AML/KYC Policy

Last updated: February 2026

Table of Contents

  1. Purpose of the Policy
  2. Counterparty KYC and User Choice
  3. Counterparty AML Practice Reference
  4. Final Provisions

1. Purpose of the Policy

Kotova ("Kotova," "we," "us," or "our") operates an information platform that simplifies the comparison of quotes from connected trading companies and provides easy-to-use interfaces to complex blockchain primitives, such as the multi-signature escrow capabilities offered by Bitcoin and other blockchains. Kotova is not a regulated exchange and is not itself legally obliged to perform Know-Your-Customer ("KYC") procedures or to prevent money laundering.

Kotova does not itself perform KYC or Know-Your-Transaction ("KYT") procedures. Where applicable, the obligation to verify customer identities, monitor transactions, and prevent money laundering, terrorist financing, and other financial crime lies with the centralized liquidity providers connected to the Kotova platform, under their respective applicable law.

The purpose of this policy is to inform users of the relevant AML/KYC procedures the connected counterparties (acting as liquidity sources) follow, so that users may make informed choices when selecting the source pool used for their transactions.

2. Counterparty KYC and User Choice

Kotova does not require account registration or identity verification to use the platform. However, where a transaction is routed through a centralized liquidity provider, identity verification (KYC) may be required by that counterparty under the following specific circumstances:

  • Fraud Reports: When a transaction is flagged by the counterparty's systems or by a third party as potentially fraudulent, the counterparty may require identity verification before processing or completing the transaction.
  • Law Enforcement Requests: When a valid, legally binding request is received by the counterparty from a competent law enforcement authority, regulatory body, or court of competent jurisdiction requiring assistance in identifying a crypto address or the freezing of a transaction.
  • Sanctions Screening Matches: When a sending or receiving crypto address matches entries on international sanctions lists maintained by the United Nations, European Union, OFAC, or other relevant authorities.

Kotova acknowledges that it has no authority or control over Know Your Customer (KYC) procedures or asset handling practices initiated by external counterparties or third-party service providers. While Kotova carefully vets and lists only counterparties that meet our standards and maintain responsible compliance practices, any KYC processes conducted by such external parties, including but not limited to the potential freezing or indefinite holding of user funds pending verification completion, remain entirely outside Kotova's jurisdiction and control.

Users may freely select which counterparties form part of the source pool that competes to provide the best pricing for their transactions, thereby balancing their personal risk preference. Each centralized exchange ("CEX") counterparty utilizes different Know-Your-Transaction ("KYT") partners and conducts customer AML checks with varying frequency and stringency. Decentralized exchanges, by contrast, have no technical ability or legal obligation to perform KYC/AML checks, with the consequence that the risk of fund freezing through such services is effectively nil; this outcome may be achieved by selecting a decentralized source such as Chainflip. Engaging with decentralized counterparties may, however, involve other categories of risk, including but not limited to risks of a technical nature (mid-swap exploits, network outages, smart-contract or bridging vulnerabilities). Users may include or exclude individual sources from their source pool in order to align routing with their personal risk profile.

3. Counterparty AML Practice Reference

The following overview summarizes the AML/KYC practices of the counterparties currently connected to the Kotova platform, grouped by procedure. The information is provided for guidance only, may be incomplete, and may become outdated; users are referred to each counterparty's published policy via the links below for current information.

3.1 When KYC Verification May Be Triggered

By default, none of the connected centralized counterparties — FixedFloat, Changelly, ChangeNOW, SideShift, StealthEX, and Godex — require KYC for ordinary exchanges. Identity verification may be initiated only where a transaction is flagged as suspicious by the counterparty's automated risk system, where a fraud report is received, or where a law enforcement request is made. Chainflip cannot perform KYC due to its decentralized architecture.

3.2 Fund Freezing and Holding Practices

Centralized counterparties generally reserve the right to suspend or freeze transactions where their automated risk systems flag the activity as suspicious, where evidence of fund origin is requested but not provided, where verification fails, or where misleading information is supplied. Refunds, where granted, are typically issued only to the originating address after review. Chainflip operates without a central operator and, accordingly, has no technical ability to freeze or claw back user funds.

3.3 Transaction Monitoring (KYT)

Counterparties employ the following monitoring approaches: Sumsub (Sum & Substance Ltd) identity verification is used by Changelly and ChangeNOW; internal or proprietary automated risk-scoring systems are operated by FixedFloat, SideShift, Godex, and StealthEx; no protocol-level transaction monitoring is performed by Chainflip, as users transact directly against decentralized liquidity pools.

3.4 Counterparty References

The following table lists each connected counterparty together with a link to its current AML/KYC policy. Users are advised to consult these sources directly before initiating a transaction, as practices may change without notice to Kotova.

Counterparty Type Fund-Freeze Risk Policy
FixedFloat FixedFloat Centralized ConditionalConditional KYC View ↗
Changelly Changelly Centralized ConditionalConditional KYC View ↗
ChangeNOW ChangeNOW Centralized ConditionalConditional KYC View ↗
SideShift SideShift Centralized ConditionalConditional KYC View ↗
StealthEX StealthEX Centralized ConditionalConditional KYC View ↗
Godex Godex Centralized ConditionalConditional KYC View ↗
Chainflip Chainflip Decentralized None (no KYC possible)No KYC

4. Final Provisions

Kotova reserves the right to update, amend, or modify this AML/KYC Policy at any time to reflect changes in applicable law, regulatory guidance, industry best practices, or our internal procedures. Material changes will be communicated to users through our website. The "Last updated" date at the top of this policy indicates the date of the most recent revision.

Continued use of Kotova's services following the publication of an updated policy constitutes acceptance of the revised terms. Users are encouraged to review this policy periodically to remain informed of our AML/KYC practices.

This policy is governed by and construed in accordance with applicable laws, without regard to conflict of law principles. The courts of Hamburg, Germany, shall have exclusive jurisdiction over any disputes arising in connection with this policy.

If any provision of this AML/KYC Policy is found to be invalid or unenforceable by a court of competent jurisdiction, the remaining provisions shall continue in full force and effect. The invalid or unenforceable provision shall be replaced by a valid and enforceable provision that most closely approximates the intent of the original.

For questions, concerns, or requests related to this AML/KYC Policy, please contact our legal and compliance team at legal@kotova.io.