To help our clients meet the FATF and local requirements, Sumsub has created a verification process based on the best market practices, described as the VASP Due Diligence Procedure.

The due diligence is not mandatory in all jurisdictions, but the ecosystem members that choose not to undergo it, risk having their transactions declined by the most VASPs due to their local AML regulations and FATF Recommendations.

Sumsub may perform VASP Due Diligence on the following parties:

• Sumsub сlients.
• Sumsub client’s counterparties who pass the VASP Due Diligence upon the request of the сlient.
• Companies that are the participants of Travel Rule alliances/networks/etc. of protocol partners (VASPs connected to partners).

Sumsub verification process applies to the following Sumsub clients’ counterparties of Travel Rule transactions:

• VASPs, the companies regulated under the corresponding national legislation.
• Companies engaged in virtual assets transfer but not regulated by corresponding national legislation.
• Financial institutions engaged in virtual assets transfer.

Sumsub uses connected protocols for information exchange or utilizes its data partners.

The scope of due diligence carried out by any partner may not match that of the VASP due diligence.

If needed, Sumsub may attempt to request the missing information about a VASP for evaluation from the partner or by other means; or the participant can request such information from its counterparty directly.

VASPs connected to partners can also complete VASP due diligence if they deem it necessary.

How it works

The VASP Due Diligence process is carried out using the VASP Due Diligence Questionnaire incorporated into the Dashboard.

VASP Due Diligence process includes the following three steps:

• Collection and verification of documents and other information pertaining to a VASP.
• Assessment of obtained from the VASP documents and information.
• Monitoring and updating the profiles of the VASPs that passed the VASP Due Diligence.

During the VASP Due Diligence, Sumsub performs the following checks:

• Entity existence check.
• Verification of the provided corporate documents (Certificate of incorporation or registration, Certificate of Incumbency (issued within the last 6 months) or Power of Attorney, Ownership Chart signed by the legal representative of the entity, copy of the License/Registration (if applicable), Power of Attorney (optional)).
• Verification of the provided internal documents (AML Policy, Privacy Notice, Document describing technical and organisational measures in relation to the PII protection).
• Verification of the provided information regarding the business.
• Beneficial ownership check.
• Verification of the legal representatives (director, CEO, etc.) of the counterparty.
• AML and sanctions check (national and international sanctions, warnings and regulatory enforcement, fitness and probity, PEP lists, and adverse media).

VASP Due Diligence status

Participants can join the Sumsub Travel Rule ecosystem with either the Due Diligence Completed or Rejected status. The Due Diligence Completed status is assigned once the VASP Due Diligence report is completed regarding the participant in question.

Possible statuses include the following: