The Compliance Traffic Light Framework

In evaluating High-Risk Payment Processors (HRPP), we wanted to integrate a cybercrime preventing component. Cybercrime and its scams can be largely prevented through efficient compliance rules concerning Anti-Money Laundering (AML) and Know-Your-Customers (KYC).

At the same time, we cannot and do not want to carry out audits of the HRPPs ourselves. That is the task of the responsible supervisory authorities and law enforcement. However, we can take information from whistleblowers and scam victims as a basis for evaluation and categorization.

For this purpose, we have implemented a 3-tier compliance traffic light system:

  • Green, if no AML/KYC violations are known and/or appropriate measures are taken to prevent money laundering and cybercrime.
  • Orange, if isolated AML/KYC violations are known.
  • Red, if systematic AML/KYC violations and cooperation are known.

We have assigned HRPPs that have been shown to support cybercrime, scams, and money laundering to the black category. This represents a lack of compliance and/or knowingly and willingly supporting illegal business models. Listed HRPPs about which there is no information against KYC/AML are listed with green. Thus, this is also the default category for initial listing.

AML/KYC categorization is an ongoing process performed by HRPP administrators. Verified HRPPs are included in the categorization and, if necessary, confronted with the negative findings for comment.