Knogin
[Blockchain]

Blockchain Sanctions Screening

When OFAC designated a North Korean cryptocurrency mixer in 2022, exchanges that had integrated real-time sanctions screening blocked interactions with associated addresses within minutes of the designation going live.

Module metadata

When OFAC designated a North Korean cryptocurrency mixer in 2022, exchanges that had integrated real-time sanctions screening blocked interactions with associated addresses within minutes of the designation going live.

Back to All Modules

Source reference

content/modules/blockchain-sanctions-screening.md

Last Updated

Feb 5, 2026

Category

Blockchain

Content checksum

589970d3e581e7eb

Tags

blockchainaireal-timecompliance

Overview#

When OFAC designated a North Korean cryptocurrency mixer in 2022, exchanges that had integrated real-time sanctions screening blocked interactions with associated addresses within minutes of the designation going live. Those that relied on manual list updates or infrequent batch screening continued processing transactions for hours. The gap between those two outcomes is what real-time sanctions screening infrastructure is built to close.

The Blockchain Sanctions Screening system provides real-time detection and blocking of transactions involving sanctioned entities across all major blockchain networks. Processing millions of addresses from OFAC, EU, UN, and additional sanctions lists, it screens transactions with high accuracy, preventing regulatory violations before they occur. Advanced graph analysis detects indirect exposure through transaction networks, identifying when apparently clean addresses interact with sanctioned entities at multiple degrees of separation. Exchange compliance officers, AML compliance teams, payment processors, and DeFi protocols all depend on this capability for sanctions enforcement.

Mermaid diagram
flowchart LR
    A[Incoming Transaction] --> B[Pre-Transaction Screening]
    B --> C{Direct Match?}
    C -->|Yes| D[Block + Alert]
    C -->|No| E[Multi-Hop Exposure Check]
    E --> F{Indirect Exposure?}
    F -->|High| G[Manual Review Queue]
    F -->|Medium| H[Enhanced Due Diligence]
    F -->|Low/None| I[Allow + Log]
    D --> J[OFAC Blocking Report]
    G --> K[Compliance Workflow]
    J --> L[Regulatory Filing]
    K --> L
    style D fill:#ff6b6b
    style G fill:#f5a623
    style I fill:#50c878

Key Features#

  • Real-Time Sanctions List Integration: Aggregates and normalizes sanctions data from 25+ global regulatory sources with automated refresh cycles ensuring compliance within minutes of regulatory publication. Powered by OpenSanctions integration
  • Multi-Hop Indirect Exposure Analysis: Graph analysis algorithms detect indirect exposure through transaction networks, identifying potential sanctions evasion schemes, front companies, and layering operations
  • Risk-Based Scoring Engine: Dynamic risk scores (0-100) combine sanctions list matches, indirect exposure, behavioral patterns, and contextual risk factors for nuanced policy decisions beyond binary block/allow
  • Pre-Transaction Blocking: Integrates at the transaction submission layer to prevent sanctions violations before they occur, with screening fast enough to maintain a seamless user experience
  • Continuous Monitoring: Ongoing monitoring of existing user addresses and historical transactions, with automatic retroactive screening when new sanctions designations occur
  • Compliance Reporting: Automated generation of blocking reports, SAR templates, and compliance packages meeting OFAC, FinCEN, and international regulator requirements
  • Investigation Workflow: Structured workflow guiding compliance teams through determination, documentation, and regulatory response for sanctions hits

Sanctions List Coverage#

  • OFAC (US Treasury): Office of Foreign Assets Control SDN, non-SDN, and sectoral sanctions
  • EU Sanctions: European Union consolidated list with entity and address coverage
  • UN Security Council: United Nations sanctions regimes and associated addresses
  • UK OFSI: Office of Financial Sanctions Implementation requirements
  • FATF: Financial Action Task Force high-risk jurisdictions and guidance
  • Regional Lists: Canadian, Australian, Japanese, Swiss, and 21+ additional jurisdictions
  • Custom Lists: Organization-specific blocklists and high-risk entity definitions

Supported Networks#

  • Major Blockchains: Bitcoin, Ethereum, Tron, BNB Chain, Solana, Cardano, Polkadot, Avalanche
  • Stablecoins: USDT, USDC, DAI addresses across multiple chains
  • Layer 2 Solutions: Polygon, Arbitrum, Optimism, Base, and more
  • Privacy Coins: Known sanctioned addresses for Monero, Zcash
  • NFT Contracts: Contract addresses and token IDs associated with sanctioned entities

Risk Score Categories#

  • Critical (90-100): Immediate block required; direct sanctions list matches or confirmed sanctioned entity control
  • High (70-89): Manual review required; significant indirect exposure or entity association
  • Medium (40-69): Enhanced due diligence; moderate indirect connections or behavioral risk
  • Low (20-39): Standard processing with logged risk indicators
  • Minimal (0-19): Normal processing; no elevated sanctions risk detected

Investigation Use Cases#

Exchange Compliance#

  • Screen all incoming deposits and outgoing withdrawals against comprehensive sanctions lists
  • Block sanctioned entity wallet creation and trade matching
  • Configure risk-tiered responses from automatic blocking to enhanced review

DeFi Protocol Compliance#

  • Screen smart contract interactions before allowing protocol participation
  • Detect sanctioned entity interaction across decentralized exchange and lending operations
  • Integrate sanctions compliance into smart contract workflows

Payment Processing#

  • Pre-transaction screening for cryptocurrency payment service providers
  • Geographic blocking for sanctioned jurisdictions based on contextual intelligence
  • Value-threshold based controls for medium-risk addresses

Retroactive Compliance#

  • Automatic re-screening of all historical transactions when new designations occur
  • Identification of users who previously transacted with newly-sanctioned addresses
  • Generation of investigation cases for material retroactive exposures

Ongoing Monitoring#

  • Continuous surveillance of user wallet addresses for new sanctions designations
  • Behavioral change detection when low-risk addresses begin using evasion techniques
  • Cumulative exposure tracking when aggregate sanctioned entity interaction exceeds thresholds

Compliance#

  • Full compliance with OFAC, FinCEN, EU Sanctions, UK OFSI, and FATF requirements
  • Supports Bank Secrecy Act and AML/CTF program requirements
  • FATF Travel Rule support for beneficiary screening in cross-border crypto transfers
  • Automated OFAC blocking reports generated within required timelines
  • SAR filing support with structured data exports and transaction narratives
  • 7-10 year data retention for screening logs, sanctions matches, and manual reviews
  • Complete audit trail of all screening events, decisions, and report generation
  • Role-based access control with multi-factor authentication for compliance functions
  • Encryption at rest and in transit (TLS 1.3)
  • SOC 2 Type II certified infrastructure
  • GDPR-compliant data handling with regional deployment options
  • Regular third-party penetration testing

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14