Purpose and Scope

This KYC and AML policy governs the identity verification, source-of-funds checks, risk assessment and data handling for all users and transactions conducted on Kkfb’s platform. It defines verification requirements, escalation thresholds, document standards, and the data-retention and security measures applicable to Kkfb customers.

Governance and Compliance Oversight

  • The board holds ultimate responsibility for AML compliance and the approval of material policy amendments.
  • An Anti-Money-Laundering Compliance Officer (AMLCO) administers day-to-day controls and reports to senior management.
  • Material changes to this policy require prior written approval from both the board and the AMLCO.

Definitions

  • Money Laundering means the act of converting, transferring, concealing or disguising the proceeds of criminal activity to obscure their illicit origin or to enable evasion of legal consequences, including activities that occur outside the local jurisdiction.
  • Know Your Customer (KYC) is the process of identifying and verifying customers to establish and maintain a verified customer profile.
  • Source of Funds refers to the origin of funds used in transactions and must be demonstrable as from lawful activity.
  • Geographic Risk refers to risk associated with customer location, which may trigger enhanced verification according to risk bands determined by Kkfb.

KYC Verification Tiers

  • Level 0 – None

    Deposits up to USD 2,000 in total are permitted without documentation. Withdrawals are disabled until Level 1 verification is completed.

  • Level 1 – Basic Identity

    Required before the first withdrawal. Customers must provide: first name, last name, date of birth, residential address, country, and a valid email address. Data must align with payment-processor records; mismatches may result in blocked withdrawals and potential for loss of funds.

  • Level 2 – ID Verification

    Triggered when lifetime deposits or withdrawals exceed USD 2,000, or when a user tips another user more than USD 100. An on-screen verification wizard guides upload of: government-issued photo ID (front and back), a selfie holding the ID, and proof of address. Electronic data sources are consulted to corroborate information. If automated checks fail, manual review is conducted and withdrawals remain on hold pending outcome.

  • Level 3 – Source of Funds

    Triggered when cumulative deposits or withdrawals exceed USD 50,000, or when a user tips more than USD 3,000. Required evidence demonstrates the lawful origin of funds, including but not limited to payslips, audited accounts, inheritance documents, or investment statements. Customers will receive notification and have 28 days to provide documentation; non-compliance may result in account termination or suspension of activity.

Documentation Requirements and Submission Flow

  • Level 1 – Identity data

    Supply accurate personal details: first name, last name, date of birth, full residential address, country, and a valid email address. Data must match processor records.

  • Level 2 – Identity documents

    Upload in the verification portal or via secure submission if portal access is unavailable: government-issued photo ID (front and back) plus a selfie with the ID, and proof of address. Documents must be legible and held in Latin characters where applicable.

  • Submission method

    Documents may be submitted through the account verification page. As a last resort, documents may be submitted by email from the registered email address. Submissions via chat require the user to be signed in. Documents sent from an email address not associated with the account will be rejected.

Proof of Address

  • Address verification is normally performed via two independent electronic data sources. If either check fails, supply dated documents issued within the last three months: utility bill (electricity, water, or gas; not mobile phone), bank or credit-card statement, or government correspondence (tax, health service, or social security letter). Documents must be high-resolution with clear edges and legible text.

Source of Funds Verification

  • The operator may request evidence that funds originate from lawful activity at any time. Acceptable evidence includes: payslips, employment verification, bank statements, inheritance documents, investment statements, or other documentation clearly establishing the origin of wealth. Failure to provide satisfactory explanation may lead to suspension or termination of the business relationship.

Ongoing Monitoring and Risk Management

  • Geographic and transactional risk

    Countries are categorized into risk bands. Kkfb may initiate KYC procedures or enhanced checks based on geolocation data without prior notice.

  • Enterprise-wide risk assessment

    An annual assessment identifies inherent AML risks across products, customer types, and transaction patterns.

  • Transaction monitoring

    First line controls involve payment processors applying AML screening to deposits at source. Second line controls rely on internal KYC rules and monitoring. If fraud or money laundering is suspected, funds may be frozen and regulators may be notified.

Record-Keeping

Customer-identification records are retained for at least six years after the end of the relationship. Transaction records are retained for at least ten years after execution or account closure. All records are stored securely in encrypted archives, accessible only to authorised personnel for regulatory or investigative purposes.

Data Security and Privacy

  • Customer data is protected by robust technical and organisational measures. Data will not be sold or shared with third parties except with explicit consent or where required to fulfil AML obligations or lawful authority.
  • Kkfb treats personal data in compliance with applicable privacy laws. Data processing activities include account security, communications, and regulatory reporting. Data subject access requests, correction requests, and other privacy rights are handled in accordance with policy and law.

Contact, Questions and Complaints

Questions or objections regarding this policy should be addressed to support at Kkfb. Questions about data privacy or access requests should be directed to the designated data controller email. All communications are treated in accordance with applicable privacy and AML regulations.