English (US)
Español
Français
Bahasa Indonesia
Tiếng Việt
Portugues
Русский
中文 (中国)
العربية
Deutsch
فارسی 
Italiano
日本語
한국어
Türk
This Policy explains when and why we may request additional information, how verification works, how we review suspicious activity, and how we handle user data securely.
1. Purpose of the Policy
We use AML/KYC measures to comply with applicable requirements and to protect users from fraudulent activity. ChangeNOW is a non-custodial service, meaning we do not hold user balances. Verification is used only when necessary and always with a risk-based approach.
2. When KYC Applies
We do not require registration or continuous identity checks. KYC may be initiated only in specific cases, including:
- fraud, stolen-fund or incident reports requiring confirmation of details;
- situations where we must comply with AML/CFT requirements;
- requests from third-party providers involved in fiat-related services;
- transactions that look unusual or suspicious.
KYC requirements may vary depending on the nature of the case. More detailed information regarding your specific case can be requested at compliance@changenow.io.
3. How Verification Works
Identity verification is handled by our trusted provider Sumsub in line with GDPR and UK GDPR requirements. During verification, users may be asked to provide:
- a valid government-issued ID;
- supporting documents (for example, proof of funds);
- any additional information needed to resolve the case.
The verification link remains active for 3 days. Once this period ends, the case is reviewed individually, and the next steps depend on the circumstances of the transaction.
Providing false or misleading information may result in restricted access to our services.
4. Transaction Monitoring
We use automated tools to review transactions for potential risks. If our system detects unusual patterns:
- the transaction may be placed on hold;
- the user may be asked for clarifications or documents;
- the case is reviewed individually by our team.
These checks help prevent fraud and ensure that our services are not used for illicit purposes.
5. Data Handling and Privacy
KYC verification is handled directly by Sumsub. They store and process the documents you submit and act as an independent data processor under GDPR and UK GDPR.
ChangeNOW may request your email address for certain features (for example, fiat operations or support requests).
Details about how we handle personal data are set out in our Privacy Policy.
6. Sharing Information with Authorities
We may share certain information with competent authorities only when we receive a valid and lawful request.
Such requests must come from an authorized government body and include the legal basis, scope of requested data, and verifiable contact details. This may include organizations such as Interpol, Europol, or national law enforcement bodies.
We share information only when we receive a valid official request that has a clear legal basis and can be verified.
7. User Responsibilities
Users are expected to:
- not use ChangeNOW for illegal purposes;
- ensure that submitted data is truthful and complete;
- provide accurate information when verification is required;
- cooperate with AML/KYC checks.
Refusal to complete required checks may limit access to our services.
8. Final Provisions
We may update this Policy to reflect regulatory changes or improvements to our internal processes. All updates take effect once published on this page. We encourage users to review this Policy occasionally to stay informed.
By continuing to use our services after an update, you acknowledge the revised version of the Policy. If something in the updated version seems unclear, you are welcome to reach out for clarification.
If you have questions related to AML/KYC or need help with a verification request, please contact us at: compliance@changenow.io