AML / KYC / CTF Policy

Having regard for the safety of the users and due to the legal requirements of Hong Kong, iSHANG Technology Limited (“iSHANG”) has implemented and started to use policies for KYC (know your customer), AML (anti-money laundering) and CTF (combating terrorist financing), as is required of all banks and other financial institutions.

The purpose of those policies is an effective combating of money-laundering and terrorist financing on iSHANG, by having proper identification of actual users of our accounts and supervision of their transactions. We shall identify and cease transactions done not only to purchase or sell cryptocurrency, but also done to hide the criminal origin of money, finance illegal activity or other unlawful behavior.

Specific provisions of our policies are confidential and for internal use only, in order to prevent their avoidance by dishonest or fraudulent users. We would like to introduce to you some general rules and stipulations of our policies which directly concern you and affect the services we render.

User Identification

For any user with purchase transaction above _________ or anyone conducting business (selling) on iSHANG, we are obliged to identify, beyond a reasonable doubt, the identity of persons enabled to do transactions on iSHANG. This is the reason why we collect ID scans whose authenticity is verified with specialized software from professional external providers.

We are using ____ as KYC provider in our user onboarding and registration processing. We require you to send a “selfie” or a recording with an ID document in order to preclude the possibility of someone else using your documents. Verification of your likeness to the photo from your ID is done by using specialized software from professional external providers or, when this is not conclusive, done manually by our customer support services.

In the case where there remains any doubt, our customer support team will contact you to explain any concerns and try to solve the remaining issues that arose.

If we cannot determine, beyond a reasonable doubt, that the documents you have provided belong to you and are the authentic, we won’t be able to let you execute any transactions.

User Identification for Companies

In case of all legal entities (companies), the procedure is more stringent and depends on company’s structure, country, etc. Primarily, we need to establish who the owner of the company is, who can represent it, where the company is based and what is the company’s business.

Since standards regarding governmental documentation of legal entities is different in each country verification of these users is done “manually” each time and is considerably more time consuming.

Transaction Monitoring and Supervision

Using our proprietary software, we also analyze all transactions that take place on iSHANG, looking for suspicious or unusual behavior. Such selected transactions are analyzed by our AML specialists and evaluated to determine if they don’t create significant AML / CTF risks or if they need to be paused and clarified with the User.

Additional Verification

When your transaction volume rises, our AML / CTF verification duties increase as well. The same happens when your transactions are “flagged” as suspicious or unusual, or our verification of your identity results in qualifying you as a person imposing significant AML / CTF risk.

In such cases we can require additional documentation proving your real, exact place of residence, education, and occupation, as well as the source of money you are using on the iSHANG.

Unfortunately, if our AML specialists determine that information received from you does not resolve our doubts, we will be obliged to end our cooperation with you or even report your transactions to the relevant authorities.

Basic AML / CTF Rules

Our operating rules include inter alia the following:

1. iSHANG does not accept cash tranasction in any case.

2. iSHANG does not accept any third parties’ deposits on user accounts, users managing accounts on behalf of somebody else, joint or shared accounts, etc.

3. iSHANG does not allow any exceptions to the types of documentation required from users.

4. iSHANG reserves the right to refuse to process a user’s transaction at any time, in the case that there is suspicion of AML / CTF risk.

5. In accordance with international law we are not obliged (or forbidden) to inform our clients, if and when we report their behavior as suspicious to the relevant authorities.

Sanctioned Countries

In accordance with our policies we do not open accounts and do not process transactions for citizens and residents of, as well as people staying in, countries where transactions are prohibited by international sanctions or their internal law regulations; or countries which, based on various criteria selected by our AML team (for example, the Corruption Perceptions Index by Transparency International, FATF warnings, and countries with weak anti-money laundering or counter-terrorist financing regimes as determined by the European Commission) impose high AML / CTF high risk.

Currently these countries are:

Afghanistan, Angola, Azerbaijan, Bahamas, Botswana, Burundi, Cambodia, Cameroon, Central African Republic, Chad, Congo, Cuba, Democratic Republic of Congo, Equatorial Guinea, Eritrea, Ethiopia, Ghana, Guinea Bissau, Haiti, Iran, Iraq, Libya, Madagascar, Mozambique, Burma, Nicaragua, North Korea, Pakistan, Panama, Rwanda, Sierra Leone, Somalia, South Sudan, USA (some states), Sri Lanka, Sudan, Syria, Tajikistan, Trinidad and Tobago, Tunisia, Turkmenistan, Uzbekistan, Venezuela, Yemen, Zimbabwe, American Samoa, Guam, Nigeria, Puerto Rico, Samoa, Saudi Arabia, US Virgin Islands.

KYC Verification

When your transaction volume rises AML / CTF risk increases as well. That is why we have to introduce proper safety and verification duties. Currently our KYC / AML verification model is:

You should remember that this model is the result of the work and experience of our AML team and can be changed as the legal requirements of countries change as well as a result of gaining new knowledge and experience.

Know Your Customer (KYC)

Customer Due Diligence (CDD) Policy


The purpose of KYC / CDD is to prevent providers of financial services from being used, intentionally or unintentionally, by criminal elements for money laundering activities. KYC / CDD policies enable financial service providers to know or understand their customers and their financial dealings.

Overview: The KYC / CDD Policy identifies the specific customer and transaction information collected and recorded, as well as the verification of customer identification and government filings in accordance with regulatory expectations.

Summary: iSHANG Technology Limited (“iSHANG”) collects and records certain information from every customer that completes a transaction, utilizes a risk-based approach to verify the identity of customers and customer-provided information, and records transaction information, customer identification, and verification methods.


iSHANG will not grant any exceptions to its KYC / CDD Policy without the written approval of the Bank Secrecy Act (“BSA”) Compliance Officer.

iSHANG will not execute the customer-requested transaction under the following circumstances:

  1. The customer is unable to provide the requisite information
  2. The customer is unable to present an unexpired government-issued photo identification
  3. iSHANG is otherwise unfamiliar with the type of documentation or identification presented
  4. iSHANG cannot form a reasonable belief as to the true identity of the customer; and/or
  5. the customer presents identification issued by a state within which iSHANG is not licensed or otherwise permitted to engage in money transmitter activities.

If a prospective or existing customer either refuses to provide the information described below upon request or appears to have intentionally provided misleading information, iSHANG will not conduct the transaction and, after considering the risks involved, may block all future customer transactions. In either case, the BSA Compliance Officer will be notified and determine whether a Suspicious Activity Report (“SAR”) is warranted.


In an effort to maintain a risk-based approach, iSHANG may require any customer, at its discretion, to provide additional pieces of information and identification above and beyond the minimum criteria set forth within this policy.


The KYC / CDD for individual and non-individual customers are detailed below.

INDIVIDUAL: Individual Customer

iSHANG will collect, record, and maintain the following information from customers:

  1. Full name
  2. Physical address
  3. Date of birth
  4. Email address
  5. Mobile phone number
  6. Government-issued photo identification, unexpired
  7. Selfie picture of customer
  8. Country of residence
  9. Cryptocurrencies (e.g. BTC, LTC)
  10. Currency amount (crypto, fiat-equivalent)
  11. Wallet address – source
  12. Wallet address – destination
  13. Geolocation data
  14. Attestation and agreement to “Terms of Service” and/or other disclosures

Additional action(s):

   15. OFAC screening
Other watchlist screening
   17. Politically Exposed Person (PEP) screening
   18. Non-documentary and/or documentary verification of customer information, including identification
   19. Geolocation analysis
   20. Proof of residency (e.g. utility bill)
   21. Secondary proof of residency (e.g. bank statement)
   22. Tax identification number (e.g., SSN, ITIN)
   23. Sources of funds
   24. Sources of income
   25. Completed CDD Questionnaire
   26. Review of blockchain explorer data
   27. Review of completed CDD Questionnaire
   28. Referral for enhanced due diligence (EDD)

Business: Non-Individual Customer

iSHANG will collect, record, and maintain the following information from any non-individual customer:

A certificate of good standing or copies of a memorandum of association or memorandum of partnership/articles of partnership, or articles of incorporation confirming non-individual customer shareholders statement and rights for representation will be requested every six months.

  1. Entity legal name
  2. Registered address
  3. Business address (if different, no P.O. boxes)
  4. Phone number (preferably fixed line)
  5. Copy of bank statement (not older than 3 months)
  6. Corporate identification number
  7. Entity type
  8. Copies of Memorandum of association or Memorandum of partnership / Articles of partnership or Articles of incorporation (not older than 3 months)
  9. Certificate of good standing (not older than 3 months)
  10. Country of domicile
  11. Other business documents with legal address (e.g., utility bill, lease agreement, fixed-line invoice) (not older than 3 months)
  12. Nature of business
  13. Legal names of directors
  14. Legal names of officers
  15. Legal names of all shareholders with >25% equity (see “Additional action(s)”)
  16. Legal name and phone number of the primary contact
  17. Sources of funds
  18. Completed CDD Questionnaire
  19. Cryptocurrencies (e.g. BTC, LTC)
  20. Currency amount (crypto, fiat-equivalent)
  21. Wallet address – source
  22. Wallet address – destination
  23. Geolocation data
  24. Attestation and agreement to “Terms of Service” and/or other disclosures

Additional action(s)

   25. OFAC screening
Other watchlist screening
   27. Politically Exposed Person (PEP) screening
   28. Non-documentary and/or documentary verification of customer information, including identification
   29. Geolocation analysis
   30. Review of blockchain explorer data
   31. Verification customer is not a “financial institution” under the HKMA policy
   32. Review of completed CDD Questionnaire