AML / KYC Policy
Last updated · 24 June 2026
BMETAL, Inc. is committed to conducting business lawfully and ethically and to preventing its services from being used to facilitate money laundering, terrorist financing, sanctions evasion, fraud, or other financial crime. This statement summarizes the principles of our Anti-Money-Laundering (“AML”), sanctions, and Know-Your-Customer (“KYC”) program. It is a public summary; our internal program contains additional confidential procedures.
1. Our commitment
We maintain a risk-based AML and sanctions compliance program designed to align with applicable laws and recognized international standards, including the recommendations of the Financial Action Task Force (FATF), U.S. requirements administered by FinCEN and OFAC, and applicable UK and EU frameworks where relevant to our activities. We do not provide services to customers who refuse to complete required verification.
2. Program governance
- A designated compliance officer is responsible for the AML and sanctions program and reports to senior management.
- The program is documented in written policies and procedures and is reviewed periodically and updated as laws and risks evolve.
- Roles and responsibilities are defined across onboarding, monitoring, and escalation.
- We engage qualified third parties for screening, and where appropriate, independent testing of the program.
3. Customer due diligence (KYC)
Before establishing a business relationship, and on an ongoing basis, we apply customer due diligence proportionate to the assessed risk. Depending on the customer, this may include collecting and verifying:
- Legal name, registered address, and jurisdiction of incorporation of the entity.
- Business registration or incorporation documents and tax identifiers.
- Identification of authorized representatives and signatories.
- Identification of ultimate beneficial owners who own or control the entity at or above applicable thresholds.
- The nature and intended purpose of the business relationship and expected use of the services.
We may decline to onboard, or may offboard, any customer who cannot or will not provide satisfactory verification, or where we are unable to satisfy ourselves as to the legitimacy of the relationship.
4. Enhanced due diligence
We apply enhanced due diligence (“EDD”) to higher-risk relationships. Factors that may trigger EDD include connections to higher-risk jurisdictions, complex or opaque ownership structures, involvement of politically exposed persons (“PEPs”), or unusual or unexplained activity. EDD measures may include obtaining additional documentation, verifying source of funds or wealth where relevant, and obtaining senior-management approval to proceed.
5. Sanctions and watchlist screening
We screen customers, their beneficial owners, and authorized representatives against applicable sanctions and watchlists, including lists maintained by the U.S. Office of Foreign Assets Control (OFAC) and other relevant authorities. We do not provide services to sanctioned persons, to persons acting on their behalf, or in connection with comprehensively sanctioned jurisdictions. Potential matches are investigated and, where confirmed, result in declining or terminating the relationship and taking any legally required action.
6. Ongoing monitoring
- We monitor relationships and activity on a risk-sensitive basis to identify activity that is inconsistent with our knowledge of the customer.
- We periodically refresh customer information and re-screen against sanctions and watchlists.
- Unusual or potentially suspicious activity is escalated for review by the compliance function.
7. Suspicious activity and reporting
Where we identify activity that we reasonably suspect involves money laundering, terrorist financing, sanctions evasion, or other financial crime, we will take appropriate action, which may include filing reports with the relevant authorities and, where legally required, restricting or terminating the relationship. Applicable law may prohibit us from disclosing (“tipping off”) that a report has been made.
8. Recordkeeping
We retain customer due-diligence records, screening results, and related documentation for the period required by applicable law, generally at least five (5) years following the end of the business relationship or the date of the relevant activity, whichever is longer. These records are handled in accordance with our Privacy Policy.
9. Training and culture
Relevant personnel receive periodic training appropriate to their roles so they can recognize and respond to financial-crime risks. We foster a culture of compliance in which employees are expected and encouraged to raise concerns.
10. Customer cooperation
As a condition of using the Services, customers agree to provide accurate and complete information, to cooperate with our due-diligence and verification requests, and to promptly notify us of material changes to their ownership, control, or use of the Services. Failure to cooperate may result in suspension or termination.
11. Contact
Questions regarding this Policy or our compliance program can be directed to compliance@bmetal.ai.
Questions about this document? Contact legal@bmetal.ai.
BMETAL, Inc. · A Delaware corporation · San Francisco, California, USA.