KYC Policy - Vinance Coin

1. Purpose & Scope

This KYC Policy establishes the customer identification, verification, and ongoing due diligence procedures followed by Vinance Coin ("VNC"), operated by Vinance Technologies Pvt Ltd. The policy ensures compliance with the Prevention of Money Laundering Act (PMLA), 2002, RBI Master Directions on KYC, and FATF recommendations for Virtual Asset Service Providers (VASPs).

Scope

All individual and corporate customers registering on the VNC Platform
All products: spot trading, P2P trading, futures, copy trading, staking, airdrops, wallet services, fiat on/off ramps
Both domestic (India) and international customers
Ongoing monitoring and periodic re-verification

2. Regulatory Requirements

PMLA (Maintenance of Records) Rules, 2005 — CDD and record-keeping requirements for reporting entities
RBI Master Directions on KYC (2016, updated 2023) — Customer identification, risk categorization, periodic KYC update
FIU-IND Guidelines — Reporting entity obligations for VDA service providers
FATF Recommendation 10 — Customer Due Diligence
Income Tax Act, Section 206AB/206CCA — PAN verification for TDS compliance
Digital Personal Data Protection Act (DPDPA), 2023 — Consent and data minimization for KYC data

3. KYC Verification Tiers

VNC implements a tiered KYC system that progressively unlocks platform features and higher transaction limits based on the level of verification completed.

📧 Level 0 — Email Verification Only

Basic registration with email verification. Minimal access for exploration.

📥 Deposit: ₹40,000/day ($500) 📤 Withdraw: Not Allowed 📊 Trading: Not Allowed 🤝 P2P: Not Allowed 💵 Fiat: Not Allowed

🆔 Level 1 — Basic KYC (PAN + Selfie)

PAN card verification with selfie/liveness check. Enables basic trading and fiat transactions.

Documents Required: PAN Card (ABCDE1234F format) + Live Selfie photograph
Verification Method: OCR extraction + biometric matching or manual admin review
Processing Time: Auto-approval (if provider configured) or 24-48 hours (manual)

📥 Deposit: ₹20,00,000/day 📤 Withdraw: ₹8,00,000/day 📊 Trading: Enabled 🤝 P2P: Not Allowed 💵 Fiat: Enabled

✅ Level 2 — Full KYC (PAN + Aadhaar + Address + Video)

Complete identity and address verification. Unlocks all features including P2P trading.

Documents Required: PAN Card, Aadhaar Card (front + back), Address Proof (utility bill/bank statement within 3 months), Video KYC or Liveness Check
Verification Method: e-KYC via Aadhaar + document cross-verification
Processing Time: 24-72 hours for full review

📥 Deposit: ₹5,00,00,000/day 📤 Withdraw: ₹80,00,000/day 📊 Trading: Enabled 🤝 P2P: Enabled 💵 Fiat: Enabled

🏢 Level 3 — Institutional / VIP

For corporate entities, HNIs, and institutional traders. Unlimited access with dedicated support.

Documents Required: Board resolution, Certificate of Incorporation, MOA/AOA, Authorized signatory details, UBO declaration, Source of funds documentation, Audited financial statements
Verification Method: Manual review by compliance team + Senior management approval
Processing Time: 5-10 business days

📥 Deposit: Unlimited 📤 Withdraw: Unlimited 📊 Trading: Enabled 🤝 P2P: Enabled 💵 Fiat: Enabled

4. Accepted Identity Documents

4.1 Indian Nationals

Document	Purpose	Validation
PAN Card	Identity + Tax compliance	Format: ABCDE1234F, verified against NSDL/UTIITSL database
Aadhaar Card	Identity + Address	12-digit number, e-KYC via UIDAI (with consent)
Passport	Identity (alternate)	Machine-readable zone validation
Voter ID	Identity (alternate)	EPIC number verification
Driving License	Identity + Address (alternate)	DL number and validity check

4.2 Non-Resident / Foreign Nationals

Passport: Valid passport with at least 6 months validity
Visa / OCI / PIO Card: Proof of legal stay in India (if applicable)
Global ID: Government-issued national ID from country of citizenship
Address Proof: Utility bill, bank statement, or government correspondence (within 3 months)

4.3 Corporate / Institutional

Certificate of Incorporation / Registration
Memorandum and Articles of Association (MOA/AOA)
Board Resolution authorizing account opening and trading
PAN of the entity
KYC of authorized signatories and Ultimate Beneficial Owners (UBOs with ≥25% ownership)
Audited financial statements (latest 2 years)
GST registration certificate (if applicable)

5. Identity Verification Methods

Document OCR: Automated extraction and validation of PAN/Aadhaar numbers from uploaded images
Biometric Matching: Selfie compared against document photographs using facial recognition
Liveness Detection: Anti-spoofing check to confirm real person (not photo or video of a photo)
Video KYC: Live video call with compliance officer for Level 2+ verification (as per RBI norms)
e-KYC via Aadhaar: Consent-based authentication through UIDAI for instant verification
Database Verification: PAN validated against NSDL/UTIITSL, Aadhaar via DigiLocker

Verification Providers (Configurable)

Manual review (default)
SumSub — automated KYC with global coverage
Jumio — ID verification and liveness
Onfido — document verification + biometrics
Shufti Pro — AI-powered identity verification

6. PEP & Sanctions Screening

All customers are screened against global PEP databases and sanctions lists during onboarding and on an ongoing basis:

Screening against OFAC SDN, UN, EU, UK HMT, FATF sanctions lists
PEP database screening for domestic and foreign politically exposed persons
Adverse media screening for links to financial crime, fraud, or terrorism
Fuzzy name matching with configurable threshold (minimum 85% match score)
Automatic account blocking on confirmed sanctions match
Enhanced due diligence for all identified PEPs — source of wealth, senior management approval

7. Enhanced Due Diligence (EDD)

EDD is mandatory in the following scenarios:

Customer identified as a Politically Exposed Person (PEP) or family/close associate of PEP
Customer from a FATF grey/blacklist jurisdiction or high-risk country
Customer with adverse media or criminal record flags
Transaction volume exceeding ₹50,00,000 per month without clear business justification
Complex corporate structures with multi-layered ownership, nominee shareholders, or shell entities
Non-face-to-face onboarding where identity verification is remote-only

EDD Measures

Source of wealth and source of funds documentation (bank statements, salary slips, ITR)
Purpose and intended nature of the business relationship
Senior management approval for account opening/continuation
Enhanced monitoring — lower transaction thresholds, more frequent reviews
Identification and verification of Ultimate Beneficial Owners (UBOs)
Periodic re-assessment (every 6 months instead of annual)

8. Ongoing Due Diligence & Re-verification

Periodic KYC Update: Every 365 days (configurable per risk level — more frequent for high-risk customers)
Event-Triggered Re-KYC: Upon change in customer information, unusual transaction patterns, or sanctions list updates
Transaction Monitoring: Continuous comparison of transaction patterns against customer profile and declared activity
Dormant Account Reactivation: Full re-KYC required for accounts inactive for more than 90 days
Document Expiry: Users notified 30 days before document expiry; account restricted if not renewed

9. Non-Acceptance & Rejection

VNC reserves the right to reject or close accounts in the following cases:

Customer fails to provide adequate identity documentation within the prescribed timeframe
Documents are found to be forged, altered, or fraudulent
Customer is a confirmed match on any sanctions list
Customer refuses to provide source of funds documentation when requested
Customer is a minor (below 18 years of age)
Reasonable suspicion of the account being used for money laundering or terrorist financing
Customer is from a fully blocked jurisdiction (as per our Geo-Blocking policy)

Rejection reasons are documented internally but are not disclosed to the customer where doing so could compromise an investigation or tip off a suspected criminal.

10. Record Keeping

KYC Documents: Retained for 5 years after account closure (PMLA requirement)
Verification Logs: All verification attempts, approvals, rejections logged with timestamps and reviewer IDs
Communication Records: All KYC-related communications with customers retained for 5 years
Storage: AES-256 encrypted at rest, TLS in transit, access restricted with role-based permissions
Audit Trail: Immutable log of all KYC actions — who reviewed, what was approved/rejected, when

11. Data Protection & Privacy

KYC data is handled in accordance with our Privacy Policy and applicable data protection laws:

Consent: Explicit consent obtained before collecting Aadhaar data (UIDAI requirement)
Purpose Limitation: KYC data used solely for identity verification, compliance, and fraud prevention
Data Minimization: Only minimum necessary documents are collected per verification tier
Right to Access: Customers can request copies of their KYC records
Right to Correction: Customers can update incorrect information via profile settings
Encryption: PAN and Aadhaar numbers are partially masked in API responses (e.g., ABC****4F, ****1234)
Access Control: Only authorized compliance staff can access full KYC documents

12. Customer Obligations

Provide accurate, up-to-date information during registration and KYC verification
Notify VNC promptly of any changes to personal details (name, address, contact information)
Cooperate with re-verification requests and provide additional documents when requested
Not use another person's identity or documents for account registration
Not maintain multiple accounts (one account per individual/entity)
Comply with all applicable laws regarding the use of the Platform

13. Contact Information

For KYC-related queries, document submission support, or verification status inquiries:

📧 KYC Support: kyc@vncexchange.com
📧 Compliance Team: compliance@vncexchange.com
📧 General Support: support@vncexchange.com
🌐 Dashboard: Check your KYC status anytime at vncexchange.com/dashboard

This policy is reviewed annually and updated to reflect changes in regulatory requirements. Last review: February 2026.