AML & KYC Policy
Last updated: March 1, 2025
Cannki Kicker (“we,” “us,” or “our”) is committed to the highest standards of Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) compliance. As a financial technology platform offering business formation, embedded finance, and tax services, we maintain a comprehensive compliance program designed to meet and exceed the requirements of the Bank Secrecy Act (BSA), the USA PATRIOT Act, and all applicable regulations issued by the Financial Crimes Enforcement Network (FinCEN). This policy applies to all users, employees, and partners of our platform.
Contents
- 1. Regulatory Framework & Compliance Obligations
- 2. KYC/KYB & Identity Verification
- 3. Suspicious Activity Monitoring & Reporting
- 4. FinCEN BOI API Authorization
- 5. Customer Due Diligence (CDD) & Enhanced Due Diligence (EDD)
- 6. Recordkeeping & Data Retention
- 7. Employee Training & Compliance Culture
- 8. Policy Updates & Contact
1. Regulatory Framework & Compliance Obligations
Our AML/KYC program is designed in compliance with the following federal laws and regulations:
Bank Secrecy Act (BSA): We comply with all BSA requirements including recordkeeping, reporting, and the implementation of an effective AML program designed to prevent, detect, and report suspicious financial activity.
USA PATRIOT Act: We adhere to the enhanced due diligence and customer identification requirements established by Title III of the USA PATRIOT Act, including the Customer Identification Program (CIP) requirements.
FinCEN Regulations: We follow all applicable FinCEN regulations regarding customer due diligence (CDD), beneficial ownership identification, and suspicious activity reporting obligations.
Corporate Transparency Act (CTA):We assist businesses in complying with the CTA's beneficial ownership reporting requirements through our FinCEN-authorized BOI API filing capabilities.
OFAC Sanctions: We screen all customers and transactions against the Office of Foreign Assets Control (OFAC) Specially Designated Nationals (SDN) list and other relevant sanctions lists.
2. KYC/KYB & Identity Verification
We implement rigorous Know Your Customer (KYC) and Know Your Business (KYB) procedures to verify the identity of all individuals and entities using our platform. Our identity verification process includes the following requirements:
Information Collected for Verification
Full Legal Name: As it appears on government-issued identification documents
Date of Birth: To confirm identity and perform age verification
Residential Address: Current physical address for identity confirmation and regulatory compliance
Government-Issued ID:Passport, driver's license, national ID card, or other government-issued photo identification
Employer Identification Number (EIN): For business entities using our formation and financial services
Automated Verification Technology
We utilize Didit as our identity verification provider for automated biometric checks and sanctions screening:
Biometric Liveness Checks: Didit performs real-time biometric liveness detection to confirm the person presenting the ID is physically present and not using a photo, video, or mask
Document Authentication: Government-issued IDs are scanned and verified for authenticity, checking for tampering, forgery, and expiration
OFAC Sanctions Screening: All customers are automatically screened against the OFAC SDN list and other global sanctions databases to ensure compliance with U.S. sanctions law
Global AML Screening: Didit performs comprehensive AML screening against global watchlists, Politically Exposed Persons (PEP) databases, and adverse media sources
3. Suspicious Activity Monitoring & Reporting
We maintain ongoing monitoring programs to detect and report suspicious activity in accordance with federal regulations. Our monitoring encompasses all transactions processed through our platform.
Transaction Monitoring via Stripe
We monitor transactions processed through Stripe, our payment and embedded finance partner, to detect patterns indicative of:
Money Laundering:Unusual transaction patterns, structuring, rapid movement of funds, and transactions inconsistent with the customer's known business profile
Terrorist Financing: Transactions involving sanctioned individuals, entities, or jurisdictions, and patterns associated with terrorism funding
Fraud: Identity theft, account takeover, unauthorized transactions, and synthetic identity fraud
Sanctions Evasion: Attempts to circumvent U.S. sanctions through indirect transactions or the use of intermediaries
Reporting Obligations
When suspicious activity is identified, we take the following actions:
File Suspicious Activity Reports (SARs) with FinCEN as required by law
Freeze or restrict account access pending investigation
Cooperate fully with law enforcement agencies and regulatory authorities
Terminate accounts and relationships where warranted
Maintain records of all reports and investigations for the legally required retention period
4. FinCEN BOI API Authorization
Cannki Kicker is a FinCEN Authorized BOI API Filer. We hold direct API integration with the Financial Crimes Enforcement Network to automatically collect, verify, and transmit Ultimate Beneficial Owner (UBO) data to ensure strict compliance with the Corporate Transparency Act.
As a FinCEN Authorized BOI API Filer, our platform provides the following capabilities:
- • Secure collection of beneficial ownership information
- • Verification of owner identity through government-issued IDs
- • FinCEN Identifier retrieval and management
- • Multi-owner support for complex business structures
- • Encrypted, direct submission to FinCEN's BOSS system
- • Real-time filing status tracking and confirmations
- • Automatic updates for reporting company changes
- • Secure storage of filing transcripts and receipts
5. Customer Due Diligence (CDD) & Enhanced Due Diligence (EDD)
We apply a risk-based approach to customer due diligence, with enhanced scrutiny for higher-risk customers, transactions, and geographies.
Standard Due Diligence
Verification of customer identity using government-issued documents
Confirmation of business legitimacy and purpose
Assessment of the nature and purpose of the business relationship
Identification and verification of beneficial owners holding 25% or more equity
Enhanced Due Diligence
Enhanced due diligence is applied to customers presenting higher risk factors, including:
Politically Exposed Persons (PEPs) and their family members or close associates
Customers from high-risk jurisdictions as identified by FATF or OFAC
Complex business structures with multiple layers of ownership
Transactions that are unusually large or inconsistent with the customer's profile
6. Recordkeeping & Data Retention
In accordance with BSA requirements, we maintain comprehensive records of all customer identification information, transaction data, and compliance activities:
Customer Identification Records: Maintained for a minimum of five (5) years after the account is closed or the relationship ends
Transaction Records: All transaction records are retained for a minimum of five (5) years from the date of the transaction
SAR Records: Suspicious Activity Reports and supporting documentation are maintained for a minimum of five (5) years from the date of filing
BOI Filing Records: Beneficial Ownership Information filing records and supporting documentation are retained as required by the Corporate Transparency Act
7. Employee Training & Compliance Culture
We maintain a culture of compliance through ongoing training and awareness programs:
All employees receive AML/KYC training upon onboarding and annually thereafter
Specialized training for compliance officers and customer-facing staff
Regular updates on new regulations, typologies, and emerging financial crime trends
A designated Compliance Officer responsible for overseeing the AML/KYC program
8. Policy Updates & Contact
This AML & KYC Policy is reviewed and updated at least annually, or more frequently as required by changes in applicable laws or regulations. We reserve the right to modify this policy at any time. Material changes will be communicated to users via email or through a prominent notice on our platform.
Contact Our Compliance Team
Have questions about our AML/KYC compliance program or need to report suspicious activity? Contact us.
compliance@kicker.cannki.com
Subject: “AML/KYC Inquiry”
Phone
+1 (219) 841-1596
Mon–Fri, 9 AM – 6 PM EST
Headquarters
Douglasville, GA
United States
General questions? Contact our team.