Know Your Customer (KYC) & Identity Verification Policy¶
| Code | AML-003 |
| Domain | AML / Financial Crime |
| Owner | Chief Compliance Officer |
| Status | Draft |
| Applicability | Platform |
| Jurisdiction | NZ + AU |
| Business domain | BD01 |
| Review date | 2027-03-25 |
Regulations: AML/CFT Act 2009 · AML/CTF Act 2006¶
Purpose¶
Govern customer due diligence, enhanced due diligence, and ongoing monitoring obligations for all customers of the platform.
Scope¶
All customer relationships in NZ and AU, including individuals, sole traders, companies, trusts, and other legal entities.
Policy statements¶
The platform SHALL perform standard CDD on all customers before establishing a business relationship. CDD SHALL include: verification of identity, verification of address, and identification of the beneficial owner for non-individual customers.
Identity verification SHALL be performed using the eIDV pipeline (MOD-009). No customer account SHALL be activated without a PASS outcome from eIDV unless an approved manual override is recorded with dual authorisation.
The platform SHALL apply Enhanced Due Diligence (EDD) to: customers identified as high-risk on the platform's risk scoring model, customers who are Politically Exposed Persons (PEPs) or associates of PEPs, customers in high-risk jurisdictions as defined by the FATF list, and correspondent banking relationships.
EDD SHALL include: source of funds verification, source of wealth verification (for PEPs), and senior management approval before onboarding.
Ongoing monitoring of customer relationships SHALL be performed. The CDD profile SHALL be reviewed at least every three years for standard-risk customers and annually for high-risk customers.
Where a customer's risk rating changes to high during the relationship, EDD SHALL be completed within 30 days of reclassification.
Customers who cannot be identified to the required standard SHALL NOT be onboarded. Existing customers who fail re-verification SHALL have their account restricted pending remediation.
Satisfying modules¶
| Module | Name | Mode | Description |
|---|---|---|---|
| MOD-009 | eIDV & document verification | GATE |
Account cannot be activated without verified KYC — no bypass path exists |
| MOD-011 | KYC periodic review scheduler | ALERT |
Identity re-verification triggered automatically when documents expire |
Part of AML / Financial Crime · Governance overview
Compiled 2026-05-22 from source/entities/policies/AML-003.yaml