Crypto Transaction & Wallet Screenings Report

7 min. readlast update: 08.14.2024

This article aims to provide insights into screening reports for transactions and wallets scanned via GlobalPass's crypto analytics tool.

💡 TIP: Before getting started, consider reading this article to understand the concept of Holistic (multi-asset, cross-chain) Crypto Analytics.

1. Crypto Transaction Screening Report

The top panel of a transaction’s screening report lists the main information submitted and found about the screened transaction: 

Data Meaning
Hash hash of the screened transaction
Asset asset(s) involved in the screened transaction (formatted as: TICKER/blockchain, for example: USDT/tron)
Transaction Time timestamp of when the screened transaction occurred
Screened At timestamp when the Crypto Screening was performed via GlobalPass
Risk Score determined risk level based on exposure of the transaction in the screened direction (0.00 – lowest risk, 10.00 – highest risk)
Value (USD) value in USD of the transferred crypto assets at the time of the transaction
Output Address address of the wallet that received funds in the screenened transaction
Screened By if screening was done manually in the Portal, email of the person who created the screening is listed. If it was done via API integration, N/A is shown
Direction specifies whether Source of Funds of the input wallet, or Destination of Funds of the output wallet were screened
External ID your custom specified external identifier of the screening
Screening Token unique screening identifier in the GlobalPass system

The Rescreen button instantly creates a new screening of the same transaction, allowing you to check if the risk exposure has changed after some time.

1.1 Triggered Rules

Below the top panel, there is a full screening report of the transaction. The first and most important tab is Triggered Rules, which lists the transaction's exposure to risk factors:

Risk score of a transaction is calculated based on the transaction’s exposure to high-risk actors across three risk categories:

  1. Sanctioned, Terrorist Financing (TF), and Child Sexual Abuse Material (CSAM): Very high-risk entities subject to sanctions, or involved in TF or CSAM activities. This category includes entities listed in OFAC sanction lists and terrorist organizations listed by the United Nations.
  2. Illicit Activity: Entities known to be involved in illicit activity other than sanctions, TF, or CSAM activity. Entities included are ransomware campaigns, dark web marketplaces, Ponzi schemes, and similar.
  3. Obfuscating & Misc.: Entities that are frequently used to facilitate crypto asset laundering or other entities that may not be captured by the first two risk rules. Entities included are mixing services, illegal gambling sites, privacy wallets, and similar.

1.1.1. Risk Score Calculation

Risk score is calculated by looking at the transaction and whether its input wallet (source of funds analysis) or output wallet (destination of funds analysis) has triggered any risk rules. The risk score can be from 0.00 to 10.00 (10.00 being the highest risk).

A risk score is calculated by converting the percentage exposure of the highest contributing risk category into a numerical value. As seen in the example above, 22.93% (largest contribution among the risk categories) of the funds are traced to Sanctioned, TF & CSAM entities, therefore the final risk score is 2.29 (22.93% -> 2.29/10.00).

1.1.2. Proximity

In crypto screening, it’s important to consider not only direct exposure to risk factors, but also the flow of funds through various intermediate wallets, to ensure a thorough understanding of potential risks.

Proximity information helps determine if a transaction’s exposure to a risky entity is direct or indirect and identifies how many hops (transactions to intermediate wallets) are in between. If there are multiple transaction paths leading to the same entity, the shortest one (with the least number of hops) is considered.

To aid in understanding this exposure, the Contribution percentage is further divided into Counterparty and Indirect contribution percentages. This breakdown shows how much of the exposure comes directly from counterparties and how much stems from indirect exposure (2 or more hops away):

1.2 Destination/Source of Funds

Depending on the direction being screened, the next tab provides a full breakdown of all known sources or destinations of funds for the transaction, not just the risk factors. The results are organized in a format similar to the Triggered Rules section:

1.3 Screening History

Screening history shows overview of risk score change and allows access to the historical screenings of the transaction, if the Rescreen option was used:


2. Crypto Wallet Screening Report

The top dashboard of a wallet’s screening report lists the main information submitted and found about the screened wallet:

Data Meaning
Address address of the screened wallet
Asset in previous version (single-asset screenings), asset of the screened wallet was listed. In new version (holistic screenings), listed as holistic. Will be removed in the future
Category if wallet belongs to a known entity, its category is listed (for example, Exchange, Gambling, Scam, Thief, etc.)
Screened At timestamp when the Crypto Screening was performed via GlobalPass
Risk Score determined risk level based on exposure of the wallet (0.00 – lowest risk, 10.00 – highest risk)
Inflow (USD) the total amount of funds (converted to USD) which have entered the wallet
VASP returns Yes if the wallet belongs to a Virtual Asset Service Provider
Screened By if screening was done manually in the Portal, email of the person who created the screening is listed. If it was done via API integration, N/A is shown
Entity if wallet belongs to a known entity, the entity's name is listed
Outflow (USD) the total amount of funds (converted to USD) which have exited the wallet.
NOTE: Outflow can be higher than inflow because the value of a crypto-asset may have appreciated while the asset was stored in the wallet.
External ID your custom specified external identifier of the screening
Screening Token unique screening identifier in the GlobalPass system

The Rescreen button instantly creates a new screening of the same wallet, allowing you to check if the risk exposure has changed after some time.

2.1. Triggered Rules

Below the top panel, there is a full screening report of the wallet. The first and most important tab is Triggered Rules, which lists the wallet's exposure to risk factors.

Unlike Crypto Transaction screening, this report provides a combined view of both the Source and Destination of Funds. You can toggle between these views by selecting either Source of Funds or Destination of Funds. The rest of the layout and data is the same as in Transaction screening:

2.1.1. Risk Score Calculation

Risk score is calculated by looking at the wallet and whether its sources and/or destionations of funds have triggered any risk rules. The risk score can be from 0.00 to 10.00 (10.00 being the highest risk).

A risk score is calculated by converting the percentage exposure of the highest contributing risk category among source and destination of funds into a numerical value. As seen in the example above, 27.58% (largest contribution among the risk categories) of the funds are traced to Obfuscating & Misc. entities, therefore the final risk score is 2.76 (27.58% -> 2.76/10.00).

2.1.2. Proximity

Similar to Transaction screening, proximity information in Wallet screening helps determine whether the wallet’s exposure to a risky entity is direct or indirect, and how many hops (transactions through intermediate wallets) are involved. If multiple transaction paths lead to the same entity, the shortest path (with the fewest hops) is considered.

2.1. Wallet Exposure

The Exposure tab provides a full breakdown of all known sources and destinations of funds for the wallet, not just the risk factors. The results are organized in a format similar to the Triggered Rules section:

2.3 Screening History

Screening history shows overview of risk score change and allows access to the historical screenings of the wallet, if the Rescreen option was used:

 

Was this article helpful?