▪️Compliance Policy

Last Updated: January 4, 2023

Purpose of the Program

xBlock’s risk and compliance policy (“Compliance Policy”) is intended to serve as our foundational charter to provide insight into the requirements, operational systems, and procedures we maintain to ensure the functioning of the xBlock platform and articulates our commitment to align with the intricate landscape of international legal and regulatory standards, particularly in the dynamic field of cryptocurrency law. This policy is a testament to our dedication to Anti-Money Laundering (AML), Anti-Terrorist Financing (ATF) initiatives, and strict adherence to global trade and economic sanctions while remaining compliant with regulatory and law enforcement authorities.

This policy is crafted to navigate the complex and evolving regulatory environment of blockchain technology, the Compliance Policy is not just a commitment to legal compliance; it’s an embodiment of our ethical business philosophy. It integrates these regulatory principles deeply into xBlock’s operational fabric, ensuring legal conformity while fostering a culture of integrity and transparency within the blockchain ecosystem.

In doing so, it ensures we maintain a robust and compliant platform that emphasizes data privacy and user confidentiality and is a strategic blend of legal rigor and ethical practice, signifying our role as a proactive, compliant, and ethically-driven entity in the cryptocurrency domain. It supports legitimate business activities within the blockchain ecosystem. Whether regulatory, legal, or data privacy, compliance is inherent in xBlock’s DNA. We stand apart in strictly maintaining operational procedures that establish that we not only meet the current regulatory requirements but also remain agile and responsive to future legal and regulatory shifts.

Our Role and Purpose

As the leading provider of cryptocurrency transactions, xBlock specializes in providing compliant, private transaction services for businesses and dApps operating within the blockchain economy. Our platform seamlessly equips these businesses with advanced privacy tools for payment processing and user applications which prioritize the protection of their sensitive financial information.

For any business financial privacy means security. In the digital age, financial privacy is paramount for business security. Public blockchain networks potentially compromise this privacy by exposing a wallet’s transactional data. This exposure leads to vulnerabilities, where on-chain financial histories become transparent to third parties in perpetuity.

xBlock suite of services solves this threat by shielding businesses from these inherent risks.

Our purpose is to blend technological innovation with legal and ethical compliance, ensuring that financial transactions on the blockchain remain secure and private. By doing so, xBlock positions itself as a proactive guardian of financial security and confidentiality in a landscape increasingly governed by stringent regulatory oversight.

Our Platform

xBlock’s platform distinguishes itself in being 100% non-custodial. It means we never hold custody of any user assets at any time each transaction is processed discretely and independently, avoiding any pooling or control of user funds. Each transaction occurs discretely and independently with user funds never pooled or controlled by us.

At its core, the platform is a sophisticated aggregation engine seamlessly integrated with a network of compliant, non-custodial exchanges and reinforced with leading privacy protocols. This design not only guarantees transactional privacy but also reflects our commitment to adhering to the required compliance requirements in the cryptocurrency domain. Our approach balances technological innovation with compliant methodologies, positioning xBlock as a trusted and secure facilitator of digital asset transactions in the blockchain economy.

Our Compliance Team

The backbone connecting the various aspects of our Compliance Policy is our compliance team. The team is a dynamic assembly of risk assessment and management experts, which includes deep expertise in the nuances of international cryptocurrency laws and regulations. They manage platform oversight and conduct regular audits and reviews to ensure xBlock's operations remain at the forefront of legal compliance and ethical business practices.

Our Compliance Team is the cornerstone of our commitment to upholding the highest standards, ensuring xBlock navigates the complex and evolving landscape of cryptocurrency regulation with precision and integrity.

Compliance Roles

1. Compliance Officer

The Compliance Officer is responsible for the development, implementation, and oversight of our Compliance Policy. They are responsible for:

  • Ensuring the company meets all its regulatory requirements and complies with applicable laws and regulations to which it is beholden.

  • Proactively identifying potential compliance risks and taking appropriate action to mitigate them.

  • Identifying compliance issues during exchange partner audit reviews, the actions required if so, and making recommendations on outcomes to be enacted by both parties prior to the next review.

  • Determining from exchange partner audits that they continue to satisfy the requirements of our Compliance Policy.

  • Coordinating internal compliance audits of our services in conjunction with external auditors and advisors.

2. Process Owner

The Process Owner is instrumental in managing our processes and is responsible for:

  • Conducting exchange partner quarterly audits, ensuring their comprehensive fulfillment and informing the Compliance Officer of any identified issues requiring resolution.

  • Conducting issue resolution processes when a transaction is flagged as high risk or where an information request has been received by law enforcement agencies.

  • Ensuring non-compliance issues are promptly reported and addressed and taking action to ensure corrective and preventive measures address the root cause.

  • Overseeing training of team members on compliance and relevant requirements and ensuring they understand their importance.

  • Conducting internal team audits to ensure team members are adhering to our Compliance Policy.

3. IT Service Owner

The IT Service Owner is a senior member of the technology team and is responsible for:

  • Coordinating with the Compliance Manager during internal review processes.

  • Confirming the company’s technology stack and technical implementation of its services continue to remain compliant.

4. Compliance Advisors

Our external compliance advisors comprise recognised specialists in international Web3 law, AML/ATF and regulatory compliance as well as cryptography and transaction screening. Each works with the company’s management and compliance team to confirm we remain compliant, stay up to date with best practice standards, and identify areas of improvement.

Each of our advisors:

  • Participates in quarterly reviews of our Compliance Policy detailing actions necessary for us to better meet the compliance requirements of government and law enforcement authorities.

  • Progress our compliance efforts with findings reported to management and our compliance team.

Our Customers

Our customers are Web3 businesses and projects who use our platform or integrate it into their dApps for use by their users. xBlock is only intended for legal use by law-abiding customers and as such we require they act legally and properly when using and deploying our platform.

Individual platform users are subject to risk-based KYC procedures deployed by our exchange partners with xBlock customers undertaking KYB processes prior to gaining platform access.

xBlock's customer base is a reflection of our dedication to maintaining a secure, compliant, and ethical environment within the blockchain ecosystem, ensuring that our platform remains a trusted and sound choice.

Our Exchange Partners

Compliance means we strictly curate our exchange partners, using only established non-custodial exchanges that maintain rigorous industry-compliant processes. Routine reviews ensure the continuance of the policies and compliance procedures necessary to protect us, our customers, and their users, particularly in areas of Anti-Money Laundering (AML) and Anti-Terrorist Financing (ATF).

Exchange Curation

Each exchange partner is subject to an initial comprehensive risk and compliance assessment managed and conducted by the Compliance Officer and Process Owner. The key components of the assessment process each confirm the exchange’s compliance and AML/ATF credibility. Central to this process is ensuring each partner not only meets current compliance standards but is also committed to maintaining these standards through regular reviews and updates in their practices.

The assessment process for our exchange partners at xBlock is thorough and aligned with international cryptocurrency standards, encompassing several key areas:

  • User Terms and Conditions & Data Policies: We rigorously evaluate the exchange's user agreements and data-related policies, ensuring they comply with legal authority requirements and respect user rights.

  • AML Policy and Procedures: Our assessment includes a detailed review of the exchange’s AML strategies, verifying their adherence to required industry standards and effectiveness in identifying and reporting suspicious activities.

  • Law Enforcement Request Protocols: We scrutinize the exchange's procedures for handling law enforcement requests, ensuring these align with required legal and privacy standards.

  • Transaction Data Auditing: We confirm the exchange's ability to provide auditable transaction data in verifying the effectiveness of their AML systems.

  • Transaction Issue Resolution: Our review also covers how the exchange handles transaction discrepancies and disputes, focusing on compliance and user satisfaction.

  • Online Compliance Audits: With the help of external specialists, we conduct online audits to identify any potential compliance issues raised in public forums, ensuring the exchange’s reputation for integrity and responsiveness remains valid.

This comprehensive approach ensures our partners not only meet current regulatory requirements but are also committed to the highest standards of compliance and ethical practice.

Periodic Reviews

At xBlock, maintaining our high compliance standard is ensured through periodic reviews with each exchange partner, conducted at least quarterly. These reviews are critical for evaluating and enhancing our collective compliance efforts in line with international cryptocurrency law standards.

Key aspects of these reviews include:

  • Updating Terms and Conditions: We ensure all contractual agreements remain current and compliant with the latest legal standards.

  • AML Effectiveness Assessment: By scanning aggregated historical transaction data held by the exchange, we assess the effectiveness of Anti-Money Laundering measures and identify transaction risks.

  • External Online Audits: Engaging external specialists, we conduct online audits to proactively identify any compliance issues in public forums.

  • Issue Resolution Review: We evaluate how identified issues are resolved, ensuring both xBlock and the exchange take appropriate actions.

  • Progress Evaluation: Each review includes an analysis of the actions taken since the last audit, focusing on continuous improvement in compliance.

These periodic reviews are integral to xBlock's strategy, ensuring that our operations and those of our partners consistently adhere to the highest standards of compliance and risk management in the cryptocurrency domain.

Anti-Money Laundering and Anti-Terrorist Financing (AML/ATF)

All AML/AFT liability for XBlock users is the responsibility of exchange partners. They each employ advanced transaction monitoring tools, integral to our robust AML/ATF strategy. These tools include real-time, risk-based screening systems, aligning with industry best practices to detect and investigate suspicious financial activities effectively.

Adhering to international regulatory standards, our partners prevent transactions from sanctioned entities and jurisdictions listed on the United States Office of Foreign Assets Control (OFAC), ensuring xBlock avoids transactions from these sanctioned sources.

Exchange partners maintain records for their side of each transaction. This record-maintenance is required to support regulatory and law enforcement investigations, and exemplifies our commitment to legal compliance and proactive cooperation in the global fight against financial crimes in the cryptocurrency domain.

Data Processes

  • Data Collection and Storage: xBlock implements a data collection framework which adheres to data protection laws. The data we hold is encrypted and stored in secured database servers.

  • Data Retention Policy: Balancing the need for regulatory compliance with privacy and data minimization principles, we retain transaction data for 72 hours. At 72 hours this data is auto-deleted, but is still held by our exchange partners who maintain records for their side of a transaction. We only retain user data in specific circumstances where we are required to do so by exchange partners or law enforcement, or it is required by customer support in the resolution of an ongoing matter, after which it is then subject to our auto-deletion processes.

  • Data Analysis and Monitoring: Our advanced tools analyze historical transaction patterns to detect unusual activities, playing a key role in our AML/ATF efforts. Any anomalies are flagged for further investigation by our compliance team.

  • Information Sharing with Law Enforcement: When approached by law enforcement for data, we adhere to a legally compliant process, ensuring data sharing is within legal confines and in response to valid requests while safeguarding user privacy.

  • Data Security Measures: We employ robust security measures, including encryption and access controls, to protect data integrity against both internal and external threats, continually updating our practices in response to evolving cyber risks.

  • Transparency and User Rights: Our commitment to transparency allows users to understand how their data is used, with rights to access, correct, or delete their data as outlined in our privacy policy.

  • Regular Compliance Audits: Both internal and external audits are routinely conducted to ensure our data processes comply with current data protection laws and best practices, identifying and addressing any areas for improvement.

Our Compliance Processes

xBlock's compliance processes are rigorously structured to align with the stringent best practice requirements. Our approach encompasses detailed exchange assessments, thorough routine reviews, and a comprehensive transaction issue resolution mechanism.

For each exchange partner, we conduct in-depth assessments and periodic reviews to ensure continuous compliance with AML/ATF standards and regulatory mandates. These evaluations critically examine their operational practices, adherence to data privacy norms, and effectiveness in anti-money laundering measures.

This systematic approach ensures that xBlock and its partners not only meet current regulatory standards but also remain adaptable and responsive to the evolving landscape of cryptocurrency regulations.

Last updated