CCAS ACAMS Certified Cryptoasset Anti-Financial Crime Specialist Examination Free Practice Exam Questions (2025 Updated)

Private blockchains are controlled by a single organization with full access restrictions. This model is often used for internal record-keeping but lacks the decentralized trust of public chains.

FATF standards specify that Virtual Asset Service Providers (VASPs) must keep records related to transactions and customer due diligence for at least 5 years after the completion of the transaction or end of the business relationship. This retention period facilitates effective AML investigations and regulatory reviews.

DFSA AML Module aligns with this timeframe, reinforcing that comprehensive record retention supports audit trails and compliance verification.

Ethereum uses an account-based ledger model where balances are maintained per account, similar to bank accounts, and transactions update balances directly. This differs from Bitcoin, Litecoin, and Monero, which use the UTXO (Unspent Transaction Output) model.

Understanding ledger models is important for AML transaction monitoring and blockchain analytics, as account-based systems enable different tracking and risk assessment approaches.

Ring signatures, used in Monero, blend a sender’s transaction with others to obscure sender identity, increasing AML risk.

Small-value repeated payments to known extremist donation wallets are a terrorism financing indicator noted in FATF typology reports.

Attribution data involves linking blockchain addresses to real-world entities, which is derived from a combination of public sources (blockchain explorers, public databases) and non-public sources (law enforcement databases, commercial analytics, exchange records).

Relying solely on blockchain data (C) or darknet sources (D) is insufficient. Business records (A) are part of non-public sources.

DFSA and FATF AML guidance underscore the multi-source approach for effective forensic attribution.

Smart contracts execute predetermined conditions automatically on blockchain, enabling decentralized applications and services.

Money laundering risk increases if the business operates in or near high-risk jurisdictions (D) or regions associated with narcotics production (C), as these are common sources of illicit funds.

An increase in volume and users (A) or supporting various cryptoassets (B) alone does not necessarily increase ML risk. Recent licensing (E) may indicate regulatory compliance, potentially lowering risk.

The Travel Rule, part of FATF Recommendation 16, requires VASPs to share sender and recipient information for virtual asset transfers above USD/EUR 1,000. The aim is to enable tracing and detection of illicit funds.

In the context of AML/CFT frameworks for cryptoassets, the investigation of transaction histories involves blockchain analysis tools to trace the flow of funds to and from crypto addresses. Specifically, it is essential to assess whether the addresses involved have had prior exposure to illicit activities such as known darknet marketplaces, ransomware payments, or sanctioned entities. This form of "address screening" helps identify potentially tainted cryptoassets.

The DFSA AML Module and associated guidance emphasize that transaction monitoring for cryptoassets requires analyzing the provenance of funds, not just ownership. While identifying the owner is part of customer due diligence (CDD), the transactional exposure itself reveals laundering risks embedded in the chain of transfers.

Extract from DFSA AML Module and COB Module on Crypto Business Rules:

"Transaction monitoring systems must include blockchain analysis to detect suspicious activity related to crypto tokens, including tracing transactions against known illicit sources."

"Enhanced due diligence (EDD) is required when a cryptoasset transaction involves addresses or wallets with a history of illicit activity."

"Risk-based approaches must integrate forensic review of transaction histories to assess financial crime risks in crypto asset transfers"【AML/VER25/05-24: Sections 6.3, 7.3, 13.3; COB/VER45/05-24: Sections 6.13, 15】.

Therefore, assessing the receiving exposure of cryptoasset addresses to illicit activity (Option C) is the most direct and effective method to detect laundering.

Misconfigured or poorly designed smart contracts can enable rug pull scams, where developers create fraudulent decentralized finance (DeFi) projects or tokens and then withdraw liquidity or funds abruptly, leaving investors with worthless assets.

Phishing (A) and SIM attacks (B) relate to social engineering and telecom fraud, respectively, and ransomware (D) is malware demanding payment. Rug pulls specifically exploit smart contract vulnerabilities.

The DFSA and AML thematic reviews on crypto highlight rug pull scams as a key operational and financial crime risk linked to smart contract vulnerabilities.

Privacy tokens are specifically designed to obfuscate transaction details such as sender, recipient, and amounts, making them inherently high risk for money laundering and terrorist financing. Their anonymity-enhanced features pose significant challenges to AML efforts.

Stablecoins (B), platform tokens (C), and security tokens (D) have varying risk profiles but generally provide more transparency or are subject to regulatory frameworks, reducing inherent AML risk compared to privacy tokens.

FATF and DFSA AML frameworks highlight privacy tokens as a priority for enhanced due diligence and risk mitigation due to their abuse potential.

The ultimate responsibility for risk oversight lies with the Board of Directors. Senior management and the board have the fiduciary and governance duty to ensure that an effective risk management framework, including AML/CFT controls and cryptoasset-specific risks, is in place and functioning properly.

The DFSA GEN Module and AML Module explicitly allocate the highest accountability for compliance and risk oversight to the Board of Directors, while first and second lines support implementation and oversight respectively. The Chief Risk Officer (CRO) supports risk management but the board maintains ultimate accountability.

Key extracts:

GEN Module, Chapter 5: “Responsibility for compliance lies with every member of senior management, with ultimate oversight by the Board.”

AML Module Section 1.2 & 4.1: “Senior management and Board must ensure appropriate systems and controls for AML/CFT risk management.”

FATF Recommendation 2 underscores that senior management and boards are accountable for effective AML governance【GEN/VER64/05-24: Chapter 5; AML/VER25/05-24: Sections 1.2, 4.1】.

Thus,Dis the correct answer.

The FATF Travel Rule requires Virtual Asset Service Providers to share originator and beneficiary information for virtual asset transfers exceeding a certain threshold. Its purpose is to mitigate ML/TF risks by increasing transparency and enabling authorities to trace the movement of funds across institutions and jurisdictions.

It does not aim to slow transactions (B) or directly enhance CDD (A), although it supports the overall AML framework including CDD.

This rule is a cornerstone of FATF’s efforts to regulate virtual asset transfers effectively and is adopted by DFSA and other regulators.

Effective risk mitigation requires VASPs to obtain sufficient information about counterpart VASPs to assess the quality of their regulatory supervision and controls. This helps determine the risk of transactions and build a risk-based framework for correspondent relationships.

Having no requirements (A) or engaging with poorly regulated jurisdictions (B) increases risk. Blanket high-risk classification (C) without proper assessment is inefficient.

FATF Recommendation 15 and DFSA guidance emphasize due diligence on counterparties as a critical control.

Suspicious Activity Reports (SARs) are a critical tool for law enforcement agencies. They are primarily used to develop intelligence on potential new criminal targets and to confirm or expand information about existing investigations. SARs do not serve as direct evidence of money laundering in court but provide leads and context that enable law enforcement to build cases.

The DFSA’s thematic reviews and AML guidance clarify that SARs assist in identifying emerging crime patterns and help intelligence units track suspicious transactions over time. They also allow law enforcement to corroborate data from other sources.

SARs help:

Develop intelligence on new targets (C) by revealing previously unknown suspicious behavior.

Confirm or develop information on existing targets (D) by adding transactional data and context.

Identifying regulatory failings (A) is primarily a supervisory function, and SARs themselves are not evidence for prosecution (B) but intelligence inputs.

Therefore, optionsCandDare correct.

In risk-based AML/CFT programs — including those applied to Virtual Asset Service Providers (VASPs) — risk assessment determines the remaining exposure after applying mitigating measures.

Inherent Risk:The natural level of risk before applying any controls, based on factors like customer profile, transaction patterns, and jurisdiction.

Control Effectiveness:The degree to which implemented controls (e.g., CDD, EDD, sanctions screening, blockchain analytics) reduce risk.

Residual Risk:The risk that remains after controls are applied and is the level an organization must either accept, reduce further, or avoid.

The standard formula is:

Inherent Risk – Control Effectiveness = Residual Risk

This equation is emphasized in FATF’s risk-based approach guidance and reinforced in DIFC (DFSA) and ADGM (FSRA) AML rules to ensure ongoing monitoring and governance oversight of remaining risks.

Sharing of the same IP address by multiple customers during onboarding can indicate potential fraud, identity manipulation, or collusion, and should be flagged for further investigation. This can be a sign of synthetic identities or multiple accounts controlled by the same person.

Receipt of law enforcement requests (A) usually occurs post-onboarding, while the location (B) or use of foreign IDs (C) is not inherently suspicious.

The main red flag is the customer’s failure to cooperate with requests to provide information on the origin of funds, which undermines transparency and raises suspicion regarding the legitimacy of the funds.

While an unconnected IP address (D) is suspicious, non-cooperation (C) is a stronger indicator of potential money laundering.