Applied to all normal-risk clients as the baseline.
Compliance
AML/CFT Statement & Client Notice.
How Unramp OOD manages its anti-money-laundering and counter-terrorist-financing obligations, and what we ask of you as a client.
Unramp OOD is a private company limited by shares, incorporated under the laws of the Republic of Bulgaria and entered on the Bulgarian Trade Register under Unified Identification Code 207160415, with its registered office at 22 San Stefano Street, San Stefano Plaza, entrance B, 5th floor, office 16, 1504 Sofia, Bulgaria.
We are currently registered as a Virtual Asset Service Provider (VASP) in Bulgaria under registration BB-128/28.11.2022. Our application for full authorisation as a Crypto-Asset Service Provider (CASP) under Article 63 of Regulation (EU) 2023/1114 (MiCA) is under review by the Financial Supervision Commission of the Republic of Bulgaria.
In both capacities we are an obliged entity for the purposes of anti-money-laundering and counter-terrorist-financing law. This notice is a summary of our AML/CFT framework for clients. It complements, but does not replace, our internal AML/CFT policies and procedures.
What we do
One regulated service.
We provide one regulated crypto-asset service: the exchange of crypto-assets for funds. You pay funds by card or bank transfer*, and in return we deliver a crypto-asset of your choice directly to a wallet address you control. *Bank transfer is temporarily unavailable.
Each transaction is on a principal-to-principal basis. We do not operate a trading platform, we do not hold your crypto-assets at any time after delivery, and we do not exchange crypto-assets for other crypto-assets. Our service is provided exclusively to retail clients acting on their own behalf and for their own account.
Entity at a glance
- Legal form
- Private company limited by shares (OOD)
- Unified Identification Code
- 207160415
- Legal Entity Identifier (LEI)
- 984500JI09A3E8E14415
- AML/CFT supervisor
- Financial Supervision Commission of the Republic of Bulgaria
- Financial Intelligence Unit
- Financial Intelligence Directorate of the State Agency for National Security (ДАНС)
- Data-protection supervisor
- Commission for Personal Data Protection of the Republic of Bulgaria
Client eligibility & due diligence
Who can use the service, and what we verify.
To use our service you must
- Be a natural person acting on your own behalf and for your own account;
- Be at least 18 years old and have full legal capacity;
- Not be subject to EU, UN or other applicable sanctions, and not be resident in a prohibited jurisdiction;
- Be transacting for legitimate purposes and not on behalf of any undisclosed third party;
- Not be a Politically Exposed Person, unless you have completed our enhanced due diligence process and been explicitly approved.
What we may collect and verify
- Identity data. Full name, date of birth, nationality, and government-issued photographic identification.
- Contact and address data. Residential address, email address, and telephone number.
- Tax identification. Tax identification number or equivalent, where required under applicable law.
- Source of funds and wealth. Documentation evidencing the origin of the funds used for transactions and, where applicable, the origin of your overall wealth.
- Additional information. Occupation, employer, expected transaction volumes, and other information relevant to your risk profile.
For occasional transactions at or above €1,000 (or the equivalent in another currency), identity verification is mandatory.
Risk-based approach
The level of diligence follows the risk.
The level of due diligence we apply depends on the assessed risk of each client and each transaction.
Applied only where strictly permitted by law and limited to genuinely low-risk situations.
Applied to higher-risk situations, including clients from high-risk jurisdictions, higher transaction volumes, unusual activity patterns, and clients identified as Politically Exposed Persons.
Ongoing monitoring
Our AML/CFT obligations do not end at onboarding. We continuously monitor transactions to ensure that activity remains consistent with each client's profile, risk rating, and the stated origin of funds. Our monitoring includes:
- Real-time and periodic screening
- against international sanctions lists, PEP databases, and adverse-media sources;
- Transaction monitoring
- for unusual patterns and volumes;
- Blockchain analytics
- to identify links to high-risk wallets, services, or activity typologies;
- Periodic review and refresh
- of client due diligence information;
- Compliance with the Travel Rule
- , under which we collect, verify, and transmit information about the originator and beneficiary for crypto-asset transfers above applicable thresholds.
Prohibited jurisdictions & sanctions
Where we cannot serve.
Not served under any circumstances
Subject to comprehensive international sanctions — we do not onboard or transact with clients connected to:
- Iran
- North Korea
- Myanmar
- Syria
Our service is currently available exclusively to clients resident in the European Union and European Economic Area. Clients resident outside the EEA are not eligible regardless of jurisdiction.
Sanctions screening
We screen all clients and transactions in real time against:
- EU Consolidated Sanctions List
- UN Security Council sanctions
- OFAC (US) sanctions
- UK OFSI sanctions
High-risk jurisdictions. We apply enhanced due diligence to clients connected to jurisdictions identified as high-risk by the FATF or designated as high-risk third countries by the European Commission, including the FATF Grey List and the EU High-Risk Third Countries list. We apply the current versions at all times.
Internal controls & governance
The framework behind the controls.
Our AML/CFT framework is supported by a structured set of controls, and all relevant staff receive mandatory initial and ongoing training. We maintain a confidential whistleblowing channel through which staff and third parties can report AML/CFT concerns without fear of retaliation.
Training covers AML/CFT law, our procedures, escalation of suspicious activity, and crypto-specific typologies.
Supported by
- A dedicated AML/CFT compliance officer with direct reporting lines to senior management;
- Written policies covering customer due diligence, ongoing monitoring, sanctions screening, PEP identification, and suspicious-activity reporting;
- A documented risk-assessment methodology, reviewed periodically and upon material changes;
- Independent testing and internal audits of AML/CFT controls;
- Regular reporting to senior management on AML/CFT matters and emerging risks.
Suspicious activity reporting
We are required by law to report suspicious transactions to the Financial Intelligence Directorate (ДАНС). Where we file a report, we do so without informing the affected client, in accordance with the prohibition on tipping-off.
Refusal and termination
We may decline service, suspend or refuse to execute a transaction where eligibility is not met, due diligence cannot be verified, risk is unacceptable, sanctions apply, or we suspect financial crime. In some cases we may be legally prohibited from giving reasons.
Client acknowledgement
By using our service, you:
- Acknowledge and agree to comply with this notice;
- Confirm that all information and documents you provide are accurate, complete, and not misleading;
- Agree to cooperate promptly and fully with any reasonable request for information in connection with our AML/CFT obligations;
- Understand that we may be legally required to delay or refuse transactions, or to report your activity to competent authorities, without being able to inform you of the reasons;
- Acknowledge that the version of this notice published at the time of your use is the version that applies.
Questions about this notice?
AML/CFT inquiries:
[email protected]Postal: Unramp OOD, 22 San Stefano Street, San Stefano Plaza, entrance B, 5th floor, office 16, 1504 Sofia, Bulgaria.
© Unramp OOD.