In 2024 global banks and crypto exchanges froze accounts totalling more than €15 billion due to AML filter triggers, according to a report by FATF and Chainalysis. Imagine: your corporate account is suddenly frozen, payments halted, counterparties in a panic: this is an AML account freeze, when a bank, crypto exchange or payment provider detects suspicious activity and activates an AML funds freeze on the directive of the compliance department or regulator. Why is this critical? Financial losses from a freeze accumulate daily, operational constraints paralyze the business, AML-related reputational risks undermine partner trust, and in the worst case fines for AML violations or license revocation threaten.
First steps after an account is blocked: checklist
The first steps immediately after receiving a notice of account blocking (a step-by-step checklist) help avoid wasting time and minimize damage to the business. In this section you will find what exactly to do in the first 24–72 hours to respond correctly to the block and start the account unblocking process.
What to do in the first 24–72 hours?
Notify management and the AML compliance officer, suspend suspicious activity: freeze accesses, change passwords, disable automated transfers. In one 2024 case such prompt action reduced downtime from 10 days to 48 hours for a client in the Czech Republic. Do not try to circumvent the block — this will trigger the AML filter more strongly and lead to SAR reports (Suspicious Activity Reports).
Gathering documents for the bank’s KYC
COREDO’s practice shows: focusing on CDD identification (Customer Due Diligence) and the transaction profile (volumes, patterns, IP addresses) speeds up the process. For crypto, add screenshots of wallets and chain of custody. This is the foundation for the KYC documents needed for unblocking, without which an AML account freeze will be prolonged.
Legal coordination within the company
Assemble an internal team: a lawyer, an AML compliance officer, the chief financial officer, an IT specialist and a PR manager. Develop a communications protocol, a single point of contact for the bank. The solution developed by COREDO for a client in Singapore included daily updates and a responsibility matrix, which minimized secondary AML risks and operational constraints. Prepare AML audit checklists for self-assessment.
Account blocking due to AML — causes and risk classification
Causes of account blocking due to AML are signals from banks and payment providers about potentially suspicious transactions that require prompt analysis to understand the reason and classify the risk. In this article we will examine typical causes of such blocks, relying on the provisions of Federal Law 115-FZ and real cases, and provide recommendations on how to minimize risks for your business.
Reasons for refusals by banks and payment providers
Causes of AML account blocking often lie in unusual activity: a sharp increase in turnover, payment splitting, connections with PEP clients (Politically Exposed Persons) or sanctioned lists (OFAC, EU sanctions). Banks from the EU react to inflows from high-risk jurisdictions, triggering a medium-risk AML block. Our experience at COREDO confirms: 40% of cases are due to transactions not matching business profiles.
Crypto account blocking and on-chain patterns
In crypto, an AML crypto-account block arises because of crypto-transaction reasons: AML mixers, DeFi bridges, anonymous liquidity pools, or “red” addresses (high-risk wallets). AML transaction monitoring records the chain through chain analysis, retroactively flagging transactions. COREDO case in 2025: a client in Dubai unlocked funds after forensics proved their legitimacy.
Client errors leading to blocking
A common pitfall is ignoring KYC/AML checks, unverified counterparties, or non-compliance with a risk-based approach. AML blocking due to a counterparty’s suspicious address affects even mature businesses. COREDO’s practice emphasizes: timely Enhanced Due Diligence (EDD) prevents 60% of incidents.
Documents for account unblocking
Unblocking an account requires careful preparation of documents, arguments and the correct submission format in order to promptly confirm the legality of transactions and lift restrictions under Federal Law 115-FZ. Depending on the bank and the reason for the block, confirmations of the source of income, transactions and counterparties will be key; these are submitted within the set deadlines via the online cabinet, email or the Central Bank commission. This will help avoid protracted procedures and resume financial activity as quickly as possible.
Document package: table (document, purpose)
Prepare a complete set for AML account unblocking. Here is a table based on FATF methodologies and COREDO’s experience:
| Document | Purpose | Example of evidence | Typical preparation time |
|---|---|---|---|
| Incorporation documents | Confirm legitimacy | Registry extract (ACRA for Singapore) | 1–2 days |
| Contracts/Invoices | Substantiate transactions | Contracts with clients | 1 day |
| Source of Funds/Wealth | Prove origin | Bank statements | 2–3 days |
| KYC of beneficiaries | CDD identification | Passports, utility bills | 24 hours |
| AML compliance officer report | Risk self-assessment | Internal audit | 3 days |
Additional evidence for medium and critical risk
AML compliance blocking requires KYT (Know Your Transaction); COREDO’s practice saved a client in Estonia from a full freeze.
Template for contacting the bank and arguments
This is effective against an AML blocking order and minimizes AML regulatory risk.
Legal options: from negotiations to court
Legal mechanisms and options, from negotiations to judicial appeal, allow effective protection of interests in disputes with banks, starting with pre-trial negotiations and escalation to court. These tools help minimize risks, retain control over the situation, and achieve mutually beneficial agreements without escalating the conflict. In practice they demonstrate high effectiveness at the early stages of interaction with credit institutions.
Pre-trial negotiations with the bank (compliance/dispute)
Start with the bank’s compliance department: request the SLA (response time 3–10 days), provide evidence. The COREDO team escalated a case in the United Kingdom, unblocking the account within a week. Use external consultants for dialogue.
Filing a complaint with the regulator or ombudsman – when effective
How to have a block lifted by court order
Tactical and strategic measures during a crisis
Tactical and strategic measures to minimize consequences in the areas of finance, operations and reputation allow a business to quickly reduce damage from risks and ensure resilience. Below are short-term financial measures such as backup channels, multi-banking and payment management as the first steps to stabilization.
Short-term financial measures: multi-banking and payments
Deploy backup accounts across 2–3 banks, diversify providers. Scaling the business after AML-related asset freezes requires limits on P2P transactions and corporate wallet screening.
Reputation management with clients
Create an FAQ for partners, use legal counsel correspondence. This mitigates AML reputational risks and losses from operational restrictions.
Post-mortem and remediation checklist
Conduct a post-mortem analysis of the blockage: root cause — AML filter triggering, update policies. COREDO checklist: audit triggers, training, updates to the AML risk-based approach.
Technical tools and providers (on/off-chain)
Technical tools and providers in crypto are not an abstraction but concrete solutions that affect a product’s security, regulatory compliance, and resilience in practice. To consciously choose when and what to connect (on-chain/off-chain), it is important to understand which tasks are more effectively addressed by on-chain analysis and smart contracts, and which should be delegated to off-chain services and specialized providers.
Recommendations for AML tools and providers
Integrate KYT providers for off-chain, chain analysis for on-chain (tracking the transaction chain). AML tools reduce crypto fraud and support investigations.
The role of the compliance officer and automation
Automate triggers, set up risk profiles. The AML compliance officer oversees manual review under the Travel Rule (FATF).
Regional specifics: EU vs Asia vs CIS/Africa
Regional specifics: EU vs Asia vs CIS/Africa require careful consideration of differences in regulations and cultural nuances to successfully enter foreign markets. What is important to consider: strict adaptation to local expectations, from regulatory norms in the EU to the specifics of mobile traffic in Asia and social factors in the CIS/Africa, to avoid common mistakes and improve market position.
EU: regulatory requirements and customer rights
Consequences of account freezing under AML for business in the EU: strict EU sanctions, but strong customer rights. Out-of-court resolution: standard practice.
Risk behavior of banking providers in Asia
Long-term consequences of AML fines for companies in Asia: MAS in Singapore acts quickly, but high-risk corridors lead to freezes. Monitor counterparties.
CIS and Africa – licensing and operational risks
Focus on AML reputational risks and local regulators. Avoid license revocation for AML violations by filing timely complaints.
How to prevent repeat blocking
Prevention is the only way to avoid turning every block into a ‘fire’ and to systematically reduce the likelihood of repeat blocking. To actually reduce the ROI of incidents and avoid spending resources on the same mistakes, it’s important to establish basic policies and processes in advance: below is a practical checklist for implementation.
Checklist of basic policies and processes
AML compliance strategies: regular transaction monitoring, EDD for high-risk AML clients, sanctions screening. Checklist: quarterly KYC refresh, blockchain analytics tools.
Technological investments in AML monitoring and ROI
Training and responsibility of the CCO/compliance officer
Scenario-based training, SLAs for SAR/STR. Criminal liability of compliance officers encourages a proactive approach.
FAQ for business owners
- How to unblock an account after the AML filter triggers? Gather a KYC package, submit to compliance with EDD, 70% success within 7–14 days.
- What KYC/AML documents do exchanges require when unblocking a high-risk crypto account? Source of funds, chain analysis, contracts – plus forensics for mixers.
- What should a business do when an account is blocked due to “dirty” funds from a counterparty in Asia? Post-mortem, EDD on the partner, backup channels.
- How to minimize regulatory risk after an AML account block when scaling in the EU? Implement Travel Rule compliance.
- How to conduct a post-mortem AML analysis of a block to reduce long-term risks? Root cause + checklists, update monitoring.
- How to avoid a repeat AML compliance account block? Automation + EDD.
- Long-term consequences of an AML account block for international business in the CIS? Reputational damage, but recoverable with an audit.
Checklist for the manager
| Step | Action | Deadline |
|---|---|---|
| 1 | Record the notification | 1 hour |
| 2 | Collect KYC documents | 24 hours |
| 3 | Submit a request | 48 hours |
| 4 | Escalate to the regulator | 7 days |
| 5 | Post-mortem | 14 days |
| 6 | Implement monitoring | 30 days |
| 7 | Team training | Quarterly |
| 8 | Diversify accounts | Immediately |
| 9 | EDD on counterparties | Ongoing |
| 10 | Risk audit | Annually |
Appendices: templates and examples
Bank letter template:
We, [Company], confirm the legitimacy of the transaction [details]. Attached: [list]. Please unblock. Contact: [CCO].
Evidence table:
| Evidence | Example | Timeframe |
|---|---|---|
| Chain analysis | Report on “red” addresses | 3 days |
| Forensics | KYT scan | 5 days |
List of AML tools: KYT providers, chain analysis services, SIEM monitoring.