Accessing the Protocol
What is the allow list?
In order to interact with the TruFin protocol, a user must first be onboarded and have their wallet placed on a list. The process will check that the potential user meets the KYB/AML thresholds set by the foundation and will be repeated periodically based on our risk assessment (this, at time of writing, would be yearly in most cases). Wallets will then be monitored on an ongoing per-transaction basis for AML / CFT compliance by Elliptic.
Why is there a screening process?
Allow-listing enables everyone on the protocol to compete on a level playing field. It both allows access to sources of capital that would otherwise be prohibited from investing and provides additional stability to other users.
The process also enables us to avoid providing access to the protocol from jurisdictions where the product might be prohibited by regulation or law. The currently blocked geographies include the Crimea, Donetsk, or Luhansk regions of Ukraine or the nations of Iran, North Korea, Cuba, Syria, Sudan, or if the user is otherwise subject to economic sanctions or listed as a Specially Designated National by the United States Office of Foreign Asset Control (OFAC). However, TruFin makes no representation that such examples are complete, definitive or accurate.
How does it work?
Initial access
In order to allow access a user needs to be checked against the compliance requirements set by the protocol. Currently, users are required to complete an onboarding process with an external 3rd party provider chosen by TruFin. AML Screening against international sanctions lists, Politically Exposed Persons lists, Watchlists and Adverse Media is completed for the entity, the company officer, the intermediary corporate owners and the UBOs with 10% or more share capital at onboarding and on an ongoing basis thereafter via the RiskScreen platform.
TruFin utilizes Elliptic to fulfil our legal obligations, and also to develop our own enhanced risk framework beyond this baseline. All wallet addresses are scanned against Elliptic for every request.
Overview of our risk framework:
An address cannot be sanctioned by OFAC (Office of Foreign Assets Control).
An address cannot be a close counterparty to a sanction address.
An address cannot hold a share of funds obtained by illicit means.
Addresses that are associated with any of these risk categories will not be added to the allow list or onboarded to the TruFin Protocol.
Ongoing monitoring
Wallets on the allow list will be monitored on an ongoing basis and will be removed if they break the guidelines set up by the foundation. This monitoring takes place both at a wallet level and on an individual basis. Our transaction monitoring is provided by Elliptic tracking against a risk profile agreed by the foundation. Our allow-list partners provide ongoing monitoring of underlying entities and individuals to ensure, alongside Elliptic, that users who would no longer meet onboarding requirements do not remain on the platform.
If a previously allow-listed wallet fails ongoing monitoring checks the funds held will no longer be accessible to the user while an investigation takes place. If the wallet has breached the protocol's access requirements the funds may be locked indefinitely.
What if I'm rejected / removed from the list?
We assess on a range of criteria for KYB and KYC including, but not limited to, real world sanctions and watchlist monitoring, operating jurisdiction, ultimate beneficiary checks for KYB, identity and liveness checks as well as wallet-based sanctions.
If you have been rejected through third-party KYC/B we're happy to help try to resolve things. We're a relatively new protocol so please bear with us via help@trufin.io for us to assess whether we can help.
Digital assets are highly volatile. TruFin users agree to the T&Cs found in full here.
Last updated