AML / KYC Policy
Last updated: 19 June 2026 · Version 1.0
This Policy is published by VND Exchange ("the Operator", "we"), a private exchange service operated without a separate legal entity. The Operator is reached through one channel only: the Telegram bot and mini-app @VNDExchangeRobot. No other support handle, email address, registration number, or licence is published, and any contact claiming to be us through another channel should be treated as fraudulent.
VND Exchange is not a bank, credit institution, payment or e-money institution, broker, licensed currency dealer, or licensed crypto exchange. It is not licensed or supervised by the State Bank of Vietnam or by any other authority. We act as a principal counterparty: we buy and sell the asset on our own account for one-off exchange operations. We are not your agent, broker, fiduciary, adviser, or custodian, and we owe you no advisory or "best execution" duty. Nothing here is investment, legal, or tax advice. Cryptocurrency, including USDT, is treated throughout as property (a digital asset) and never as money, legal tender, or a means of payment.
This Policy applies to your use of the website, the Telegram bot, and the mini-app. It sits alongside our Public Offer, Privacy Policy, Consent to Processing of Personal Data, Risk Disclosure, and Refund & Cancellation Policy. Where this Policy and the Public Offer overlap, read them together.
1. Our commitment and how we approach risk
1.1. We run our own checks on every counterparty and every incoming asset because it protects us, and it protects honest clients, from stolen funds, scams, and disputed payments. This is a commercial fraud-prevention requirement we set for ourselves, not a regulated-institution obligation.
1.2. We do not claim to detect or block all illicit funds. What we do is screen, ask questions when something looks wrong, and reserve the right to refuse a deal at our discretion. The depth of a check scales with the size of the operation and with how risky it looks.
1.3. We would rather lose a deal than process tainted funds. If a check does not satisfy us, the deal does not proceed, regardless of how far along it is.
2. Verification tiers
2.1. We apply an internal, risk-based threshold of USD 5,000 per single operation (or the equivalent in another currency at the rate applied to the order).
2.2. Below the threshold. A one-off exchange that looks low-risk runs through a simplified flow. We may still ask for basic confirmation of who you are and where the asset came from, but we do not require full identity verification as a matter of course.
2.3. At or above the threshold. Larger operations move to enhanced verification before we release anything. The rationale is plain: bigger amounts carry bigger exposure for both sides, and a disputed or frozen large transfer is far harder to unwind than a small one. Verifying identity and source of funds up front is how we keep that exposure manageable.
2.4. The threshold is a default, not a ceiling on our discretion. We may require full verification at any amount, including well below USD 5,000, whenever a risk trigger applies (see Section 3). Splitting one larger exchange into several smaller ones does not avoid verification; we look at the operation, not the slice.
3. Triggers for verification at any amount
We may request identity and source-of-funds verification at any amount, and pause the deal until we have it, where any of the following applies:
- the transaction or your conduct raises suspicion of fraud, theft, or laundering;
- there are signs of structuring or splitting to stay under a threshold;
- a counterparty, wallet, or requisite matches a sanctions or watch list;
- we have doubt about the lawful origin of the funds or asset;
- the incoming crypto returns a low cleanliness score on screening (see Section 5);
- the requisites, names, or geolocation/IP signals around the order are inconsistent or evasive;
- you decline to answer reasonable questions about the deal.
4. Documents we may collect
4.1. For verification we typically ask for a clear photograph of a valid government-issued identity document and a selfie of you holding it, so the document can be matched to the person.
4.2. For larger deals, or where a trigger in Section 3 applies, we may also ask for evidence of the source of the funds or the asset — for example, an exchange or wallet statement, a payslip or contract, or a sale record.
4.3. We collect only what we need for the check in front of us. How we store and keep these documents is set out in our Privacy Policy and in Section 12 below.
5. Screening of incoming crypto, and what a "fail" means
5.1. Incoming cryptocurrency is screened through a third-party blockchain-analytics provider before we treat the exchange as good.
5.2. An incoming transaction fails the AML check when either of these is true:
- the token "cleanliness" score is below 80%; or
- the funds are linked to sanctions, to scam or fraud activity, to darknet markets, or to mixers or tumblers.
5.3. A failed check stops the exchange. Where funds have already reached us, they are handled under Section 10 and our Refund & Cancellation Policy: we return them to the originating source, less 50%, after we have confirmed your identity.
5.4. Screening providers and their scoring change over time. We may update the provider, the tooling, or the exact scoring inputs without notice; the 80% line and the linkage categories in 5.2 are the standing rule.
6. Sanctions, politically-exposed persons, and location screening
6.1. We screen counterparties, wallet addresses, and payment requisites against sanctions and watch lists. We also weigh whether a counterparty appears to be a politically-exposed person, which calls for closer scrutiny.
6.2. We look at geolocation and IP signals to judge where a counterparty is acting from and to spot evasion.
6.3. You must not use the Service if you, or anyone on whose behalf you act, are a sanctioned or listed person, or are acting for one. We may refuse or stop any deal on this ground alone.
7. Prohibited and restricted jurisdictions
7.1. The Service is not directed to any place where offering or using it would be unlawful. You are responsible for the legality of using the Service where you are.
7.2. We may decline to deal with a counterparty connected to a jurisdiction we have chosen to restrict, and we may apply enhanced verification or refuse outright on that basis, at our discretion.
8. Ongoing monitoring and red flags
8.1. We monitor the operations we handle and watch for patterns that point to abuse. Among the red flags we act on:
- exposure to mixers, tumblers, darknet markets, scam addresses, or sanctioned wallets;
- a payment that arrives from a requisite different from the one named in the order;
- a sender or recipient name that does not match the verified counterparty;
- attempts to route a deal through, or on behalf of, an undisclosed third party;
- amounts or timing arranged to dodge a verification threshold;
- reluctance to verify, or shifting and inconsistent answers about the deal.
8.2. A red flag does not by itself prove wrongdoing, but it lets us slow a deal down, ask for more, or decline.
9. Our rights when something looks wrong
When a check, a screen, or a red flag warrants it, we may, at our sole discretion and without prior notice:
- freeze or hold funds or the asset connected to the order;
- pause or suspend the deal;
- require identity and source-of-funds documents before we release anything;
- refuse the operation; and
- cancel the order.
We exercise these rights to protect ourselves and other clients from fraud and tainted funds. Acting on any of them does not make us liable to you, and it does not entitle you to a recalculation of your exchange at any other rate.
10. Handling of a failed AML check
10.1. Where an incoming exchange fails the AML check under Section 5, we do not complete it. We return the funds to the originating source only, less 50%, after we have confirmed your identity.
10.2. The return is made in the same asset and at the original amount received, never recalculated at the current or any other rate, and net of network or bank costs and the 50% holdback. The full mechanics, including the separate rule for a payment made from a non-matching requisite (a 30% penalty, with the remainder returned), are in the Refund & Cancellation Policy.
11. Sender/recipient match, no third parties, one account
11.1. Match. The requisite you pay from, and the requisite you receive into, must belong to you and must match what is recorded against the order. A payment from a requisite different from the one specified in the order is treated as a mismatch and is subject to the 30% penalty in the Refund & Cancellation Policy.
11.2. No third parties. You must act for yourself, with your own funds. We do not knowingly deal with funds being moved for, or paid out to, an undisclosed third party.
11.3. One account. Use a single account per person. Operating multiple or duplicate accounts, or using someone else's, lets us suspend the accounts involved and stop any deal in progress.
12. How long we keep records
12.1. We keep identity and transaction records for up to three years after your last operation with us. Beyond that, we keep personal data only for as long as we genuinely need it to provide the Service.
12.2. What we collect, why, and your rights over it are set out in the Privacy Policy.
13. Your cooperation
13.1. You must give accurate, current, and complete information when we ask, and supply requested documents within a reasonable time. Verification details should be legible and unaltered.
13.2. If you decline to verify, give information we have good reason to doubt, or try to work around these checks, we may refuse or cancel the deal and hold or return funds under this Policy.
14. Changes to this Policy
14.1. We may update this Policy as our risk practices change. The current version, with its date and version number, is the one published at this address; continuing to use the Service after a change means you accept the updated Policy.