主题
KYT Detection Standards Specification
Document Version: 1.0
Applicable To: CARD PLUS Platform users, partner agents, and merchant partners
Effective Date: 2026-04-23
Document Type: External compliance standards notice
1. Purpose
To protect transaction security and comply with international AML and anti-financial-crime requirements, the platform performs KYT (Know Your Transaction) screening on digital asset transactions. This specification publicly explains:
- How we assess transaction risk;
- What the core detection standards are;
- How we handle triggered risks;
- How users/agents can cooperate and appeal.
2. Scope
This specification applies to digital asset transactions initiated, received, matched, settled, or cleared through the platform, including but not limited to:
- User deposits, withdrawals, and address interactions;
- Agent collection/disbursement, batch settlements, and cross-platform transfers;
- Risk reviews related to wallet addresses and transaction hashes (TXID).
3. Core Detection Principles
The platform adopts a multi-factor risk control model; it does not rely on a single score only:
- Rules First: Check whether critical risk rules are triggered first;
- Path Analysis: Evaluate fund-flow hops and taint exposure;
- Score as Support: Use risk score for tiering and review prioritization;
- Audit Trail: Retain auditable evidence for all risk-control decisions.
Note:
Scoreis not the sole basis for decisions. Even a lowScoremay still be blocked if hard rules are triggered.
4. KYT Detection Standards (Public Version)
4.1 Category A: Critical Risk
If any of the following conditions is met, the highest-level risk control is triggered:
- Association with sanctions lists or specially regulated entities;
- On-chain activities related to terrorist financing;
- High-risk sources such as stolen funds, hack proceeds, or ransom proceeds;
- Direct high-risk links to addresses involved in confirmed malicious events.
Action Result: Freeze/Block + Compliance Reporting (SAR)
4.2 Category B: Illicit Activity Risk
If any of the following conditions is met, high-level risk control is triggered:
- Funds associated with darknet markets;
- Organized scam funds (e.g., pig-butchering, phishing drainers);
- Clear anonymity-enhancing behavior (mixers, privacy-enhancing paths, etc.);
- Significant illegal transaction behavior with sufficient supporting evidence.
Action Result: Reject Transaction, and apply either Enhanced Review or Compliance Reporting (SAR) depending on risk severity.
4.3 Category C: Hop & Taint Standards
The platform applies on-chain fund-flow path analysis as follows:
1-Hop (Direct Link): Directly connected to a high-risk source
- Action:
Freeze/Block + SAR
- Action:
2-Hop (Single Intermediary):
- If the path is verified as a compliant licensed VASP path with no abnormal relay:
Conditional Allow (Safe Harbor) - If unhosted wallets or unknown relay patterns exist:
Reject + SAR
- If the path is verified as a compliant licensed VASP path with no abnormal relay:
3+ Hops (Multi-level Relay):
- Judged by taint threshold;
- Current default threshold:
Taint >= 10%triggers rejection or further restrictions.
4.4 Category D: Risk Score Tiering
Risk score is used for monitoring intensity and review priority:
91-100: Severe (Very High Risk)71-90: High (High Risk)31-70: Moderate (Medium Risk)0-30: Low (Low Risk)
Important Notes:
Score < 30does not automatically mean approval;- If any hard rule in Category A/B/C is triggered, the transaction may still be blocked or reported.
5. Final Risk-Control Result Types (User-Visible)
The platform outputs one of the following:
ACCEPT: Approved (standard monitoring)SAFE_HARBOR_ACCEPT: Conditionally approved (enhanced monitoring)REJECT: RejectedREJECT_AND_ENHANCED_REVIEW: Rejected and escalated to enhanced reviewREJECT_AND_SAR: Rejected and suspicious activity reporting triggeredFREEZE_AND_SAR: Frozen and suspicious activity reporting triggered
6. User/Agent Cooperation Requirements
To reduce false positives and improve review efficiency, please prepare in advance:
- Proof of fund source (transaction records, business contracts, invoices/settlement slips, etc.);
- Proof of address ownership/control (custodial account evidence, wallet control statements);
- Business purpose statement (transaction purpose and counterparty relationship);
- Additional KYC/KYB verification information when required.
If supporting materials are refused or fail to establish fund legitimacy, platform restrictions may remain in effect.
7. Appeal and Re-Review Process
If you disagree with a risk-control decision, you may request a re-review. Typical process:
- User/agent submits supplementary documents;
- Compliance team conducts secondary review;
- Final conclusion is made based on on-chain evidence, transaction context, and regulatory requirements.
The platform reserves the right and obligation to report to regulators or law enforcement when required by law.
8. Compliance and Privacy Notice
- The platform fulfills AML/CFT, sanctions compliance, anti-fraud, and anti-money-laundering obligations under applicable laws and regulations;
- KYT screening may use on-chain analytics and external compliance data sources;
- User information is used for compliance review only under lawful, necessary, and data-minimization principles.
9. Standard Update Mechanism
This specification may be updated dynamically based on:
- Regulatory policy changes;
- Emerging on-chain crime patterns;
- Compliance operation reviews and false-positive/false-negative retrospectives.
The latest platform announcement and versioned document prevail after updates.
10. FAQ (External Short Version)
Q1: Can approval be decided by score only?
No. The platform uses a combined decision model: rules + path + thresholds + score.
Q2: Does Score < 30 always pass?
Not necessarily. If critical risk rules are triggered, the transaction may still be rejected or frozen.
Q3: Why was my transaction rejected?
Common reasons include high-risk entity linkage, abnormal relay paths, taint above threshold, or suspicious behavior patterns.
Q4: Can I request a manual review?
Yes. Please submit required source-of-funds and transaction background materials.
For enterprise integration standards (API fields, callback status codes, risk event enums, SLA, and audit fields), please contact platform technical support or compliance support.