AML / KYC Policy

VaultEX maintains a risk-based anti-money-laundering (AML), counter-terrorism-financing (CTF) and sanctions programme aligned with FATF recommendations and the regulatory expectations of every jurisdiction we operate in. Compliance isn't a checkbox — it is a condition of keeping the platform open.

Every account completes identity verification before trading, depositing or withdrawing. Verification includes:

• Government-issued photo ID.
• Liveness and face-match check.
• Proof of residence dated within the last 3 months.
• Source-of-funds / source-of-wealth for tier upgrades.
• Phone number verification.

Enhanced Due Diligence (EDD) is applied to high-risk customers, politically exposed persons (PEPs), and clients in higher-risk jurisdictions.

Every transaction is screened in real time. Automated systems flag anomalies including (but not limited to):

• Structuring or smurfing patterns.
• Round-trip or circular funding.
• Deposits from mixers, tumblers, darknet markets, sanctioned addresses or known fraud wallets.
• Behavioural anomalies vs the customer's historical baseline.
• Account takeover indicators (device / geo / velocity).

Flagged activity is reviewed by our analyst team and, where warranted, reported to the competent Financial Intelligence Unit (FIU).

Customers and counter-parties are screened against UN, OFAC, EU, UK HMT, and other applicable sanctions lists on registration and continuously thereafter. We do not onboard users from, and we block transactions touching, sanctioned jurisdictions, entities, or individuals.

VaultEX works with tier-1 blockchain-analytics vendors (Chainalysis, TRM Labs, Elliptic). Incoming deposits are risk-scored; high-risk flows are held, investigated, and may be rejected or returned to sender. Outgoing withdrawals are screened pre-broadcast.

To protect the platform and its users, VaultEX reserves the right, in its sole discretion and without prior notice, to:

• Request additional information, documents or live verification at any time.
• Restrict trading, deposits or withdrawals on any account under review.
• Freeze funds pending the outcome of an investigation — indefinitely where required by law or regulator instruction.
• Return funds to their original source address.
• Close accounts that fail verification, breach our Terms of Service, or that we reasonably believe are engaged in fraudulent, abusive or illegal activity.
• File Suspicious Activity Reports (SARs) or Suspicious Transaction Reports (STRs) with the competent FIU without notifying the user (“tipping off” is prohibited by law).
• Recover (claw back) funds acquired through fraud, theft, or in error, and re-credit them to rightful owners where identified.

KYC documents and transaction records are retained for the period required by applicable law (typically 5 – 10 years from the date of account closure or last transaction, whichever is later). Retention periods may be extended on regulator instruction or where litigation is pending.

VaultEX operates a three-lines-of-defence model with a dedicated Money Laundering Reporting Officer (MLRO), periodic independent testing of controls, and annual AML training mandatory for every employee.

Compliance questions, source-of-funds queries and formal information requests go to compliance@vaultex.ee. Law-enforcement agencies should use the Law Enforcement channel.