Risk Type List

NO.	Risk Type	Description
1	Darknet Market	Darknet markets are commercial websites (Black markets) that selling or advertising illicit goods and services such as drugs and weapons and the websites can be accessed via anonymizing browsers or system (such as Tor or I2P, where user identities are concealed). As a result, many illegal transactions take place on the darknet. Any exposure related to it is associated with risk, and its initial risk level is assessed as high.
2	Fraud Shop	Fraud Shop are shops that sell private data for profit, typically operated by an individual or a team. The information they sell includes personally identifiable information, credit card data, and stolen accounts. Unlike dark web transactions, these stores generally do not involve customer withdrawals, so most withdrawal transactions can be linked to the shop operators. Its initial risk level is assessed as high risk.
3	Gambling	Gambling refers to crypto casinos or websites where gambling can occur without the need to create an account or complete KYC. These activities often involve corresponding risky fund outflows. However, the risk assessment of gambling varies across different countries and regions, which is why gambling is given a lower alert priority compared to other high-risk and severe-risk categories. Its initial risk level is assessed as medium risk.
4	High Risk Exchange	High-risk exchanges refer to those that lack comprehensive compliance procedures, such as the absence of KYC and other regulatory measures. These exchanges pose risks of money laundering and terrorist financing. Its initial risk level is assessed as high risk.
5	High Risk Jurisdiction-FATF	High Risk Jurisdiction refers to cryptocurrency service providers operating in sensitive regions, such as countries like Iran, according to the FATF list. This category carries stricter alert criteria. Its initial risk level is assessed as severe risk.
6	Illicit Actor Organization	Illicit actor organizations refer to individuals or organizations involved in various illegal activities, with connections to risk entities such as darknet markets, fraud shops, terrorist financing, and hackers. Its initial risk level is assessed as high risk.
7	Mixing Service	Coin mixing can make it difficult to trace the origin of funds, thus posing a risk of illegal fund obfuscation. Currently, some coin mixing services are illegal in certain regions, and even in other regions, they require permission to operate. Taking all factors into account, its initial risk level is assessed as high risk.
8	Protocol Privacy	Privacy protocols, such as the MWEB protocol on the LTC chain, use cryptographic techniques to hide user transaction counterpart addresses, transaction amounts, balances, and other information, making it impossible to trace the source and destination of funds. While the use of privacy protocols does not necessarily mean that the funds are at risk, users must make the choice to use these privacy features. Its initial risk level is assessed as medium risk.
9	Ransomware	Ransomware is a type of malicious software that encrypts a user's computer files until a ransom is paid. It is generally considered that the risk of funds transferred to ransomware is lower than the risk of receiving funds from ransomware. Its initial risk level is assessed as high risk.
10	Sanctions	Sanctions typically refer to addresses listed on sanction lists marked by entities such as OFAC, the UN, or the UK. These sanction lists include individuals or entities involved in illegal activities such as money laundering, terrorism financing, and other unlawful activities. According to FATF Recommendation 6, funds related to sanctions should be treated as a severe alert. Its initial risk level is assessed as severe risk.
11	Scam	Scam refers to entities involved in fraudulent activities which can impersonate a variety of services, including exchanges, mixers, ICOs, and gambling sites. This category also encompasses scam emails, extortion emails, and fake investment services. They usually offer unrealistic returns on investment. Its initial risk level is assessed as high risk.
12	Stolen Funds	Stolen funds refer to funds obtained through hacker attacks on exchanges or other entities. The payoff for actors can be enormous with single incidents often resulting in tens of millions of dollars in losses. It is generally considered that the risk of funds sending to is lower than the risk of receiving from the thieves/attackers. Its initial risk level is assessed as high risk.
13	Child Abuse Material	Child Abuse Material refers to illegal activities related to child sexual abuse and material. According to FATF Recommendation 6, funds associated with Child Abuse Material should be treated as a severe alert. Its initial risk level is assessed as severe risk.
14	Terrorist Financing	Terrorist financing refers to funds related to terrorist activities. Its initial risk level is assessed as severe risk.
15	Phishing	Fraudsters disguise themselves as official Web3-related entities, sending fraudulent emails, social media messages, etc., to lure users into clicking links or entering sensitive information such as private keys or memory phrases. After obtaining the information, they steal the user's digital assets. Its initial risk level is assessed as high risk.
16	Investment Fraud	Some criminals create fictitious investment projects, promising high profits to attract investors, but in reality, they aim to acquire the users' assets and then flee. Its initial risk level is assessed as high risk.
17	Honeypot Scam	Criminals set up seemingly valuable fake nodes or contracts within the blockchain network, gradually luring users to invest more funds through high profit contract, and eventually take the funds and flee. Its initial risk level is assessed as high risk.
18	Pig Butchering Scam	Criminals disguise themselves as experts or insider informants in the blockchain field to gain the victim's trust. Initially, they may allow the victim to make small profits to build trust, then lure them into investing large amounts of money. In the end, the criminals disappear, causing the victim significant losses. Its initial risk level is assessed as high risk.
19	Rugpull Scam	By creating on-chain projects to deceive users into investing their assets, then suddenly shutting down the project and disappearing. For example, a fake decentralized exchange that runs away after collecting users' deposited cryptocurrency. Its initial risk level is assessed as high risk.
20	Hacker	Hackers may obtain illegal funds by attacking systems, and they are likely to transfer the funds afterward, so an alert threshold needs to be set for such activities. Its initial risk level is assessed as high risk.
21	Online Piracy	Online piracy involves the unauthorized use and distribution of copyrighted content, and the financial transactions associated with it are likely to carry risks. Its initial risk level is assessed as medium risk.
22	Drug Dealing	Drug trafficking is an illegal activity, and when drug transactions are paid using virtual currencies, the anonymity of virtual currencies makes it extremely difficult to trace the flow of funds. Its initial risk level is assessed as severe risk.
23	Official Freeze	Official freezing refers to being placed on the blacklist of stablecoin issuers such as Tether, resulting in the inability to conduct transactions. Such actions may involve the handling or abnormal transfer of illicit funds. Its initial risk level is assessed as high risk.
24	Money Mule	'Money mules refer to individuals who is exploited by criminals. Criminals recruit these people online to use their bank accounts, digital wallets, and other means to receive illicit funds. Criminals use the "money mule's" wallet address to transfer assets, obfuscating the tracking path, making the fund flow more complicated and increasing the difficulty for law enforcement to investigate. Its initial risk level is assessed as severe risk.
25	Underground Bank	Criminals establish complex transaction networks by exploiting the anonymity of blockchain and the convenience of cross-border transactions. These underground banks may appear to be normal blockchain trading platforms or wallet services, but in reality, they are involved in illegal currency exchange activities. Its initial risk level is assessed as medium risk.
26	Customized Blacklist	Entities included in a custom blacklist typically involve specific illegal or high-risk activities. Any related fund transfers are considered risk violations, so an alert is triggered with a threshold of 0 USD to ensure timely monitoring of such high-risk behaviors. Its initial risk level is assessed as high risk.
27	Grey List - FATF	Regions or entities placed on the FATF grey list pose risks in anti-money laundering (AML) and counter-terrorism financing (CFT), but have not yet reached the severity of being blacklisted. Their fund transaction risks are characterized by complexity and uncertainty. Its initial risk level is assessed as high risk.
28	Published Judgments	Funds related to illegal activities explicitly identified in public rulings, such as financial fraud, organized crime, etc., have a minimum threshold of 0 USD and no maximum value. Since such activities have been judicially determined as illegal, any related fund flows must be treated with high caution. Its initial risk level is assessed as severe risk.
29	Special Measures	Those entities or wallet addresses that the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has labeled a “primary money-laundering concern” under its authority in Section 9714 and section 311 of the USA PATRIOT Act.