The Financial Action Task Force on Money Laundering (FATF) has released a report with criteria that can be used to identify suspicious users of cryptocurrency. These characteristics can be used by financial regulators, regulatory authorities, exchanges and other industry participants to detect illegal activities with digital assets, writes RBC Crypto. The FATF, in particular, proposes to compare the amount of funds entering the user's wallet and leaving it. If this indicator differs with the financial position of the trader, this may be a signal of participation in money laundering or fraudulent schemes. Here, an important indicator will also be the presence of transactions that have many sources and are located in different parts of the world. Another criterion is the recorded cases of users appearing on web resources related to illegal activities. In particular, this applies to platforms on which cryptocurrency is accepted, but identity confirmation is not required, and a limit is set on the amount of transactions so as not to fall under the checks of financial regulators. The FATF also suggested that users who use tools to maintain anonymity should be viewed with suspicion. We are talking primarily about anonymous cryptocurrencies such as Monero or Zcash. In addition to these, "mixers" are meant - they are special services for obfuscating transactions that make them difficult to track. Separately, FATF singled out users who work from countries with weak digital industry regulation. These criteria make sense, Maria Stankevich, EXMO Exchange Development Director, assessed the FATF proposals. She said that EXMO has been using these tools for a long time to track suspicious activity, but there are other indicators as well. The reasons for the accelerated verification are: Deposits / withdrawals of cryptocurrencies and fiat funds above the established limits Suspicious user transactions. For example, massive bidding "for yourself in the red", attempts to implement the "pump & dump" scheme. Suspicious account logins: massive logins from one IP address, attempts to guess passwords. Suspicious financial actions: deposits and withdrawals of funds without trading, or with an insignificant share of trading. Inputs by one system are outputs by another. “Here is a living example of how we were able to block a huge amount that leaked from one well-known exchange, and return all the money safe and sound to the second party: two users with the same registration date made“ trial ”deposits for small amounts. After their replenishment amounts become many times larger, all this happens in a short period of time, and even users start trading at a loss, "Stankevich shared. Dmitry Volkov, CTO of the CEX.IO exchange, spoke about other criteria for user suspicion. For example, if the fraudster is trusted by the victim. The expert talked about cases when clients were misled by “asset managers” by offering fraudulent investment schemes. Keeping a record of addresses that have previously been involved in fraudulent schemes is part of an anti-fraud program that helps prevent users from losing funds. Volkov added that an important element in countering illegal activities in cryptocurrency is the identity verification procedure (KYC). This provides not only data about the user, but allows you to compose his psychological portrait, to determine the type. Based on this, it is possible to compare the actual behavior of the client with expectations and identify suspicious activity. “There is an interesting property AML / KYC that not everyone thinks about - in the process we really get to know the client or the type of the client. This allows you to determine the normal expected behavior of both the account and the client when using the exchange. This means we can identify situations when behavior is out of the expected format, ”said Volkov. If a user is noticed in suspicious activity, many exchanges reserve the right to temporarily block his account to clarify the circumstances. For example, Binance did this in January. A possible reason was the appearance on the trader's balance sheet of "dirty" cryptocurrency. In early September, the IRS offered a $ 625,000 grant to a company that could develop a product to track cryptocurrency transactions. The initiative is primarily aimed at hacking the network of the anonymous Monero coin, but also applies to Bitcoin. The department is interested in the control over operations, their date, time, amount and identification of users' wallets.