KYC- & AML-Richtlinie
Wie und wann wir Identitäten prüfen und Finanzkriminalität verhindern.
Zuletzt aktualisiert: July 1, 2026
1. Purpose
This policy describes how Cryptoback verifies the identity of its users (Know Your Customer, "KYC") and prevents money laundering, terrorist financing, and other financial crime (Anti-Money-Laundering, "AML"). This document is a placeholder pending legal review and may change before public launch.
2. When verification is required
Verification is triggered primarily by withdrawals: payouts above platform thresholds require a completed identity check before funds are released. We may also require verification at any time based on risk signals, unusual activity, regulatory obligations, or at our discretion. Small withdrawals below the thresholds generally do not require verification.
3. Our verification partner
Identity verification is performed through Sumsub, a specialist verification provider. The verification flow — document capture, liveness check, and screening — runs inside the Service via Sumsub's SDK, and the result (approved, resubmission requested, or rejected) is reported back to your account.
4. What we ask for
A standard check requires a government-issued identity document (passport, national ID card, or driving licence) and a liveness selfie. Depending on risk, we may additionally request proof of address, proof of source of funds, or clarification of specific transactions.
5. Screening
As part of verification, users are screened against applicable sanctions lists, politically-exposed-person (PEP) registers, and adverse-media sources. Positive matches are reviewed manually and may lead to refusal of service where required by law.
6. Ongoing monitoring
AML compliance does not end at onboarding. We monitor account activity — including deposit and loss patterns reported by our data provider, withdrawal behaviour, and referral activity — for indicators of abuse, and may re-verify users or freeze withdrawals pending review.
7. Withdrawal controls
Withdrawals above defined thresholds require completed KYC and may require two-factor authentication. Low-risk withdrawals may be approved automatically; others queue for manual review by our compliance team. We may delay or refuse payouts where verification is incomplete or where legal obligations require it.
8. Data handling
Verification data is collected and stored by Sumsub on our behalf and is retained for the periods required by applicable AML regulations. Access is restricted to authorised compliance staff. See our Privacy Policy for full details of how personal data is protected.
9. Refusal and account closure
We may refuse verification, decline transactions, or close accounts where identity cannot be established, where documents appear forged or manipulated, where sanctions or legal restrictions apply, or where continuing the relationship would breach our regulatory obligations. Where lawful, legitimate balances remain payable after successful verification.
10. Age verification and contact
The Service is available only to persons aged 18 or over; verification includes an age check, and accounts of underage users are closed immediately. Questions about this policy: support@cryptoback.club.