TrustVerify logo
REGULATORY COMPLIANCE

Regulatory Compliance

TrustVerify maintains a comprehensive regulatory and compliance framework designed to meet FCA requirements for firms operating in the UK financial ecosystem.

Compliance Framework

TrustVerify maintains a comprehensive regulatory and compliance framework designed to meet FCA requirements for firms operating in the UK financial ecosystem. This document outlines our AML/CTF, KYC/KYB, data protection, security, vendor governance and reporting practices. It is intended for FCA submission, partners, and internal governance documentation.

1. Regulatory Alignment

TrustVerify operates under the following regulations and frameworks:
- UK Money Laundering Regulations 2017 (as amended)
- FCA Handbook (SYSC, COND, FEES, SUP, MLR)
- FCA Consumer Duty
- FATF Recommendations
- GDPR / UK GDPR
- CCPA principles (where applicable)
- PCI DSS (via third-party providers payment infrastructure)

Payment Processing

Payment processing is conducted through FCA-authorised third-party providers. TrustVerify does not directly hold or process payment data but maintains contractual obligations aligned with PCI DSS requirements.

2. AML/CTF Framework

Our Anti-Money Laundering and Counter-Terrorism Financing framework includes:
- Risk-based customer due diligence (CDD) procedures
- Enhanced Due Diligence (EDD) for high-risk customers and PEPs
- Ongoing transaction monitoring and suspicious activity reporting
- Staff AML training and awareness programmes
- MLRO appointment and escalation procedures
- Sanctions screening against OFAC, UN, EU, HMT, and other lists

3. KYC / KYB Procedures

Identity and business verification is conducted through:
- AI-powered document verification with liveness detection
- Biometric authentication and facial recognition
- Company registry checks across 200+ jurisdictions
- UBO identification and beneficial ownership mapping
- Ongoing monitoring and periodic review processes

4. Data Protection

TrustVerify's data protection practices comply with UK GDPR and the Data Protection Act 2018:
- Lawful basis for all personal data processing
- Data minimisation and purpose limitation principles
- Subject access request procedures
- Data retention and deletion policies
- Privacy by design in product development
- Data breach notification procedures (72-hour reporting)

5. Contact & Governance

Chief Compliance Officer

Email: compliance@trustverify.co.uk

AML/Financial Crime Officer

Email: aml@trustverify.co.uk

Data Protection Officer

Email: dpo@trustverify.co.uk

Regulatory Affairs

Email: regulatory@trustverify.co.uk