Nearly half of all organizations entering the crypto industry in 2026 are already operating at compliance standards that would have been considered top-tier in 2020. According to a new report, the baseline for security alerts and monitoring has tightened significantly across the sector. However, a concerning gap remains in how companies monitor funds that pass through intermediary addresses compared to direct transactions from known illicit sources.
A new benchmark report reveals the crypto industry’s compliance standards have rapidly matured. About 47% of organizations onboarded this year use alerting standards that would have placed them in the top 10% for strictness in 2020.
Chainalysis stated the industry is raising its security in response to stricter regulations and growing threats. North Korean-affiliated hackers alone were responsible for an estimated $2 billion in crypto losses in 2025.
The data indicates that newer entrants are launching with more aggressive monitoring. “This is a sign of rapid ecosystem maturation. Standard compliance configurations today would have been considered industry-leading just five years ago,” the report stated.
Companies have become more uniform in direct monitoring of funds from known illicit sources. A significant gap persists with indirect monitoring, where funds pass through intermediary addresses.
On average, crypto exchanges set much higher alerting thresholds for indirect exposure than legacy financial institutions. Categories like ransomware or darknet markets often have indirect thresholds 10 to 20 times higher than their direct equivalents.
“The industry’s gap between direct and indirect monitoring creates an opening for illicit actors to exploit,” the Chainalysis team said. They added that closing this gap improves regulatory defensibility and helps firms differentiate as trustworthy counterparties.
