Crypto compliance tightens but indirect monitoring lags: Chainalysis

Nearly half of the crypto companies onboarded in 2026 are using compliance standards that would have been considered top-tier just a few years ago. According to a Chainalysis report preview released on Wednesday, about 47% of new organizations now employ alerting standards that would have ranked in the top 10% of strictness back in 2020. This reflects a significant tightening of industry baselines around alert severity, trigger sensitivity, and minimum dollar detection floors.

The sector has been raising its security and compliance game in response to tougher regulations and growing threats from hackers. Chainalysis noted that in 2020, the industry was still figuring out norms, with only 10% meeting the highest requirements. But that rate began climbing in 2023, and newer companies are now launching with more aggressive monitoring in place. The report estimates that North Korean-affiliated hackers alone caused about $2 billion in crypto losses in 2025, adding pressure for better defenses.

Direct monitoring improves, indirect monitoring lags

Companies have become more uniform in direct monitoring—where funds arrive straight from a known illicit source. The report suggests that most firms now catch these cases effectively. However, a gap remains in indirect monitoring, where the funds pass through intermediary addresses before hitting an exchange or service. This is where illicit actors might slip through.

Chainalysis found that legacy financial institutions tend to have much lower triggering thresholds for indirect exposure to both illicit and non-illicit funds. They get alerted to smaller sums. Crypto exchanges, on average, set significantly higher thresholds, and these vary widely across different categories. For example, alert thresholds for risks like ransomware, fraud shops, scams, and darknet markets are often set 10 to 20 times higher for indirect than direct flows.

Exploiting the indirect gap

The report warns that this disparity creates an opening for bad actors to exploit. “The industry’s gap between direct and indirect monitoring creates an opening for illicit actors to exploit. Organizations that close this gap improve their regulatory defensibility and differentiate themselves as trustworthy counterparties,” the Chainalysis team said. The message seems clear: firms that tighten their indirect monitoring not only reduce risk but also stand out in a competitive market where trust is becoming a key selling point.

While the overall trend is positive, the report hints that there is still work ahead. The industry has moved from a fragmented approach to a more unified baseline, but the indirect monitoring gap suggests that compliance is not yet fully mature. As regulations continue to tighten and threats evolve, companies that focus on closing this gap could gain an edge.

The post Crypto compliance tightens but indirect monitoring lags: Chainalysis appeared first on TheCryptoUpdates.