▪️Compliance Policy

Last Updated: February 27, 2024

Purpose of the Program

Houdini Swap’s risk and compliance policy (“Compliance Policy”) is intended to serve as our foundational charter in providing insight into the requirements, operational systems, and procedures we maintain to ensure the functioning of our platform. It articulates how we align the intricate landscape of international legal and regulatory standards, particularly in the dynamic field of cryptocurrency law, with the privacy needs of our customers.

Our Compliance Policy is crafted to navigate the complex and evolving blockchain regulatory environment. It is more than just a commitment to compliance, it is an embodiment of our ethical business philosophy and integrates regulatory principles deeply into our operational fabric.

In doing so, our Compliance Policy ensures we maintain a robust and compliant platform that emphasises data privacy and user confidentiality, strategically blended with legal and regulatory rigour, signifying our role as a proactive leader in compliant and ethically-driven privacy in the cryptocurrency domain.

Whether regulatory, legal, or data privacy, compliance is inherent in Houdini Swap’s DNA. We stand apart in strictly maintaining operational procedures that establish that we not only meet the current regulatory requirements but also remain agile and responsive to the ever evolving legal and regulatory landscape.

Our Role and Purpose

As the leading provider of cryptocurrency transactions, Houdini Swap specialises in providing compliant, private transaction services for individuals, businesses and dApps operating within the blockchain economy. Our platform seamlessly equips these users with advanced privacy tools for cryptocurrency payment processing, as well as user applications, which prioritise the protection of their sensitive financial information.

For any business financial privacy means security. In the digital age, financial privacy is paramount for business security. Public blockchain networks potentially compromise this privacy by exposing a wallet’s transactional data. This exposure leads to vulnerabilities, where on-chain financial histories become transparent to third parties in perpetuity.

Houdini Swap suite of services solves this threat by shielding its users from these inherent risks.

Our purpose is to blend technological innovation with legal and ethical compliance, ensuring that financial transactions on the blockchain remain secure and private. By doing so, Houdini Swap positions itself as a proactive guardian of financial security and confidentiality in a landscape increasingly governed by stringent regulatory oversight.

Houdini Swap Platform

Our platform distinguishes itself in being 100% non-custodial. It means we never hold custody of any user assets at any time. Each transaction occurs discretely and independently with user funds never pooled or controlled by us.

At its core, the platform is a sophisticated aggregation engine seamlessly integrated with a network of compliant, non-custodial exchanges and reinforced with leading privacy protocols. This design not only guarantees transactional privacy but also reflects our commitment to adhering to required cryptocurrency compliance requirements. We balance technological innovation with compliant methodologies, positioning ourselves as a trusted and secure facilitator of cyptocurrency transactions.

Our Compliance Team

The backbone connecting the various aspects of our Compliance Policy is our compliance team. The team is a dynamic assembly of risk assessment and management experts, which includes deep expertise in the nuances of international cryptocurrency laws and regulations. They manage platform oversight and conduct regular audits and reviews to ensure Houdini Swap's operations remain at the forefront of legal compliance and ethical business practices.

Compliance Roles

1. Compliance Officer

Our Compliance Officer is responsible for the development, implementation, and oversight of our Compliance Policy, as well as being responsible for:

  • Ensuring the company meets all its regulatory requirements and complies with applicable laws and regulations to which it is beholden.

  • Proactively identifying potential compliance risks and taking appropriate action to mitigate them.

  • Identifying compliance issues during exchange partner audit reviews, the actions required if so, and making recommendations on outcomes to be enacted by both parties prior to the next review.

  • Determining from exchange partner audits that they continue to satisfy the requirements of our Compliance Policy.

  • 'Coordinating internal compliance audits of our services in conjunction with external auditors and advisors.

2. Process Owner

Our Process Owner is instrumental in managing our processes and is responsible for:

  • Conducting exchange partner quarterly audits, ensuring their comprehensive fulfilment and informing the Compliance Officer of any identified issues requiring resolution.

  • Conducting issue resolution processes when a transaction is flagged as high risk or where an information request has been received by law enforcement agencies.

  • Ensuring non-compliance issues are promptly reported and addressed and taking action to ensure corrective and preventive measures address the root cause.

  • Overseeing training of team members on compliance and relevant requirements and ensuring they understand their importance.

  • Conducting internal team audits to ensure team members are adhering to our Compliance Policy.

3. IT Service Owner

Our IT Service Owner is a senior member of the technology team and is responsible for:

  • Coordinating with the Compliance Manager during internal review processes.

  • Confirming the company’s technology stack and technical implementation of its services continue to remain compliant.

4. Compliance Advisors

Our external compliance advisors comprise recognised specialists in international Web3 law, AML/ATF and regulatory compliance as well as cryptography and transaction screening. Each works with the company’s management and compliance team to confirm we remain compliant, stay up to date with best practice standards, and identify areas of improvement.

Each of our advisors:

  • Participates in quarterly reviews of our Compliance Policy, detailing actions necessary for us to better meet the compliance requirements of government and law enforcement authorities.

  • Progress our compliance efforts with findings reported to management and our compliance team.

Our Exchange Partners

Compliance means we strictly curate our exchange partners, using only established non-custodial exchanges that maintain rigorous industry-compliant processes. Routine reviews ensure the continuance of the policies and compliance procedures necessary to protect us, our customers, and their users, particularly in areas of Anti-Money Laundering (AML) and Anti-Terrorist Financing (ATF).

Exchange Curation

Each exchange partner is subject to an initial comprehensive risk and compliance assessment managed and conducted by the Compliance Officer and Process Owner. The key components of the assessment process each confirm the exchange’s compliance and AML/ATF credibility. Central to this process is ensuring each partner not only meets current compliance standards but is also committed to maintaining these standards through regular reviews and updates in their practices.

The assessment process for our exchange partners at Houdini Swap is thorough and aligned with international cryptocurrency standards, encompassing several key areas:

  • User Terms and Conditions & Data Policies: We rigorously evaluate the exchange's user agreements and data-related policies, ensuring they comply with legal authority requirements and respect user rights.

  • AML Policy and Procedures: Our assessment includes a detailed review of the exchange’s AML strategies, verifying their adherence to required industry standards and effectiveness in identifying and reporting suspicious activities.

  • Law Enforcement Request Protocols: We scrutinize the exchange's procedures for handling law enforcement requests, ensuring these align with required legal and privacy standards.

  • Transaction Data Auditing: We confirm the exchange's ability to provide auditable data in verifying the effectiveness of their AML systems.

  • Transaction Issue Resolution: Our review also covers how the exchange handles transaction discrepancies and disputes, focusing on compliance and user satisfaction.

  • Online Compliance Audits: With the help of external specialists, we conduct online audits to identify any potential compliance issues raised in public forums, ensuring the exchange’s reputation for integrity and responsiveness remains valid.

This comprehensive approach ensures our partners not only meet current regulatory requirements but are also committed to the highest standards of compliance and ethical practice.

Periodic Reviews

At Houdini Swap, maintaining our high compliance standard is ensured through periodic reviews with each exchange partner, conducted at least quarterly. These reviews are critical for evaluating and enhancing our collective compliance efforts in line with international cryptocurrency law standards.

Key aspects of these reviews include:

  • Updating Terms and Conditions: We ensure all contractual agreements remain current and compliant with the latest legal standards.

  • AML Effectiveness Assessment: By scanning aggregated historical transaction data held by the exchange, we assess the effectiveness of Anti-Money Laundering measures and identify transaction risks.

  • External Online Audits: Engaging external specialists, we conduct online audits to proactively identify any compliance issues in public forums.

  • Issue Resolution Review: We evaluate how identified issues are resolved, ensuring both Houdini Swap and the exchange take appropriate actions.

  • Progress Evaluation: Each review includes an analysis of the actions taken since the last audit, focusing on continuous improvement in compliance.

These periodic reviews are integral to our strategy of ensuring that our operations and those of our partners consistently adhere to the highest standards of compliance and risk management in the cryptocurrency domain.

Anti-Money Laundering and Anti-Terrorist Financing (AML/ATF)

All AML/AFT liability for our users is the responsibility of exchange partners. They each employ advanced transaction monitoring tools, integral to this Compliance Policy. These tools include real-time, risk-based screening systems, aligning with industry best practices to detect and investigate suspicious financial activities.

Adhering to international regulatory standards, our partners prevent transactions from sanctioned entities and jurisdictions listed on the United States Office of Foreign Assets Control (OFAC), ensuring we avoid transactions from these sanctioned sources.

Exchange partners maintain records for their side only of each transaction, which is required to support regulatory and law enforcement investigations.

Data Processes

Data Retention Policy

Balancing the need for regulatory compliance with privacy and data minimization principles, we retain transaction data for 72 hours. At 72 hours this data is auto-deleted, but is still held by our exchange partners who maintain records for their side of a transaction. We only retain user data in specific circumstances where we are required to do so by exchange partners or law enforcement, or it is required by customer support in the resolution of an ongoing matter, after which it is then subject to our auto-deletion processes.

Information Sharing with Law Enforcement

'When approached by law enforcement for data, we adhere to a legally compliant process, ensuring data sharing is within legal confines and in response to valid requests while safeguarding user privacy.

Data Collection and Storage

We maintain a data collection framework which adheres to data protection laws. The data we hold is encrypted and stored in secured database servers.

Data Security Measures

We employ robust security measures, including encryption and access controls, to protect data integrity against both internal and external threats, continually updating our practices in response to evolving cyber risks.

Transparency and User Rights

Our commitment to transparency allows users to understand how their data is used, with rights to access, correct, or delete their data as outlined in our privacy policy.

Regular Compliance Audits

'Both internal and external audits are routinely conducted to ensure our data processes comply with current data protection laws and best practices, identifying and addressing any areas for improvement.

Our Compliance Processes

Our compliance processes are rigorously structured to align with the stringent best practice requirements. Our approach encompasses detailed exchange assessments, thorough routine reviews, and a comprehensive transaction issue resolution mechanism.

For each exchange partner, we conduct in-depth assessments and periodic reviews to ensure continuous compliance with AML/ATF standards and regulatory mandates. These evaluations critically examine their operational practices, adherence to data privacy norms, and effectiveness in anti-money laundering measures.

We do so to ensure that we, and our partners, not only meet current regulatory standards but also remain adaptable and responsive to the evolving landscape of cryptocurrency regulations.

Last updated