Most crypto wallet-screening tools were built for exchanges, priced for exchanges, and sold the way you sell to exchanges: a sales call, a proof-of-concept, a five- or six-figure annual contract. If you run a 3–20-person CASP, an EMI with incidental crypto flows, or an audit firm serving crypto clients, that model does not fit you — and picking the wrong tool is expensive to unwind. This checklist is what to actually compare.
1. Coverage: which lists, and both entity and wallet?
Start with the data. At a minimum, a serious tool screens against the EU consolidated list (your binding obligation as an EU firm), the OFAC SDN crypto addresses, and a broad watchlist source such as OpenSanctions. Ask how often the lists refresh — daily is the right answer — and whether each screen records which list version it ran against.
Then ask the question pure chain-analytics vendors dodge: can it screen the counterparty entity (name, PEP and sanctions status) and the wallet in the same check? A crypto transfer has a person or company behind it as well as an address. Screening only the address leaves half the risk unseen. Combined entity-plus-wallet screening in one result is a genuine differentiator, not a nice-to-have.
2. Defensibility: does it produce evidence, or just a verdict?
The output of a screen is not the point — the record is. When your regulator or auditor asks how you screened a given transfer, “the tool said green” is not an answer. Look for:
- a signed, timestamped report per check (PDF and CSV), not an ephemeral on-screen result;
- provenance on every result — the dataset versions and engine version behind it, so any past check can be reproduced and explained; and
- match transparency — a certainty tier and the reason each match scored, instead of a black-box number.
If a tool cannot hand you a defensible artifact for your compliance file, it is a lookup, not a compliance tool.
3. Honesty about certainty and limits
This one separates the trustworthy from the rest. A good tool distinguishes a direct list match (highest certainty) from a proximity signal (“Near” / “Indirect” — close to something flagged, but not a verdict of guilt) and from an exposure estimate (a model of fund flow, not a measurement). It should say plainly that a “clear” result is the absence of a known link, not proof of innocence, and that lists are never complete.
Be sceptical of any vendor quoting a single precise accuracy percentage without saying what it was measured against. A tool that over-claims certainty is setting you up to defend a number you can’t explain. We would rather under-claim and be trusted — see how we describe our own tiers and limits.
4. Pricing model: does it match your volume?
Enterprise tools charge enterprise minimums. For a smaller firm the right shape is usually per-check credits with no seats and no minimums, so cost tracks usage instead of a headcount you don’t have. Look for a genuine free trial you can self-serve (running real checks, not a sales demo), transparent top-up pricing, and the ability to cancel without a procurement cycle. If the only way to see pricing is a sales call, that is your answer about who the tool is for.
5. Data residency and security posture
As an EU-supervised firm you will face vendor due-diligence yourself, so screen your screener:
- EU data residency — is your screening data hosted in the EU, with GDPR export and erasure supported?
- Access control — per-tenant isolation, role-based access, scoped API keys.
- Honest security claims — a vendor that says plainly what it does and does not yet hold (for example, that SOC2/ISO27001 is on a roadmap rather than claiming a certification it hasn’t earned) is more trustworthy than one that papers over the gaps.
Ask for a subprocessor list and a data-flow summary. A serious vendor will have them ready.
6. Integration: manual today, API tomorrow
Even if you start by pasting addresses into a screen, check there is a REST API and webhooks so you can later screen inline in your onboarding or transfer flow and get the result and report back programmatically. You want a tool you won’t outgrow the first time volume picks up.
The short version
| Ask | Good answer |
|---|---|
| Which lists? | EU consolidated, OFAC SDN, OpenSanctions — refreshed daily, version recorded |
| Entity and wallet? | Yes, in one check |
| Output | Signed, timestamped report with provenance and match tiers |
| Certainty | Direct vs Near/Indirect vs exposure estimate, stated honestly |
| Pricing | Per-check credits, no minimums, real self-serve free trial |
| Data | EU residency, per-tenant isolation, honest security posture |
| Integration | REST API + webhooks available |
Ichnos was built against exactly this list, for the firms the enterprise tools price out. The best way to judge it is to run a few real checks yourself — the first 100 are free, no card. Start free →