🪪

KYC

(Know Your Customer)

All platform users

Bank Secrecy Act, FinCEN

🏢

KYB

(Know Your Business)

Entity investors & issuers

BSA, SEC regulations

💵

AML

(Anti-Money Laundering)

All transactions

Bank Secrecy Act, USA PATRIOT Act

🎖️

Accredited Investor

ST22 purchasers only

SEC Rule 501, Regulation D 506(c)

🚫

OFAC Screening

All users & transactions

U.S. Treasury OFAC regulations

⚖️

Regulatory Compliance

Meet all federal and state compliance requirements

🛡️

Investor Protection

Ensure only qualified investors access ST22 securities

🚫

Crime Prevention

Prevent money laundering, terrorist financing, sanctions evasion

📋

Record Keeping

Maintain complete audit trail for regulatory review

🔗

Transfer Hook Integration

Enable real-time compliance verification on every transaction

📝

Full Legal Name

Required

Government ID match

📅

Date of Birth

Required

Government ID match

🏠

Residential Address

Required

Document verification

🔢

SSN/TIN

Required (US) / Passport (Non-US)

Database verification

📧

Email Address

Required

Email confirmation

📱

Phone Number

Required

SMS verification

🌍

Country of Citizenship

Required

Government ID

🏳️

Country of Residence

Required

Address verification

Tier 1: Basic

Platform browsing only

Email, phone

Automated

Tier 2: Standard

OTCM Utility Token only

Tier 1 + ID document

Automated + manual review

Tier 3: Enhanced

ST22 Securities access

Tier 2 + accreditation

Manual verification required

🪪

Government-Issued Photo ID

Current, unexpired

Must be valid

🛂

Passport

Machine-readable zone

Must be valid

🚗

Driver's License

State/government issued

Must be valid

🪪

National ID Card

Government issued with photo

Must be valid

📄

Utility Bill

Shows name and address

< 90 days

🏦

Bank Statement

Shows name and address

< 90 days

📋

Government Correspondence

Tax document, official letter

< 12 months

🏠

Mortgage Statement

Shows name and property address

< 90 days

📷

Image Quality

Minimum 300 DPI, all text readable

Request re-upload

✅

Document Authenticity

Security features verified

Manual review

👤

Face Match

>95% confidence score

Manual review

🎭

Liveness Detection

Anti-spoofing verification

Reject or video verification

📅

Expiration Check

Document must be current

Reject, request valid document

🔍

Tampering Detection

No signs of alteration

Reject, flag for review

🟢

Low Risk

Every 24 months

Address change, large transaction

🟡

Medium Risk

Every 12 months

Unusual activity, country change

🔴

High Risk

Every 6 months

Watchlist proximity, PEP status

📍

Address Change

Re-verify with new proof of address

🌍

Country Change

Full re-verification + jurisdiction check

📊

Unusual Transaction Pattern

Enhanced due diligence review

🚨

Watchlist Match

Immediate account freeze + investigation

📅

Document Expiration

Request updated documentation

💰

Large Transaction

Enhanced verification for transactions >$10,000

🏢

Corporation

Articles of Incorporation, Certificate of Good Standing

25%+ ownership

🤝

LLC

Operating Agreement, Articles of Organization

25%+ ownership

🏦

Trust

Trust Agreement, Trustee identification

All trustees

💼

Partnership

Partnership Agreement, GP identification

25%+ ownership

🏛️

Fund/Investment Vehicle

Formation documents, Manager identification

25%+ ownership or control

📜

Articles of Incorporation/Organization

Verify legal formation

Secretary of State records

✅

Certificate of Good Standing

Verify current status

< 90 days old

📋

Operating Agreement/Bylaws

Verify governance structure

Manual review

🔢

EIN/Tax ID Documentation

Verify tax status

IRS verification

📊

Ownership Chart

Identify beneficial owners

All levels until individuals identified

📋

Shareholder Registry

Verify ownership percentages

Current as of verification date

🏛️

Board Resolution

Authorize account opening

Signed by authorized officers

✍️

Authorized Signers List

Identify who can transact

With specimen signatures

👤

Ownership Prong

Each individual who owns 25% or more of the entity

🎛️

Control Prong

One individual with significant responsibility to control the entity

📝

Full Legal Name

Required

📅

Date of Birth

Required

🏠

Residential Address

Required

🔢

SSN/TIN or Passport

Required

📊

Ownership Percentage

Required

🎛️

Control Role

If applicable

📜

Corporate Formation

Full formation documents

Secretary of State

📊

Cap Table

Complete ownership structure

Manual review

👥

Officer/Director List

All C-suite and board members

Individual KYC each

💼

Business Description

Nature of business operations

Due diligence review

📋

Financial Statements

Recent financial information

CPA review if available

⚖️

Litigation History

Pending or recent litigation

Legal database search

🏛️

Regulatory Status

Any regulatory actions

FINRA/SEC/State check

📈

15c2-11 Status

OTC Markets status

OTC Markets verification

Corporate

Articles, Bylaws, Good Standing, EIN

☐

Ownership

Cap table, Beneficial owners (all levels), Control persons

☐

Management

Officer bios, Director bios, KYC on each

☐

Financial

Recent financials, Material liabilities, Pending litigation

☐

Regulatory

SEC filings history, State registrations, FINRA/regulatory actions

☐

Operational

Business description, Material contracts, Key customers

☐

Series M Specific

Board resolution, Certificate of Designation draft

☐

📋

Written Policies

Documented AML procedures

Compliance Officer

👤

Compliance Officer

Designated BSA/AML officer

Named individual

🎓

Training Program

Staff training on AML

Compliance Department

🔍

Independent Testing

Annual independent audit

External auditor

📊

Monitoring System

Transaction monitoring

Automated + manual

📋

Program Oversight

Overall AML program management

📊

SAR Filing

Suspicious Activity Report decisions

🎓

Training

Ensure staff training completion

🔍

Testing Oversight

Coordinate independent testing

📞

Regulatory Liaison

Point of contact for FinCEN, examiners

📝

Policy Updates

Keep policies current with regulations

💰

Large Transaction

>$10,000

Enhanced review

🔄

Structuring Pattern

Multiple transactions near $10,000

SAR consideration

📈

Unusual Volume

>300% of normal activity

Enhanced review

🌍

High-Risk Jurisdiction

FATF grey/blacklist countries

Enhanced due diligence

⚡

Rapid Movement

In-out within 24 hours

Enhanced review

🔗

Chain Transactions

Multiple rapid transfers

Pattern analysis

🎭

Inconsistent Information

High

Verification hold

📋

Reluctance to Provide Info

High

Account suspension

🔄

Frequent Info Changes

Medium

Enhanced monitoring

📍

High-Risk Country Connection

High

Enhanced due diligence

👥

Multiple Accounts

Medium

Investigation

💰

Structuring

High

SAR filing

🔄

Layering

High

SAR filing

⚡

Rapid In-Out

High

Enhanced review

📊

No Economic Purpose

High

Investigation

🌍

High-Risk Jurisdiction

High

Enhanced due diligence

💱

Currency Conversion Patterns

Medium

Enhanced monitoring

🤐

Unusually Secretive

Medium

Enhanced monitoring

📞

Third-Party Instructions

High

Verification required

💼

Inconsistent with Profile

High

Investigation

🚨

Urgency Without Explanation

Medium

Enhanced review

💰

Dollar Threshold

$5,000+ involving suspicious activity

⏰

Filing Deadline

30 days from detection (60 days if no suspect identified)

📋

Form

FinCEN Form 111 (BSA E-Filing)

🔒

Confidentiality

SAR existence cannot be disclosed to subject

🎭

Identity Fraud

Any

Yes

💰

Structuring

Any pattern

Yes

🧹

Money Laundering

$5,000+

Yes

🏴

Terrorist Financing

Any

Yes, expedited

📊

Market Manipulation

$5,000+

Yes

🤥

Misrepresentation

$5,000+

Yes

💰

Threshold

Cash transactions >$10,000

⏰

Filing Deadline

15 days from transaction

📋

Form

FinCEN Form 112

🔗

Aggregation

Multiple transactions same day same person

🪪

Customer Identification

5 years after account closure

Electronic

💰

Transaction Records

5 years

Electronic

📝

SAR Filings

5 years

Electronic

💵

CTR Filings

5 years

Electronic

📧

Correspondence

5 years

Electronic

🎓

Training Records

5 years

Electronic

🔍

Audit Reports

5 years

Electronic

📜

SEC Rule 501

Defines accredited investor categories

📋

Regulation D 506(c)

Requires verification for general solicitation offerings

⚖️

JOBS Act

Expanded accredited investor definition

🏛️

SEC 2020 Amendments

Added professional certifications

📜

Regulation D 506(c)

ST22 offerings use general solicitation (public marketing)

⚖️

Issuer Liability

Issuers must take "reasonable steps" to verify

🛡️

Investor Protection

Ensures investors can bear investment risk

🏛️

SEC Enforcement

Non-compliance risks securities violations

💰

Income Test

$200,000+ individual income in each of past 2 years, with reasonable expectation of same in current year

Tax returns, W-2s, pay stubs

👫

Joint Income Test

$300,000+ joint income with spouse in each of past 2 years

Joint tax returns

🏦

Net Worth Test

$1,000,000+ net worth (excluding primary residence)

Asset statements, liability disclosure

📜

Professional Certification

Series 7, 65, or 82 license in good standing

FINRA BrokerCheck

🏢

Knowledgeable Employee

Executive officer, director, GP, or knowledgeable employee of fund issuer

Employment verification

🏦

Institutional Investors

Banks, insurance companies, registered investment companies, BDCs, SBICs

Registration verification

💼

Broker-Dealers

SEC-registered broker-dealers

FINRA registration

📊

Investment Advisers

SEC or state-registered RIAs

SEC/State registration

🏛️

Entity Assets

Entity with $5,000,000+ in assets not formed to acquire securities

Financial statements

👥

All Accredited Owners

Entity where all equity owners are accredited investors

Verify each owner

💰

Family Office

Family office with $5,000,000+ AUM and sophisticated investor

Documentation + assessment

🏢

Family Client

Family client of qualifying family office

Family office verification

📄

Tax Returns

IRS Form 1040 (2 years)

Review AGI or taxable income lines

📋

W-2 Forms

W-2s from past 2 years

Verify employer, income amounts

💵

Pay Stubs

Recent pay stubs + written confirmation

Calculate annualized income

📝

CPA Letter

Written verification from licensed CPA

Verify CPA credentials

💼

Attorney Letter

Written verification from licensed attorney

Verify bar membership

🏦

Broker Letter

Written verification from broker-dealer, RIA, or bank

Verify firm registration

🏦

Bank Statements

Recent statements (< 90 days)

Sum liquid assets

📈

Brokerage Statements

Recent statements (< 90 days)

Sum investment assets

🏠

Real Estate Appraisals

Licensed appraisal (< 12 months)

Exclude primary residence value

💰

Retirement Accounts

401(k), IRA statements

Include in asset total

📋

Liability Disclosure

Written disclosure of liabilities

Subtract from assets

📝

Third-Party Letter

CPA, attorney, broker letter

Verify credentials

✅ Cash and bank accounts

➖ Mortgages (except primary residence)

✅ Brokerage accounts

➖ Auto loans

✅ Retirement accounts

➖ Student loans

✅ Real estate (except primary residence)

➖ Credit card debt

✅ Business interests

➖ Personal loans

✅ Other investments

➖ Other liabilities

❌ Primary residence (EXCLUDE)

❌ Primary residence mortgage (EXCLUDE)*

📜

Series 7

FINRA BrokerCheck

Automated lookup

📜

Series 65

FINRA BrokerCheck

Automated lookup

📜

Series 82

FINRA BrokerCheck

Automated lookup

🏦

Bank

Federal/State charter verification

📊

RIA

SEC IARD or state registration

💼

Broker-Dealer

FINRA BrokerCheck

🏢

$5M+ Entity

Audited financial statements or third-party verification

👥

All Accredited Owners

Individual verification of each equity owner

🪪

Identity Documents

5 years after account closure

Secure electronic

💰

Income Documentation

5 years

Secure electronic

🏦

Net Worth Documentation

5 years

Secure electronic

📜

Third-Party Letters

5 years

Secure electronic

✅

Verification Decision

5 years

Secure electronic

📧

Correspondence

5 years

Secure electronic

✅

Verification Method Used

Document which category and method

📋

Documents Reviewed

List all documents reviewed

📅

Verification Date

Date verification completed

👤

Reviewer Identity

Who performed verification

📝

Decision Rationale

Basis for approval/rejection

🔄

Re-verification Date

When next verification due

🆕

New Purchase

Verify if >90 days since last verification

💰

Large Purchase

>$250,000 in single transaction requires current verification

📅

Annual

Annual re-verification for active investors

🔄

Material Change

Re-verify if investor reports material change

💼

Employment Change

Re-verify if income-based qualification

🏠

Address Change

Update records, no re-verification unless jurisdiction change

💰

Financial Change

Re-verify if investor reports significant financial change

📜

License Expiration

Re-verify if certification-based qualification

🆕

Onboarding

Screen all new users against OFAC lists

🔄

Ongoing

Screen against updated lists (daily updates)

💰

Transactional

Screen counterparties on every transaction

🔗

Transfer Hook Integration

Real-time OFAC check on every ST22 transfer

🚫

Specially Designated Nationals

SDN

Daily

📋

Consolidated Sanctions List

Non-SDN

Daily

🌍

Sectoral Sanctions

SSI

As updated

🏛️

Foreign Sanctions Evaders

FSE

As updated

🎭

Palestinian Legislative Council

NS-PLC

As updated

📝

Full Name

Exact and fuzzy matching

📅

Date of Birth

Exact matching

🌍

Country

Country-based sanctions

🏠

Address

Address matching

🔢

ID Numbers

Passport, national ID matching

🏢

Entity Name

Entity and alias matching

👛

Wallet Address

Blockchain address screening

🔴

Exact Match

>95%

Immediate block, compliance review

🟡

Potential Match

75-95%

Hold, manual review required

🟢

False Positive

<75%

Document and clear

1

Immediate Block

Automatic

2

Freeze Assets

Within 1 hour

3

Notify Compliance Officer

Within 1 hour

4

OFAC Report

Within 10 business days

5

Maintain Block

Until OFAC guidance

🇰🇵

North Korea

North Korea Sanctions

Complete prohibition

🇮🇷

Iran

Iran Sanctions

Complete prohibition

🇸🇾

Syria

Syria Sanctions

Complete prohibition

🇨🇺

Cuba

Cuba Sanctions

Complete prohibition

🇷🇺

Crimea Region

Ukraine Sanctions

Complete prohibition

🇷🇺

Russia

Sectoral sanctions

Case-by-case review

🇧🇾

Belarus

Targeted sanctions

Enhanced screening

🇻🇪

Venezuela

Sectoral sanctions

Enhanced screening

🇲🇲

Myanmar

Targeted sanctions

Enhanced screening

🪪

KYC Status

Verify sender/receiver KYC complete

Block transaction

🎖️

Accreditation

Verify ST22 buyer is accredited

Block transaction

🚫

OFAC

Screen both parties against sanctions

Block transaction

📊

Wallet Limits

Verify receiver won't exceed 4.99%

Block transaction

🏦

Custody

Verify 1:1 backing exists

Block transaction

⏰

Vesting

Verify sender's tokens are vested

Block transaction

0x00

Not verified

❌ No

0x01

KYC pending

❌ No

0x02

KYC complete, not accredited

OTCM only

0x03

KYC complete, accredited

✅ ST22 + OTCM

0x04

KYC expired

❌ No

0x05

OFAC blocked

❌ No

0x06

Account suspended

❌ No

0x07

Account closed

❌ No

👤

All Staff

AML Awareness, OFAC Basics

Annual

🔍

KYC Analysts

CIP, Document Verification, EDD

Annual + updates

🎖️

Accreditation Analysts

Rule 501, 506(c), Verification Methods

Annual + updates

💵

Transaction Monitoring

Red Flags, SAR Filing, Investigation

Annual + updates

👨‍💼

Compliance Officers

Full program, regulatory updates

Quarterly

📋

Attendance Records

Document all attendees

✅

Completion Verification

Test or acknowledgment

📅

Date Records

Training dates documented

📝

Materials Retention

Keep training materials

🔄

Update Training

When regulations change

🪪

KYC/CIP

Sample customer files for completeness

🎖️

Accreditation

Sample verification files

🚫

OFAC

Screening effectiveness testing

📊

Transaction Monitoring

Alert generation and disposition

📝

SAR Process

Filing timeliness and quality

📋

Record Keeping

Retention compliance

🎓

Training

Training program effectiveness

🔍

Independent Audit

Annual

External auditor

📊

Internal Testing

Quarterly

Compliance team

🚫

OFAC Testing

Monthly

Automated + manual

🔗

Transfer Hook Testing

Continuous

Automated

🪪

KYC Records

5 years after account closure

BSA

🏢

KYB Records

5 years after relationship ends

BSA

💵

Transaction Records

7 years

Securities laws

🎖️

Accreditation Records

5 years

SEC Rule 506(c)

🚫

OFAC Screening

5 years

OFAC

📝

SAR Filings

5 years

BSA

💵

CTR Filings

5 years

BSA

📧

Correspondence

5 years

BSA

🎓

Training Records

5 years

BSA

🔍

Audit Reports

5 years

BSA

🛡️

Compliance Officer

compliance@otcm.io

Overall compliance program

🪪

KYC Team

kyc@otcm.io

Customer verification

🎖️

Accreditation Team

accreditation@otcm.io

Accredited investor verification

💵

AML Team

aml@otcm.io

Transaction monitoring, SAR

⚖️

Legal Department

legal@otcm.io

Legal questions

📄

Document Version

1.0

📅

Effective Date

January 2026

📍

Jurisdiction

Federal (United States)

🏛️

Regulatory Framework

BSA, FinCEN, SEC, OFAC

🔄

Review Frequency

Annual (or upon regulatory change)

📋

Internal Use

This document is for internal compliance operations

🔄

Subject to Change

Procedures may be updated as regulations change

👨‍⚖️

Not Legal Advice

Consult counsel for specific legal questions

⚖️

Regulatory Compliance

Designed to meet but not exceed regulatory requirements