A new paper by the Bank of International Settlements (BIS) says that crypto independence could be the next weak point in anti-money laundering if regulators tighten rules around alternative payment methods without closing the loophole around user-controlled wallets. The main concern is straightforward: when one channel becomes difficult to use, the illegal flow does not stop. They are moving.
BIS Warns About Hosted Crypto Wallets
Using the EU as its main case study, the paper argues that self-hosted wallets are particularly vulnerable because they do not rely on a virtual intermediary to process clients, monitor transactions or file suspicious activity reports. That’s the design difference that writers keep coming back to.
“Self-hosted wallets are a type of wallet that is completely controlled by the user, without relying on an intermediary. The verification of self-hosted cryptoasset transactions takes place on a permissionless public blockchain, with no single intermediary responsible for updating accounts.” On that basis, the paper claims that private crypto payments, in the absence of additional measures, present one of the lowest possibilities of detection and enforcement.
The paper is moving forward. It says wallets themselves can, in fact, be more attractive to illicit use than cash. Cash still offers the lowest level of oversight by design, the authors argue, but the physical barriers are significant: it’s bigger, more difficult to move to scale and riskier to store or move. Independent crypto does not have that same friction, which means the portability and speed of cross-border digital assets can widen the compliance gap if intermediaries are out of the picture.
That framing contributes to what the paper calls the “waterbed effect.” “Differences in detection probabilities … can lead to arbitrage between payment instruments. This can be called the waterbed effect: if water is squeezed down in one area, it appears in another. Over time, this change weakens the overall effectiveness of AML/CFT frameworks and requires regulatory and supervisory intervention.” In the context of crypto, the point is not only that self-regulation is dangerous, but that unbalanced regulation can redirect bad actors to it.
The EU example is central to that argument. Managed crypto wallets are now firmly wrapped up in the bloc’s AML framework through the comprehensive cryptoasset service provider, or CASP, framework, updated monitoring obligations and the Mobility Act. The paper notes that wallets and services that allow anonymity are taken out of the regulated cycle.
Self-contained funds, in contrast, are treated more indirectly: transactions involving them are not subject to due diligence and transaction monitoring unless the CASP is on one side of the transfer. In those cases, CASPs should assess money laundering and terrorist financing risks and implement mitigation measures.
What makes the asymmetry remarkable, the authors say, is that cash has a strong backstop to keep the stock out. Their comparison table puts it clearly: cash in the EU is subject to a transaction limit of 10,000 euros, while the crypto assets themselves are subject to “sale or holding limits.” The paper’s conclusion is that this difference “may give malicious actors an incentive to move from cash to unhosted crypto-asset wallets.”
At the time of publication, the total crypto market stood at $2.37 trillion.
The featured image was created with DALL.E, a chart from TradingView.com
Planning process because bitcoinist focuses on delivering well-researched, accurate, and unbiased content. We maintain strict sourcing standards, and each page is diligently reviewed by our team of senior technical experts and experienced editors. This process ensures the integrity, relevance, and value of our content to our readers.
