faster than manual review can follow. In this context, sanctions screening automation in banking should help teams detect exposure earlier, reduce manual checks, and act before risky funds move further.
The software should help banks:
- Screen crypto deposits, withdrawals, and wallet transfers in real time.
- Check source and destination of funds across wallets, swaps, and smart contracts.
- Detect direct and indirect links to sanctioned entities.
- Apply risk thresholds and alerts based on the bank’s policies.
- Automatically show the full path of funds to reconstruct the entire chain
- Notify teams when high-risk or sanctioned activity appears.
When funds move faster than manual review, banks need screening that works at transaction speed. Global Ledger’s KYT solution helps compliance teams monitor addresses of interest in real time, detect sanctioned or high-risk exposure, trace the full path of funds, and receive instant alerts before risk moves deeper into the transaction flow.
4) Prioritize high-risk alerts
Problem addressed: the rigidity gap and workload pressure.
More alerts do not automatically mean better sanctions control. Compliance teams need to know which alerts matter, why they were triggered, and what action is reasonable under the bank’s risk appetite.
The software should help banks:
- Use AI-powered prioritization for high-risk alerts.
- Show the wallet, entity, exposure type, and transaction context behind each alert.
- Apply customizable rules, scoring profiles, and thresholds.
- Filter sanctions and fraud alerts so analysts can focus on the cases that need immediate review.
Global Ledger’s KYT solution helps your team get instant risk score, source & use of funds data, and real-time AI-powered alerts to assess risks and streamline your compliance workflow.
5) Keep an audit-ready record
Problem addressed: the evidence gap.
For banks, a crypto sanctions screening decision needs to be explainable. If a transaction, wallet, or counterparty is approved, escalated, rejected, reported, or kept under monitoring, the team needs to show what was reviewed, what risk was found, and why the decision was reasonable.
The software should help banks:
- Access wallet history with alerts, API calls, risk score changes, and related cases.
- Show source and use of funds behind the exposure.
- Keep evidence of direct and indirect exposure paths.
- Support SAR preparation, internal reviews, and regulatory audits with structured transaction and entity evidence.
6) Protect sensitive data
Problem addressed: data governance and security requirements.
For banks, crypto sanctions screening software also needs to fit internal data governance rules. The tool should not force every institution into the same setup, especially when wallet checks, cases, alerts, and client-related data are part of sensitive compliance workflows.
The software should help banks:
- Keep sensitive compliance data within the organization.
- Maintain data ownership and control over cases, checks, and operational records.
- Support cloud, hybrid, or on-premise deployment depending on the bank’s data governance and security requirements.
In practice, effective crypto sanctions screening software should help your compliance team move from scattered wallet checks to a connected view of customers, counterparties, entities, transactions, and evidence. This is where a crypto AML toolset becomes part of the bank’s control framework — helping teams make faster, clearer, and more defensible compliance decisions.
Crypto sanctions screening for banks: 6 steps to consider. Source: Global Ledger
Final Thoughts
Bank sanctions screening is moving into a more complex zone. A customer may pass the usual checks, but crypto exposure can still sit behind the relationship — in wallets, source and use of funds, counterparties, or transaction paths that only become clear on-chain.
At this stage, the quality of the decision depends on the quality of the evidence. Compliance teams need to see where the exposure appears, how it connects to the customer or transaction, and whether the risk is strong enough to approve, escalate, report, reject, or continue monitoring.
With Global Ledger’s sanctions screening solution, your team can screen crypto transactions and counterparties for sanctions exposure in real time, prioritize high-risk alerts, and access transaction and entity data for SAR preparation, internal reviews, and regulatory audits.
FAQ
