Web3 AI Transaction Monitoring Agent: Why Every VASP Needs It Now

X Space #23 — Web3 AI Transaction Monitoring Agent: Why Every VASP Needs It Now. Watch the full recording on YouTube ↗ · Listen on X ↗

X Space #23 opens with a pointed observation: Web3 has 50,000 to 80,000 virtual asset service providers, each legally required to conduct transaction monitoring under MiCA and equivalent regulations. Almost none of them are doing it correctly — because the industry conflates AML with transaction monitoring, accepting Chainalysis-style forensic documentation as a substitute for the forward-looking AI-based prediction that regulators actually mandate. ChainAware co-founders Martin and Tarmo, drawing on their decade each at Credit Suisse and their background in building predictive AI systems, spend X Space #23 explaining exactly what transaction monitoring agents are, why crypto AML is not equivalent, and why the same transition that cleaned up Web2 credit card fraud now needs to happen in Web3 — using the same category of technology.

AI Agents Defined: From Prompts to Autonomous Workers

Martin opens X Space #23 by tracing the evolution from LLM prompts to AI agents — a transition that explains both what agents are and why they represent a qualitatively different category of tool from everything that preceded them.

Two years before X Space #23, the AI conversation was dominated by prompt engineering. Users typed queries into ChatGPT or similar systems, evaluated the output, refined their prompts, and repeated the cycle. The human was always in the loop: formulating each request, judging each response, deciding what to do with it. Prompt engineers became a valued profession — people who knew how to ask LLMs questions in ways that produced useful answers. This was genuinely valuable, but it had a fundamental limitation: it required continuous human attention and intervention.

The Agent Difference

AI agents eliminate the human from this loop. An agent does not wait for a query — it runs continuously, observing its environment, making decisions based on the data it processes, taking actions autonomously, and learning from the results of those actions. As Martin describes: “AI agent means it’s an agent which runs autonomously. It does decisions themselves. It’s learning, it’s learning from the data that it has. By time it starts to make better and better decisions. So it’s autonomous, it’s learning, it’s continuous.” The agent is not a tool wielded by a human — it is a worker performing a defined job function without supervision.

Tarmo provides the simplest possible analogy: “You give this person a task and this person works continuously. This is an agent.” Furthermore, the self-learning property means the agent improves over time without requiring updates or retraining from the human operator. Each cycle of observation-decision-action-learning makes the next cycle more accurate. The longer an agent runs, the better it performs. For more on how this self-learning trajectory plays out in practice, see our complete guide to how Web3 projects benefit from AI agents.

From Web2 Back Offices to Web3 Agent Outsourcing

To make the agent concept concrete, Tarmo draws on the most familiar example he and Martin share: Credit Suisse’s operational structure. As VPs at Credit Suisse for a decade each, both co-founders observed the bank’s back-office ratio firsthand. For every one front-office employee — the relationship manager who directly serves clients — Credit Suisse employed approximately eight back-office employees. These eight handled IT, compliance, legal, reporting, risk management, operations, and various other support functions that the front-office interaction required.

This 1:8 ratio existed because the bank’s business processes were not fully digitalized. Every front-office interaction triggered cascading manual steps in the back office. Various systems didn’t communicate directly, requiring human intermediation. Compliance checks required manual review. Reports required human compilation. The back office existed to bridge the gaps between partially automated systems.

Business Process Outsourcing and Its Successor

Web2 companies attacked this cost structure through Business Process Outsourcing (BPO) — moving back-office functions to lower-cost providers like Cognizant and similar firms in India and Eastern Europe. This reduced cost but did not eliminate the fundamental problem: the work still required human execution. As Martin notes: “It was huge. Why did Web2 companies do it? Very simple — they suppressed the cost. But BPO has now reached the level of effectiveness it cannot improve anymore. It cannot be improved.” BPO was optimising a fundamentally inefficient model rather than replacing it.

AI agents are the successor to BPO — not a cost reduction of the same work, but a categorical replacement of it. Where BPO moved human execution to cheaper humans, AI agents replace human execution with autonomous systems. The jobs that BPO relocated over the past twenty years are the same jobs that AI agents will automate over the next ten. Furthermore, in Web3 specifically, the combination of full digital business processes and AI agents means the 1:8 ratio can approach 1:0.1 — a few founders and product developers, with agents handling everything else. For the full analysis of how this transformation is playing out, see our guide to why AI agents will accelerate Web3.

Web3’s Hidden Automation Gap

Web3’s founding promise is 100% digitalization — and for the user-facing side of any Web3 protocol, this promise is largely delivered. A user can borrow, lend, trade, stake, and govern entirely through automated smart contracts with no human intermediary. However, Web3 companies themselves remain human-operated. Marketing requires human strategists, content creators, and campaign managers. Compliance requires human reviewers checking flagged transactions. Community management requires humans responding to Telegram messages. Finance requires humans managing treasury positions.

This gap — between the automated product and the human-operated company — is what Tarmo identifies as Web3’s hidden inefficiency: “Web3 is miles over Web2. But even in Web3 you have this task which can just run automatically. Marketing, transaction monitoring — it’s all done still by human actors. And if you give now this task over to agents who carry it out, who just run in the background and inform you as you have asked them to inform you, the leverage is enormous.” Consequently, applying AI agents to Web3 internal operations does not just incrementally improve efficiency — it transforms the economic structure of Web3 companies entirely, because they already have the digital foundation that makes full agent automation feasible. For more on what this means for founders, see our ChainAware AI agents roadmap.

AML vs Transaction Monitoring: The Distinction That Matters Most

The most technically important section of X Space #23 — and the one with the most direct practical implications for every Web3 compliance team — is the sharp distinction between AML monitoring and transaction monitoring. These two terms are used interchangeably across the industry, but they are fundamentally different disciplines with different methodologies, different objectives, and different levels of effectiveness against sophisticated fraud.

AML (Anti-Money Laundering) monitoring has a specific, legally defined mandate: prevent “bad money” — funds associated with criminal activity, sanctions violations, or terrorist financing — from entering or moving through legitimate financial systems. AML does this by maintaining databases of known bad addresses and tracking the flow of funds from those addresses through the blockchain. The methodology is backward-looking and rules-based: it checks whether a transaction’s origin or destination appears on known bad lists, following the flow of funds across a limited number of hops.

The Critical Limitation of AML

AML’s fundamental limitation is that its algorithm is public. As Martin states explicitly: “The standard AML algo — it’s even qualified in law how you have to do it in most OECD countries. It’s a public algo how it’s done. And the scammers know very well how the AML algo is working.” When your adversary knows exactly how your detection system works, they can trivially design around it. Sophisticated fraudsters fund clean wallets through legitimate exchanges, maintain clean transaction histories for as long as necessary, and operate in ways that never trigger the known AML patterns.

What Transaction Monitoring Actually Is

Transaction monitoring is categorically different. Rather than checking addresses against known-bad lists, it analyzes behavioral patterns in transaction history to predict whether an address will exhibit fraudulent behavior in the future. Transaction monitoring is always AI-based — because the behavioral patterns that predict fraud are too complex and too dynamic to encode as static rules. As Tarmo explains: “Transaction monitoring is AI-based, always AI-based, because it’s a pattern matching. It identifies the patterns based on your past behavior. It predicts your future based on your past behavior.” The regulator mandates transaction monitoring — not just AML — because regulators understand that AML’s known-algorithm approach is insufficient against adaptive adversaries.

Martin and Tarmo both spent a decade at Credit Suisse, where transaction monitoring was an operational requirement long before Web3 existed. They understand the distinction not as a technical debate but as a lived practice: “In the banks, for all financial service providers — transaction monitoring has been there since Web2. When we take Web2, in Web2 there is a lot of fraudulent activity. And how Web2 solved it was the same: build up these trust systems.” For the full technical breakdown, see our crypto AML vs transaction monitoring guide, our DApp AML and TM integration guide, and our analysis of forensic vs AI-based crypto analytics.

The Chainalysis Problem: Why Crypto AML Cannot Clean Web3

Martin delivers one of X Space #23’s most pointed critiques: Chainalysis and similar companies have raised enormous funding — Chainalysis alone received over $500 million in investment — and have used that marketing power to establish crypto AML as the de facto compliance standard across Web3. The problem is that they are selling AML logic as transaction monitoring. And those are two different disciplines.

The result is a compliance theater problem. Virtual asset service providers implement Chainalysis-style AML tools, check the regulatory compliance box (“yes, we do transaction monitoring”), and continue to be vulnerable to every sophisticated fraudster who understands — as all sophisticated fraudsters do — how the five-hop graph traversal algorithm works. As Martin explains: “These algorithms from Chainalysis — they have limitations that are published. When we talk about the ecosystem and getting the whole ecosystem clean, the same way that happened in Web2 with transaction monitoring algorithms, we can’t get there with crypto AML algorithms. To increase the overall trust in the system, we have to go over to the next step: continuous transaction monitoring, real-time transaction monitoring.”

The VC Funding Misdirection

Tarmo identifies a structural problem with how VC funding in the Web3 security space has been allocated. The vast majority went to crypto AML providers (backward-looking, rules-based) and smart contract monitoring platforms. Both categories receive significant investment. Neither addresses the primary regulatory requirement — wallet-level behavioral transaction monitoring for virtual asset service providers. As Tarmo notes: “The funds should be allocated into transaction monitoring, into wallet monitoring, so that the wallets are monitored, bad actors are excluded from the system.” The crossing-the-chasm moment for Web2 came from transaction monitoring systems for credit cards — not from contract auditing. Web3 needs the same investment priority applied to the same problem. For how ChainAware addresses this gap, see our complete KYT and AML guide for DeFi.

The Credit Card Fraud Parallel: How Web2 Built Trust

Martin returns to the historical parallel that appears throughout ChainAware’s X Space series: the early Web2 credit card fraud crisis. In the early 2000s, transmitting credit card data over the internet was genuinely dangerous. Fraud rates were high, chargebacks were common, and significant portions of the population refused to transact online because of the risk. E-commerce could not achieve mainstream adoption as long as users feared losing their payment information with every purchase.

The solution was not better encryption alone, nor better consumer education, nor more robust legal frameworks for dispute resolution. The solution was predictive transaction monitoring systems deployed by payment processors and banks. These AI-based systems analyzed purchasing patterns, detected anomalies that matched fraud signatures, and flagged suspicious transactions in real time — before the transaction completed, not after the damage occurred. As Martin recalls: “In Web2, you can revert your transactions. Something bad happens — you reverse the transaction. It’s an error, but it’s possible.” Even with this reversal mechanism available, Web2 still deployed predictive transaction monitoring rather than relying on post-hoc correction.

The Two Technologies That Crossed the Chasm

Martin identifies the two specific technologies that enabled Web2 to cross the chasm from 50 million technology enthusiasts to billions of mainstream users. The first was transaction monitoring for credit card fraud — which built the trust that made financial transactions over the internet feel safe for ordinary consumers. The second was Google’s AdTech — which built the targeting infrastructure that connected products to relevant users at sustainable acquisition costs. Both were AI-based. Both were essential. Neither alone was sufficient. Web3 needs both, and the X Space series addresses them in sequence: X Space #23 on transaction monitoring agents, and subsequent sessions on marketing agents. For the full two-lever framework, see our guide on how ChainAware is doing for Web3 what Google did for Web2.

The Irreversibility Factor: Why Web3 Needs Stronger TM Than Web2

Web3 faces a compliance challenge that is structurally more demanding than Web2’s — and this greater demand justifies even stronger transaction monitoring technology than what Web2 deployed. The reason is blockchain irreversibility.

In Web2’s payment systems, when a fraudulent transaction was detected after the fact, it could often be reversed. Credit card chargebacks, payment holds, and bank dispute processes provided a corrective mechanism that mitigated some fraud damage. This reversal capability provided a safety net that gave Web2 transaction monitoring some tolerance for false negatives — fraudulent transactions that slipped through could sometimes be corrected.

Web3 has no such safety net. Blockchain transactions are final. Once a fraudulent transaction executes, the only remedy is a hard fork of the blockchain — a massive, community-wide effort that has happened only once in Ethereum’s history (the DAO hack response in 2016) and is practically unavailable as a routine fraud response. As Martin explains: “In Web3 we have to make a hard fork of blockchain. Okay, it happened by Ethereum once, many years ago. But this effort is so high it’s not practical to revert transactions.”

Predictive Compliance Is Mandatory, Not Optional

The irreversibility of blockchain transactions makes predictive compliance — identifying fraud risk before a transaction executes — not a nice-to-have but a structural necessity. Web2 could use reactive compliance as a fallback. Web3 cannot. Every fraud event that transaction monitoring fails to prevent is permanently damaging. Furthermore, this means that the accuracy requirement for Web3 transaction monitoring is higher than for Web2: false negatives (missed fraud) have permanent consequences, while false positives (incorrectly flagged legitimate addresses) can be resolved through the platform’s appeal process. The asymmetry strongly favors predictive AI over rules-based AML. As Tarmo summarises: “Web3 has higher demand for transaction monitoring than Web2. And the algorithms today are 10x stronger than what it was at the beginning of the 2000s.” For more on how ChainAware’s predictive approach works, see our complete Fraud Detector guide and our Transaction Monitoring Agent guide.

Contract Monitoring vs Wallet Monitoring: Where the Money Should Go

Martin and Tarmo identify a significant misallocation of resources in Web3 security investment — the substantial venture capital funding that has gone to smart contract monitoring platforms rather than wallet-level transaction monitoring.

Smart contract monitoring is a real and valuable security function for a specific subset of the Web3 ecosystem: wallet applications and platforms that directly interact with a large number of third-party contracts on behalf of users. For these platforms — perhaps 150 to 250 globally — contract-level analysis of which contracts are safe to interact with is a legitimate security requirement. However, the market size is limited by the nature of the use case.

The Scale Mismatch

By contrast, wallet-level transaction monitoring — knowing which wallet addresses connecting to your platform exhibit behavioral patterns that predict fraudulent activity — is required by every virtual asset service provider. Every DeFi protocol, every gaming DApp, every NFT marketplace, every DEX — all 50,000 to 80,000 of them — falls under the regulatory obligation to monitor their users’ wallet behavior. As Tarmo explains: “The regulator is requesting 50,000 virtual asset service providers to do transaction monitoring. It doesn’t request you to monitor contracts. That’s maybe only 100 to 200 platforms. For the wallets — each VASP needs to do it.” Consequently, the addressable market for wallet-level transaction monitoring is orders of magnitude larger than for contract monitoring — yet significantly less VC capital has flowed toward it. Furthermore, every Web3 project that Martin and Tarmo know audits their own contracts — so contract monitoring is largely duplicative of what teams already do, while wallet monitoring addresses a gap that almost no team currently fills. For the regulatory framework, see our complete KYT and AML compliance guide.

How ChainAware’s Transaction Monitoring Agent Works

ChainAware’s transaction monitoring agent provides the practical implementation of everything discussed above. The architecture is deliberately simple from the operator’s perspective — complexity lives inside the AI models, not in the integration requirements.

The deployment process is straightforward: a Web3 platform provides ChainAware with the set of wallet addresses it wants to monitor — its user base, connected wallets, or specific counterparties. This can be done via API call, file upload, or automatic integration through the ChainAware pixel that tracks wallet connections to the platform. Once the monitoring set is defined, the agent operates autonomously: it watches every blockchain event involving those addresses, recalculates fraud probability scores whenever new transaction data appears, and sends notifications when an address’s risk profile changes materially.

Configurable Trust Thresholds

Platforms set their own trust threshold — the fraud probability score above which they want to receive alerts and take action. Martin describes the flexibility: “You set your own level, you set what trust level you want to achieve. Usually we’re saying 50% is good enough, but some people say they want 60% — very clean wallets — or even 70% or more. You define your trust level and everything popping up below that trust level, you get the notification and you decide what to do with these addresses.” This configurability allows platforms to calibrate between security stringency and user friction based on their specific user base and risk tolerance.

What Notifications Enable

Notifications arrive via Telegram by default, with webhook integration also available. When a previously clean wallet begins exhibiting pre-fraud behavioral patterns — interaction with Tornado Cash-connected addresses, behavioral signatures matching known attacker profiles, unusual transaction sequencing — the compliance team receives an alert in real time. The platform can then decide whether to shadow-ban the address, block it entirely, request additional verification, or flag it for human review. Additionally, the agent discovers new addresses continuously as new wallets connect to the platform — so the monitoring set expands automatically rather than requiring manual updates. For the full implementation guide, see our complete DApp TM integration guide.

The Ecosystem Trust Effect: What Happens When Every VASP Monitors

The individual benefit of transaction monitoring — protecting one platform from bad actors — is clear. The more compelling argument in X Space #23 is the ecosystem-level effect that emerges when adoption becomes widespread across Web3 platforms.

Currently, bad actors in Web3 can move between platforms freely. Even if Platform A flags a wallet as suspicious and restricts its access, that same wallet can immediately interact with Platforms B, C, and D without any friction. The ecosystem has no shared intelligence layer that propagates risk signals across the network. Every platform that fails to monitor independently is a vector through which bad actors re-enter the system.

When adoption increases — say, 50% of DApps implement transaction monitoring — the situation changes materially. Bad actors now face monitoring on half their potential interaction surfaces. At 80% adoption, the ecosystem becomes genuinely hostile to sophisticated fraud: the behavioral patterns that predict fraud trigger alerts across most platforms simultaneously. As Tarmo describes: “If 50% of DApps start to monitor the users with AI agents, it means we start to exclude the bad wallets. If 80% start to monitor, we exclude even more bad users. And the more AI agents for transaction monitoring they install, the higher this effect will be.”

This is precisely the dynamic that cleaned up credit card fraud in Web2. Individual banks implementing transaction monitoring provided individual protection. Universal implementation by all financial institutions created a systemic effect that made the fraud ecosystem uneconomical — the expected cost of committing fraud rose above the expected benefit. Web3 can achieve the same systemic trust effect through widespread VASP adoption of AI-based transaction monitoring. For the full ecosystem trust argument, see our guide to how ChainAware is doing for Web3 what Google did for Web2.

The Innovation Bandwidth Effect: Founders Freed for Real Work

Beyond compliance and security, transaction monitoring agents deliver a secondary benefit that Martin and Tarmo argue is equally important for Web3’s long-term health: they return founder bandwidth to innovation.

Currently, Web3 founders and their teams spend significant portions of their time on compliance activities — manually reviewing flagged transactions, managing AML documentation, responding to regulatory inquiries, configuring and updating rule-based systems. These are necessary activities that protect the platform, but they are not the activities that generate product value or ecosystem growth. They are operational overhead that crowds out innovation time.

The Supplementary Task Problem

Tarmo identifies the pattern across multiple operational categories: “Today you spend time tracking transactions, doing marketing, doing sales, doing your liquidity management — all these supplementary tasks so you don’t have time for innovation. And all the supplementary tasks you just outsource now, in Web3, over to agents.” When a transaction monitoring agent handles continuous wallet surveillance, notification generation, and initial risk assessment — all autonomously — the compliance function shifts from “ongoing human task” to “exception handling.” Humans intervene only when the agent surfaces a specific case that requires judgment. Everything else runs automatically.

The cumulative effect across all supplementary task categories — transaction monitoring, marketing, community management, treasury — is a dramatic reallocation of founder time toward the work that only founders can do: building innovative products, understanding user needs, and pushing the frontier of what decentralised finance can accomplish. As Martin concludes: “Founders, the innovators, they will have much more bandwidth to focus on the real innovation. Instead of negotiating with marketing companies, instead of doing this manual monitoring — enormous innovation wave, which we will face now in Web3 thanks to AI agents.” For the complete picture of this innovation bandwidth thesis, see our guides on why AI agents will accelerate Web3 and how any Web3 project benefits from AI agents.

Comparison Tables

AML Monitoring vs AI Transaction Monitoring

Property	Crypto AML (e.g. Chainalysis)	AI Transaction Monitoring (ChainAware)
Methodology	Rules-based, graph traversal (5-hop algorithm)	ML-based behavioral pattern prediction
Direction	Backward-looking — documents what happened	Forward-looking — predicts what will happen
Algorithm transparency	Publicly known — easily bypassed by adversaries	Proprietary — continuously evolving
Bypasses clean wallets?	No — clean-funded wallets pass freely	Yes — behavioral patterns detected regardless
Regulatory mandate	AML required — but insufficient for TM	Meets both AML and TM regulatory requirements
Accuracy	Limited by known pattern matching	98%+ predictive accuracy (backtested)
Self-learning	No — static rules	Yes — improves with every monitoring cycle
Web3 transactions irreversibility	Post-event documentation only	Pre-event prediction — essential for irreversible TXs
Suitable for VASPs	Partial — misses behavioral fraud	Full — addresses the regulatory intent
VC investment received	$500M+ (Chainalysis)	Early stage — massive gap to fill

Contract Monitoring vs Wallet Monitoring

Dimension	Contract Monitoring	Wallet/Address Monitoring (ChainAware TM Agent)
What it monitors	Smart contract code and behavior	Wallet address behavioral patterns
Regulatory mandate	Not explicitly mandated for most VASPs	Explicitly mandated for all VASPs under MiCA and FATF
Addressable market	~150-250 wallet platforms globally	50,000-80,000+ DApps and VASPs
Primary use case	Identifying bad third-party contracts	Identifying bad actors connecting to your platform
Who needs it most	Wallet providers, contract aggregators	Every DeFi protocol, DEX, GameFi, NFT platform
Complementary to auditing	Partially overlaps (teams audit their own)	Fills the gap audits don’t address
ChainAware product	Rug Pull Detector (contract-level)	Transaction Monitoring Agent (wallet-level)

Frequently Asked Questions

Is crypto AML the same as transaction monitoring?

No. AML (Anti-Money Laundering) and transaction monitoring are different disciplines with different methodologies and different regulatory roles. AML tracks the flow of “bad money” — funds from known criminal sources — using backward-looking, rules-based graph traversal algorithms. Transaction monitoring predicts future fraudulent behavior from behavioral patterns in transaction history — forward-looking, AI-based, continuously learning. Regulators mandate both, but many VASPs implement only AML tools and incorrectly consider the requirement fulfilled. For the complete technical breakdown, see our AML vs transaction monitoring guide.

Why can fraudsters bypass crypto AML systems?

Because the AML algorithm is publicly known. The five-hop traversal method used by most crypto AML systems — checking whether funds can be traced back to known bad addresses within five transaction steps — is codified in regulatory guidance and widely understood by sophisticated fraudsters. By funding new wallets through legitimate exchanges and maintaining clean transaction histories before engaging in fraud, adversaries routinely evade AML detection. AI-based transaction monitoring identifies behavioral patterns rather than fund flows, making it significantly harder to bypass through careful fund routing alone.

Why does blockchain irreversibility make transaction monitoring more critical than in Web2?

Web2 payment systems allow transaction reversal — credit card chargebacks, bank disputes, payment holds. When fraud occurs, the damage can often be corrected through these mechanisms, providing a safety net for post-event detection. Web3 has no such mechanism: blockchain transactions are final. The only remedy for a completed fraudulent Web3 transaction is a blockchain hard fork — a massive, impractical community effort. This irreversibility means Web3 must prevent fraud before it occurs rather than correcting it afterward, making predictive AI-based transaction monitoring a structural necessity rather than an optional enhancement.

How many VASPs need transaction monitoring?

Every virtual asset service provider — approximately 50,000 to 80,000 DApps globally, plus centralized exchanges and other crypto service providers — falls under the regulatory obligation to conduct transaction monitoring. Under MiCA in the EU and FATF’s guidance on virtual assets globally, continuous monitoring of user wallet behavior for suspicious patterns is a legal requirement. Most VASPs are currently non-compliant in this specific regard — implementing AML tools rather than true transaction monitoring.

What happened when Web2 deployed transaction monitoring for credit cards?

Web2’s credit card fraud crisis of the early 2000s was structurally similar to Web3’s current fraud problem. High fraud rates deterred mainstream adoption — consumers were afraid to transact online. When payment processors deployed AI-based transaction monitoring systems that detected fraud patterns in real time, fraud rates collapsed, user trust recovered, and online commerce achieved mainstream adoption. This crossing-the-chasm moment for Web2 was enabled specifically by transaction monitoring technology — not by AML alone, not by contract auditing, but by behavioral pattern prediction of user activity. Web3 needs the same transition now.

This article is based on X Space #23 hosted by ChainAware.ai co-founders Martin and Tarmo. Watch the full recording on YouTube ↗ · Listen on X ↗. For questions or integration support, visit chainaware.ai.