A new report from Chainalysis, previewed in this blog, examines how the crypto industry monitors illicit exposure using Know Your Transaction (KYT) data across hundreds of organizations. The compliance baseline has tightened dramatically: nearly half of organizations onboarded in 2026 now operate at alerting standards that would have placed them in the top 10% of strictness in 2020. Traditional financial institutions set materially stricter thresholds than crypto exchanges, with detection floors 2-5 times lower for indirect exposure. The gap between direct and indirect thresholds is widest for categories like ransomware, fraud shops, and sanctioned jurisdictions, often 10-20 times more lenient for indirect flows. Geography also plays a role: direct monitoring is globally uniform, but indirect monitoring varies by region, with EMEA being strictest and APAC most lenient. These findings highlight the need for compliance programs to address indirect exposure gaps to prevent exploitation by sophisticated actors.

Key facts

• Nearly half of 2026 onboarded organizations meet 2020's top 10% alerting strictness.
• Financial institutions set detection thresholds 2-5 times tighter than crypto exchanges.
• Indirect illicit exposure thresholds are 10-20 times more lenient than direct thresholds.
• Direct monitoring is globally uniform; indirect monitoring varies by region, with EMEA strictest.
• Ransomware, fraud shops, and sanctioned jurisdictions show the widest direct-indirect gap.

KeyAudit data perspective