Blog
Blockchain Analytics and Crypto Compliance: Platform Guide for Fintechs
How blockchain analytics works, the major platforms, and what MiCA, FATF Travel Rule, and SEC/CFTC guidance mean for crypto compliance teams in 2026.
If your fintech handles cryptocurrency transactions, you already know that the compliance landscape has shifted faster in the last 18 months than in the previous five years combined. The US has a joint SEC-CFTC framework designating 16 major crypto assets as digital commodities. Europe's MiCA regime is fully enforceable. The UK enacted the Cryptoasset Regulations 2026 in February. And the analytics platforms you rely on to screen transactions and identify risk are consolidating into a three-player market.
This is for compliance officers, fintech CTOs, and blockchain engineers evaluating transaction monitoring solutions — or building their own. Whether you are a VC-backed exchange navigating MiCA licensing, a payment firm integrating stablecoin settlement, or a TradFi team spinning up a digital asset desk, you need to understand how these tools work and where they fall short.
By the end of this, you will know what blockchain analytics actually does under the hood, how Chainalysis, TRM Labs, and Elliptic compare, what the current regulatory frameworks demand, and where the technical blind spots remain.
How blockchain analytics works
Most people think blockchain analytics means "watching the blockchain." In practice, it is a multi-layered pipeline of data collection, address clustering, entity identification, and risk scoring — and each layer introduces its own engineering challenges.
Data collection and normalisation
The raw material is every transaction on every chain you monitor. Bitcoin nodes emit ~7 transactions per second; Ethereum does ~15; Solana peaks at thousands. Each chain has a different data model — UTXO-based for Bitcoin, account-based for Ethereum, parallelised execution for Solana. Analytics platforms parse and normalise these into a unified transaction graph where each edge represents a value transfer between addresses.
The scale is the hardest part. TRM Labs indexes 45+ chains covering 200 million-plus assets. Elliptic screens over one billion transactions every week across 65 blockchains. Chainalysis covers 200+ chains with 55,000-plus identified services. Running full nodes for every chain is not sustainable — most platforms rely on a combination of archival node infrastructure, indexer partnerships, and real-time event streaming via WebSocket or Webhook feeds.
Address clustering heuristics
A blockchain address is not an identity. Clustering is how platforms map multiple addresses to a single entity. The most reliable heuristic is the common-input heuristic: if two addresses are used as inputs in the same Bitcoin transaction, they are controlled by the same entity. UTXO-based chains make this deterministic — Ethereum and other account-based chains require different approaches, including smart contract creation analysis (if address A deploys contract B, and A is tagged as illicit, B inherits that tag), hot wallet identification (tracking deposit addresses and their sweep patterns), and behavioural profiling (timing patterns, frequency signatures, transaction graph topology).
No heuristic is perfect. False positives from clustering errors remain the top operational complaint across every platform. A single misattributed address can freeze a legitimate user's funds or generate hours of manual review work.
Entity identification and risk scoring
The output of clustering is a set of address clusters that need to be attributed to real-world entities. Platforms build and maintain databases of known services — exchanges, custodians, DeFi protocols, mixers, sanctioned addresses — sourced from regulatory disclosures, public records, OSINT, and their own investigation teams. Chainalysis maintains 55,000-plus identified services. Elliptic claims over 6.4 billion labeled addresses.
Risk scoring models are trained on known illicit and licit transaction patterns. A transaction from a regulated exchange to a new DeFi protocol with no volume history scores higher risk than one between two established custodians. The best models incorporate not just on-chain data but off-chain signals — web reputation, regulatory status, news events.
The three-player market
The exit of CipherTrace (Mastercard effectively shut down its key products in early 2024) has consolidated the analytics market into three dominant platforms. Each takes a different approach.
Chainalysis is the incumbent with the deepest law enforcement penetration — roughly 45% of government blockchain investigations use Chainalysis Reactor. Its strength is evidentiary quality: the tooling is designed to produce court-defensible investigation outputs. The trade-off is speed: Reactor is optimised for deep-dive manual analysis, not real-time transaction screening at high throughput. Chainalysis has been slower than competitors to ship AI-assisted features, though it announced AI agents for blockchain intelligence in early 2026.
TRM Labs differentiates on real-time performance and AI-assisted triage. Its Transaction Monitoring product screens transactions in under a second at 99.9% uptime. The AI layer automatically surfaces high-confidence alerts and suppresses false positives using Transfer Labels — pre-trained models that detect specific money laundering typologies (peel chains, mixer-first funding patterns, pig butchering). TRM holds FedRAMP High authorisation, the highest US government cloud security clearance among the three, which matters for federal contracts and financial institutions with strict vendor risk policies. It raised $70M at a $1B valuation in February 2026, with Goldman Sachs and Citi Ventures participating.
Elliptic leads on cross-chain coverage. Its 2025 launch of automated cross-chain tracing — covering 250-plus bridges, DEXs, and mixers — identified $21.8B in cross-chain criminal activity in its first year. Elliptic's AI Copilot, launched April 2025, generates automated screening summaries that reduce analyst alert review time by roughly 50%. It raised $120M at a $670M valuation in May 2026, with Deutsche Bank, Nasdaq Ventures, and JPMorgan as investors. Elliptic has the strongest EU-UK presence — Revolut, Bitstamp, and RedotPay are customers — and holds ISO 27001 certification.
| Dimension | Chainalysis | TRM Labs | Elliptic |
|---|---|---|---|
| Chains covered | 200+ | 45+ | 65+ |
| Key strength | Law enforcement gold standard, court-defensible | Real-time AI screening, FedRAMP High | Cross-chain tracing, EU/UK presence |
| Weakness | Slower innovation, weaker real-time | Fewer chains than competitors | Smaller US federal footprint |
| Recent funding | $8.6B valuation (2022) | $1B valuation (Feb 2026) | $670M valuation (May 2026) |
What the regulators actually require
The regulatory frameworks that drive blockchain analytics spending have diverged significantly by jurisdiction. A compliance programme that works for MiCA may not satisfy UK or US requirements, and vice versa.
Europe — MiCA and DORA. MiCA's full regime has been enforceable since December 30, 2024, with all grandfathering periods expiring by July 2026. The Transfer of Funds Regulation mandates the Travel Rule for all crypto-asset transfers with no value threshold — unlike the US, which exempts transactions under $3,000. This means every transaction, regardless of size, must carry originator and beneficiary information. The Digital Operational Resilience Act (DORA), effective January 17, 2025, adds ICT risk management and incident reporting obligations that apply directly to crypto-asset service providers. A growing complication is dual licensing: stablecoin EMT custody may require both MiCA and PSD2 authorisation, creating a gap that has not been fully resolved by EU regulators as of mid-2026.
United Kingdom. The Cryptoasset Regulations 2026, enacted February 4, 2026, establish a comprehensive statutory framework covering trading platforms, custody, staking, and (via ongoing consultation) DeFi. The FCA took its first enforcement action under the financial promotions regime in February 2026. Unlike the US approach of designating specific assets as commodities, the UK framework is activity-based: the same obligations apply regardless of whether the underlying asset is a security, commodity, or utility token. The FCA is consulting through 2026 on a DeFi-specific regime that would impose obligation on protocol operators — a regulatory first that will test whether decentralised entities can comply at all.
United States. The regulatory picture has transformed since January 2025. The SEC dismissed seven major crypto enforcement actions through 2025, including cases against Coinbase, Binance, and Consensys. The March 11, 2026 SEC-CFTC Joint Memorandum of Understanding established a "minimum effective dose" framework — the CFTC now holds primary jurisdiction over 16 designated digital commodities including BTC, ETH, SOL, XRP, ADA, and LINK. The GENIUS Act (July 2025) requires stablecoin issuers to maintain 1:1 reserves in USD or low-risk assets. FinCEN continues to enforce BSA/AML obligations and issued a $60M penalty against the Helix mixer operator. The practical effect for compliance teams: regulatory clarity on asset classification has reduced classification risk but increased screening obligation, since the CFTC's jurisdiction covers a wider set of activities than the SEC's.
Where the tools still fall short
Blockchain analytics has come a long way, but three problems remain unsolved in production.
Privacy coins. Monero transactions are effectively untraceable with current tooling. OFAC has added Monero, Zcash, and Dash addresses to the SDN List, but screening against a sanctioned address list is not the same as detecting illicit transaction patterns. The IRS is actively funding research into privacy coin tracing, but practical solutions for real-time compliance screening do not exist today. Most regulated exchanges have responded by delisting privacy coins entirely.
DeFi counterparty identification. The Travel Rule assumes identifiable counterparties. DeFi protocols do not have them. When a user swaps USDC for ETH through a permissionless liquidity pool, who is the counterparty? The pool contract? The LPs? The protocol DAO? No analytics platform has solved this, and the UK FCA's pending DeFi consultation is the first serious regulatory attempt to define an answer. For now, compliance teams handle this through enhanced due diligence on protocol-level risk and transaction value thresholds.
Cross-chain fragmentation. Elliptic identified $21.8B in cross-chain criminal activity in 2025 alone. Bridging and DEX-hopping are the primary laundering techniques for sophisticated actors — North Korea's Lazarus Group routinely moves stolen funds through five or more chains within hours. While cross-chain tracing has improved dramatically (Elliptic's coverage of 250+ bridges is the current state of the art), the latency gap between a transaction occurring and being traced across chains remains a problem for real-time intervention.
Building or buying: practical considerations
If you are evaluating whether to build your own analytics capability versus buying from one of the three platforms, the deciding factor is your transaction volume and chain coverage requirements. At fewer than 10,000 transactions per month on a single chain, the managed APIs from any of the three platforms will be cheaper than running your own infrastructure. Above 100,000 transactions per month, the unit economics start to favour negotiation on volume pricing or exploring the smaller competitors — Crystal Blockchain (335 chains covered, strongest stablecoin forensics) and Scorechain (EU-focused, accessible pricing for smaller firms).
Build-your-own is rarely the right answer for transaction screening. The address clustering heuristics and entity databases that platforms maintain are the product of years of investigative work and cannot be replicated in-house without access to law enforcement referrals, regulatory disclosures, and the network effects of a multi-tenant customer base. Where build-your-own makes sense is for specialised investigation workflows — internal threat hunting, fraud pattern detection specific to your product, or integration with proprietary risk models.
What comes next
The blockchain analytics market is moving from a compliance cost centre toward an intelligence function. TRM's $1B valuation, Elliptic's $120M raise with bank investors, and Chainalysis's continued dominance in government contracts all point in the same direction: financial institutions are embedding analytics earlier in the transaction lifecycle, not just at settlement. The 2026 SEC-CFTC framework accelerates this — clearer asset classification means more activity falls under regulated oversight, which means more screening volume.
For compliance teams, the implications are straightforward: 2026 is the last year you can treat blockchain analytics as a checkbox purchase. The platforms have diverged in capability, and the wrong choice means either drowning in false positives or missing cross-chain laundering that your competitor's tooling catches.