BIP 000X: Integrating Coinfirm's AMLT Oracle

Background on Coinfirm

Coinfirm is a globally recognised leader in Anti Money Laundering (AML) monitoring and risk management solutions and was the first company which provided guidance to regulators on how to practically address AML for crypto. The company created the first complex AML model for AML transaction monitoring in crypto space.

Coinfirm’s solutions are deployed by market leaders ranging from crypto exchanges such as Binance or Huobi, blockchains such as RSK, to major financial institutions like Celsius Network or BBVA Bank. As well as working with corporate partners, Coinfim also provides tools for individual users.

Coinfirm AML Blockchain Analytics Platform covers over 5500 different blockchain protocols and assets responsible for more than 97% of blockchain market capitalization. Providing a real-time AML transaction monitoring for all listed assets is important due to AML regulations, same as it is for USD, EURO and other currencies in a traditional financial system. As an example – Coinfirm was the first to cover XRP blockchain with AML analytics that greatly facilitated listing the XRP cryptocurrency on Middle East exchanges.

Importantly, AML is not related to KYC (Know Your Customer). KYC requires an individual to prove that they are who they say they are. As explained below, the AMLT Oracle does not require ANY KYC.

Understanding Money Laundering

Money laundering is the criminal’s way of trying to ensure that, in the end, crime pays. It is necessitated by the requirement that criminals — be they drug traffickers, organized criminals, terrorists, arms traffickers, blackmailers, or credit card swindlers — disguise the origin of their criminal money so they can avoid detection and the risk of prosecution when they use it.

Money laundering generally involves a series of multiple transactions used to disguise the source of financial assets so that those assets may be used without compromising the criminals who are seeking to use them. Money laundering has potentially devastating economic, security, and social consequences. It provides the fuel for drug dealers, terrorists, illegal arms dealers, corrupt public officials, and others to operate and expand their criminal enterprises.

The recently leaked Pandora papers data leak has once again highlighted the predatory practices of the world’s political and financial elites – enriching themselves by looting the public purse or exploiting laws which they themselves helped to establish. About $3.6tn (£2.6tn) of the proceeds from bribery, embezzlement, money laundering and cronyism are laundered each year, undermining the social fabric of nations across the globe. The Panama papers, the Paradise papers, the HSBC leaks, the Jersey leaks, the FinCEN files, the Bahamas leaks and others have provided abundant evidence that the traditional finance industry AML programs are weak and ineffective.

In the traditional financial sector, global money laundering transactions account for roughly $1 trillion to $2 trillion annually (2% to 5% of global GDP). Global penalties imposed on financial institutions totaled at over $300 billion in the past 10 years for non-compliance with AML, KYC and sanctions regulations.

Despite decades and billions of dollars in industry investment, 98% of money laundering activity is deemed to be never detected by banking systems. More than 95% of alerts generated by banking AML systems are manually closed as “false positives”. The cost of “total failure” is estimated to $7-10 billion annually in the US alone.

The key reason for failure is that financial institutions are working in silos. They see only nearby transactions and miss truly effective technological solutions and data ecosystems. This implies that financial institutions focus only on selected types of illicit activities, such as terrorism financing, drugs trade, weapon trade, sanctions. Meanwhile, very little effort is put to fight misappropriation of assets, hacks or scams, which is associated with fraud rather than money-laundering, and more the matter of law enforcement. Lack of full picture caused by artificial separation of fraud prevention and anti-money laundering deteriorates the possibility of developing effective solutions.

In the crypto space, according to estimates of Coinfirm, in 2020 more than USD 10 Billion was defrauded in the crypto space through various forms of hacks, scams, ransomware, extortion, and enterprises that do not deliver on legal promises to their clients. Misappropriated funds are the subject of money laundering through thousands of obliged institutions and millions of transactions.

Analysis shows that total crypto crime in 2020 amounted to just under 10.5 billion USD. That’s enough money to buy 70,726,934 AK-47s – at a cost of 148 USD per locally produced model in Pakistan – which stacked end-to-end, could circumnavigate the Earth’s equator 1.6 times. But this amount still pales in comparison to total traditional financial crime.

Fraud and scams are a particular problem that needs to be tackled as this accounted for 67.8% of crypto crime from 2020’s total.

The value of crypto assets misappropriated due to frauds and scams per year more than doubled from 3.65 billion USD to 7 billion USD comparing 2017 over 2020. On average, of the years analyzed, crypto crime in the form of fraud comprises 77.6% of the total.
Whilst scams have not been a systemic risk to the crypto industry as hacks, the value of misappropriated assets from scams is significantly higher than that of hacks, at a multiple of 7 in 2020.

In the visual above, the notable – almost vertical – increase of hack-related illicit activities is more clear, rising 944% from 98.5 million USD to over 1 billion USD between 2019 to 2020 – primarily due to the government-mandated lockdowns where victims were more often online, which criminals exploited.

From 2019 to 2020, darknet markets experienced a 21.8% increase in fund flows, from 1.57 billion USD to 1.92 billion USD. During the same period, sanctions breaches continued to increase at a high rate of 45.5%, from 281 million USD to 409 million USD.

Although sanctions breaches made up just 3.9% of 2020’s total (see Fig 4.), when looking at this risk segment against others in Fig. 6, the rate of increase was more steady. This threat, alongside PEPs (Politically Exposed Persons) and SDNs (Specially Designated Nationals) are unlikely to abate as the sanctions and counter-sanctions by various trade wars raging around the globe continue.

The average increase in total crypto crime between the years analyzed above is 34.92%. If this rate remains steady, projections show that 2021 could see an annual value of 14.1 billion USD, 2025 at 46.5 billion USD and 2030 coming in at a total cost of a staggering 207.8 billion USD (of which crypto fraud would comprise 161.2 billion USD).

The AMLT Oracle proposal


Significant part of DeFi platforms wants to flush out hackers, criminals and money laundering as well as deal with regulations in a ‘native way’. At the same time, both business and regulators see DeFi as a growing concern considering the market size increase.

Regulations for DeFi are on their way with the FATF updated draft guidance from March 2021 expanding the types of entities that fall under FATF’s umbrella. In the guidance, FATF defines most operators of decentralized finance platforms as “Virtual Asset Service Providers” (VASPs) that have AML/CFT obligations. Once the regulations are in place, lack of AML and financial crime prevention will lead to potential criminal exposure for team members and founders by unwittingly facilitating the transfer of illicit funds.

Institutional support is also impossible in the long run without meeting regulatory standards. The DeFi space is still largely dominated by retail investors and the compliance infrastructure that could attract institutional investors is not ready yet.

​​While the new FATF Guidance is aiming to regulate DeFi, the goal of many DeFi platforms is decentralization, however, the inclusion of centralized compliance systems is against their guiding principles.

Risk screening with AMLT Oracle

AMLT Oracle is the first smart contract-based solution for AML compliance of decentralized finance. DeFi protocols run on-chain smart contracts – meaning that any compliance layer needs the same format of technology required to interact with a DeFi platform through client smart contracts. By being built out of the Ethereum and RSK protocols the AMLT Oracle is that solution – enabling decentralized entities to continue their lending, staking and general DeFi activities by being in compliance with regulators without fear of falling afoul of nefarious actors in their system – with an added emphasis on security and cost-effective gas usage.

When users interact with Babelfish, their wallet address can be queried for risk through AMLT Oracle’s smart contract-compliant system which in turn passes data through Coinfirm’s API to generate a report ID C-Score based on 330 risk evaluation scenarios that relates the information to BabelFish.


The C-Score is an internal Risk Rating indicator expressing the level of money laundering, fraud and compliance risk associated with counterparties of blockchain transactions. Each blockchain address or group of addresses identified as belonging to the same user is assigned with a 0 to 99 C-Score where the higher score reflects higher risk:

  • 0-32 – Low Risk;
  • 33-65 – Medium Risk;
  • 66-99 – High Risk.

AMLT Oracle therefore enables Babelfish to quickly assess the risk of new addresses by receiving an immediate C-Score, giving the community the ability to make a fully-conscious decision about the transaction. If Babelfish is needing a more detailed explanation of the ‘why’ – a fully enhanced report on that address is provided. Costs of verification by AMLT Oracle are 0,05% of a transaction.


Below is a selected list of risk indicators that can be detected by the AMLT Oracle that trigger high risk score in the screened address (can be customized to be more restrictive).

  • Address being a part of funds layering scheme related to sanctioned subjects
  • Address being a part of funds layering/mixing scheme related to ransomware
  • Address being a part of funds layering/mixing scheme related to terrorism financing
  • Address belongs to hacker
  • Address belongs to ransomware
  • Address directly related to terrorism financing
  • Address related to subject appearing in sanctions lists
  • Address with significant part of incoming transactions in close proximity to addresses related to ransomware
  • Address with significant part of incoming transactions in close proximity to addresses related to subject appearing in sanctions lists
  • Address with significant part of incoming transactions in close proximity to addresses related to terrorism financing
  • Address with significant part of incoming transactions in close proximity to addresses which were hacked or misapropriated
  • Address with significant part of incoming transactions in close proximity to hacker’s addresses
  • Address with significant part of outgoing transactions in close proximity to addresses related to terrorism financing
  • Address with significant part of outgoing transactions in close proximity to hacker’s addresses
  • Owner charged with Money Laundering


  • AMLT is the on-chain Oracle for DeFi that detects hackers and bad actors. THERE IS NO KNOW YOUR CUSTOMER (KYC) INVOLVED.
  • AMLT serves as the only on-chain oracle for DEXs and DeFi protocols that allows users in real-time to ensure they are not transacting with hacked or illicit funds, or wallets linked to criminal operations or sanctioned addresses by using several hundred risk factors to determine a risk score,
  • AMLT maintains privacy and anonymity; does not seek to stop trades - but rather it increases transparency around highly suspicious or criminal activity giving users and protocols the opportunity to disintermediate from bad actors,
  • AMLT Oracle functions facilitate both individual users to transact in DeFi without worrying about criminals or regulators, but also allows much larger institutional investors to come off the sidelines into DeFi protocols that integrate AMLT given the heightened security and regulatory comfort that’s required
  • As the system is purely SC to SC based, this minimizes need for client support, frontend etc. Smart contract after deployment runs fully autonomously.

Making Babelfish ahead of the curve when it comes to the FAFT regulations - I like this!


Regulatioins are only way to global adoption of crypto


it’s a must in the near future it will be required for all the projects


during bear market such regulatory/aml tokens have great potential


That is a very good summary!

1 Like

There is another project on some aspects similar to AMLT Confirm - Shyft. Maybe it will be also useful at some point.

1 Like

Great breakdown. I would definitely support this proposal.


I think this sounds like a great idea, since it is integrated with RSK. Is there any information on the tendency of this oracle to generate false positives?

1 Like

Hi, Coinfirm’s model is deterministic, not probabilistic, so the false positives rate is very low. For 6 million screened wallet addresses up to date, there were less than 50 false positives reported by Coinfirm’s clients