This KYC Policy is designed to:

• Ensure compliance with U.S. and international data and digital service regulations;
• Prevent data misuse, identity fraud, or unauthorized resale activity;
• Establish trust and verify counterparties in a secure, compliant manner;
• Align with the evolving regulatory expectations of the SEC and FinCEN.

This policy applies to all:

• Buyers of data, API access, or bundled services;
• Suppliers of first-party or third-party data for monetization;
• Partners integrating our APIs or commercializing through our platform;
• Entities accessing restricted, sensitive, or regulated datasets (e.g., finance, health, geolocation).

For Individuals:

• Government-issued photo ID (e.g., passport, driver’s license);
• Proof of address (e.g., utility bill, dated within 90 days);
• Verified email and business contact info;
• Statement of intended use of data or platform access.

For Legal Entities:

• Incorporation documents, EIN/tax ID, and business registration;
• Corporate address and points of contact;
• List of beneficial owners (≥25%) and authorized signers;
• Written attestation of compliance with relevant data laws (e.g., CPRA, GDPR, VPPA).

Our compliance team or approved third-party services review all documentation for completeness and legitimacy. We reserve the right to deny onboarding or escalate due diligence depending on risk profile, data category, or jurisdiction.

We conduct ongoing monitoring of client activity and may request re-verification based on risk tier, data classification, or changes to legal requirements. Continuous engagement implies consent to ongoing compliance screening and use audits.

All KYC records are stored securely and used exclusively for regulatory and compliance purposes. We follow strict security, retention, and access control protocols. Please refer to our Privacy Policy for more information.

We reserve the right to refuse or terminate access to any party who:

• Fails to provide satisfactory KYC documentation;
• Is found to be misrepresenting their identity or business purpose;
• Operates in high-risk or embargoed jurisdictions;
• Violates applicable data laws or usage restrictions.

We align our policy with the latest updates from the U.S. Securities and Exchange Commission (SEC) and Financial Crimes Enforcement Network (FinCEN) including:

• Regulation S‑P: Written incident response programs, breach notification procedures, secure data disposal, and safeguards for nonpublic personal data.
• Proactive CIP Framework: Collection and verification of personal and business identification data, watchlist screening, and five-year record retention—mirroring SEC/Federal CIP proposals.
• Risk-Based Monitoring: Enhanced due diligence (EDD) for high-risk data buyers and use cases, aligned with AML standards and best practices.

For KYC submissions or compliance-related inquiries:

• Email: compliance@apiautomations.com
• Address: API Automations, LLC | Los Angeles, CA 90024