Kudu is built to move money safely and transparently. This policy summarises how we help prevent money laundering, terrorist financing and other financial crime, and what we ask of you. It works alongside our Acceptable Use Policy and Privacy Policy.
1. Our commitment
We take a risk-based approach to anti-money-laundering and counter-terrorist-financing (AML/CFT). As a non-custodial technology platform, we design our systems for transparency and auditability, and we work with licensed partners — including MiCA-authorised CASPs and licensed money-transfer and payment providers — who hold the primary regulated AML obligations for the services they provide. Together we aim to keep bad actors off the platform.
2. Know Your Customer & Business (KYC / KYB)
Before you use certain services, we (and our partners) verify who you are:
- Identity verification — confirming your name, date of birth and address using official documents (for example a passport or ID card), and, where required, a selfie and biometric liveness check
- Business verification (KYB) — for business and merchant accounts, verifying the company, its registration, and its directors and beneficial owners
- Customer due diligence (CDD) — understanding the nature of your use of Kudu
- Enhanced due diligence (EDD) — additional checks for higher-risk situations, including politically exposed persons (PEPs) and higher-value activity
- Ongoing checks — we may re-verify identity and request source-of-funds or source-of-wealth information over time
Where a regulated crypto-asset service provider (CASP) or other licensed partner is involved in a transaction, it may, to meet its own obligations, require additional information or documents from you — for example a passport or proof of your source of funds — before the transaction can complete.
3. Monitoring and screening
We monitor activity to detect unusual or suspicious patterns, and we screen customers and transactions against applicable sanctions lists and watchlists. Automated checks may flag a transaction for review, delay it, or require more information before it proceeds.
4. Traceability and record-keeping
We retain identity, transaction and monitoring records for the periods required by law — generally at least 5 years after the end of the business relationship (see our Privacy Policy).
5. Reporting suspicious activity
Where we have reasonable grounds to suspect financial crime, we (or the relevant licensed partner) will report it to the competent authority, in line with the law. We may be unable to tell you when a report has been made, and we may delay a transaction — for example by withholding our co-signature — while checks are carried out, and suspend or freeze the account where legally required. Because transactions settle on a public blockchain and not on Kudu's systems, we cannot reverse or block an individual transaction once submitted.
6. Sanctions
We do not deal with sanctioned individuals, entities or territories. We apply applicable UK, EU, UN and other relevant sanctions: we will withhold our co-signature from, report, and suspend or close accounts involved in, activity that would breach them.
7. What we ask of you
- Provide accurate, current identity information and complete verification when asked
- Provide source-of-funds information where we request it
- Use Kudu only for lawful purposes (see the Acceptable Use Policy)
- Never let anyone else use your account, and never move money on behalf of someone you don't know or trust
8. Governance
Our controls are overseen by responsible staff, kept under review, and updated as regulation and risks evolve. Our partners maintain their own regulated AML programmes for the services they provide.
9. Regulatory framework
We work to comply with the AML/CFT frameworks applicable in our operating territories, and to support our licensed partners' obligations, including:
- United Kingdom — UK AML regulations
- European Union — the EU AML framework and MiCA obligations, via authorised partners
- WAEMU zone (Côte d'Ivoire, Benin) — BCEAO / regional AML rules
- Democratic Republic of the Congo — BCC / national AML rules
10. Contact
- Contact: Contact form

