As bad actors devise increasingly complex fraud schemes, cryptocurrency exchange Kraken’s approach – and the approach of the industry at large to monitoring suspicious activity – has had to evolve.

Kraken’s approach “used to be more standard, like a bank,” said David Zacks, deputy chief compliance officer and head of product compliance, in an interview with Dive Newsdesk on Oct. 27 at the Money20/20 conference in Las Vegas. “With transaction monitoring, you have these standard rules, and when someone meets certain thresholds or activity, you trigger a rule. But we’ve gone a lot further beyond that.”

Monitoring for risk is more “behavioral” now, he said, noting how a customer “continues to evolve on a daily basis.”

“Once you really know your customer at an in-depth level, when they deviate from the activity that you'd expect, you can investigate them in a completely different way,” Zacks said.

Compliance and security are critical to maintaining trust with regulators, clients and partners, Zacks said. To foster that, the exchange releases a “transparency report” each year to let clients know how their data are being used and when Kraken is fielding – and thwarting – “intrusive requests” about clients.

Kraken’s compliance arm is “fully embracing” agentic and generative artificial intelligence right now, Zacks said. In one such example, the firm has an internal tool that monitors regulatory announcements globally, which it then processes and summarizes for applicable regional teams.

Money20/20 is owned by Informa, Banking Dive’s parent company.