Hanzo
PlatformLux Financial

Compliance Engine

Multi-jurisdiction compliance with 30+ regulatory regimes, PEP/EDD screening, offering-type gating, and federated entity management.

Compliance Engine

The Lux compliance engine provides pre-trade gating across 30+ regulatory jurisdictions. Every order is validated against the submitting account's compliance status before reaching the matching engine.

Jurisdiction Support

Per-Jurisdiction KYC Minimums

Each jurisdiction enforces specific KYC levels depending on the asset class:

JurisdictionCryptoEquitiesDerivativesRegulator
USStandard (2)Standard (2)Enhanced (3)SEC/FINRA
UKStandard (2)Standard (2)Standard (2)FCA
EUStandard (2)Standard (2)Standard (2)MiFID II/MiCA
SGStandard (2)Standard (2)Enhanced (3)MAS
HKEnhanced (3)Standard (2)Enhanced (3)SFC
IMBasic (1)Standard (2)Standard (2)FSA
AEStandard (2)Standard (2)Enhanced (3)DFSA/VARA
JPEnhanced (3)Standard (2)Enhanced (3)JFSA
SAStandard (2)Enhanced (3)Enhanced (3)CMA
KYBasic (1)Standard (2)Standard (2)CIMA

KYC Levels: 0 = None, 1 = Basic (email/phone), 2 = Standard (ID verified), 3 = Enhanced (accredited/professional)

PEP Screening

Politically Exposed Persons require Enhanced Due Diligence before trading:

PEP StatusRequirementsTrading Allowed
directEDD completed + Source of Funds verifiedYes (after clearance)
relatedEDD completed + Source of Funds verifiedYes (after clearance)
formerStandard KYC sufficient (cooled off)Yes
(none)Standard flowYes

Source of Funds Categories

  • employment — Salary/wages
  • investments — Returns from portfolio
  • inheritance — Inherited wealth
  • business — Business income
  • pension — Retirement funds
  • property — Real estate proceeds
  • other — Requires manual review

FATF High-Risk Countries

Accounts from FATF high-risk jurisdictions require Enhanced KYC (level 3) regardless of asset class. The high_risk_country flag is set during account registration and triggers automatic escalation.

Adverse Media

Accounts flagged for adverse media (adverse_media: true) must have edd_required: true before trading is permitted. This is typically set after screening against adverse media databases.

Offering Types

The compliance engine supports offering-type gating for securities offerings:

US (SEC)

OfferingRequirements
Reg D 506(b)Accredited investors only (up to 35 non-accredited)
Reg D 506(c)Accredited investors only (verified)
Reg SNon-US persons only
Reg A+All investors (Tier 1: 20Mcap,Tier2:20M cap, Tier 2: 75M cap)
Reg CFAll investors ($5M cap, income-based limits)

UK (FCA)

OfferingRequirements
Private PlacementProfessional/institutional only
Public OfferingStandard KYC

EU (MiFID II / MiCA)

OfferingRequirements
MTF/OTFStandard KYC
MiCACrypto-specific compliance

MENA

OfferingRequirements
DFSA (UAE)Professional client status
Saudi CMAQualified investor
Bahrain CBBStandard KYC
Qatar QFCProfessional client
Kuwait CMALicensed investors
Oman CMAStandard KYC

IOM / Crown Dependencies

OfferingRequirements
IOM FSABasic KYC (crypto), Standard (securities)

Reg CF Annual Limits

For US Reg CF offerings, the compliance engine enforces SEC annual investment limits:

If (annualIncome < $124K AND netWorth < $124K):
    limit = max($2,200, 5% of lesser(income, netWorth))
Else:
    limit = 10% of lesser(income, netWorth)

Hard cap: $124,000 per year

API

Register Account Compliance

POST /api/v1/accounts/{accountId}/register
{
  "jurisdiction": "IM",
  "country": "IM",
  "client_type": "individual",
  "kyc_level": 2,
  "aml_cleared": true,
  "accredited": false,
  "professional": false,
  "sanctioned": false,
  "max_order_size": 100000,
  "daily_limit": 500000,
  "pep_status": "",
  "source_of_funds": "employment",
  "sof_verified": true,
  "adverse_media": false,
  "high_risk_country": false,
  "edd_required": false,
  "tax_residency": "IM",
  "entity_id": "lux-im-001"
}

Bank Auto-Sync

The Bank API's ComplianceSyncService automatically pushes compliance status to the CEX on:

  • Account registration
  • Risk assessment updates
  • KYC level changes
  • PEP screening results

Scheduled full sync runs every hour.

Source

  • CEX compliance: luxfi/cex/pkg/compliance/ (Go)
  • Bank sync: luxfi/bank/app/api/src/trading/compliance-sync.service.ts (TypeScript)
  • Bank models: luxfi/bank/pkg/models/src/users/entities/account.entity.ts
  • Tests: 48 passing tests across all jurisdictions, offering types, PEP/EDD, and federation

How is this guide?

Last updated on

MPC Wallets

Non-custodial MPC-powered wallets for customers and institutional clients with threshold signatures and key share rotation.

Surveillance (KYT)

Real-time market surveillance and Know Your Transaction monitoring with wash trading, structuring, velocity, and parabolic price spike detection.

On this page

Compliance Engine
Jurisdiction Support
Per-Jurisdiction KYC Minimums
PEP Screening
Source of Funds Categories
FATF High-Risk Countries
Adverse Media
Offering Types
US (SEC)
UK (FCA)
EU (MiFID II / MiCA)
MENA
IOM / Crown Dependencies
Reg CF Annual Limits
API
Register Account Compliance
Bank Auto-Sync
Source