Security and compliance in on-chain payments are no longer responsibilities borne solely by exchanges—they are a shared reality confronting every participant.
At the end of May, HTX-related addresses were flagged by multiple on-chain risk-control systems, leading some users to face transaction restrictions. HTX’s Head of Market Operations characterized this incident as a rare, large-scale “false positive” in cryptocurrency industry history. Yet from another perspective, this may not be coincidental—it could instead signal the early emergence of new rules governing on-chain payments.
The HTX incident serves merely as a catalyst, revealing a fundamental shift now underway in on-chain payment rules. At the technical core of the UK’s recent sanctions lies Regulation 17A—a provision the UK has applied to cryptocurrency exchanges for the first time. Its meaning is clear: the prohibition extends not only to the sanctioned entity itself but to the entire payment chain. Any transaction whose path includes even a single node linked to a sanctioned exchange may be deemed a “sanctioned transaction” by UK compliance authorities.
Elliptic’s interpretation is direct: their transaction-tracing capabilities enable UK virtual asset service providers (VASPs) and institutions to detect indirect links to sanctioned exchanges across multiple “hops.” This precisely reflects Regulation 17A’s current expansion of jurisdiction to include indirect on-chain exposure. In other words, you may never have interacted directly with HTX—but if your funds originated from an address that previously deposited into HTX, your address acquires a “risk flag” under this system. This mechanism dramatically widens the scope of on-chain payment risk coverage.
The operation of this on-chain monitoring ecosystem relies on firms such as Elliptic, Chainalysis, and BlockSec. What they do, in essence, is transplant traditional financial “sanctions list screening” onto the blockchain—though on-chain screening is far more complex than its traditional counterpart. Funds can hop across chains, undergo mixing, or be split; transaction paths can be deliberately engineered to evade traceability.
Even more noteworthy is their market position. Blockchain analytics tools like Chainalysis, TRM Labs, and Elliptic are no longer niche add-on services—they have become foundational compliance infrastructure for any institution with crypto-asset exposure. This means that if any one of these three firms flags an address as high-risk, virtually all exchanges integrated with their data will automatically tighten controls—including freezing accounts associated with that address. This is precisely the mechanism behind the collateral account freezes observed during the HTX incident.
The capability boundaries of this screening system continue to expand. In September 2025, Elliptic launched a new tool capable of tracking stablecoin flows—such as USDT and USDC—across multiple blockchains; it has already been adopted by several major banks. USDT on the Tron network is a key surveillance target: Elliptic’s data shows that USDT on Tron appears in sanctioned and illicit fund flows at a rate far exceeding its overall market share. Last year, Tron, Tether, and TRM Labs jointly froze over $250 million in illicit assets. Earlier, Elliptic announced it had trained a money laundering detection system using deep learning on a dataset of over 200 million Bitcoin transactions—enabling identification of previously unknown illicit wallets. In short, this system does not merely check against known blacklists—it actively discovers new risk patterns.
In February this year, Elliptic published a report highlighting an ongoing Russian-linked crypto “shadow network.” Most platforms within this network remain unsanctioned—but they have already been named and placed under active surveillance. ABCeX was identified as the largest such platform, having processed at least $11 billion in crypto transactions; Rapira maintained over $72 million in direct transaction volume with sanctioned exchange Grinex; Bitpapa evaded monitoring by frequently rotating wallet addresses. Elliptic’s conclusion: the pre-existing infrastructure for circumventing Russian sanctions has not disappeared—it has fragmented across more platforms. This implies the scope of labeling will only broaden, not narrow. The scale indicated by these figures underscores the systemic nature of the issue—not isolated blacklist addresses, but vast swaths of ecosystem-wide capital flows. Although some platforms remain unsanctioned, they are already under regulatory surveillance, and the labeling perimeter continues expanding—demonstrating strengthening capabilities in tracing on-chain fund pathways.
There’s a widely recognized concept in traditional finance: SWIFT sanctions. Being cut off from SWIFT severs your dollar-based cross-border payment channel—whether purchasing oil or grain, you face severe operational hurdles. On-chain payments are undergoing a similar process—only faster and broader in reach. The key difference lies in the mechanism: SWIFT sanctions operate via “disconnection”—once expelled, subsequent payments simply cannot traverse that route. On-chain sanctions operate via “tagging”: your historical transaction records persist immutably on-chain, enabling retrospective audits at any time—and any address ever associated with yours can be flagged.
Elliptic’s research emphasizes that compliance screening must detect not only direct exposure but also indirect exposure to sanctioned entities across numerous transaction hops. The EU’s 20th round of sanctions officially entered into force on May 24, 2026, explicitly including restrictions on crypto services linked to the A7 network. This signals that anti-money laundering (AML) and sanctions compliance in on-chain environments is no longer “the exchange’s problem”—it is everyone’s responsibility. Whether your wallet address is “clean” has become a real, consequential question. It also reveals that on-chain payments are no longer purely transactional acts—they constitute systemic risks tightly interwoven with compliance, sanctions enforcement, and risk management.
From the above cases, we see a fundamental transformation in the regulatory logic of on-chain payments:
1. From single-platform blacklists to network-wide risk mapping;
2. From post-hoc freezing to real-time monitoring and dynamic risk scoring;
3. From internal exchange processes to cross-chain, cross-platform integrated risk control.
In the coming years, exchanges, wallets, bridge protocols—and even DeFi applications—will embed on-chain risk monitoring natively. Compliance and risk control are no longer optional features; they are becoming core competitive advantages.
Historically, blockchain payments emphasized freedom and anonymity. Today, as exchanges integrate risk-control tools and regulators intensify demands for on-chain fund transparency, on-chain payments are entering a new era defined by deep risk control and compliance coexistence. The HTX incident is merely the tip of the iceberg—revealing how on-chain payments are gradually forming new financial boundaries: not just whether a transaction is illegal, but whether its funding pathway complies with evolving regulations. In the future, crypto assets will no longer be mere “emerging-market” instruments—they will form an integral part of global financial power dynamics. Ordinary users and institutions alike must recognize that security and compliance in on-chain payments are no longer burdens carried solely by exchanges—they are a shared reality confronting every participant.
This article is for informational purposes only and does not constitute any investment advice. Markets involve risk; invest with caution.
[Conflux]
On-Chain Payments Entering the “Risk Control Era”: A Paradigm Shift for Crypto Markets
The recent HTX-related incident, characterized as a “large-scale false positive” by exchange officials, reveals more than just a technical glitch—it signals the dawn of a new regulatory era for on-chain payments. As blockchain analytics firms increasingly transplant traditional financial sanctions screening onto the blockchain, we’re witnessing a fundamental transformation in how risk is managed across the entire crypto ecosystem. This shift represents not merely a compliance adjustment, but a structural evolution that will redefine market dynamics, token valuations, and participation rules for years to come.
The Technical Evolution: From Blacklists to Network-Wide Risk Mapping
The most significant aspect of this transition is the move from simplistic blacklisting to sophisticated network-wide risk mapping. Traditional compliance systems focused on direct interactions with sanctioned entities. The new regime, exemplified by the UK’s Regulation 17A, extends liability to indirect exposure across multiple transaction hops. This means that even if you’ve never directly interacted with a sanctioned exchange, your address can be flagged if funds originated from an address that previously deposited into such an exchange.
Blockchain analytics firms have developed increasingly sophisticated tools to implement this new paradigm. Elliptic’s ability to track stablecoin flows across multiple blockchains, their deep learning system trained on 200 million Bitcoin transactions, and their identification of the Russian-linked “shadow network” demonstrate the technical sophistication of this new compliance infrastructure. What’s particularly notable is that these systems don’t merely check against known blacklists—they actively discover new risk patterns, creating a proactive rather than reactive compliance environment.
Market Impact: Reshaping the Competitive Landscape
This transformation is fundamentally reshaping the competitive landscape across multiple segments of the crypto market:
For Exchanges and Custodians: The cost of compliance is increasing dramatically. Institutions are no longer relying on internal risk assessment but are dependent on third-party providers like Chainalysis, TRM Labs, and Elliptic. This creates a powerful moat for these compliance infrastructure providers while raising the barrier to entry for new exchanges. We’re likely to see a bifurcation between well-funded, compliant institutions and smaller players who may struggle to maintain compliance standards or face de facto exclusion from the institutional ecosystem.
For DeFi and Cross-Chain Protocols: The article’s mention of how compliance will be “embedded natively” in protocols signals a significant shift for DeFi. Privacy-focused protocols, mixers, and cross-chain bridges that facilitate fund obfuscation will face increasing scrutiny. We’ve already seen this with Tron-based USDT being targeted due to its prevalence in illicit flows. In the coming cycle, DeFi protocols that don’t implement robust compliance measures will likely face regulatory headwinds or be excluded from integrations with major financial institutions.
For Institutional Adoption: Paradoxically, this increased scrutiny may accelerate institutional adoption rather than hinder it. Traditional financial institutions have been hesitant to enter crypto due to perceived compliance gaps. The maturation of on-chain risk control infrastructure provides the monitoring capabilities that institutions require. The adoption of Elliptic’s stablecoin tracking tool by several major banks indicates that compliance infrastructure is becoming a prerequisite rather than an obstacle for institutional entry.
Token Price Implications: Winners and Losers
This shift will create clear winners and losers across different token categories:
Privacy Coins (Monero, Zcash, etc.): These assets face existential risk as compliance systems become more sophisticated. While privacy features were once a value proposition, they now increasingly represent a compliance liability. We expect regulatory pressure to intensify, potentially leading to exchange delistings or restricted functionality. This doesn’t necessarily mean privacy coins will disappear, but they will likely become niche assets with limited accessibility.
Stablecoins on Privacy-Focused Chains (Tron USDT): As evidenced by Elliptic’s data showing USDT on Tron appears in sanctioned flows at a rate exceeding its market share, these assets will face increased scrutiny. Tether, Tron, and compliance firms have already demonstrated willingness to freeze illicit assets, but this creates tension with the core value proposition of stablecoins as censorship-resistant stores of value. We may see a flight to compliance-focused stablecoin issuers and blockchain networks with transparent transaction histories.
Sanctioned Entity Tokens: Tokens from explicitly sanctioned entities face straightforward delisting and market restrictions. However, the more nuanced challenge comes from tokens associated with networks or protocols that, while not explicitly sanctioned, are identified as part of “shadow networks” like the Russian-linked ecosystem identified by Elliptic. These platforms may face increasing de facto isolation without formal regulatory action.
High-Compliance Infrastructure Tokens: Tokens from blockchain analytics firms (if they issue them) and compliance-focused protocols will likely see increased demand. Additionally, blockchain networks that prioritize transparency and implement robust compliance natively may outperform privacy-focused alternatives. This creates a new competitive dimension beyond pure technology or decentralization metrics.
Risks for Market Participants
False Positives and Market Dislocations: The HTX incident demonstrates how false positives can cause sudden liquidity freezes and market dislocations. As compliance systems become more sophisticated but imperfect, we expect these incidents to continue, potentially creating volatility around certain tokens or exchanges. The “once tainted, always tainted” nature of blockchain transactions means that even erroneous flags can have long-lasting consequences.
Centralization of Compliance Infrastructure: The concentration of compliance monitoring in a few firms (Chainalysis, Elliptic, TRM Labs) creates systemic risk. If these firms make widespread errors or face security breaches, the impact could cascade across the entire ecosystem. Additionally, this centralization contradicts the decentralization ethos of blockchain, creating a tension between regulatory requirements and core principles.
Regulatory Arbitrage Challenges: While regulatory arbitrage has been a feature of crypto markets, the new risk control regime makes this increasingly difficult. As compliance systems become more interconnected and sophisticated, the ability to route transactions through less regulated jurisdictions or protocols diminishes. This reduces one of crypto’s historical advantages and may accelerate convergence with traditional financial systems.
Privacy vs. Compliance Tensions: The tension between privacy and compliance will intensify. While some privacy features can be preserved through zero-knowledge proofs and other technologies, the era of complete anonymity for on-chain transactions appears to be ending. This creates challenges for privacy applications and may require technological innovation to reconcile these competing values.
Opportunities in the Compliance Era
Despite the challenges, this transition creates significant opportunities:
Compliance Technology Providers: Blockchain analytics firms and compliance infrastructure providers will experience exponential growth. The article notes that these services are becoming “foundational compliance infrastructure for any institution with crypto-asset exposure,” positioning them as essential components of the financial system.
Transparent Blockchain Solutions: Blockchain networks that prioritize transparency and implement robust compliance measures will gain competitive advantages. This creates opportunities for projects that can balance compliance with decentralization, offering institutional-grade solutions without sacrificing core blockchain principles.
Institutional-Grade DeFi Protocols: DeFi protocols that incorporate compliance features while maintaining the benefits of decentralization will capture significant market share. This includes protocols for tokenized assets, cross-chain bridges, and decentralized exchanges that implement know-your-customer (KYC) and anti-money laundering (AML) measures.
Risk Assessment and Monitoring Services: As on-chain risk becomes more complex, specialized services for risk assessment and monitoring will emerge. This includes solutions for transaction path analysis, source-of-funds verification, and compliance reporting that go beyond basic blacklisting.
Strategic Considerations for Investors
For experienced investors, this transition necessitates a reevaluation of due diligence processes:
-
Compliance Infrastructure Assessment: When evaluating projects, assess their compliance posture and integration with major monitoring systems. Projects that ignore compliance requirements face increasing regulatory and market risks.
-
Network Effects of Monitoring: Recognize that the network effects of compliance monitoring create powerful incumbents. The concentration of monitoring capabilities in a few firms creates both risks and opportunities that should be factored into investment theses.
-
Regulatory Risk Diversification: Diversify exposure across jurisdictions and regulatory environments. While regulatory convergence is occurring, differences in implementation and enforcement create opportunities for arbitrage and resilience.
-
Technological Innovation in Compliance: Identify projects that are innovating in compliance technology, particularly those that can balance privacy with regulatory requirements. These projects may capture significant value as compliance becomes a competitive differentiator.
Conclusion: The New Normal for On-Chain Finance
The HTX incident is not an anomaly but a harbinger of the new normal for on-chain finance. As blockchain analytics firms implement increasingly sophisticated monitoring capabilities and regulators expand the scope of sanctions to include indirect exposure, the era of purely transactional crypto markets is ending. Instead, we’re entering an era where on-chain payments are deeply intertwined with compliance, sanctions enforcement, and risk management.
For investors, this represents both challenges and opportunities. The projects that thrive will be those that recognize this fundamental shift and build compliance into their core architecture rather than treating it as an afterthought. The tension between privacy and transparency, decentralization and regulation, will define the next phase of crypto market evolution. Those who understand and navigate this tension will be positioned to capture the significant value being created in this new compliance-driven paradigm.
The future of crypto is not about choosing between freedom and compliance—it’s about finding the optimal balance that enables mainstream adoption while preserving the core value propositions that make blockchain technology revolutionary. The “risk control era” is not the end of crypto’s potential; it’s the beginning of its integration into the global financial system as a mature, responsible asset class.