Skip to content

KYT Detection Standards Specification

Document Version: 1.0
Applicable To: CARD PLUS Platform users, partner agents, and merchant partners
Effective Date: 2026-04-23
Document Type: External compliance standards notice


1. Purpose

To protect transaction security and comply with international AML and anti-financial-crime requirements, the platform performs KYT (Know Your Transaction) screening on digital asset transactions. This specification publicly explains:

  • How we assess transaction risk;
  • What the core detection standards are;
  • How we handle triggered risks;
  • How users/agents can cooperate and appeal.

2. Scope

This specification applies to digital asset transactions initiated, received, matched, settled, or cleared through the platform, including but not limited to:

  • User deposits, withdrawals, and address interactions;
  • Agent collection/disbursement, batch settlements, and cross-platform transfers;
  • Risk reviews related to wallet addresses and transaction hashes (TXID).

3. Core Detection Principles

The platform adopts a multi-factor risk control model; it does not rely on a single score only:

  1. Rules First: Check whether critical risk rules are triggered first;
  2. Path Analysis: Evaluate fund-flow hops and taint exposure;
  3. Score as Support: Use risk score for tiering and review prioritization;
  4. Audit Trail: Retain auditable evidence for all risk-control decisions.

Note: Score is not the sole basis for decisions. Even a low Score may still be blocked if hard rules are triggered.


4. KYT Detection Standards (Public Version)

4.1 Category A: Critical Risk

If any of the following conditions is met, the highest-level risk control is triggered:

  • Association with sanctions lists or specially regulated entities;
  • On-chain activities related to terrorist financing;
  • High-risk sources such as stolen funds, hack proceeds, or ransom proceeds;
  • Direct high-risk links to addresses involved in confirmed malicious events.

Action Result: Freeze/Block + Compliance Reporting (SAR)


4.2 Category B: Illicit Activity Risk

If any of the following conditions is met, high-level risk control is triggered:

  • Funds associated with darknet markets;
  • Organized scam funds (e.g., pig-butchering, phishing drainers);
  • Clear anonymity-enhancing behavior (mixers, privacy-enhancing paths, etc.);
  • Significant illegal transaction behavior with sufficient supporting evidence.

Action Result: Reject Transaction, and apply either Enhanced Review or Compliance Reporting (SAR) depending on risk severity.


4.3 Category C: Hop & Taint Standards

The platform applies on-chain fund-flow path analysis as follows:

  • 1-Hop (Direct Link): Directly connected to a high-risk source

    • Action: Freeze/Block + SAR
  • 2-Hop (Single Intermediary):

    • If the path is verified as a compliant licensed VASP path with no abnormal relay: Conditional Allow (Safe Harbor)
    • If unhosted wallets or unknown relay patterns exist: Reject + SAR
  • 3+ Hops (Multi-level Relay):

    • Judged by taint threshold;
    • Current default threshold: Taint >= 10% triggers rejection or further restrictions.

4.4 Category D: Risk Score Tiering

Risk score is used for monitoring intensity and review priority:

  • 91-100: Severe (Very High Risk)
  • 71-90: High (High Risk)
  • 31-70: Moderate (Medium Risk)
  • 0-30: Low (Low Risk)

Important Notes:

  • Score < 30 does not automatically mean approval;
  • If any hard rule in Category A/B/C is triggered, the transaction may still be blocked or reported.

5. Final Risk-Control Result Types (User-Visible)

The platform outputs one of the following:

  • ACCEPT: Approved (standard monitoring)
  • SAFE_HARBOR_ACCEPT: Conditionally approved (enhanced monitoring)
  • REJECT: Rejected
  • REJECT_AND_ENHANCED_REVIEW: Rejected and escalated to enhanced review
  • REJECT_AND_SAR: Rejected and suspicious activity reporting triggered
  • FREEZE_AND_SAR: Frozen and suspicious activity reporting triggered

6. User/Agent Cooperation Requirements

To reduce false positives and improve review efficiency, please prepare in advance:

  • Proof of fund source (transaction records, business contracts, invoices/settlement slips, etc.);
  • Proof of address ownership/control (custodial account evidence, wallet control statements);
  • Business purpose statement (transaction purpose and counterparty relationship);
  • Additional KYC/KYB verification information when required.

If supporting materials are refused or fail to establish fund legitimacy, platform restrictions may remain in effect.


7. Appeal and Re-Review Process

If you disagree with a risk-control decision, you may request a re-review. Typical process:

  1. User/agent submits supplementary documents;
  2. Compliance team conducts secondary review;
  3. Final conclusion is made based on on-chain evidence, transaction context, and regulatory requirements.

The platform reserves the right and obligation to report to regulators or law enforcement when required by law.


8. Compliance and Privacy Notice

  • The platform fulfills AML/CFT, sanctions compliance, anti-fraud, and anti-money-laundering obligations under applicable laws and regulations;
  • KYT screening may use on-chain analytics and external compliance data sources;
  • User information is used for compliance review only under lawful, necessary, and data-minimization principles.

9. Standard Update Mechanism

This specification may be updated dynamically based on:

  • Regulatory policy changes;
  • Emerging on-chain crime patterns;
  • Compliance operation reviews and false-positive/false-negative retrospectives.

The latest platform announcement and versioned document prevail after updates.


10. FAQ (External Short Version)

Q1: Can approval be decided by score only?

No. The platform uses a combined decision model: rules + path + thresholds + score.

Q2: Does Score < 30 always pass?

Not necessarily. If critical risk rules are triggered, the transaction may still be rejected or frozen.

Q3: Why was my transaction rejected?

Common reasons include high-risk entity linkage, abnormal relay paths, taint above threshold, or suspicious behavior patterns.

Q4: Can I request a manual review?

Yes. Please submit required source-of-funds and transaction background materials.


For enterprise integration standards (API fields, callback status codes, risk event enums, SLA, and audit fields), please contact platform technical support or compliance support.