Your cart

Contact us at 615.212.8811 / hello@thekubox.com

Know Your Customer and Anti Money Laundering

Anti-Money Laundering & Know Your Counterparty (KYC) Policy and Procedure 


This policy confirms KUBOX’s commitment to prevent money-laundering and the financing of terrorism in its business practices and transactions. Money laundering is the process of disguising the financial proceeds of crime to conceal their illegal origin. The financing of terrorism is any kind of financial support to those who attempt to encourage, plan or engage in terrorism.


KUBOX has established Know Your Counterparty (KYC) procedures to combat money laundering and the financing of terrorism. These procedures allow us to identify every organization that we deal with, to understand the legitimacy of our business relationships and to identify and react to unusual or suspicious activity. 


The CEO is responsible for development and implementation of this policy and relevant procedures, and KUBOX commits to review our KYC policy and procedure every year.


To support our KYC policy and procedures, KUBOX has developed a KYC form which we send to all our counterparties (this is our business partners: suppliers and customers) to collect relevant business information to identify risks of money-laundering. We require the form to be completed for all existing and new counterparties who are domiciled inside or outside the United States and or are shipping to the following countries (see attached).  Our KYC forms are combined with other forms that require identification documents e.g. government issued identification, passports and selfie photographs.


By collecting and reviewing the information in completed KYC forms, KUBOX commits to 

  • establishing the identity of our counterparties
  • checking that our counterparties are not considered high-risk (this means checking whether counterparties are based in FATF high-risk jurisdictions, named on government sponsored watchlists or international (UN) sanctions lists, or if they source from conflict-affected and high-risk areas (CAHRAs))
  • maintaining an understanding of the nature and legitimacy of all our counterparties’ businesses
  • maintaining KYC records for at least five years 
  • maintaining records of all single or linked cash (or cash-like) transactions above 10,000EUR
  • monitoring transactions for unusual or suspicious activity – this type of activity will cause the counterparty to be considered high-risk.

If counterparties are considered high-risk for any reason (for example named on a sanctions list or engaging in unusual activity) we may: 

  • Cease trading with the counterparty 
  • Identify the beneficial owners of the counterparty and check whether the beneficial owners are on any watchlists or sanctions list
  • Report suspicious activity to U.S. Customs and Boarder Protection Trade Enforcement for any criminal behaviours 
    • Child Exploitation
    • Cybercrime
    • Cultural Property, Art, and Antiquities Smuggling
    • Financial Crime
    • Human Smuggling
    • Human Trafficking
    • Identity and Benefit Fraud
    • Intellectual Property Theft and Trade Fraud

Signed/endorsed: Office of CEO

Date of effect: September 2016

Date of latest review: August 2024





KUBOX

Asia

China

In China, financial institutions must verify the identity of all customers in accordance with the Anti-Money Laundering Law of 2006 and more recently-passed laws that have built upon it. The law applies to banks, insurance companies, securities firms, and other “deposit-taking institutions.” Businesses in other industries, such as casinos and those dealing in high-value goods, are also required to comply with the regulations.

The law is enforced by the People’s Bank of China (PBOC), alongside other regulatory bodies including:

  • China Banking Regulatory Commission (CRBC)
  • China Securities Regulatory Commission (CSRC)
  • China Insurance Regulatory Commission (CIRC)
  • State Administration for Industry and Commerce (SAIC)

Japan

In Japan, KYC regulations are guided by the Act on the Prevention of Transfer of Criminal Proceeds, which was passed in 2007 and amended in 2011 and 2013. The law specifically requires businesses to verify a customer’s name, address, and date of birth against official documents such as a driver’s license, passport, or alien registration card.

KYC rules in Japan are enforced by the Japan Financial Services Agency (FSA).

India

Indian KYC requirements were established in the Prevention of Money Laundering Act 2002 (PMLA), which went into effect in 2005 and was amended in 2012 and 2013. The law requires financial institutions to verify the identity and current address of all customers. Acceptable documents used in verification include an individual’s:

  • Driver’s license
  • Passport
  • Permanent Account Number (PAN) Card
  • Voter Identity Card

Many online financial institutions in India now verify user identities through the country’s eKYC system, Aadhaar.

The law is enforced by three different regulators: The Reserve Bank of India Financial Intelligence Unit (RBI FIU) for banks, the Insurance Regulatory and Development Authority (IRDA) for insurers, and the Securities and Exchange Board for India (SEBI) for asset management companies.

Singapore

In Singapore, KYC requirements are regulated by the Monetary Authority of Singapore (MAS), which issued a notice titled Prevention of Money Laundering and Countering the Financing of Terrorism in 2007. 

The law requires financial institutions to verify the full name and aliases, identification number, residential address, date of birth, and nationality of all customers. Verification can be completed against documents and other independent data sources such as relevant databases.

Oceanic Pacific

Australia

In 2006, Australia passed the Anti-Money Laundering and Counter-Terrorism Financing Act. It and subsequent laws outline KYC and customer due diligence requirements in the country. Specifically, it requires all organizations subject to KYC reporting regulations to collect and verify customer data before providing any financial or transactional services.

The law is regulated by the Australian Transaction Reports and Analysis Centre (AUSTRAC).

New Zealand

In New Zealand, KYC requirements are guided by the AML/CFT Act, which passed into law in 2013 and applies to financial institutions. (Lawyers, specifically, are subject to an older law known as the Financial Transactions Reporting Act 1996.) Businesses subject to the law must collect and verify a customer’s full name, date of birth, and current address.

KYC is regulated by the Reserve Bank of New Zealand, the Financial Markets Authority, and the Department of Internal Affairs.

Europe

Individual member states of the European Union have the ability to craft their own KYC and AML legislation. That said, the EU has issued a number of “directives” meant to guide this legislation. For example, rules such as 4AMLD, 5AMLD, and 6AMLD require companies to collect, verify, and keep records of customers’ personally identifiable information (PII) in addition to screening customers against PEP and adverse media lists to assess overall risk.

France

In France, the AMF General Regulation, passed in 2009, sets the KYC and AML compliance rules that all French institutions must meet. The law specifies that businesses must collect a government-issued photo ID, as well as documents that can be used to verify the customer’s address, occupation, and income. 

The law is regulated by the Autorité de Contrôle Prudentiel et de Résolution (ACPR), Autorité des Marchés Financiers (AMF), and Autorité de Régulation des Jeux en ligne (ARJEL).

Germany

The German Anti-Money Laundering Act (GwG) was passed in 1993 and updated or amended in 2003, 2008, 2011, 2014, and 2015. It requires businesses to verify a customer’s name, address, place of birth, nationality, and date of birth. 

The law specifies that documentary evidence must be used in verifying a customer’s identity. It lists a national identity card, passport, diplomatic passport, passport replacement papers, residential papers, and birth certificate as acceptable documents. 

KYC in Germany is regulated by the Federal Financial Supervisory Authority (BaFin) and the Federal Ministry of Finance (BMF).

Italy

Italy’s first AML law (Decree No 197) was passed in 1991. It has been regularly updated to reflect new requirements, including EU directives. The law specifies that financial institutions must collect and verify a customer’s name, address, place of birth, date of birth, tax number, and at least one government-issued ID, such as a driver’s license or passport.

KYC in Italy is regulated by the Financial Intelligence Unit of the Bank of Italy, IVASS, and CONSOB. 

Spain

In Spain, KYC requirements are set forth in Law 10/2010. The law dictates that a financial institution must collect and verify a customer’s ID, whether that be a national identity document, passport, or other government-issued ID. Specifically, the document must include the person’s name and photograph.

The law is regulated by the Executive Service of the Commission for Monitoring Exchange Control Offences (SEPBLAC).

Switzerland

Switzerland’s KYC requirements have their roots in a law called the Anti-Money Laundering Ordinance of the Swiss Financial Market Supervisory Authority (AMLO-FINMA), passed in 1977 and regularly amended since then. The law requires that all financial institutions verify a customer’s name, date of birth, address, and nationality. 

When verification is completed remotely, the institution must collect a certified copy of the customer’s official identification document (such as a passport or driver’s license) and confirmation of residential address. 

Swiss KYC is regulated by the Swiss Financial Market Supervisory Authority (FINMA).

United Kingdom

The Money Laundering Regulations of 2007 and subsequent amendments outline KYC requirements in the United Kingdom. The law requires financial institutions to verify a customer’s name, residential address, and date of birth — ideally from a government-issued document that contains the customer’s photo, name, address, and date of birth. A passport, driver’s license, and other forms of ID may be used. 

The law is regulated primarily by the Financial Conduct Authority (FCA), as well as the HM Revenue & Customs (HMRC) and the Gambling Commission. 

North America

Canada

Canada defines its KYC regulations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), which was passed in 2000 and amended in subsequent years. It requires all financial institutions to verify a customer’s name, date of birth, address, occupation, and intended use of the account. The law specifically cites a birth certificate, driver’s license, passport, permanent resident card, and other documentation as acceptable for verification.

The Financial Transactions Reports Analysis Centre of Canada (FINTRAC) enforces and regulates the KYC requirements established by the law, alongside other governmental agencies.

Mexico

Mexico established the Financial Intelligence Unit (FIU) in 2004 to combat money laundering and other financial crimes. A number of laws establish its KYC requirements — most importantly the Federal Law for the Prevention and Identification of Transactions with Funds from Illicit Sources, which was recently amended in 2019. 

Under the law, financial institutions must collect and verify the following information for all customers:

  • Name
  • Gender
  • Date of birth
  • Country of birth
  • Nationality
  • Employment information
  • Address
  • Telephone number
  • Email address
  • Code of Taxpayer Registration (RFC)
  • Advanced Electronic Signature

United States

In the United States, the primary laws responsible for establishing KYC and AML regulations are the Bank Secrecy Act (BSA) and the USA PATRIOT Act, passed in 1970 and 2001, respectively. At a minimum, the laws require that financial institutions implement a risk-based approach to verify a customer’s name, date of birth, residential address, and identification number (typically a Taxpayer Identification Number such as an SSN or EIN). 

These laws are primarily enforced by the Financial Crimes Enforcement Network (FinCEN), as well as other regulators such as the US Securities and Exchange Commission (SEC), Financial Industry Regulatory Authority (FINRA), US Commodities Futures Trading Commission  (CFTC), and others.

South America

Argentina

Argentina’s anti-money laundering law (Law 25.246) was passed in 2000 and outlines key KYC requirements. The law is primarily regulated by the Unidad de Información Financiera (UIF) and the Banco Central de la Republica Argentina (BCRA).

Under Argentinian law, customers are to be classified as either “permanent” or “not frequent,” and that classification will determine the types of documentation required to verify the identity of the customer. For permanent residents, name and address must be verified. For “not frequent” customers, this expands to include their date of birth, place of birth, and citizenship.

Brazil

In Brazil, KYC requirements are outlined in Law 9,613, enacted in 1998 and amended in 2012. Under the law, financial institutions must verify a customer’s name, nationality, date of birth, place of birth, address, and an official ID document. The Central Bank of Brazil has created an authenticated digital identity portal to streamline account opening.

The law is primarily enforced by the Conselho de Controle de Atividades Financeiras (COAF), alongside other regulators such as the Banco Central do Brasil (BCB).

Chile

Chile’s KYC requirements originate in Law 19.366 and subsequent amendments. It requires financial institutions to collect and verify a customer’s name, National Identification Number (Rol Único Tributario), occupation, address, email, and phone number.

Chile’s Financial Analysis Unit (UAF) is the primary regulator for AML and KYC concerns.

Customer identification program (CIP)

Some forms of identity verification we may choose to implement include:

  • Government ID verification
  • Document verification 
  • Database verification
  • Selfie verification