Blockchain analytics and data providers MUST be governed as third-party dependencies with explicit limits on reliability, coverage, and label accuracy.

Canonical Statement

Definition

Vendor-risk governance defines provenance capture, confidence handling, conflict resolution, and drift monitoring for third-party blockchain labels and analytics outputs.

Why It Matters

Vendor outputs are evidence-adjacent signals; unmanaged reliance creates silent model and process risk.

Failure Mode if Ignored

Labels are treated as truth, conflicts are unresolved, and high-impact decisions are made without corroboration.

Scope & Non-Claims

This entry is scoped to third-party analytics governance in regulated banking environments in the EU/UK.

This entry does not provide legal advice and requires human validation for final compliance determinations.

Counterparty risk assessment in crypto transactions (EU) (methodology)
Sanctions exposure and screening in crypto contexts (EU) (methodology)
Documentation and audit trail requirements for crypto compliance (EU) (methodology)

Sources

AMLR — Regulation (EU) 2024/1624
EBA Guidelines on ML/TF Risk Factors
FATF Recommendations