Crypto KYC Risk: What UK Firms Should Check
Certivus AML team8 minUpdated 2026-06-27
In brief: Crypto KYC risk is not just verifying an identity; firms also need to understand wallet activity, exchange records, source of funds, ownership, and risk context.
Key points
- Crypto exposure is not automatically unacceptable, but it often needs stronger evidence.
- Ask for exchange records, wallet context, source-of-funds evidence, and transaction explanation.
- Escalate where funds, wallets, or counterparties cannot be explained.
What is crypto KYC risk?
Crypto KYC risk appears when a client, source of funds, business model, or transaction involves cryptoassets. The issue is not only whether the person is verified. The firm also needs to understand where the value came from and whether the explanation is credible.
What to check
- Identity and ownership.
- Exchange account records.
- Wallet ownership or control.
- Transaction history where risk requires it.
- Source of funds and source of wealth.
- Counterparties, mixers, privacy coins, or high-risk services.
- PEP, sanctions, and adverse media exposure.
Evidence note
Screenshots alone are weak. Ask for reliable records and keep a decision note explaining what was reviewed.
This guide is general information, not legal advice. Apply it through the Money Laundering Regulations 2017, supervisor guidance, and the firm's own risk-based AML procedures.