Vendor fraud,
traced.

The foundation for financial integrity — detecting and tracing vendor kickbacks on-chain.

see how it works
12mo continuousmonitoring
Multi-chain full-stackcoverage

Why companies work with Klendus

Forensic depth
We trace specific wallet-to-wallet connections — vendor to employee — across hops, bridges, and chains, with verifiable proof at every step.
Cross-chain reach
We trace and attribute funds across ETH, TRON, BTC, and beyond. When perpetrators move money to hide connections, we follow every hop.
No system access
Our methodology runs entirely off wallet addresses and open on-chain data. Your internal systems stay untouched.
Evidence that holds up
Every finding is documented with transaction graphs, methodology summaries, and a verifiable chain of custody — ready for legal or HR action.

You can count on Klendus to

Klendus

Kickback Trace

One question.
One answer.
Fully documented.

Is your vendor paying kickbacks to your employee? We trace every hop between counterparty payout wallets and employee wallets — across BTC, ETH, TRON, and more — and deliver a structured finding within two weeks.

What a Kickback engagement covers

Kickback Trace
Vendor invoice with line items priced above market rate
Invoice values that consistently exceed market rate

Overcharges land in the P&L as a normal expense. We trace the return leg in crypto.

Procurement file approving a vendor with no documented selection rationale
Procurement approves a vendor no one can explain

Selection rationale is missing, weak, or driven by a single internal champion. We trace whether that championship was paid for.

Employee lifestyle indicators inconsistent with disclosed compensation
Employee lifestyle that doesn't match compensation

When the visible income doesn't add up, the invisible income tends to be on-chain.

Anonymous whistleblower tip with no supporting documentation
Whistleblower tip with no supporting documentation

We convert an anonymous claim into a wallet-level finding — or rule it out, on the record.

Klendus

Due Diligence

Is this employee financially connected to someone they shouldn't be?

A broader on-chain review that maps whether an employee has any undisclosed financial relationship with partners, vendors, competitors, or other third parties — across any chain, any token.

When clients commission Due Diligence

Due Diligence
Pre-promotion review of a senior finance or procurement role

Before signing-off authority widens, we confirm no on-chain ties to counterparties exist.

Pre-hire screening of a senior candidate

Before extending an offer, we verify whether a candidate has undisclosed on-chain financial ties to competitors, vendors, or other counterparties.

The Methodology

Passive by design.
Verified on delivery.

Klendus operates entirely on open blockchain data. We receive a wallet list, trace every path, and return a report. We never contact the vendor, the employee, or any third party unless you instruct us to.

Findings include a transaction graph updated monthly, all traced hops and bridge crossings documented, and a methodology summary that can be handed directly to legal counsel.

A negative result is still a deliverable — documented proof that the review was conducted and no link was found.

Ask how trace works
TRACE · 0001 · LIVE VENDOR 0xa4…c1 BRIDGE HOP / SWAP EMPLOYEE 0xf2…8e ETH TRON BTC + $184.2K VENDOR → EMPLOYEE · 3 HOPS · ETH / TRON / BTC

Frequently asked

Questions we hear before the first call.

What is a vendor kickback investigation?
A vendor kickback investigation traces whether a vendor, supplier or contractor made undisclosed payments to a company employee in exchange for preferential treatment — inflated invoices, favored contract awards or other benefits. We look for a confirmed on-chain connection between wallet addresses controlled by the two parties who should have no direct financial relationship.
What is on-chain forensic analysis, and how is it different from what a regular auditor or compliance tool does?
Regular auditors lack the specialized blockchain knowledge required to trace wallet-level connections. Standard compliance tools focus on source-of-funds analysis — they're not built to automatically surface relationships between counterparties. On-chain forensic analysis maps fund flows across wallets, chains and intermediaries to answer a specific question: are these two parties connected, and is that connection intentional?
What chains do you cover?
We cover all major blockchains — including Bitcoin, Ethereum, Tron, BSC and others supported by leading compliance infrastructure. The majority of kickback cases we see involve USDT on Tron. Cross-chain coverage matters because bad actors routinely use bridges and chain-hops specifically to break the transaction trail.
What does a client need to provide to start?
Wallet addresses are the most useful starting point, but not the only one. We can also work from company names, legal entities, employee or vendor identifiers, transaction hashes, bank references or internal context about what triggered the concern. The more you provide, the faster the initial scoping — but even a single wallet or vendor name is enough to begin.
How long does an engagement take?
A preliminary conclusion is typically delivered within two weeks of submission. For subscription engagements, the report is updated monthly as new transactions are added and activity is monitored on an ongoing basis.
What does the final report contain?
The report covers which wallets, transactions and counterparties were reviewed, the methodology used, and the findings — including any confirmed or suspected on-chain connections. All suspicious payments and fund flows are highlighted. If clear links are identified, a separate deep-dive can be conducted, including exchange requests and OSINT based on additional digital footprints.
What if no connection is found?
Clients still receive a full report. A "no connection found" result documents that a proper review was conducted and provides an evidence-based conclusion — useful for closing the matter internally or with legal counsel. Relevant wallets can also be placed on monitoring so the client is notified if suspicious activity appears later.
How far back can you trace transactions?
There is no hard technical limit on historical depth — transactions can typically be traced back to the earliest available on-chain activity. The practical limits are the quality of input data, the number of intermediary hops, and the use of mixers, bridges or privacy tools by the counterparties.
Is the investigation passive — do you contact the vendor or employee?
By default, entirely passive. We do not contact the vendor, employee or any third party during the investigation. All findings are based on blockchain tracing, transaction analysis, attribution data and materials provided by the client. Any outreach — for example to an exchange — is only handled separately and with explicit client approval.
How is pricing structured?
We offer two models: a flat annual fee, or a smaller flat fee combined with a percentage of identified fraudulent volume. Pricing is scoped individually based on the number of wallets, counterparties, chains and the depth of investigation required. Specific figures are shared on request after a short scoping conversation.
If you suspect it, we can prove it.
NDA on request 30-minute scoping call No system access required
Request engagement