Regulatory compliance

Principle #5

Implementation guidance

5.1 Know Your Customer and Anti-Money Laundering controls


Adhere to global and local regulations by preventing, detecting or reporting any money laundering activities. Establish robust controls and compliance functions. Collect and keep customer records, as and where required.

A provider must adhere to all applicable regulations and local laws.

Prevent, detect and report money laundering activities:

  • You should adhere to all applicable regulations, including Anti-Money Laundering (AML), Know Your Customer (KYC), Customer Due Diligence (CDD) and Anti-Terrorism Financing (ATF).
  • You also need to abide by applicable local regulations.

Follow these guidelines:

  • Establish an AML programme and compliance function.
  • Establish and maintain accurate customer names, records and accounts, and appropriate recordkeeping controls.
  • Report suspicious activities to the relevant authorities. You must reject prohibited investors and subject high-risk investors to enhanced CDD.   

Provide transparency:

  • Be open about the applied level of CDD.

5.2 Adherence to regulations and local laws


Comply with any additional applicable regulations and laws in all markets served, such as consumer protection, taxation, financial services regulation, and document compliance procedures.

You should adhere to all applicable and mandatory laws and regulations:

  • anti-money laundering and similar regulations
  • financial services regulations, such as money transfer, deposit-taking or investment services, as applicable in relevant jurisdictions
  • taxation, for example, value-added tax (VAT) or goods and services tax (GST)
  • privacy regulations
  • consumer protection laws.

You should comply with applicable laws and regulations:

  • in the markets in where you operate 
  • where your customers and potential customers are located.

Keep compliance records:

  • Document any compliance procedures for internal purposes, as well as for any legitimate requests by external parties, e.g. regulators, business partners or banks.

Commit to voluntary standards: