AML Checks for Crypto Trading Platforms: How to Avoid Frozen Client Funds
In 2024, an estimated $2.8 billion in crypto assets were frozen by exchanges and regulatory bodies due to compliance issues and illicit activity exposure. Blockchain analytics data shows that flows from illicit sources to centralized exchanges averaged over $14 billion per year between 2020 and 2025, with nearly $7 billion reaching exchanges in the first half of 2025 alone.
These funds did not all originate from the exchanges' own customers acting in bad faith. A significant portion arrived through intermediaries β businesses that accepted client deposits, mixed them with operating balances, and forwarded them to exchanges without checking where the funds came from. When the exchange's compliance system flagged the incoming transaction, the hold landed not on the original source of risk, but on the business that transmitted it.
This is the core problem that crypto trading platforms, prop trading firms, trading schools, and asset managers face. The risk does not come from the business's own activity. It comes from the clients' funds the business accepts. A single unscreened deposit from a wallet with mixer exposure, sanctions links, or fraud-cluster connections can trigger an exchange hold that freezes the company's operating balance, disrupts client withdrawals, and generates compliance documentation requests that take weeks to resolve.
The solution is to screen client deposits before they enter the business's main wallet or reach an exchange β using a structured workflow that assesses risk, documents decisions, and separates unverified funds from operating balances. For businesses implementing this workflow, crypto transaction monitoring tools provide the real-time screening, risk scoring, and audit trail that manual methods cannot deliver at scale.
Why Client Crypto Deposits Create AML Risk for Trading Businesses
The fundamental issue is straightforward: when a crypto trading business accepts a deposit from a client, it accepts the transaction history attached to those funds. If the client's wallet has exposure to illicit sources β stolen funds, mixers, sanctioned addresses, darknet markets, scam infrastructure β that exposure transfers to the business the moment the deposit is received.
The Business May Inherit the Client's Risk
In practical terms, "inheriting risk" means that when the business later sends those funds to an exchange, an OTC desk, a banking partner, or another counterparty, the counterparty's compliance system will evaluate the full transaction history of the incoming funds β not just the most recent hop. If that history includes exposure to high-risk sources, the counterparty may:
- Flag the Transaction for Review. The exchange's monitoring system generates an alert based on the risk profile of the incoming funds, triggering a compliance review that may delay processing.
- Request Source-of-Funds Documentation. The exchange asks the business to explain where the funds came from β a request that is difficult to satisfy if the business did not screen the deposit before accepting it.
- Place a Hold on the Funds. The exchange freezes the deposited amount β and potentially the business's entire account β pending investigation. During the hold, the business cannot access the funds, execute trades, or process client withdrawals.
- Escalate to Law Enforcement. In cases involving direct sanctions exposure or confirmed illicit fund flows, the exchange may file a SAR and cooperate with law enforcement, potentially drawing the business into a formal investigation β even if the business was not involved in the underlying criminal activity.
None of these outcomes require that the business itself did anything wrong. The risk entered through the client deposit. The business simply failed to check before accepting it.
Exchange Holds Usually Happen After the Damage Is Done
The problem with relying on an exchange's compliance system to catch risky funds is that by the time the exchange flags the transaction, the business has already accepted the deposit, potentially mixed it with operating funds, and may have already allocated or committed those assets. The hold does not just freeze the specific risky deposit β it can affect the business's ability to operate the entire account.
In practical terms, the sequence typically looks like this: a client deposits funds to the business's wallet. The business sends those funds β along with other operational funds β to an exchange for trading, conversion, or settlement. The exchange's monitoring system flags the incoming transaction due to upstream risk exposure. The exchange places a hold and requests documentation. The business cannot access the frozen balance. Client withdrawals are delayed. Operations are disrupted. The compliance team scrambles to gather evidence about a deposit that was never screened in the first place.
The cost of post-incident response β in time, operational disruption, and reputational damage β is almost always greater than the cost of pre-deposit screening.
What Can Go Wrong Without Pre-Deposit AML Checks
Without a structured screening workflow before deposits are accepted, a trading business is exposed to a cascade of operational and compliance risks:
- Frozen Operating Balances. Funds that the business has forwarded to an exchange are placed on hold, preventing access to both the risky deposit and any other funds in the same account.
- Client Withdrawal Delays. If client funds are commingled with the frozen balance, the business cannot process withdrawals β creating customer complaints, contractual exposure, and reputational damage.
- Source-of-Funds Requests the Business Cannot Answer. Without pre-deposit screening records, the business has no documentation to present when an exchange or regulator asks where the funds came from.
- Contaminated Operating Wallet. If the business's main wallet received the risky deposit directly, the wallet's own risk profile is now elevated β affecting every future transaction sent from that wallet, not just the specific deposit.
- Regulatory and Banking Exposure. If the business is licensed or maintains banking relationships, a compliance incident involving unscreened client funds can trigger regulatory scrutiny, audit findings, or termination of banking access.
Client Deposits Should Not Go Straight to the Main Operating Wallet
The single most effective structural control a trading business can implement is a buffer wallet β a segregated wallet that receives client deposits before they are reviewed and approved.
The logic is simple: incoming client funds are directed to a separate wallet that is not connected to the business's main operating balance. The deposit is screened. The risk score is assessed. A decision is made β approve, hold, reject, or request more information. Only after the deposit clears the review does it move to the operating wallet or onward to an exchange.
This approach prevents unverified funds from contaminating the operating wallet, isolates risky deposits before they can affect the broader balance, and creates a natural checkpoint where screening, documentation, and decision-making occur before funds enter the business's main transaction flow.
AML Workflow for Crypto Trading Platforms Accepting Client Deposits
The following workflow provides a practical, repeatable process for screening client deposits before they enter the business's operating infrastructure.
Step 1 β Screen the Sender Wallet Before Funds Move Further
Before accepting a deposit, the business should know the basic risk profile of the sender wallet. This means checking the wallet's risk score, its exposure to known illicit categories (mixers, sanctioned addresses, scam clusters, darknet markets), its proximity to high-risk entities, and whether it has been previously flagged by blockchain intelligence providers.
In practical terms, this step does not require a full investigation. It requires a screening check that takes seconds and produces a documented risk assessment. The objective is to catch obvious risks before the funds enter the business's infrastructure β not to conduct forensic analysis of every deposit.
Step 2 β Use a Buffer Wallet Before Accepting the Deposit
Route all incoming client deposits to a segregated buffer wallet. Do not send them directly to the main operating wallet or to an exchange. The buffer wallet serves as a holding point where screening results are evaluated and a decision is made before funds move further.
- Segregation. Unverified client deposits are kept separate from the business's operating balance. If a deposit turns out to be high-risk, only the buffer wallet is affected β not the main wallet or the exchange account.
- Review Window. The buffer wallet creates a natural pause between deposit receipt and deposit acceptance, giving the compliance process time to run without delaying the business's overall operations.
- Clean Operating Wallet. By ensuring that only screened and approved deposits reach the main wallet, the business maintains a clean risk profile on its primary operating infrastructure β reducing the likelihood of exchange holds, counterparty flags, and elevated risk scores on outbound transactions.
Step 3 β Decide What to Do with Risky Funds
After screening, the business must make a risk-based decision. The monitoring tool provides data; the business makes the call. Response options include:
- Approve. The deposit screens clean or within acceptable risk parameters. Funds are moved from the buffer wallet to the operating wallet or exchange.
- Hold for Review. The deposit carries moderate risk signals that require additional context before a decision can be made.
- Request Source of Funds. The client is asked to provide documentation or explanation for the origin of the deposited funds.
- Reject. The deposit carries unacceptable risk β direct sanctions exposure, confirmed illicit fund origin, or exposure that exceeds the business's risk appetite.
- Escalate. The case is referred to senior compliance or legal counsel for review.
Step 4 β Keep Records for Future Exchange or Regulator Questions
Every deposit decision β approve, hold, reject, or escalate β must be documented with sufficient detail to answer a future question from an exchange, auditor, banking partner, or regulator: "Where did these funds come from, and what did you do to verify that?".
Effective documentation includes the date and time of the screening, the sender wallet address, the risk score and exposure categories identified, the decision taken, who approved it, and any supporting documentation (source-of-funds requests, client correspondence, additional screening results).
When KYT Is Enough β and When KYC/KYB Is Needed
For crypto trading businesses, the distinction between KYT and KYC/KYB determines which compliance tools apply at which stage of the client relationship.
- KYT Is Sufficient When: The primary task is screening wallets, transactions, and fund sources before accepting deposits. KYT answers the question: "Where did these funds come from, where are they going, and do they carry risk?" For businesses that accept one-time or occasional deposits from clients without an ongoing managed relationship, KYT provides the transaction-level risk assessment needed to make informed deposit decisions.
- KYC/KYB Is Also Needed When: The business has ongoing client relationships, manages accounts on behalf of clients, accepts large or recurring deposits, onboards corporate clients, or operates under a license that requires identity verification. KYC/KYB answers the question: "Who is this client?" For managed accounts, prop trading relationships, or corporate client onboarding, both layers are necessary.
How Continuous Monitoring Helps After the First Deposit
Screening a client's first deposit is necessary β but it is not sufficient for ongoing relationships. A wallet that screens clean today may become high-risk tomorrow. A client who passes initial screening may change their behavior over time.
- Repeat Deposits May Carry Different Risk. A client's second deposit may come from a different wallet β or from the same wallet whose risk profile has changed since the first screening.
- Risk Scores Change Over Time. A wallet that scored low-risk last month may score high-risk this month if new intelligence links it to illicit activity or a newly sanctioned entity.
- Behavioral Patterns Emerge Over Time. Structuring, rapid deposit-and-withdrawal cycling, and other suspicious patterns only become visible when deposits are monitored across time.
How AMLBot Helps Trading Businesses Manage Client Deposit Risk
AMLBot provides the tooling that supports the compliance workflow described in this article:
- Screen Wallets and Transactions Before Accepting Deposits. Assess the risk score and exposure profile of sender wallets and incoming transactions before funds enter the business's infrastructure.
- Detect Risk Exposure Across Major Blockchains. Identify sanctions exposure, mixer interaction, scam-cluster connections, and other high-risk signals across Ethereum, TRON, Bitcoin, Solana, and other supported chains.
- Monitor Transactions with Real-Time Alerts. Receive alerts when risk thresholds are crossed β for new deposits, for changes in previously screened wallets, and for behavioral patterns that emerge across multiple transactions.
- Link Transactions to Customer Records. Connect deposit data to client identities, enabling the KYC-KYT feedback loop that makes risk assessment meaningful and audit-ready.
- Configure Risk Thresholds. Set alert rules and risk tolerance levels that match the business's specific risk appetite.
- Keep an Audit Trail. Document every screening result, deposit decision, and alert disposition in a format that satisfies exchange requests, regulatory examinations, and banking partner due diligence.
AMLBot does not "clean" funds and does not guarantee that screened deposits will never trigger an exchange hold. What it provides is the data, workflow support, and documentation that allow the business to make informed, risk-based decisions. For a full overview, see AMLBot's real-time KYT monitoring platform.
Conclusion
For crypto trading businesses, AML is not something that only exchanges worry about. If the business accepts client deposits, it accepts the risk attached to those deposits. A single unscreened transfer from a wallet with mixer exposure, sanctions links, or fraud connections can result in frozen funds, exchange holds, source-of-funds requests, and operational disruptions that are far more expensive than the screening that would have caught the problem before it started. Client deposit risk should be screened before it becomes frozen funds.
FAQ
Why Do Crypto Trading Platforms Need AML Checks for Client Deposits?
Crypto trading platforms need AML checks because client deposits can carry risk from previous transactions, wallets, or entities. If risky funds enter the platform's wallet and later move to an exchange or counterparty, the business may face frozen funds, source-of-funds requests, or additional reviews.
Can a Trading Platform Be Affected by a Client's Risky Crypto Funds?
Yes. Even if the platform did not create the risk, it can inherit exposure when it accepts client funds. Once those assets enter the company's wallet, exchanges or partners may treat the business as responsible for explaining where the funds came from.
What Is the Main AML Risk When Accepting Crypto from Clients?
The main risk is accepting funds linked to suspicious or high-risk sources, such as scams, stolen assets, sanctioned exposure, mixers, darknet markets, or high-risk services. Without screening, the business may only discover the problem after funds are already moved or frozen.
How Can Crypto Trading Platforms Avoid Frozen Client Funds?
They can reduce the risk by screening sender wallets and incoming transactions before funds move further, using buffer wallets, assigning risk scores, reviewing exposure categories, and documenting each decision before approving or rejecting a deposit.
What Is a Buffer Wallet in a Crypto AML Workflow?
A buffer wallet is a separate wallet used to receive and review client deposits before they reach the company's main operating wallet. It helps keep unverified funds separate until the business checks the transaction risk and decides what to do next.
Is KYT Enough for Crypto Trading Platforms?
KYT is enough when the main task is to screen wallets, transactions, source of funds, and risk exposure. But if the business has ongoing client relationships, large deposits, managed accounts, corporate clients, or onboarding obligations, KYC or KYB may also be needed.
What Is the Difference Between KYT and KYC for Trading Platforms?
KYT checks the movement and risk of crypto funds: where they came from, where they are going, and whether they are linked to risky activity. KYC checks who the client is. For crypto trading businesses, both may be needed when transaction risk and customer identity matter.
Should Trading Platforms Check Crypto Deposits Before or After Receiving Funds?
Ideally, platforms should check sender wallets before the deposit and screen incoming transactions before moving funds further. Checking only after funds reach the main wallet or exchange account can make the issue harder to manage.
What Should a Trading Platform Do If a Client Deposit Is High-Risk?
The platform can hold the deposit for review, request additional information, reject the deposit, escalate the case internally, or document why it made a risk-based decision. The exact response depends on the company's policy and the severity of the risk signals.
How Does AMLBot Help Crypto Trading Platforms Manage Client Deposit Risk?
AMLBot helps businesses screen wallets and transactions, detect risk exposure, assign risk scores, monitor activity, connect transactions to customer records, and keep an audit trail. This helps trading platforms review client deposits before risky funds become an operational or compliance problem.