The CySEC CASP regime
The Cyprus Securities and Exchange Commission (CySEC) maintains a register of crypto-asset service providers and supervises them for anti-money-laundering purposes under Cyprus’s AML law. A registered CASP is an obliged entity: it must run customer due diligence, sanctions screening and ongoing monitoring, and be able to demonstrate those controls to the regulator on request.
What that means for AML screening
In practice, a Cyprus CASP has to screen the wallets and counterparties it deals with against sanctions lists, understand its exposure to illicit sources, and keep a record of each check that stands up in a CySEC inspection or an external audit. A screenshot or a spreadsheet cell is a weak record; a signed, timestamped report naming the lists it ran against is a strong one. That is the difference between the two Ichnos is built to remove.
MiCA transition
With MiCA now fully applicable, existing CySEC-registered CASPs are moving into the harmonised EU authorisation regime and its transitional arrangements. The underlying AML obligation does not go away — if anything the evidence expectations rise. Screening built around the OFAC and EU consolidated lists with a kept audit trail is the same requirement under either framework — the core of MiCA and Travel Rule compliance.
An EU tool for an EU-supervised firm. Ichnos is built by an EU company, with data residency in the EU and GDPR export and erasure automated by default — so your screening data does not leave the jurisdiction your regulator cares about.
For Cyprus compliance consultancies
Cyprus has a deep bench of compliance and audit firms serving crypto clients. Ichnos offers a partner tier: one login runs screening across every engagement, with per-engagement segregation and reporting and wholesale credit pricing, so a single consultant can screen for every crypto client they serve and hand each one a co-branded audit artifact. It is the same wallet screening tool, scaled across a book of clients.
Ichnos is a screening tool: the CASP (or its client) remains the obliged entity and owns the compliance decision. Ichnos runs the check properly and keeps the defensible record.