A crypto screening tells you a wallet or transaction’s risk at the time you run it. But crypto risk can change, and when it does, the cleared result sitting in your system can quietly stop being true.
Continuous Monitoring automatically detects the events that can change a screening’s outcome, runs a full rescreen against your own risk rules and notifies you according to your preferences. It is available now across Elliptic’s solutions.
A cleared address can take on new risk
Consider a wallet you screened at onboarding. It came back at 0.5 out of 10: no meaningful exposure and cleared to transact. A few months later, the funds hop forward to a darknet marketplace. Nothing about your original screening was wrong, but that wallet is now a 10.
Stay aware of new crypto risk as it happens
Unless someone rechecks it manually, the only number your team can see is the 0.5 you recorded at onboarding. You will keep treating what is now a high-risk wallet as a clean one until the next time you happen to screen it by hand.
This is a gap that crypto compliance teams need to be aware of: Crypto risk can change after screenings and sit unflagged in your system. Closing that gap manually is unscalable, because it would mean rescreening everything, over and over, just to surface the few that may have moved.
Why existing solutions fall short
Most monitoring was built for a slower world, where risk moved by the day and a periodic look was enough to keep up. Crypto risk does not wait, and the solutions built for that slower pace tend to fail in one of two ways.
The first is missing the change. Many solutions watch only for a label to change on a connected address, and alert you when one does. But risk can arrive without any label changing at all, through a new transaction or a fresh connection to an illicit actor. When it does, label-based monitoring stays silent and fresh risk goes unnoticed.
The second is the opposite problem. Solutions that do alert tend to alert on everything, every label change, material or not, with no way to tune what counts as a real change for your business. Crypto compliance teams using these solutions report being overwhelmed by notifications that have little to do with genuine changes in risk.
What Continuous Monitoring does
The best solution is to rescreen the right things at the right time, notifying you according to your risk preferences. That is what Continuous Monitoring does. It works in three steps:
- Detect. Continuous Monitoring has the broadest event detection set in the industry. It watches your enrolled screenings for the specific events that can change an outcome: a new or changed label on a screened address or counterparty, or a change in the clusters the address belongs to. Each triggers a rescreen.
- Rescreen against your own risk rules. When an event is detected, Continuous Monitoring runs a full screening using your fully configurable risk rules. Because you can set and change those rules without raising a support ticket, Continuous Monitoring evolves as your organization does.
- Notifications only for what matters. Continuous Monitoring notifies you by webhook or Slack when a risk change crosses the criteria you have set, whether that is a score threshold, a change in risk score, a triggered risk rule, a specific screening source or a triggered risk rule. You are notified only according to your risk rules.

Continuous Monitoring lets you configure when you want to be notified
Alongside this event-driven detection, Continuous Monitoring also rescreens every enrolled wallet and transaction on a regular schedule, each one a full recalculation.
The two layers work together: Event detection catches change as it happens and the scheduled rescreen ensures nothing is missed over time. It is the most comprehensive risk monitoring available, so you can be confident that no change, however small, goes unnoticed.
Built for how each team works
- Crypto exchanges process high volumes of time-sensitive screening and need to react the moment a cleared entity becomes risky. Continuous Monitoring keeps risk current without manual review, and its configurable webhook routes only the changes you care about into your case workflow.
- Financial institutions have limited analyst time and are expected to maintain ongoing, auditable monitoring with conservative alerting. Continuous Monitoring covers the window between scheduled reviews while keeping the noise down.
- Payment service providers need to keep approvals fast without missing risk on pay-ins and pay-outs. Configurable risk thresholds support quicker approvals and hold or reject decisions, with auditable evidence behind them.
- Token and stablecoin issuers can monitor ecosystem addresses and counterparties for meaningful change without having to rescreen known entities by hand.
Always stay aware of your risk exposure
Continuous Monitoring keeps your crypto risk exposure accurate. Transactions and wallets are rechecked in full when something changes, scored against your risk rules and brought to you only when you want to see it.
Because every check draws on the industry’s most established attribution data, refined since 2013, what you get is a risk score you can trust, and evidence you can stand behind when a regulator asks how a decision was made.
This is what ongoing monitoring should look like. Current without being noisy. Automated without being generic. Built into the screenings you already run, with no new system to manage. Continuous Monitoring is available to Elliptic clients today. To switch it on, log in to Elliptic and head to settings, or talk to us to see it in action.






Be the first to comment