Business Verification & Due Diligence Policy

Transcore operates on a B2B basis. Our direct counterparties may include merchants, payment providers, settlement counterparties, technology intermediaries, introducers and other partners that can originate, route, settle, refund or otherwise influence the movement of funds or digital assets through Transcore services.

Because our counterparties are businesses rather than retail consumers, our verification focus is centred on:

• legal-entity identity;
• beneficial ownership and control;
• authorised decision-makers;
• business model and operating footprint;
• legality and licensing where relevant;
• payment-flow and settlement-flow transparency;
• wallet, account and treasury controls; and
• the counterparty's ability to support appropriate monitoring, investigations and contractual cooperation.

No counterparty is entitled to activation merely because a commercial discussion has started or a technical integration is available. Verification must be completed to a standard appropriate for the risk presented.

Depending on the structure of the relationship, Transcore may verify one or more of the following:

• the legal entity itself;
• ultimate beneficial owners;
• controlling persons;
• directors and senior management;
• authorised signatories and operational contacts;
• settlement agents or treasury contacts;
• payment providers or local collection partners;
• relevant connected entities within the same structure; and
• wallets, accounts or other destinations connected to settlement, treasury or refunds.

Where a relationship involves layered providers, local agents, nested arrangements or non-obvious controllers, Transcore may require broader verification than would be needed for a simple single-entity structure.

As a baseline, Transcore seeks to be able to answer the following questions before approval:

1. Who is the legal counterparty?
2. Who ultimately owns or controls it?
3. Who is authorised to act on its behalf?
4. What products or services does it provide?
5. Which markets does it target and which markets are excluded?
6. Under what legal or regulatory basis does it operate, where relevant?
7. How do payments move through the arrangement?
8. Which entities, providers, accounts and wallets are involved?
9. How does settlement occur, including treasury, refunds or exceptions?
10. Is the level of transparency sufficient for onboarding, monitoring, investigations and contractual enforcement?

If those questions cannot be answered clearly, the relationship may remain pending, be declined or be terminated later if the deficiency emerges after onboarding.

A typical Transcore onboarding and verification process may include:

1. pre-screening and commercial fit assessment;
2. collection of the documentary verification package;
3. sanctions, PEP and adverse-media screening;
4. business-model and legality review;
5. ownership and control verification;
6. payment-flow and settlement-flow review;
7. wallet and settlement-destination due diligence where relevant;
8. risk rating;
9. approval at the appropriate level;
10. contract execution and completion of any conditions precedent; and
11. activation only after required controls are in place.

Additional steps may be required for higher-risk sectors, higher-risk jurisdictions, more complex provider chains or non-standard settlement structures.

The documents requested in any case depend on the nature of the relationship and the risk profile. The examples below are illustrative and not exhaustive.

5.1 Legal-entity information

We may request documents or information such as:

• certificate of incorporation or equivalent formation evidence;
• commercial registry extract, certificate of good standing or equivalent current registry proof;
• registration number and date or place of incorporation;
• registered office and principal place of business;
• constitutional or organisational documents;
• trading names and brand names;
• board, management and relationship-contact details; and
• information about the relevant contracting entity within a wider group.

5.2 Ownership and control

We may request:

• shareholder registers or equivalent shareholder evidence;
• group structure and ownership charts;
• information on intermediate entities;
• declarations, trust documents, nominee explanations or other materials needed to understand control;
• identification details for beneficial owners and controllers; and
• evidence showing who can bind the entity, issue instructions or change settlement destinations.

5.3 Relevant natural persons

For beneficial owners, directors, controllers, signatories or other relevant persons, we may request:

• full legal name;
• date of birth and nationality;
• residential address where relevant;
• government-issued identity document details;
• role or authority within the structure;
• ownership percentage or control rights; and
• screening-related information relevant to PEP, sanctions or adverse-media review.

5.4 Business model and operating profile

We may request enough information to understand:

• what the business sells or provides;
• who its customers are;
• which countries it serves or targets;
• how it acquires traffic or end users;
• which payment methods are offered and by whom;
• expected transaction counts, values, frequency and seasonality;
• expected refund, reversal, dispute or payout logic; and
• whether the proposed use case is consistent with the relationship being requested.

5.5 Legal or regulatory basis

Where relevant to the sector, geography or operating model, we may request:

• licences, registrations or approvals;
• exemption analyses;
• legal opinions or reasoned legal explanations;
• evidence of permitted geographies and restricted geographies; and
• explanations of how the business blocks or excludes prohibited markets.

Transcore may require stronger evidence where legality depends on the specific market targeted, the product offered, the type of end user accepted or the role of local payment providers.

5.6 Payment-flow and settlement-flow information

Because our services depend on transparent money movement and supportable settlement mechanics, we may request:

• payment-flow diagrams;
• settlement-flow diagrams;
• information showing where fiat is collected and by which entity;
• the names of material payment providers, acquiring partners or local collectors;
• the jurisdictions in which collection occurs;
• information about the accounts or institutions involved in collection or settlement;
• descriptions of treasury flows, refund flows and exception handling; and
• explanations of how conversion or onward settlement occurs where relevant.

5.7 Providers, agents and outsourcing chains

Where a relationship relies on third parties, we may request information about:

• collection partners;
• payout partners;
• local payment providers;
• sub-providers or nested providers;
• outsourced operational functions;
• technology intermediaries;
• settlement agents; and
• any person or entity able to influence wallet addressing, fund movement or access to transaction data.

5.8 Wallets, accounts and settlement destinations

If settlement, treasury or refunds involve wallets or non-standard destinations, we may request:

• the wallet addresses or account details intended for use;
• the purpose of each destination;
• evidence of ownership or control;
• information on whether the destination is controlled by the counterparty or by an approved third party;
• supporting information for custodial or omnibus arrangements; and
• re-verification if any destination changes.

5.9 Source of funds and source of wealth

Where justified by the risk profile, Transcore may request information about:

• operating revenues;
• source of business funds;
• treasury activity;
• source of wealth of relevant beneficial owners;
• capitalisation or funding sources;
• bank statements or audited financial statements;
• transaction explanations; and
• other evidence needed to understand whether the relationship is commercially and financially credible.

Transcore seeks to identify every natural person who ultimately owns or controls the counterparty.

As a general baseline, this may include any natural person who directly or indirectly:

• owns or controls 25% or more of the shares or voting rights;
• has the right to appoint or remove a majority of the board; or
• otherwise exercises significant influence or control.

Where a structure is layered, offshore, trust-based, nominee-based or otherwise opaque, we may trace through each layer until the relevant natural persons are identified or until we conclude that the structure cannot be satisfactorily understood.

If beneficial ownership cannot be established to a standard we consider adequate, the relationship may not proceed.

Transcore uses risk-appropriate verification methods and may rely on reliable and independent sources such as:

• official company registries;
• regulator registers;
• government-issued identification documents;
• certified corporate documents;
• reputable screening databases;
• legal opinions or external legal confirmations;
• wallet-control checks;
• custodian confirmations;
• signed instructions and authority evidence; and
• other sources reasonably appropriate to the risk.

Where documents are incomplete, inconsistent, altered, outdated, poorly translated or otherwise unreliable, Transcore may request clarification, require replacement documents, escalate the file or refuse to proceed.

Where documents are not in English, we may require a reliable translation or sufficient explanation to ensure that the content is properly understood.

8.1 Gaming, betting and casino merchants

Relationships involving gaming, betting, casino or similar activity may require additional review, including:

• corporate formation and beneficial ownership evidence;
• licensing status or legal basis to operate in each relevant market;
• geographies from which end users are accepted and the controls used to exclude prohibited markets;
• KYC, age-verification, AML, fraud and responsible-gaming controls;
• product type, expected payment patterns and cash-out logic;
• principal payment providers and collection countries; and
• settlement-wallet information and related screening results.

8.2 Forex, CFD and trading merchants

Relationships involving forex, CFD, leveraged trading or similar sectors may require additional review, including:

• licence or exemption status;
• the specific entity that contracts with end users;
• permitted and restricted jurisdictions;
• customer categorisation and onboarding controls;
• funding and withdrawal logic;
• use of PSPs, wallets and processors;
• complaints history, enforcement history or serious adverse media; and
• conduct-risk indicators associated with the product or marketing model.

8.3 Payment providers and settlement counterparties

Payment providers and similar counterparties may require enhanced due diligence because they can influence how funds are collected, routed, converted or settled. We may therefore request:

• full ownership and management information;
• legal or regulatory basis to operate;
• service descriptions and operating countries;
• banking or collection arrangements;
• information on agents, sub-providers or outsourcing;
• summaries of AML, fraud and sanctions controls;
• confirmation of transaction-data access and investigation support;
• explanation of conversion and settlement routes; and
• proof of wallet control and screening results.

Where wallets are used for settlement, treasury or refunds, Transcore may require wallet verification as a mandatory part of the file.

Acceptable evidence of wallet control may include, depending on the case:

• signed-message proof;
• micro-transfer confirmation;
• a statement from a regulated custodian;
• a confirmation from an approved settlement agent; or
• other reliable evidence that the destination is genuinely controlled by an approved party.

Wallets may be screened before approval and again during the relationship. Silent or undocumented wallet changes are not acceptable. A new or amended wallet may require refreshed due diligence and a new approval.

Before approval and, where appropriate, on an ongoing basis, Transcore may screen the counterparty and relevant persons against:

• applicable sanctions lists;
• internal watchlists;
• politically exposed person databases;
• adverse-media and reputational-risk sources; and
• other relevant public or commercial information sources used for lawful risk review.

Where relevant, wallet addresses and other settlement destinations may also be screened.

Potential matches, plausible near matches and other material alerts may require investigation before activation, amendment or continuation of the relationship.

Each counterparty may be assigned a risk outcome based on the overall profile of the relationship. Possible outcomes may include:

• approved;
• approved subject to conditions, limits or phased rollout;
• pending further information;
• restricted;
• suspended; or
• declined / terminated.

Risk assessment may take into account factors such as:

• sector risk;
• jurisdiction risk;
• ownership transparency;
• legality or licensing strength;
• payment-flow complexity;
• virtual-asset exposure and wallet risk;
• provider layering;
• sanctions, PEP or adverse-media exposure;
• expected volume and velocity; and
• the quality of cooperation, data access and auditability.

Commercial interest, revenue potential or implementation urgency do not guarantee approval.

Verification is not always a one-time exercise. Transcore may refresh files on a risk-based cycle. As a general guide, higher-risk relationships may be reviewed more frequently than lower-risk relationships, and some relationships may be refreshed at least annually.

Regardless of the ordinary review cycle, an immediate refresh may be required where, for example:

• ownership or control changes;
• directors, signatories or authorised contacts change;
• a new licensing issue or enforcement issue arises;
• serious adverse media appears;
• transaction profile, geography or product scope changes materially;
• a new settlement wallet or payment provider is introduced;
• fraud or monitoring metrics deteriorate; or
• an exception request, unusual structure or suspicious-activity concern arises.

A counterparty seeking to use Transcore services is expected to:

• provide complete, accurate and current information;
• disclose material changes promptly;
• provide supporting documentation on request;
• ensure that representatives acting on its behalf are properly authorised;
• cooperate with reasonable compliance, audit and investigation requests;
• refrain from submitting misleading, manipulated or selectively incomplete information; and
• ensure that its own activities are lawful and supportable in the markets relevant to the relationship.

Failure to meet these expectations may delay onboarding, prevent activation, cause restrictions or lead to termination.

Transcore may keep a relationship pending, restrict it, suspend it, decline it or terminate it where, for example:

• identity, ownership or control cannot be adequately verified;
• the counterparty cannot demonstrate a lawful or supportable basis for its activity where relevant;
• key payment flows, providers or wallets are not disclosed;
• the structure is too opaque for Transcore to monitor effectively;
• the wallet or destination fails verification or screening;
• sanctions exposure cannot be resolved;
• source-of-funds or source-of-wealth concerns remain unresolved;
• information remains missing, inconsistent or unverifiable after reasonable follow-up; or
• the overall relationship falls outside our risk appetite.

Transcore may also require remediation from existing counterparties. If remediation identifies a material concern, the relationship may be placed under restriction, suspended or exited.

Verification information is handled in accordance with applicable privacy and data-protection standards, internal confidentiality controls and lawful disclosure requirements.

Access to verification material is restricted to personnel and service providers with a legitimate business need or lawful basis for access.

Verification-related records may be retained for not less than five years after the end of the relationship or the relevant transaction, unless a longer period is required or appropriate.

Where personal data is collected through website forms, onboarding flows or related interaction points, the applicable privacy notice or collection notice should be read together with this Policy.

Transcore may update this Policy from time to time to reflect changes in law, regulation, products, risk appetite, counterparties, jurisdictions or internal standards. The latest version published on this website will supersede earlier public versions.

For verification-related questions, onboarding support, document-submission instructions or compliance coordination, please contact: hello@tcpay.io