AML & Sanctions Statement

1. Nature of the Service

NoKYCSwap is a non-custodial front-end to third-party liquidity routers. It does not take custody of funds, does not operate an order book, does not issue or hold balances, and does not offer investment, brokerage, or banking services. Each exchange is an independent, atomic transaction between wallets controlled by the user and the upstream routing counterparty. The single-use deposit address returned to the user is provisioned by that upstream counterparty — we relay it; we do not control it.

This posture matters for AML classification: the entity that controls balances, orderbooks, or fiat on/off ramps bears the heaviest compliance burden. NoKYCSwap is none of those. It is a thin routing layer that forwards a swap request and surfaces the resulting order state to the user.

2. Why there is no KYC at our layer

Know-Your-Customer requirements arise from specific regulatory regimes — chiefly the FATF Travel Rule, EU MiCA, US FinCEN guidance, and national transpositions — and they attach to entities that custody funds, operate virtual-asset service provider (VASP) accounts, or intermediate fiat. A non-custodial router that never holds user funds and offers no account is, under the prevailing reading of those regimes in most jurisdictions, not the regulated entity. The regulated entity in the swap chain is the upstream liquidity provider, which does maintain its own AML program.

This is not a loophole we discovered; it is the design. If you want a KYC'd routing layer, dozens exist. NoKYCSwap is for users whose threat model or personal circumstances argue against handing identity documents to an intermediary for every swap.

3. Upstream screening

The upstream routing provider performs its own address screening against commercial sanctions feeds and known-illicit-flow databases — typically including OFAC (US), EU consolidated list, UN Security Council list, UK HMT list, and chain-analytics risk scores for deposit and payout addresses. When an order is flagged by that layer:

• The order page enters an Emergency state visible to the user.
• The user is offered a refund — return the deposited funds to a user-provided refund address. We never ask for identity documents to issue a refund. Ever.
• Alternatively the user may accept the current market rate and continue (when the flag is a late-deposit or rate-drift flag rather than a sanctions flag).
• If neither action is taken, the deposit is returned to the sending address visible on-chain.

We call this a refund-first flagging policy. At no stage is identity verification a precondition for recovering funds.

4. Prohibited use

You must not use the Service:

• to launder proceeds of crime or obscure their origin;
• to finance terrorism or the proliferation of weapons of mass destruction;
• to evade international sanctions (OFAC, UN, EU, UK, or any regime that applies to you), or to transact on behalf of a designated person, entity, vessel, aircraft, or jurisdiction;
• from a jurisdiction that prohibits peer-to-peer crypto exchange, or in a manner that violates the laws that apply to you;
• to fund child sexual abuse material, human trafficking, or any other activity that would be criminal in a reasonable jurisdiction;
• to conduct market manipulation, structuring, or layering designed to defeat upstream screening.

This list is illustrative, not exhaustive. The rule is: if your use would be criminal or plainly unethical, you must not do it on NoKYCSwap.

5. Sanctioned jurisdictions

The upstream layer blocks deposits and payouts associated with addresses in comprehensively sanctioned jurisdictions as listed by OFAC, EU, UN, and UK regimes at the time of the order. These lists evolve; we do not republish them because the authoritative source is each sanctioning authority's own publication. If you are unsure whether your jurisdiction is affected, consult local counsel — our jurisdiction guide summarises the landscape but is not a substitute for legal advice.

6. Law-enforcement cooperation

Where we become aware of an order that appears materially connected to criminal activity, we cooperate with legitimate, properly served law-enforcement requests directed either to us or to our upstream routing provider. Because we keep no identifying information at our layer, the extent of what we can share is limited to the server-side order record — pair, amount, deposit address, payout address, and timestamps — and only for the period those records remain un-purged (typically less than 30 days). The upstream provider, which is the VASP in this chain, holds the richer transaction and address metadata.

We do not respond to informal requests, voluntary-disclosure invitations, or blanket "fishing" orders. A lawful process directed to the correct entity will receive a proportionate response.

7. User responsibilities

• You are responsible for ensuring that your use of the Service complies with the laws that apply to you — your citizenship, your residence, and the jurisdiction you operate from.
• You warrant that the funds you deposit are not derived from unlawful activity and that you are not acting on behalf of a sanctioned person or entity.
• You are solely responsible for the destination address, refund address, and any tag/memo you provide. Mistyped addresses are generally irrecoverable.
• You are responsible for reporting capital gains, income, or other tax consequences of a swap to the authorities that apply to you.

8. Dispute resolution on flagged orders

If an order is flagged and you believe the flag is incorrect, you may provide — entirely at your discretion — context that addresses the specific flag (for example, the source of funds). We forward such context to the upstream provider for re-assessment; the upstream provider retains final discretion. We do not demand identity documents, and an order may always be refunded instead of re-assessed.

9. No legal advice

This statement describes our operational policy. It is not legal advice. Cryptocurrency regulation is jurisdiction-specific and evolving rapidly. You remain responsible for complying with the laws that apply to you. If you are unsure, consult qualified counsel.

10. Contact

Legal, compliance, or law-enforcement inquiries: [email protected]. Security-vulnerability reports: same address, or see security.txt. General information: contact page.