Canonical Statement

Crypto red flags and typologies are indicators of potential ML/TF risk that require contextual analysis and corroborating evidence; they are not determinative findings of illicit activity.

Definition

Within this framework, red flags and typologies are structured investigative indicators used to support monitoring and risk reassessment when mapped to observable evidence and evaluated against customer, portfolio, temporal, and jurisdictional context.

Why It Matters

Indicator-led monitoring is necessary but easily over-applied. Without context and corroboration, institutions can escalate noise, miss material patterns, and produce weakly defensible decisions.

Failure Mode if Ignored

Indicators are treated as conclusions, escalation decisions lack rationale, and monitoring outcomes drift away from risk-based proportionality and human-review requirements.

Scope & Non-Claims

This entry is scoped to regulated banking environments in the EU/UK and operational interpretation for applying red flags and typologies in crypto monitoring.

This entry does not provide legal advice, does not establish criminality, and requires human validation for final compliance determinations.

Related Concepts

• Transaction monitoring and ongoing due diligence (crypto) (EU) (journey)
• Wallets and portfolio-level assessment (EU) (model)
• Source of funds vs source of wealth (crypto) (EU) (definition)

Sources

• AMLR — Regulation (EU) 2024/1624
• EBA Guidelines on ML/TF Risk Factors
• FATF Typologies and Risk Indicators