Legal Compliance

AML / KYC Policy

AdCore Technologies Ltd. is committed to preventing financial crime while protecting user privacy.

Effective Date: January 1, 2026

1. Policy Objectives

AdCore Technologies Ltd. ("AdCore") provides cloud-based browser isolation technology. While we prioritize user privacy and data security, we strictly prohibit the use of our infrastructure for illicit financial activities, carding, fraud, or the laundering of criminal proceeds.

This policy outlines the measures we take to identify our customers (KYC) and monitor transactions to prevent our platform from being used to facilitate financial crime, in accordance with EU Directive 2015/849 (4th AML Directive).

2. Customer Due Diligence (CDD)

2.1 Risk-Based Verification

We apply a tiered verification approach based on the subscription level and payment method used:

Tier 1: Standard

Applied to Solo/Starter plans paid via credit card (Stripe).

  • Email Verification
  • 3D Secure Payment Validation
  • IP Address & Geolocation Check

Tier 2: Enterprise / Crypto

Applied to Team plans, SEPA Direct Debit, or Crypto payments.

  • Government ID Verification (SumSub)
  • Proof of Business Registration (for VAT)
  • Ultimate Beneficial Owner (UBO) declaration

3. Transaction Monitoring

We employ automated systems to monitor transactions for suspicious activity. Red flags that may trigger a manual review or account suspension include:

  • Velocity Attacks: Multiple failed payment attempts with different cards in a short timeframe (indicative of Carding).
  • Geo-mismatch: Payments originating from high-risk IP addresses inconsistent with the billing address provided.
  • Structuring: Breaking down large payments into smaller sums to avoid threshold reporting limits.
  • Anonymity Tools: Use of Tor nodes or high-risk VPNs specifically during the checkout process (not during app usage).

4. Prohibited Jurisdictions & Sanctions

AdCore Cloud does not provide services to individuals or entities located in countries subject to comprehensive sanctions by the EU, OFAC (USA), or UN. We automatically screen against global sanctions lists.

Prohibited jurisdictions include, but are not limited to:

Iran North Korea Syria Cuba Russia (Designated Sectors)

5. Reporting Suspicious Activity

If our compliance team identifies reasonable grounds to suspect money laundering, terrorist financing, or fraud, we are legally obligated to:

  • Immediately suspend the user account and freeze all associated cloud resources.
  • File a Suspicious Activity Report (SAR) with the relevant Financial Intelligence Unit (MOKAS in Cyprus).
  • Prohibit the user from accessing their data or receiving a refund.

Tipping Off: In accordance with AML laws, we may be prohibited from informing the user that they are under investigation or that a SAR has been filed.

6. Data Retention

We are required by law to retain KYC documents and transaction records for a minimum period of 5 years after the end of the business relationship. This data is stored securely in an encrypted vault, separate from your cloud browser profile data, and is accessible only to authorized compliance personnel.