US Government Assessment of DeFi AML & CFT Risks

April 19, 2023

The promise of decentralized finance, or DeFi, is a significant portion of the lure of cryptocurrency and blockchain to a worldwide audience; the possibility of global, frictionless, instant automated financial services, with transparent and fair transactions enforced by an impartial system, brings countless opportunities to revolutionize the world of finance. Despite this, there are issues with the implementation and adoption of DeFi which have raised concerns in various countries, and in few places more so than the United States.

US Government Assessment of DeFi AML & CFT Risks

At the beginning of April, the U.S. Department of the Treasury released a DeFi illicit finance risk assessment which contained some key findings of the space. The report examined the issues faced by decentralized finance, highlighting the dangers of DeFi being used by criminals as a way to conduct financial transactions and launder money, specifically calling out the frequent failure of DeFi services to implement the required anti-money laundering and counter the financing of terrorism (AML and CFT). The report noted the threats of money laundering, ransomware, theft, fraud and scams amongst others and, whilst the report was mainly focused on the US, it was pointed out that other jurisdictions may not have the same levels of regulatory control which brought its own risks to the DeFi ecosystem. 

The report noted that ‘The primary vulnerability that illicit actors exploit stems from non-compliance by DeFi services with AML/CFT and sanctions obligations.’ before pointing out that DeFi services that covered traditionally regulated activities had the same AML/CFT requirements as everyone else, regardless of whether they claimed to be decentralized or not. Whilst acknowledging the benefits DeFi could bring, a spokesman reinforced the importance of DeFi providers in ensuring the regulatory standards were met. 

Besides providing a warning for DeFi service providers, the risk assessment also held suggestions that the US Government might take: 

  • The strengthening of U.S. AML/CFT regulatory supervision,
  • Considering additional guidance for the private sector on DeFi services’ AML/CFT obligations.
  • Investigating addressing any AML/CFT regulatory gaps related to DeFi services which may otherwise lead to DeFi services deciding they aren’t required to implement AML/CFT.

As a means to address the issues faced, the risk assessment also contained possible mitigation measures. One of the key aspects was the implementation of regulatory standards that it had previously mentioned (in particular areas where gaps might be found and cause uncertainty or technical loopholes) and working with international agencies like the Financial Action Task Force. Alongside this, the transparent nature of public blockchains was also mentioned, as were on-boarding ramps into the DeFi space such as centralized Virtual Asset Service Providers with AML and CFT measures (though issues with VASP regulatory standards and controls were also raised). Most importantly though, the potential of industry solutions was raised, with the technological innovation of companies working in the space singled out as providing sanctions compliance solutions. 

Blockpass has been providing compliance solutions for a number of years now and works to bring the DeFi space into compliance in a manner that suits both the companies, their customers and the regulators. Being a global solution, Blockpass has the ability to do what the risk assessment called for: bolster the accessibility, transparency, and security of not only the U.S. financial system, but DeFi and traditional financial solutions worldwide. By developing zero-knowledge proof and other privacy-centric solutions, Blockpass can fill the need for identity verification with user privacy ensured. In fact, Blockpass has the solution to a number of issues raised in the report, from enabling sanctions and meeting new regulatory standards to compliance on a global scale and even closing down potential gaps in regulations with solutions such as On-Chain KYC

The Blockpass platform is fully automated and hosted in the cloud, with no integration or setup fee. Businesses can sign up to the KYC Connect console in a matter of minutes, test out the service, and start conducting identity documents verification, KYC and AML checks. Take a look at Blockpass' groundbreaking crypto compliance solutions:


  • Built-for-Crypto, centralized off-chain KYC platform
  • Bank-grade KYC/AML
  • No integration necessary, no setup cost
  • Self-service and managed SaaS plans

Learn more…


  • On-chain, zero-knowledge verification KYC platform
  • Customers complete KYCin an anonymous, data-free way
  • Verification results delivered by API KYC / ID data oracle across multiple blockchains

Learn more…


  • Only KYC solution for unhosted (or non-custodial) wallets in the market
  • Adheres to the Crypto Travel Rule laws being adopted, reduces regulatory risk of transactions
  • Verifies users own/control their crypto addresses

Learn more…

By Matthew Warner