Spondula
PersonalHow it worksBusinessOperatorsCreatorsInsightsFAQ
Log in
PersonalHow it worksBusinessOperatorsCreatorsInsightsFAQ
Log in
Policies & legal

The fine print.

Clear, plain-English policies on how Spondula works, how we protect your data, and what you can expect from us.

Documents
Terms of UsePrivacy PolicyKYC & AMLAcceptable UseS-Token DisclaimerRisk DisclosureReferral Programme TermsOperator & Prop Trader Rulebook
  1. Home
  2. KYC & AML Policy

KYC & AML Policy

Effective 3 June 2026

1. Introduction and Defined Terms

1.1  This KYC & AML Policy (this “Policy”) governs the identity-verification, screening, monitoring, and reporting controls applied by Spondula Ltd (“Spondula”, “we”, “us”, or “our”). Spondula provides wallet, identity, and KYC infrastructure (the “Services”).

1.2  In this Policy, unless the context requires otherwise:

  1. (a)  “you” or “User” means any natural or legal person who accesses or uses the Services;
  2. (b)  “KYC” means Know Your Customer, being the procedures by which we verify the identity of a User who is a natural person;
  3. (c)  “KYB” means Know Your Business, being the equivalent procedures applied to a User that is a legal person or other entity;
  4. (d)  “AML” means Anti-Money Laundering, being the controls maintained to detect, deter, and report money laundering, terrorist financing, and related financial crime;
  5. (e)  “Operators” means independent regional and local participants who provide liquidity and external value-rail bridging within the Spondula ecosystem, and who, for the avoidance of doubt, are independent participants and not agents of Spondula; and
  6. (f)  “Spondula Chain” means the private chain on which S-Token transfers between S-Handles are recorded.

1.3  This Policy explains how our controls operate and sets out the obligations with which you must comply. We apply identity verification, screening, monitoring, and reporting controls to help maintain a secure ecosystem and to meet applicable legal, regulatory, sanctions, anti-fraud, and anti-money-laundering requirements.

2. Purpose of Identity Verification

2.1  KYC, KYB, and AML controls enable us to confirm that Users are genuine, to understand their risk profile, to screen them against sanctions lists, and to monitor activity. The verification of identity shall serve, including without limitation, to:

  1. (a)  reduce fraud, identity theft, and unauthorised account access;
  2. (b)  detect and report suspicious activity;
  3. (c)  maintain compliance with the UK Money Laundering Regulations 2017 (as amended), the EU Anti-Money Laundering Directives (AMLD), the recommendations of the Financial Action Task Force (FATF), and the UN, UK OFSI, and US OFAC sanctions regimes; and
  4. (d)  protect the Spondula community, the Operators and other independent ecosystem participants, and the integrity of the Spondula Chain.

3. When Verification Is Required

3.1  Certain features may be available with limited onboarding. Identity verification shall be required before you may access features including without limitation:

  1. (a)  credit and debit card purchases;
  2. (b)  higher transaction limits;
  3. (c)  the Sale of Tokens;
  4. (d)  certain business services;
  5. (e)  certain creator features;
  6. (f)  enhanced account limits; and
  7. (g)  other regulated services.

3.2  Verification requirements may vary depending on your jurisdiction and the applicable regulations, and shall be applied where required by applicable law.

4. Verification Tiers

4.1  Access to the Spondula wallet is tiered; features and limits unlock as you complete higher levels of verification. Specific caps are published in-app and may vary by jurisdiction, Operator availability, and risk score. The tiers are as follows:

  1. (a)  Anonymous (unverified): no KYC, requiring only email and an age-gate at onboarding; you may explore the application and read educational content. Without identity verification, card purchases are blocked and only bank transfer is available for buying tokens; higher limits and additional features unlock as you complete verification.
  2. (b)  Light KYC: name, date of birth, residential address, and a selfie with liveness check, together with sanctions-list screening; this tier unlocks small daily transfer and spend limits suitable for everyday use.
  3. (c)  Full KYC: a government-issued photo identification document (passport, driving licence, or national identity card); proof of address (utility bill, bank statement, or government letter dated within the last three (3) months); a live selfie matched against the identification photo; and PEP and adverse-media screening; this tier unlocks substantially higher daily and monthly limits, card purchases, and the Sale of Tokens.
  4. (d)  Business KYC (KYB): certificate of incorporation, memorandum and articles, and registered address; the beneficial-ownership structure for any person holding twenty-five per cent (25%) or more of the business; director identification and address verification; and source-of-funds and source-of-wealth declarations where relevant; this tier is required for merchant accounts using the Payment Gateway (invoices, POS, hosted checkout, and plugins) and for payroll use cases.
  5. (e)  Operator KYB (Regional and Local): full KYB on the operating entity and enhanced due diligence on directors and beneficial owners; proof of licence or registration in the Operator’s jurisdiction where required; source of funds for float, banking relationships, and AML programme attestation; and a signed Operator Agreement together with ongoing performance monitoring. For the avoidance of doubt, Operators are independent participants, not agents of Spondula, and shall be independently responsible for their own compliance with local law.

5. Information You Must Provide

5.1  Verification requirements may include, without limitation:

  1. (a)  your full legal name;
  2. (b)  your date of birth;
  3. (c)  your residential address;
  4. (d)  government-issued identification (passport, national identity card, driving licence, or residence permit);
  5. (e)  a selfie or biometric verification; and
  6. (f)  additional supporting documentation where required.

5.2  The exact requirements may vary depending on your country and your intended use of the platform.

6. Verification Process

6.1  The verification process shall comprise the following steps:

  1. (a)  you submit your documents through the in-app KYC flow;
  2. (b)  your documents are securely uploaded to encrypted, access-restricted storage, accessible only to compliance personnel with a documented review need;
  3. (c)  automated checks run (face match, active liveness, and sanctions screening) and, where additional layers are in use (document-fraud detection and PEP / adverse-media screening), those checks shall run as well;
  4. (d)  a human reviewer on our compliance team confirms the result, using the side-by-side review tool in the admin panel; and
  5. (e)  you are notified of the outcome, being either approval or rejection with a reason and the option to resubmit.

6.2  Most verifications are completed within minutes; we aim to complete standard manual reviews within twenty-four (24) hours. Enhanced due diligence, KYB, and Operator onboarding may take longer.

6.3  Common reasons for rejection include, without limitation, expired documents, poor image quality, missing information, damaged documents, mismatched personal details, or documents that cannot be independently verified. Where verification is unsuccessful, you may be invited to submit additional information.

7. Automated KYC Layer

7.1  Our verification pipeline uses a hybrid of in-house and paid third-party tooling, including without limitation:

  1. (a)  face matching between the selfie and the identification photo, based on face-embedding similarity;
  2. (b)  active liveness detection using real-time face-landmark challenges (for example, turn head or blink) during selfie capture;
  3. (c)  sanctions screening against the OFAC SDN, EU consolidated, UN Security Council, and UK OFSI lists, with fuzzy-name matching to catch near-miss spellings;
  4. (d)  document OCR to extract name, date of birth, expiry, and document number;
  5. (e)  document-fraud detection via third-party providers, covering template matching, photoshop detection, and security-feature checks across major document types; and
  6. (f)  PEP and adverse-media screening via a specialist data provider.

7.2  Automated scores are advisory only. A compliance officer shall make the final decision on borderline cases.

8. Sanctions Screening

8.1  We shall screen Users, beneficial owners, and payment counterparties against the UK OFSI, EU, UN, and US OFAC sanctions lists at onboarding and on an ongoing basis.

8.2  A User who matches a designated name shall be denied service. We do not provide Services to residents of comprehensively sanctioned jurisdictions.

9. Politically Exposed Persons (PEPs)

9.1  Enhanced due diligence (EDD) shall be applied to Users identified as Politically Exposed Persons, their family members, and their close associates, in accordance with UK and EU AML rules.

9.2  EDD includes, without limitation, additional source-of-funds evidence, senior-management sign-off, and more frequent review.

10. Transaction Monitoring

10.1  We shall monitor on-chain and gateway activity for patterns that may indicate suspicious activity, including without limitation:

  1. (a)  unusually large or frequent transactions relative to the User’s profile;
  2. (b)  rapid movement of value through multiple wallets or Operators (layering);
  3. (c)  structuring transactions just below reporting thresholds (structuring or smurfing);
  4. (d)  inconsistent geographies between sign-in location, transaction location, and declared residence (geographic inconsistency); and
  5. (e)  transactions involving wallets or counterparties flagged in our internal risk register.

10.2  Suspicious activity shall be reported to the relevant Financial Intelligence Unit (in the United Kingdom, the National Crime Agency (NCA) by way of a Suspicious Activity Report (SAR)) in accordance with applicable law. For the avoidance of doubt, we are generally prohibited from notifying the User that a report has been made (“tipping-off”).

11. Travel Rule and Cross-Border Transfers

11.1  Where required by applicable law or by a counterparty virtual-asset service provider, Spondula may share limited originator and beneficiary information (name, wallet address, and verification status) under applicable Travel Rule regimes (FATF Recommendation 16 and its UK and EU implementations).

11.2  We shall share only the minimum information required to satisfy the rule.

12. Document Handling and Retention

  1. 12.1  Identity verification (KYC and KYB) is carried out by our third-party verification provider, Shufti Pro, and the verification results are shared directly with Spondula.
  2. 12.2  Only compliance personnel involved in the review shall have access, and such access is audited.
  3. 12.3  Documents, verification decisions, and supporting evidence shall be retained for at least five (5) years after your last transaction or account closure, as required by the UK Money Laundering Regulations.
  4. 12.4  Selfie images are used solely for identity matching and liveness assessment and shall not be shared with third parties except KYC automation providers performing that specific check.
  5. 12.5  Spondula does not sell User personal information to third parties.

13. Ongoing Monitoring and Re-verification

13.1  We may re-verify your identity periodically, where your risk score changes, where your documents expire, or where we detect activity inconsistent with your existing profile.

13.2  Where your name, address, nationality, or other key information changes, you may be asked to update your account details and provide supporting documentation.

13.3  Failure to complete re-verification within the requested timeframe may result in feature restriction or account suspension.

14. Your Obligations

14.1  You shall:

  1. (a)  provide accurate, genuine, and up-to-date documents for verification; and
  2. (b)  notify us where your name, nationality, residential address, or PEP status changes.

14.2  You shall not:

  1. (a)  use another person’s identity or documents;
  2. (b)  fund your account from a third-party source whose name does not match your verified Spondula name (payment methods must belong to the verified account holder); or
  3. (c)  attempt to circumvent verification requirements, tier caps, or transaction monitoring.

14.3  The provision of false or fraudulent documents is a criminal offence and shall result in immediate account termination, potential referral to law enforcement, and the blocking of any associated wallet addresses from future Spondula Services.

15. Compliance Statement

15.1  Spondula uses identity-verification procedures to help maintain a secure ecosystem and to comply with applicable legal, regulatory, sanctions, anti-fraud, and anti-money-laundering requirements. Verification requirements may vary depending on jurisdiction, transaction type, account activity, risk profile, and available Services.

15.2  Spondula reserves the right to request additional information where necessary to satisfy compliance, security, fraud-prevention, or legal obligations. For the avoidance of doubt, completion of identity verification does not guarantee access to all ecosystem Services, which may remain subject to availability, eligibility, jurisdictional restrictions, and the policies of the independent ecosystem participants.

16. Contact

16.1  For questions about our KYC and AML procedures, or to submit additional documentation for a case in review, you may contact [email protected].

Spondula

Stay in touch

[email protected]
27 Old Gloucester Street
London, WC1N 3AX
United Kingdom

Legal

  • Privacy Policy
  • Terms of Use
  • KYC & AML
  • Acceptable Use
  • S-Token Disclaimer
  • Risk Disclosure
  • Referral Programme Terms

Product

  • Personal
  • Business
  • Operators
  • Creators
  • Log in

Resources

  • How it works
  • Send payments
  • Insights
  • FAQ
  • Status
The Spondula platform, S-Handle system, and underlying technology are owned by Spondula Technolgy Ltd and licensed to Spondula Ltd. Ecosystem services, participant onboarding, and compliance support are operated and provided exclusively by Spondula Ltd, a company registered in England and Wales.