KYC / AML Policy

    This KYC / AML Policy (“Policy”) sets forth the principles and procedures by which Codoser.com (“Codoser,” “we,” “our,” “us”) complies with Know Your Customer (KYC) and Anti-Money Laundering (AML) obligations under applicable laws.

Codoser is committed to preventing money laundering, terrorist financing, fraud, and illicit activities through its marketplace. This Policy applies to all users — including authors, buyers, affiliates, and partners — and is aligned with international AML/CFT frameworks (e.g., FATF), Indian regulations under PMLA, 2002, and other applicable global laws.

By using Codoser, users agree to undergo identity verification and cooperate with compliance measures as outlined in this Policy.

1. Scope of the Policy

1.1 This Policy applies to all individuals and entities interacting with Codoser, including:

• Authors (sellers) listing products
• Buyers making purchases
• Affiliates earning commissions
• Payment and withdrawal recipients
  1.2 It governs identity verification, transaction monitoring, recordkeeping, reporting obligations, and enforcement.

2. Regulatory Framework

2.1 Codoser’s KYC / AML program is based on:

• Financial Action Task Force (FATF) Recommendations
• European Union AML Directives (AMLD)
• U.S. Bank Secrecy Act (BSA) and AML regulations
• Indian Prevention of Money Laundering Act (PMLA), 2002 and RBI guidelines
• Other applicable national laws depending on the user’s jurisdiction.
  2.2 Where local regulations impose stricter requirements, those take precedence.

3. Objectives

3.1 The primary objectives of this Policy are to:

• Verify user identities and legitimacy
• Detect and deter suspicious activities
• Comply with AML/CFT legal obligations
• Maintain marketplace integrity
• Protect users from fraud and misuse

4. Risk-Based Approach

4.1 Codoser adopts a risk-based approach to KYC and AML, applying different levels of due diligence depending on user type, transaction size, jurisdiction, and behavior.
4.2 Higher-risk users or transactions are subject to enhanced checks.

5. Customer Identification Program (CIP)

5.1 Codoser maintains a structured Customer Identification Program.
5.2 Users must provide valid, accurate, and complete identity information during onboarding or before specific activities (e.g., withdrawals, high-value purchases).
5.3 CIP applies to both individuals and entities.

6. Individual KYC Requirements

6.1 Individual users (authors, buyers, affiliates) may be required to provide:

• Full legal name
• Date of birth
• Nationality
• Government-issued identification (e.g., passport, Aadhaar, PAN, driver’s license)
• Address proof (e.g., utility bill, bank statement)
  6.2 Documents must be clear, valid, and verifiable.

7. Entity (Business) KYC Requirements

7.1 Legal entities must provide:

• Legal name and business registration documents
• Tax Identification Number (e.g., GSTIN, VAT ID)
• Certificate of incorporation or registration
• Authorized representative details
• Ownership and control structure
  7.2 Additional documentation may be required for high-risk jurisdictions.

8. Verification Methods

8.1 Codoser may use manual and automated methods to verify documents and identities.
8.2 Verification may involve:

• Cross-referencing government databases
• Third-party verification services
• Video KYC where required by regulations
  8.3 Users may be asked to provide additional documents or complete liveness checks.

9. Timing of Verification

9.1 KYC must be completed:

• Authors: before listing products or receiving payouts
• Affiliates: before first commission withdrawal
• Buyers: before certain high-value transactions or suspicious activity reviews
  9.2 Failure to complete verification may restrict platform functionality.

10. Ongoing Due Diligence

10.1 KYC is not a one-time process. Codoser conducts periodic reviews of user information.
10.2 Users may be asked to re-submit documents or update information periodically, especially after regulatory changes or suspicious activity flags.

11. Enhanced Due Diligence (EDD)

11.1 For high-risk users or transactions, Codoser applies Enhanced Due Diligence, which may include:

• Additional identity verification
• Source of funds and wealth checks
• Independent background checks
• Transactional behavior monitoring
  11.2 EDD is mandatory for users from high-risk jurisdictions identified by FATF or local authorities.

12. Politically Exposed Persons (PEPs)

12.1 Codoser identifies and applies enhanced monitoring to Politically Exposed Persons, their family members, and close associates.
12.2 PEPs must declare their status during onboarding.
12.3 Additional approvals may be required before enabling transactions for PEPs.

13. Beneficial Ownership Disclosure

13.1 For legal entities, the ultimate beneficial owners (UBOs) holding 25% or more ownership or control must be disclosed.
13.2 Documentation proving beneficial ownership must be provided and verified.
13.3 Failure to disclose UBOs accurately may result in account suspension.

14. Transaction Monitoring

14.1 Codoser monitors transactions continuously to detect unusual, suspicious, or structured activities.
14.2 Monitoring may include:

• Transaction volume spikes
• Irregular withdrawal patterns
• Multiple accounts with linked payment methods
• Activity inconsistent with user profiles
  14.3 Automated alerts are reviewed by compliance officers.

15. Suspicious Transaction Indicators

15.1 Examples of suspicious behavior include:

• Large transactions inconsistent with account activity
• Rapid movement of funds between unrelated accounts
• Use of false or stolen identities
• Attempts to avoid KYC by splitting transactions
• Use of multiple accounts to obscure ownership
  15.2 Detection triggers enhanced scrutiny and potential reporting.

16. Reporting Obligations

16.1 Codoser complies with legal obligations to file reports with relevant authorities for suspicious or prescribed transactions, including:

• Suspicious Transaction Reports (STR)
• Cash Transaction Reports (CTR), where applicable
• Regulatory or tax authority notifications
  16.2 Reports are filed confidentially without informing the user, in compliance with tipping-off prohibitions.

17. Cooperation with Authorities

17.1 Codoser cooperates with law enforcement, financial intelligence units (FIUs), and regulatory bodies globally.
17.2 This includes sharing KYC information, transactional data, and audit logs upon lawful requests.

18. Recordkeeping

18.1 KYC and transaction records are retained securely for at least 5 years or longer if required by law.
18.2 Records include documents, verification logs, transaction histories, and communications.
18.3 These records are available to regulators and law enforcement upon request.

19. Data Protection and Privacy

19.1 All KYC and AML data is processed in accordance with data protection laws (e.g., GDPR, CCPA, Indian IT Act).
19.2 Access to sensitive data is restricted to authorized compliance personnel.
19.3 Data is encrypted and stored securely.

20. Use of Third-Party Service Providers

20.1 Codoser may engage regulated third-party KYC/AML service providers to verify user identities and monitor activity.
20.2 Such providers are contractually obligated to maintain confidentiality and legal compliance.

21. Cross-Border Data Transfers

21.1 In some cases, KYC data may be transferred internationally for verification or compliance purposes.
21.2 Such transfers comply with applicable cross-border data protection regulations.

22. Sanctions and Watchlists

22.1 Codoser screens users against global sanctions lists, including:

• United Nations
• U.S. OFAC
• EU Sanctions
• Indian government lists
  22.2 Matches are escalated to compliance officers for review and potential reporting.

23. High-Risk Jurisdictions

23.1 Users from FATF-identified high-risk or non-cooperative jurisdictions are subject to enhanced scrutiny.
23.2 Additional documentation or transaction restrictions may apply.

24. Prohibited Transactions

24.1 Codoser prohibits transactions related to:

• Money laundering or terrorist financing
• Illegal trade or sanctioned goods
• Fraudulent schemes
• Child exploitation or human trafficking
• Any activity violating applicable law
  24.2 Detected violations result in immediate account suspension and legal reporting.

25. Restrictions Pending Verification

25.1 Until KYC is completed, users may face restrictions such as:

• No payouts or withdrawals for authors and affiliates
• Purchase limits for buyers
• Account feature limitations
  25.2 These restrictions ensure compliance and risk mitigation.

26. Account Freezing

26.1 Accounts may be temporarily frozen if suspicious activity is detected or required by law.
26.2 Freezing may affect withdrawals, purchases, or access to products.
26.3 Affected users will be notified unless prohibited by law.

27. Account Termination for Non-Compliance

27.1 Failure to comply with KYC/AML requirements after notice may lead to account termination.
27.2 Terminated users for AML reasons may be permanently blacklisted from re-registration.

28. Appeals and Clarifications

28.1 Users may appeal decisions related to KYC/AML measures by providing additional documents or explanations.
28.2 Appeals do not suspend legal reporting obligations.

29. Training and Compliance Personnel

29.1 Codoser maintains trained compliance staff to oversee KYC/AML functions.
29.2 Staff undergo regular training on regulatory developments, red-flag detection, and secure data handling.

30. Internal Audits and Reviews

30.1 Codoser conducts periodic internal audits of its KYC/AML systems to ensure effectiveness and legal compliance.
30.2 Independent external audits may also be commissioned.

31. Independent Compliance Function

31.1 Codoser maintains an independent compliance function responsible for oversight of KYC/AML measures.
31.2 This function operates separately from business operations to ensure impartiality.
31.3 The compliance team reports directly to senior management and, where applicable, regulatory authorities.

32. Appointment of Compliance Officer

32.1 Codoser designates a qualified Compliance Officer to implement this Policy.
32.2 The Compliance Officer’s responsibilities include:

• Overseeing KYC/AML procedures
• Reporting suspicious activity to authorities
• Ensuring training and regulatory updates
• Reviewing high-risk cases
  32.3 The Compliance Officer acts as the point of contact for law enforcement and regulators.

33. User Cooperation Obligations

33.1 Users must cooperate fully with all KYC and AML procedures, including document submission, interviews, or clarification requests.
33.2 Refusal to cooperate or providing incomplete responses may result in account restrictions or reporting to authorities.
33.3 Cooperation is a mandatory condition for continued use of Codoser.

34. Prohibition on Tipping Off

34.1 Users, employees, and partners are strictly prohibited from “tipping off” any person under investigation or subject to suspicious activity reporting.
34.2 Tipping off includes directly or indirectly informing users of ongoing AML reviews or reports.
34.3 Breaches may result in disciplinary action and legal penalties.

35. Detection of Structuring and Smurfing

35.1 Codoser monitors for structuring or “smurfing” activities, where users split transactions to evade reporting thresholds.
35.2 Detected patterns may trigger enhanced due diligence or reporting to authorities.
35.3 Repeated structuring attempts lead to account suspension and investigation.

36. Use of Technology in AML

36.1 Codoser employs machine learning and rule-based systems to detect suspicious patterns and automate alerts.
36.2 These systems monitor real-time transactions, user behavior, device fingerprints, and geolocation data.
36.3 Alerts are reviewed by human compliance analysts to avoid false positives.

37. Affiliate Program AML Compliance

37.1 Affiliates must also undergo KYC verification before payouts.
37.2 Affiliate commissions derived from fraudulent or illegal activity are forfeited.
37.3 Affiliates found to be complicit in money laundering schemes will be permanently banned and reported.

38. Escrow and Holding Periods

38.1 Codoser may apply escrow or holding periods on transactions to allow time for AML reviews.
38.2 High-value author payouts or bulk withdrawals may be held temporarily for verification.
38.3 Funds are released only after compliance clearance.

39. Payment Methods Monitoring

39.1 All payment methods used on the platform are monitored for AML risks.
39.2 Codoser does not support anonymous or untraceable payment methods (e.g., certain cryptocurrencies without KYC).
39.3 Transactions involving high-risk payment instruments may require additional scrutiny.

40. Restrictions on Anonymous Use

40.1 Codoser does not permit fully anonymous accounts for financial transactions.
40.2 Basic identity verification is required for all transactional activities, even for low-value users, to maintain regulatory compliance.

41. Prohibited Activities under AML Laws

41.1 Users may not engage in activities including but not limited to:

• Laundering proceeds of crime
• Financing terrorism or sanctioned entities
• Structuring transactions to avoid detection
• Using false identities or shell companies for illicit purposes
  41.2 Detection leads to immediate freezing and reporting to authorities.

42. Reporting to Financial Intelligence Units (FIUs)

42.1 Codoser reports suspicious activities to relevant FIUs, including:

• FIU-IND for Indian users
• Other national FIUs depending on jurisdiction
  42.2 Reports follow prescribed formats and timelines under respective laws.

43. Cooperation with International Regulators

43.1 Codoser cooperates with foreign regulators in AML/CFT investigations where legally required.
43.2 Information sharing complies with applicable data protection and mutual legal assistance treaties (MLATs).

44. High-Value Transaction Controls

44.1 High-value transactions are subject to additional verification, including source of funds checks.
44.2 Users may be asked to provide bank statements, tax documents, or contracts justifying the transaction.
44.3 Unjustified high-value activity triggers enhanced due diligence or reporting.

45. Dormant and Inactive Accounts

45.1 Dormant accounts may be flagged for additional verification before reactivation.
45.2 Large transactions from dormant accounts raise AML alerts.

46. Regulatory Inspections

46.1 Codoser may be subject to regulatory inspections and audits regarding AML/KYC compliance.
46.2 All records and systems must be made available to regulators upon lawful request.

47. Consequences of Non-Compliance

47.1 Non-compliance with this Policy may result in:

• Account restrictions or termination
• Freezing of funds
• Confiscation of illicit earnings
• Reporting to authorities
• Civil or criminal prosecution
  47.2 Consequences depend on the severity and intent of violations.

48. Voluntary Disclosure by Users

48.1 Users who voluntarily disclose errors or suspicious activities in their accounts may receive leniency if done proactively and in good faith.
48.2 Voluntary reporting does not exempt users from legal obligations but may influence enforcement discretion.

49. Fraud Prevention Synergy

49.1 AML controls work in synergy with fraud detection mechanisms, chargeback monitoring, and risk management policies.
49.2 Detected fraud often triggers AML investigations, and vice versa.

50. Integration with Other Platform Policies

50.1 This Policy must be read in conjunction with:

• Terms of Use
• Author Policy
• Buyer Policy
• Refund & Cancellation Policy
• Data Security Policy
  50.2 Together, these form the comprehensive compliance framework for Codoser.

51. Legal Liability Disclaimer

51.1 While Codoser implements robust KYC/AML measures, ultimate legal responsibility for illicit transactions lies with the individuals or entities engaging in such acts.
51.2 Codoser complies with legal obligations but does not act as a financial guarantor.

52. Policy Review and Updates

52.1 This Policy is reviewed periodically to align with evolving regulatory standards, FATF guidance, and industry best practices.
52.2 Updates may occur without prior individual notice, and users are responsible for staying informed.

53. Training and Awareness for Users

53.1 Codoser may provide educational resources to help users understand their AML obligations.
53.2 These may include onboarding notices, FAQs, and training for high-volume authors or affiliates.

54. Non-Waiver

54.1 Failure by Codoser to enforce any provision of this Policy shall not be construed as a waiver of future enforcement rights.

55. Severability

55.1 If any clause of this Policy is found unenforceable, the remaining clauses shall continue in full effect.
55.2 Invalid provisions will be replaced with legally valid terms closest to their original intent.

56. Governing Law and Jurisdiction

56.1 This Policy is governed by the laws of India, including the Prevention of Money Laundering Act, 2002, and relevant international AML/CFT standards.
56.2 Jurisdiction for disputes follows the Terms of Use and applicable regulatory frameworks.

57. Policy Modifications

57.1 Codoser may modify or update this Policy at any time to comply with regulatory changes or internal operational improvements.
57.2 Updated versions are published on the platform.

58. User Responsibility to Stay Informed

58.1 Users are responsible for reviewing this Policy periodically.
58.2 Continued use of Codoser after updates constitutes acceptance of revised terms.

59. Enforcement and Oversight

59.1 Senior management oversees KYC/AML enforcement through regular compliance reports.
59.2 Independent audits may be conducted to ensure accountability.

60. User Acknowledgment

60.1 By using Codoser, users acknowledge that they have read, understood, and agreed to this KYC / AML Policy.
60.2 Compliance is mandatory for authors, buyers, affiliates, and all participants in the platform’s ecosystem.