Public Policies


MeChat Customer Due Diligence (CDD) Policy

Article By Antonio James, MIQ

October 5, 2021, 1:52 am




After CIP, the next phase in the KYC/AML onboarding process is the RE due diligence (CDD) phase, which involves assessing the RE to determine whether that person or company should be given a low, medium, or high-risk AML rating.

To meet compliance rules, MeChat at a minimum:

  • Onboard high-value REs during a client-present situation.
  • During the initial onboarding process, users submit multiple IDs for KYC and AML checks.
  • If a user matches as a politically exposed person (PEP), MeChat places a higher risk score on that person during onboarding and while his or her account is active.
  • Perform seamless but random identity checks throughout the lifespan of RE accounts.

According to risk, REs are also screened against third-party national and international databases such as: 

  • PEP (politically exposed person) lists
  • Office of Foreign Assets Control’s (OFAC) sanctions lists:
  • And individual OFAC databases
    • Specially Designated Nationals List
    • Consolidated Sanctions List

The parameters of risk low, medium and high risk perception are defined in terms of the nature of:

  • RE’s address and domicile
  • RE’s business industry
  • RE’s KYC profile
  • RE’s background, including: social and financial status
  • projected business activity
  • location of RE and his clients
  • mode of payments
  • volume of turnover
  • nature and location of activity
  • country of origin
  • sources of funds
  • PEP Screening, etc.

Each above assessment is scored 1-5 and the average of all scores provides the digital property’s risk level. For example, risk level by scores:

  • LOW RISK: =>1 but less than 3
  • MEDIUM RISK: =>3, but less than 5
  • HIGH RISK: 5 or greater

To recap the suggested ongoing review timeframe of KYC documents and digital property activities:

  • Low Risk: Every 2-3 years
  • Medium Risk: Every 1-2 years
  • High Risk: Every 6 months to 1 year



Using a risk-based approach, MeChat will not knowingly conduct business with the following:

  • Individuals or entities domiciled or resident in a Commonwealth subject to regional or international sanctions;
  • Terrorists or terrorist organizations;
  • Persons involved in narcotics, money laundering or human trafficking;
  • Anonymous Relationships;
  • Shell Banks; and
  • Holder of Bearer Shares.

Additionally, MeChat must freeze any funds or other assets held for individuals or organizations listed on the United Nations list of persons connected to terrorism in line with the United Nations Resolutions on terrorist financing, and submit a report to the Financial Intelligence Unit (“FIU”).



Users who are immediately identified to have higher than average risk are categorized as high risk includes and requires higher level of due diligence. Additionally, High risk profiles can only withdraw money via ACH. 

High risk examples, 

  1. Cash intensive businesses such as bullion dealers (including sub-dealers) & jewelers
  2. High Ticket items, over $10,000
  3. Politically Exposed Persons (PEPs;
  4. Politically exposed persons (PEPs) of foreign origin, REs with close relatives of PEPs and accounts of which PEP is the ultimate beneficial owner;
  5. Non­USA REs;
  6. )High net worth individuals;
  7. Trusts, charities, NGOs and organizations receiving donations;
  8. Companies having close family shareholding or beneficial ownership;
  9. Firms with ‘sleeping partners’;
  10. Card-not-present customers;
  11. Those with dubious reputation as per public information available;
  12. Those for whom the sources of funds are not clear.

Additionally, digital properties with services in the following is considered high risk:

  • Banks;
  • Financial services companies, including credit unions and financial advisors or planners;
  • Venture risk capital companies;
  • Money transmission services;
  • Money lending and pawning;
  • Mutual Funds;
  • Trust businesses;
  • Insurance businesses;
  • Investment bankers;
  • Real estate brokers or agents;
  • Dealers in precious metals, stones, or jewels; and
  • Registered agents.

EDD Activity will include: 

  • A copy of the organization’s external compliance review and/or regulatory examination results.

EDD for Immigration consultants, Lawyers; and Accountants.

  • A copy of the RE's professional certification or industry association membership.

EDD for Cash Intensive businesses, such as: Restaurants, Convenience Stores, Privately owned linked Teller Machines (ATMs) and vending machine operators; and Privately owned parking garages.

  • A copy of the organization’s most recent financial statement and/or tax filing.

EDD for organizations dealing with high value goods, such as: Planes, Boats, and Vehicles

  • A copy of the organization’s business plan or business model.

EDD for Organizations with no retail or commercial locations in the U.S., such as: Online retailers and Computer software providers.

  • A copy of the organization’s most recent financial statement and/or tax filing.

EDD for a charity that deals with high-risk jurisdictions.

  • Additional information about the organization’s charitable initiatives and the controls in place to ensure that funds are not being used to fund terrorism or terrorist groups

EDD for REs associated with money laundering or terrorist financing related activities due to lax controls and/or negligence.

  • Information about the remedial controls in place to ensure that the organization is not being used to facilitate money laundering or terrorist financing activities.




Both high and Medium risk REs may be subjected to Enhanced Due Diligence (EDD). MeChat’s EDD process is the 3rd phase of our due diligence. Digital properties flagged for EDD are escalated to the Compliance Officer.

With both Medium and High risk REs, MeChat will need to identify all beneficial owners of the digital property with at least 25% interest, responsibility or control at the time of opening a Digital Wallet, unless an exclusion or an OFAC exemption applies to the RE or account. 

For Medium and High risk REs a Legal must be filed with a state office or Secretary of State, such as:

  • corporations
  • limited liability companies
  • limited partnerships
  • general partnerships
  • business trusts
  • any other entity created by a filing with a state office
  • any similar entities formed under the laws of a non-US jurisdiction

Additional KYC requirements to review for medium to high-risk REs, includes:

  • The purpose of the account
  • Source of their funds and wealth
  • Individuals with 25%+ ownership or control over the account, such as beneficial owners, signatories, or guarantors
  • Digital Wallet and applicable financial statements
  • Banking references
  • The proximity of the RE’s residence, place of employment, or place of business to the bank or other financial institution
  • Description of the RE’s primary trade area and whether there will be routine international financial transactions
  • Description of the business operations, the anticipated volume of currency and total sales, and list of major REs and suppliers
  • Explanations for changes in account activity

Examples of Medium Risk REs are:

  • Sells lower ticket items between $500 an $9,999



If official valid documents (OVDs) submitted by the RE which contains both proofs of identity and proof of address then that single document itself is sufficient for proof of identity and proof of address.

If a RE is categorized as low risk but is unable to submit the KYC documents due to genuine reasons, RE may submit the documents to MeChat within a period of six months from the date of the opening account.

If a RE, categorized as ‘low risk’, who does not have any of the ‘officially valid documents’ mentioned above, MeChat may still open the RE’s account by obtaining any one of the following documents:

  1. Identity card with applicant’s photograph issued by Central/State Government Departments, Statutory/Regulatory Authorities, Public Sector Undertakings, Scheduled Commercial Banks, and Public Financial Institutions;
  2. When uses input data, RE or not, MeChat securely stores, necessary information about transactions, for a period of 7 years from the transaction date. This ensures users can quickly conduct transactions without separate KYC verification needed.

Examples of Low Risk REs are:

  • Sells lower ticket items under $500





#CDD #Customer Due Diligence #Policy #MeChat
More Articles