KYT on crypto deposits — what regulators actually look at.

Provider patterns, sanctions sources, evidence pack.

The KYT layer

Know Your Transaction (KYT) is the on-chain equivalent of AML transaction monitoring. When a customer sends crypto to a Coreal-integrated wallet — or withdraws to an on-chain address — the Coreal platform routes the transaction through a KYT provider before processing. The provider returns a risk score, a set of flags (sanctions exposure, mixing, dark market activity), and a travel-rule compliance status.

The provider is not the compliance programme. The provider is a data source. What matters to a regulator is: what did you do with the data? Did you screen against current sanctions lists? Did you apply a risk-based decision? Did you escalate flagged transactions to a manual review queue? Did you file an SAR where required? And can you prove all of this, transaction by transaction, with timestamps?

What regulators ask for

In practice, when regulators audit a crypto-enabled financial service, they want to see three things: the screening evidence (which KYT provider, which sanctions sources, what the raw result was), the decision trail (who decided what to do with the flagged transaction, on what basis, at what time), and the SAR register (what was filed, when, and with what attached evidence).

In Coreal, every KYT result is stored as a compliance event in the immutable audit log. Every manual review decision is a BPM workflow step, journaled with the reviewer's identity and timestamp. The SAR register is a case-management view in the operator workspace, linked to the originating transactions.