Compliance
Regulated functions (KYC, card issuance, stablecoin issuance, banking, payment-rail delivery) are contracted to licensed partners. The compliance perimeter sits at the partner layer.
KYC / AML
KYC is performed by a licensed identity-verification partner at sign-up. Verification includes document review, biometric liveness check, and sanctions screening (OFAC, UN, EU, UK). The partner retains the documents and biometric data; Encrypto does not.
Ongoing transaction monitoring and sanctions re-screening are performed by partners holding the regulatory obligation for each rail. The full AML/CFT and sanctions program is available to partners and regulators on request.
Regulatory framework
Each market is served through partners holding the licenses required for that jurisdiction. Encrypto is not registered as a U.S. money services business and does not hold direct money-transmission licenses. The card is issued by a U.S. bank pursuant to a license from Visa U.S.A. Inc. Settlement and money transmission, in every market, are performed by licensed partners holding the relevant regulatory scope.
| Market | Status |
|---|---|
| United States | Live |
| Argentina | Rolling out |
| Brazil | Rolling out |
| Mexico | Rolling out |
Additional markets are enabled as partner coverage extends.
Data protection
| Data type | Storage |
|---|---|
| PII | Encrypted at rest, isolated database |
| KYC documents | Held by the licensed identity partner; not retained by Encrypto |
| Card numbers | Held by the licensed card issuer |
| Wallet keys | Sealed in a TEE; not accessible to Encrypto |
| Biometric data | Processed by the identity partner; not retained |
Encrypto collects only what compliance and product functionality require. Users can request data deletion, subject to regulatory retention requirements.