Overview

You can configure additional Anti-Money Laundering (AML) settings to protect your workspace and ensure uninterrupted operations. These settings apply to your workspace and are not dependent on the AML provider you choose to use.

Setting descriptions

Bypass screening during service outages

By default, this setting is enabled. This helps you avoid AML provider outages by bypassing screening and accepting transactions received during the outage. This also bypasses screening when Fireblocks does not receive a valid screening result before the corresponding transaction delay elapses. In both cases, you can view the bypass reason on the Transaction History page.

When screening is bypassed, outgoing transactions will be sent and incoming transactions will not be frozen. Fireblocks will continue to request risk information for up to 6 hours from the time the transaction was registered. If risk information is received, the screening status will be updated for the transaction. However, if no risk information is received within 6 hours, the screening will cease.

Disabling this setting deactivates the bypass, which means that all transactions screened during the outage and all transactions that do not receive a valid screening result before the transaction delay elapses will fail automatically. Outgoing transactions will not be sent, and funds from incoming transactions will be frozen.

Admins can unfreeze transactions frozen by the policy

By default, this setting is enabled. This allows Admin-level users to unfreeze funds associated with rejected incoming transactions. They can unfreeze the funds using the Console or the API.

Disabling this setting prevents all users from unfreezing funds. You must submit a request to Fireblocks Support to unfreeze funds.

Admins can initiate transactions that bypass policy rules

By default, this setting is enabled. This allows Admin-level users to bypass rejection on outgoing transactions and send them.

Disabling this setting prevents all users from bypassing rejection on outgoing transactions. You must submit a request to Fireblocks Support to bypass the rejection and send the transactions.

Bypass transactions made through the Fireblocks Network

By default, this setting is disabled. This means that all transactions–even those initiated via the Fireblocks Network–will be screened by your AML provider.

Enabling this setting bypasses AML screening for all transactions initiated via the Fireblocks Network.

Inbound transaction delay

By default, the Inbound Transaction Delay setting is set to 30 seconds. This means a screened incoming transaction stays locked in a pending state until your AML provider returns a screening result or until 30 seconds elapse.

• If you receive a screening result within the defined time period, you can freeze the transaction’s funds before they become spendable if necessary. Remember, funds that have been spent or internally transferred cannot be frozen.

• If you do not receive a screening result within the defined time period:

  • And the transaction bypasses screening, the transaction’s funds automatically release into the destination wallet address. You can then freeze the funds using the API. Remember, funds manually frozen via the API can only be unfrozen by using the API. Fireblocks will continue to request risk information for up to 6 hours from the time the transaction was registered. If risk information is received, the screening status will be updated for the transaction. However, if no risk information is received within 6 hours, the screening will cease.

  • And the transaction doesn’t bypass screening, AML screening ceases and the transaction’s funds are frozen.

Outbound transaction delay

By default, the Outbound Transaction Delay setting is set to 0 seconds. This means a screened outgoing transaction uses the immediate response from your AML provider before proceeding.

• If you receive a screening result within the defined time period, the transaction is accepted or rejected according to your AML Post-Screening Policy. You can cancel the transaction before it’s created if necessary.
• If you do not receive a screening result within the defined time period:
  • And the transaction bypasses screening, the transaction is sent. Fireblocks will continue to request risk information for up to 6 hours from the time the transaction was registered. If risk information is received, the screening status will be updated for the transaction. However, if no risk information is received within 6 hours, the screening will cease.
  • And the transaction doesn’t bypass screening, AML screening ceases and the transaction is not sent.

You can change this value to be greater or less than the default setting. The maximum outbound transaction delay allowed is 90 minutes (5400 seconds).

Default settings

When your workspace has Transaction Screening enabled, it automatically uses the default Advanced Configuration settings. They are:

• Bypass screening during service outages: On
• Admins can unfreeze transactions frozen by the policy: On
• Admins can initiate transactions that bypass policy rules: On
• Bypass transactions made through the Fireblocks Network: Off
• Inbound transaction delay: 30 seconds (10 minutes if using Chainalysis V2)
• Outbound transaction delay: 0 seconds

This means that your workspace will:

• Bypass transaction screening in the event of an AML provider service outage and when Fireblocks does not receive a valid screening result before the corresponding transaction delay elapses.
• Allow Admin-level users to unfreeze funds for rejected incoming transactions using the Console or Fireblocks API.
• Allow Admin-level users to bypass rejection for outgoing transactions using the Fireblocks Console.
• Screen transactions made through the Fireblocks Network.
• Automatically lock screened incoming transactions until your AML provider returns a result or 30 seconds elapse (10 minutes if using Chainalysis V2).
• Use the immediate screening response from your AML provider for your outgoing transactions.

Custom settings

You can use the Fireblocks Console to define custom Advanced Configuration settings to better suit your business’s needs and risk strategies. To change your Advanced Configuration settings, go to Settings > Compliance and select your AML provider. Then select Settings .