AML and KYC Policy

Purpose

Coinwaka applies anti-money-laundering (AML) and know-your-customer (KYC) controls to deter, detect, and report the use of our products for financial crime, including money laundering, terrorist financing, sanctions evasion, fraud, and human-trafficking proceeds.

This policy summarises the controls that apply to users, merchants, and institutional accounts. It does not grant exemptions or commit us to any specific outcome — risk decisions remain with our compliance team and applicable authorities.

Identity verification (KYC)

We collect and verify identifying information before unlocking sensitive features. Verification depth scales with risk and product (deposits, withdrawals, fiat rails, P2P, agent/merchant activity, business onboarding).

• Government-issued photo ID, selfie/liveness check, and address attestation where required.
• Higher-risk activity (large withdrawals, business onboarding, agent applications) may require additional documents such as proof of address, source-of-funds, or beneficial-ownership disclosures.
• We may re-verify or step up verification at any time if risk signals change, regulations require it, or your usage pattern changes.

Sanctions and PEP screening

We screen users, counterparties, and transactions against international sanctions lists (UN, OFAC, EU, UK, and other applicable jurisdictions) and politically-exposed-person (PEP) reference data. Matches trigger review, restriction, or refusal of service.

Coinwaka does not knowingly serve, and may block or freeze accounts linked to, sanctioned individuals, entities, vessels, or jurisdictions.

Transaction monitoring

Crypto and fiat transactions are monitored for patterns indicative of layering, structuring, mule activity, account takeover, payment fraud, or sanctions evasion.

• Risk scoring on deposits, withdrawals, P2P trades, and payment-method changes.
• Velocity, geography, device, and counterparty-graph signals feed escalation rules.
• On-chain analytics on inbound/outbound crypto addresses (mixer, darknet-market, scam-cluster, sanction-tagged sources).

Source of funds and source of wealth

For higher-value or higher-risk activity, we may ask for documentation showing the origin of the funds being moved (payslips, contracts, business records, on-chain attribution, prior exchange statements). Refusal or inability to provide reasonable evidence may result in the activity being declined, held, or reversed where possible.

Suspicious activity reporting

Where required by applicable law, Coinwaka files suspicious-activity reports (SARs) with the relevant financial intelligence unit. Users are not notified that a report has been filed; tipping-off is prohibited by law in many jurisdictions.

Filing a report does not by itself imply that a user has done anything wrong — it reflects our regulatory obligation to escalate certain patterns for review.

Restrictions, holds, and account closure

We may decline transactions, place holds, restrict features, request additional information, or close accounts where we identify AML/sanctions/fraud risk, where a user provides false information, where a court or competent authority directs us to, or where the activity violates our Terms of Service.

Crypto already on-chain at the time of a hold cannot always be retrieved or returned. See the Risk Disclosure for details.

Record retention

Identification documents, verification evidence, transaction history, and risk-decision records are retained for the period required by applicable law (commonly five to seven years after account closure or last transaction, whichever is later). See the Privacy Policy for full retention details and your rights.

Updates to this policy

We update this policy as regulations evolve, product surfaces change, or risk learnings require. The current version is published here; we may notify users of material changes via account email or in-product notices.