TL;DR - KYC verifies who you are; KYT monitors what your money does - exchanges legally need both, but to check whether a wallet is risky, KYT-style screening is the one that matters.
Anyone using or building on crypto runs into both terms fast: an exchange asks you to complete KYC before you can withdraw, and a compliance vendor sells KYT to that same exchange to watch the money afterward. The words rhyme, they both fight financial crime, and they get mixed up constantly. They are not the same control. One confirms who is behind an account; the other watches what the money attached to that account actually does. Choosing between them, or working out which one is failing you, starts with seeing that they answer different questions.
What does KYC actually verify?
KYC stands for Know Your Customer. It is the identity layer. When you open an account at a regulated exchange, custodian, or any registered VASP (virtual asset service provider), KYC is the step where you hand over a government ID, a selfie, sometimes a proof of address, and let the platform run your name against sanctions and politically-exposed-person lists. The goal is narrow: tie a real, verified human to this account so the business knows who it is dealing with.
KYC is mostly a point-of-onboarding event. You do it once when you sign up, and the platform may refresh it periodically or when something changes, but it is not watching your money minute to minute. It answers a single question: are you really who you say you are? What KYC cannot see is what happens next. A verified identity says nothing about whether the crypto flowing into that account is clean. A real person with a valid passport can still receive funds that passed through a sanctioned exchange or a mixer last week. That blind spot is exactly what the second control exists to cover.
What does KYT actually monitor?
KYT stands for Know Your Transaction. It is the on-chain behavior layer. Instead of asking who you are, KYT asks where your crypto came from, where it is going, and what risky infrastructure it has touched. A KYT system pulls an address's transaction history, checks it against sanctions lists, known mixer contracts, darknet markets, and clusters tied to hacks and scams, and returns a risk picture for that wallet. Unlike KYC, this is continuous by nature: every new transaction can change the answer, so KYT keeps looking.
You can do a crude version of this by hand. Open a block explorer like Etherscan, follow the incoming transfers, and try to recognize the counterparties. The problem is that a raw explorer shows you addresses, not risk - it will not tell you that three hops back the funds sat in a sanctioned entity's wallet, and it will not span the seven chains most people actually use. Rather than checking one source at a time, screen the address with Plastron to see sanctions, mixer, and stolen-funds exposure across Ethereum and six chains in a single pass. If you want the longer version of how this check works, our guide to what a KYT check is walks through it end to end. KYT is what regulators have in mind when they expect ongoing transaction monitoring rather than a one-time identity snapshot, and it is the crypto-native form of the transaction monitoring banks have run for decades.
KYC ties a verified identity to an account at signup; KYT keeps screening the on-chain origin of the funds that account touches.
Head-to-head
Side by side, the two controls split cleanly along who, what, and when.
Criterion
KYC
KYT
Full name
Know Your Customer
Know Your Transaction
Question it answers
Who is behind this account?
Where did this crypto come from and where is it going?
What it checks
Government ID, selfie, address, name against sanctions and PEP lists
On-chain history against sanctions lists, mixers, hacks, and scam clusters
When it runs
Once at onboarding, refreshed periodically
Continuously, re-evaluated on every transaction
Data it uses
Identity documents and personal data you submit
Public blockchain data, no personal data required
Who runs it
Exchanges, custodians, registered VASPs
Exchanges, businesses, and individuals screening a wallet
Typical output
Verified or rejected identity
A wallet risk score and the specific flagged path
Main legal driver
Customer due-diligence rules under AML/CFT law
Ongoing monitoring and sanctions obligations
When does KYC matter most, and when does KYT?
Neither control is universally more important; each one catches a class of problem the other is blind to. KYC matters most when the risk is identity itself. If someone is onboarding with a stolen or synthetic identity, opening mule accounts, or evading a ban, the wallet they use might screen perfectly clean on day one - there is no on-chain history to flag yet. Only identity verification catches that person at the door. This is why a business hiring contractors or onboarding customers cannot skip KYC and hope wallet screening covers the gap.
KYT matters most when the identity is genuine but the money is not. A fully verified, real customer can still be paid in crypto that traces back to a ransomware wallet, a hacked protocol, or a sanctioned exchange like Garantex. KYC waves that person through because their passport is real; only KYT sees that the funds carry exposure. For anyone accepting a payment or a deposit - a freelancer, an OTC desk, a merchant - this is the more relevant check, because you usually cannot demand a stranger's ID, but you can always screen the address they are paying from.
KYC is a single identity checkpoint at onboarding; KYT re-evaluates risk on every transaction for the life of the account.
Verdict
For a regulated exchange the answer is not one or the other: KYC and KYT are two halves of one program, and dropping either leaves a gap auditors and banking partners will notice. KYC without KYT verifies a real person and then ignores where their money goes; KYT without KYC flags dirty funds but cannot name the human behind the wallet. Most individuals reading this, though, are not running a compliance department. If your goal is simply to know whether a wallet is safe before you accept funds or move them to an exchange, the identity layer is not yours to run - the transaction layer is. A self-serve wallet screen gives you the KYT-style answer without any of the onboarding machinery. And if you want to see how a one-off screen sits alongside the continuous surveillance exchanges run, our breakdown of address screening versus transaction monitoring covers the next layer down.
FAQ
Is KYT the same as transaction monitoring?
Nearly. KYT (Know Your Transaction) is the crypto-native, on-chain form of transaction monitoring. Traditional transaction monitoring watches bank transfers; KYT watches blockchain activity, screening wallet addresses and tracing the origin of funds across chains.
Does KYC check my wallet for risk?
No. KYC verifies your identity - your ID, your name against sanctions lists, sometimes your address. It says nothing about whether the crypto in your wallet is clean. Wallet and transaction risk is the job of KYT.
Do I need to complete KYC to screen a wallet?
No. A KYT-style address screen reads only public blockchain data, so anyone can run one on any wallet without submitting identity documents. That is why an individual can screen a counterparty they will never be able to put through KYC.
Can a KYC-verified account still be flagged?
Yes. Passing KYC proves who you are, not that your funds are clean. If you receive crypto with exposure to a mixer, a hack, or a sanctioned entity, KYT can still flag the account and trigger a review or a hold.
Disclaimer: This article is for educational and informational purposes only and is not legal, financial, tax, or compliance advice. Crypto carries risk; you act on this information at your own risk. Always do your own research and consult a qualified professional before making decisions. Views are the author's own and do not constitute financial, legal, or investment advice.
About Plastron
Plastron is a free, non-custodial wallet screening tool. It checks Ethereum and six EVM chains for AML and KYT risk — sanctions exposure, mixer contact, and stolen-funds proximity — and returns a risk report in seconds. It reads public on-chain data only: it never takes custody of funds and never asks for private keys.