Legal Documents

International KYC/AML Verification Notice

Version 1.0FATF · 6AMLD · BSAEffective from April 1, 2025

This Notice explains how the GEXCORE platform conducts KYC (Know Your Customer) and AML (Anti-Money Laundering) procedures in accordance with international FATF (Financial Action Task Force) standards, EU Sixth Anti-Money Laundering Directive (6AMLD), and applicable national AML/CFT legislation.

1. Legal Framework and Applicable Standards

FATF Recommendations (2023)FATF's 40 Recommendations on anti-money laundering and counter-terrorist financing

6AMLD (EU Directive 2018/1673)Sixth EU Anti-Money Laundering Directive on criminal liability

BSA / FinCEN (USA)Bank Secrecy Act and Financial Crimes Enforcement Network requirements

Russian Federal Law 115-FZFederal Law on Combating the Legalisation of Proceeds from Crime

PMLA (India)Prevention of Money Laundering Act 2002

2. Data Collected During KYC

Depending on the required verification level and user jurisdiction, GEXCORE collects the following data categories:

Standard KYC (Tier 1)

Full name
Date of birth
Country of citizenship
Email and contact details

Enhanced KYC (Tier 2)

Government-issued ID (scan + selfie with document)
Document number, issue date and expiry
Biometric face check (liveness check)

Full KYC (Tier 3 — for institutional participants)

Proof of address documents (not older than 90 days)
Source of funds (bank statement, tax declaration)
Corporate documents (for legal entities)
UBO (Ultimate Beneficial Owner) information

3. Processing and Monitoring Principles

Customer Due Diligence (CDD): identity verification at registration and upon reaching transaction thresholds
Enhanced Due Diligence (EDD): in-depth verification for users from high-risk jurisdictions, PEP individuals, and sanctioned persons
Ongoing monitoring: periodic KYC data currency checks and transaction activity monitoring
Screening: checks against international sanctions lists (OFAC SDN, EU Consolidated List, UN Sanctions)
SAR/STR: upon detection of suspicious activity, GEXCORE is obligated to file reports with competent authorities

4. KYC Data Storage and Transfer

KYC data is stored in encrypted form for at least 5 years from the end of the business relationship in accordance with FATF Recommendation 11, or for a longer period where required by specific jurisdiction law (e.g., 7 years for EU and UK countries under 6AMLD). Transfer of KYC data to third parties (authorized providers) is carried out exclusively under data processing agreements with appropriate international transfer mechanisms.

5. High-Risk Jurisdictions

GEXCORE applies restrictions for users from jurisdictions on the FATF Black and Grey Lists, as well as territories under international sanctions. Users from these jurisdictions may be denied registration or subject to enhanced due diligence measures. The current list of restricted jurisdictions is available upon request at compliance@gexcore.io.

6. Your Rights in the KYC Context

Even within KYC obligations, you retain the following rights: right to access submitted documents, right to correct inaccurate data, right to know which providers received your data. The right to erasure of KYC data is limited by legal retention obligations under AML legislation.

7. Contact Information

Privacy: privacy@gexcore.io

Compliance / KYC: compliance@gexcore.io

Response time: 30 business days