BitRegalo
← Back to Home

KYC & Verification Policy

Last updated: 6/8/2026

Legal Basis

This policy is designed in accordance with the New Zealand Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (AML/CFT Act). BitRegalo® Limited is a technology platform provider, not a reporting entity under Section 5 of the AML/CFT Act. However, we implement voluntary Customer Due Diligence (CDD) as a best practice and risk mitigation measure.

1. Purpose

This policy outlines BitRegalo's approach to user verification and Know Your Customer (KYC) procedures. Our tiered verification system balances regulatory compliance with user privacy and ease of use.

2. Legal Framework

BitRegalo is NOT a reporting entity under the AML/CFT Act 2009 because:

  • We provide technology services, not financial services
  • BTR and Regalo tokens are utility credits, not financial products
  • Escrow is a platform feature, not a financial service
  • We do not hold client funds or operate as a financial institution

However, we voluntarily implement CDD measures to:

  • Mitigate money laundering and terrorist financing risks
  • Comply with the occasional transaction threshold (NZD $1,000)
  • Establish business relationships with service providers
  • Protect the Platform and its users from fraud

3. Tiered Verification System

3.1 Tier 1: Gifters (Buyers) — Low Value

Transaction Value: Under NZD $1,000

Verification Required: None

Legal Basis: Section 11 of AML/CFT Act — CDD not required for occasional transactions under NZD $1,000

Requirements:

  • Email address (for account creation)
  • Wallet address (for transactions)
  • No identity documents required

3.2 Tier 2: Gifters (Buyers) — High Value

Transaction Value: NZD $1,000 or above

Verification Required: Basic Identity Verification

Legal Basis: Section 11 of AML/CFT Act — CDD required for occasional transactions of NZD $1,000 or more

Requirements:

  • Government-issued photo ID (passport, driver's license, or national ID)
  • Selfie with ID (for liveness check)
  • Email verification
  • No proof of address required

3.3 Tier 3: Service Providers

Verification Required: Full Identity Verification (Enhanced CDD)

Legal Basis: Section 11 of AML/CFT Act — Establishing a "business relationship" requires CDD

Requirements:

  • Government-issued photo ID
  • Proof of address (utility bill, bank statement — within 3 months)
  • Business registration documents (if operating as a business)
  • Tax identification number (for tax reporting obligations)
  • Selfie with ID
  • Source of funds declaration (for high-volume providers)

Rationale: Service providers receive payments from multiple sources, creating higher money laundering risk. They also have tax reporting obligations that require verified identity.

3.4 Tier 4: Enterprise Clients

Verification Required: Enhanced Due Diligence (EDD)

Requirements:

  • All Tier 3 requirements
  • Corporate registration documents
  • Beneficial ownership information (individuals owning 25% or more)
  • Directors and authorized signatories identification
  • Compliance certifications (AML/CFT program, if applicable)
  • Ongoing monitoring and periodic re-verification (annually)

4. Verification Process

BitRegalo uses third-party verification providers (such as SumSub) to process identity documents. The verification process:

  • Documents are encrypted and stored securely
  • Only verification status (verified/unverified) is stored on-chain, not personal data
  • Verification typically completes within 24-48 hours
  • Users are notified of verification status via email
  • Failed verifications can be resubmitted with corrected documents

5. Ongoing Monitoring

BitRegalo implements automated transaction monitoring to detect suspicious activity:

  • Velocity limits (maximum transactions per day/week)
  • Unusual transaction patterns (structuring, rapid succession)
  • Geographic risk (transactions from sanctioned countries)
  • High-risk counterparties (known illicit addresses)

Suspicious activity may result in:

  • Temporary account restrictions
  • Request for additional verification
  • Account termination
  • Voluntary reporting to authorities (if required by law)

6. Data Privacy & Retention

Verification data is handled in accordance with the Privacy Act 2020:

  • Personal data is encrypted at rest and in transit
  • Only necessary data is collected (data minimization principle)
  • Data is retained for 7 years after account closure (as per AML/CFT Act Section 48)
  • Users can request access to their verification data
  • Verification data is not shared with third parties except as required by law

7. Exemptions & Special Cases

7.1 Recurring Transactions

Users who conduct multiple transactions that individually are under NZD $1,000 but collectively exceed this threshold may be required to complete Tier 2 verification.

7.2 Suspicious Activity

BitRegalo reserves the right to require verification at any tier if suspicious activity is detected, regardless of transaction value.

7.3 Sanctioned Jurisdictions

Users from sanctioned countries or territories may be subject to enhanced verification or restricted from using the Platform.

8. User Rights

Under the Privacy Act 2020, users have the right to:

  • Access their verification data
  • Request correction of inaccurate information
  • Request deletion of verification data (subject to legal retention requirements)
  • Complain to the Privacy Commissioner if they believe their privacy has been breached

9. Changes to This Policy

BitRegalo may update this policy from time to time. Material changes will be notified via email or Platform announcement. Continued use of the Platform after changes constitutes acceptance of the updated policy.

10. Contact Information

For questions about this KYC Policy or verification requirements, please contact BitRegalo® Limited through our official website or support channels.

BitRegalo® Limited
New Zealand Registration: 7699356
Website: bitregalo.com