Multixchan AML/KYC service policy

Multixchange service (hereinafter referred to as the "Service") adheres to strict principles of financial integrity and transparency in digital asset transactions. As part of its operations, the Service implements a comprehensive system of measures to combat money laundering (Anti-Money Laundering, AML) and counter the financing of terrorism (CTF).

This Policy has been developed taking into account the recommendations of the Financial Action Task Force (FATF) and the regulations of the countries in which Multixchange operates. The primary goal of this document is to minimize the risks of using the platform for illegal purposes, ensure compliance with international and local regulatory requirements, and build trust among users, partners, and regulatory authorities.

The Service"s resources allow us to identify and investigate suspicious exchange transactions. For security reasons and to maintain the Service"s effective anti-illegal activity, we do not disclose the details or mechanisms of our operations. The Service reserves the right, at any time and with respect to any User, to request identification and/or the provision of any information/documentation that may be of interest to the Service and useful in confirming the origin of funds and establishing the User"s identity. We inform you that Multixchange may, using its own resources or through third-party organizations and services, conduct the KYC procedure and/or ensure compliance with the AML policy.

1. Service Obligations in the Sphere of AML/CTF

Multixchange undertakes the following obligations:

• implementation and ongoing compliance with Know Your Customer (KYC) and Know Your Transaction (KYT) procedures;
• conducting a comprehensive risk assessment associated with both clients and individual transactions;
• continuous monitoring of all transactions for signs of suspicious or abnormal activity;
• immediate blocking of funds and suspension of transactions in the event of detection of potential violations of AML/CTF requirements;
• transfer of information to competent government agencies in cases expressly provided for by current legislation;
• storing personal data, as well as a complete transaction history, for at least five years after termination of the relationship with the client;
• regular training of employees in AML/CTF basics and updating of internal instructions;
• Ensuring the legitimate origin of all crypto-assets transferred to users, regardless of the direction of exchange or the protocol used.

All outgoing transactions through the Service undergo preliminary screening and comply with international AML standards, including FATF and the US Office of Foreign Assets Control (OFAC) requirements. Payments are processed exclusively through:

• one-time cryptocurrency addresses generated for each transaction;
• addresses classified as low or medium risk according to reputable AML analytics platforms and blockchain explorers;
• Wallets of licensed cryptofinancial organizations that have passed due diligence.

2. Customer identification procedures (KYC)

To ensure regulatory compliance, all Multixchange users are required to undergo verification upon reaching established transaction volume thresholds.

The KYC process is implemented using technologies from leading identity providers with whom legally binding agreements have been concluded. Based on the data obtained, a decision is made on whether to grant the user access to the platform"s advanced functionality.

KYC verification structure

Multixchange strictly adheres to the laws of its country of registration. Therefore, all users are provided with a two-step verification system.

Verification and Limitation Matrix

Parameter	Level 1 (Basic)	Level 2 (Advanced)
Purpose	Standard operations, low risk	High limits, AML controls, complex cases
Identity verification	✓ Document + address + email	✓ In-depth validation
Source of Funds	—	✓ Mandatory upon request
Activation trigger	Registration / standard access	Risk assessment/thresholds/AML status

 

Key points:

• Verification is carried out through integrated solutions from third-party KYC providers.
• The list of documents for Level 2 is generated dynamically: the platform requests only the information necessary to assess a specific situation.
• Withdrawal limits directly correlate with the level of identification passed.

 

Required documents

As part of the KYC procedure, the following materials are requested from the client:

1) Identity document 

The following types of documents are accepted, provided they are valid, reliable, and contain key details (full name, date of birth, photograph, series, and number):

- national passport;

- foreign passport;

- driver"s license.

Important: documents are accepted only if they contain data in Latin transliteration.

 

2) Document confirming residential address 

Documents issued no earlier than three months prior to the filing date, containing the full address of registration or actual residence, are considered acceptable:

- official bank statement or certified lease agreement;

- utility bills (electricity, water, gas, etc.);

- tax return;

- other official documents indicating the address.

Latin transliteration is also required.

 

3) Selfie with an identifying element 

The client must provide a photo of themselves holding a piece of paper with the words "Multixchange" and the current date written on it.

 

Rules of Analysis of Capital Legitimacy (SoF)

When the extended security profile is activated, a process to confirm the legitimacy of assets is initiated. As part of this process, the user may be required to disclose the economic nature of their funds. A sample of the documents accepted includes:

• Remuneration and commercial profit: employment agreements, tax reporting, business income statements.
• Bank transaction history: statements recording account replenishment.
• Property and securities management: dividend reports, asset disposal transactions.
• Transfers of a gratuitous nature: certificates of inheritance, gift agreements.

The final list of requested documents is formed on the basis of a risk assessment algorithm for each specific profile.

The Service conducts multi-level verification of the authenticity of provided materials, including cross-checking with external databases and using methods that comply with legal requirements. If there is any doubt about the authenticity of a client"s identity, the Service reserves the right to refuse services.

Re-verification can be initiated at any time, especially if a user"s behavior shows signs of abnormal or potentially risky activity. This applies even if the client has previously successfully completed KYC.

 

Jurisdictional restrictions :

The Multixchange platform is not available to residents of countries and territories included in the sanctions lists of the FATF, OFAC, EU, UN, as well as the following states: Afghanistan, Iran, North Korea, Syria, Yemen, Libya, Somalia, Cuba, Crimea, Transnistria, Venezuela, Myanmar (Burma).

Processing times :

• standard document verification: from 1 to 24 hours;
• Extended Date Discovery (EDD): 24 to 72 hours.

 

3. Transaction monitoring (KYT)

Multixchange uses a combination of automated solutions and manual analysis to monitor all incoming and outgoing transactions. These tools utilize technologies from recognized AML providers (including, but not limited to, solutions like AMLBot and similar solutions).

Transaction analysis includes assessment according to the following criteria:

• the presence of a connection between the sender"s or recipient"s address and sanctions lists, as well as with clusters associated with illegal activities (darknet, fraud, hacker attacks, stolen funds, etc.);
• using anonymizing services such as mixers, tumblers, or protocols like Tornado Cash;
• identifying suspicious patterns of behavior:
• multiple small translations (smurfing);
• a sharp deviation in the volume of transactions from the client’s historical profile;
• transactions initiated from high-risk jurisdictions.

 

Each transaction is assigned a risk score: Low , Medium , or High . Approximate rating scale (depending on the specific provider"s model):

- Low Risk : risk level ≤ 62%;

- Medium Risk : risk level 63% - 72%;

- High Risk : risk level > 73%.

It"s important to note that these estimates are expert-based and reflect the opinion of a third-party analytical provider. They do not always accurately reflect the actual origin of assets and require further interpretation.

All transactions categorized as High Risk may be automatically blocked and, in most cases, referred to the responsible AML officer for review.

Users are advised to conduct preliminary AML checks of crypto addresses using external tools, such as the service https://www.bestchange.com/report/

 

4. Client categorization and due diligence levels

Depending on the overall risk, clients are classified into three categories:

• Low risk. Standard check (Customer Due Diligence, CDD) is applied;
• Medium risk. Enhanced monitoring and periodic re-verification (at least once every two years);
• High risk. Mandatory application of enhanced due diligence (EDD) procedures, including:
• request and confirmation of the source of funds (SoF);
• detailed analysis of transaction history;
• annual update of KYC data.

 

The following are automatically included in the high risk category:

• politically exposed persons (PEP), including their family members and immediate circle;
• residents of countries included in the FATF High-Risk Jurisdictions list;
• clients with an annual turnover exceeding the equivalent of USD 100,000.

5. Processing suspicious transactions

If signs of money laundering, terrorist financing, or other illegal activity are detected, Multixchange:

• immediately suspends the execution of the transaction;
• blocks the account until the internal investigation is completed;
• generates an internal report on a suspicious transaction (Suspicious Activity Report / Suspicious Transaction Report, SAR/STR);
• if there are sufficient grounds, it sends information to authorized bodies (including Rosfinmonitoring, FinCEN, FIUs of EU countries, etc.).

A client"s refusal to provide the requested data or failure to undergo verification is considered a valid reason for termination of service.

 

Refund fee in AML cases :

If your funds have been temporarily frozen pending verification of their lawful origin, we commit to returning them to you within 30 days. The sole exception to this is a situation in which we have received an official request from government authorities to seize the assets. It is important to note that even if you fail to complete the additional identity verification process, your funds will still be returned, provided there is no official government demand for their confiscation.

An administrative fee may be charged to cover the costs of conducting this verification. This fee amounts to a maximum of 5% of the total sum, up to a cap of $100. In cases where suspicions of money laundering are not substantiated, deductions are limited exclusively to technical network fees (gas fees).

 

6. Working with third parties

Multixchange adheres to a zero-tolerance policy for partners with insufficient AML controls. Specifically:

• does not cooperate with platforms registered in jurisdictions that do not comply with international AML/CFT standards;
• Conducts a comprehensive check of all counterparties—exchanges, payment providers, API partners, and other third parties;
• requires partners to have valid licenses and confirmed compliance with FATF standards.

 

7. Personnel training and internal control

Responsibility for the implementation, monitoring, and updating of this Policy rests with the designated AML officer. Contact information: support@multixchange.net .

All employees undergo mandatory AML/CTF training at least once a year. The program covers current cases, legislative changes, and practical response scenarios.

Internal audits are conducted quarterly. When necessary, independent consulting firms are engaged to objectively assess the effectiveness of the financial crime prevention system.

 

8. Data storage and protection

Personal and transactional data of users:

• encrypted using modern cryptographic protocols that comply with industry best practices;
• stored on secure servers located exclusively in jurisdictions that comply with the GDPR and MiCA requirements;
• accessible only to authorized personnel with the required level of clearance;
• are retained for at least five years after the end of the relationship with the client, unless otherwise provided by law.

The privacy policy applies to all user interaction points—the website, mobile app, and API.

 

9. Final Provisions

This document is an integral part of the Multixchange User Agreement. The administration reserves the right to unilaterally amend the Policy. All updates will be published on the official website with mandatory notification to users.

Use of Multixchange services constitutes full and unconditional acceptance of the terms of this AML/CTF policy.

 

10. Law enforcement requests

Anti-money laundering and counter-terrorism financing organizations may submit inquiries to us regarding fraudulent transactions. Please contact us at support@multixchange.net . We only process official inquiries on official letterhead with all relevant seals and signatures. We must also receive contact information for feedback and be able to verify the authenticity of the request. Response times for inquiries from different jurisdictions may vary significantly due to a variety of factors, including, but not limited to, time zones, distance, availability of high-speed communication channels, and so on.