FulusFlow Policy Library

AML/BSA Compliance Program — FulusFlow

Effective date: May 1, 2026

FulusFlow maintains a written anti-money laundering program as required by 31 U.S.C. § 5318(h) and 31 C.F.R. § 1022.210. The program is designed to support a federally registered money services business operating with non-custodial architecture, documented controls, and clear escalation paths.

Program overview

The AML program is structured to identify, assess, and respond to suspicious activity, sanctions risk, identity fraud, and reporting obligations under the Bank Secrecy Act. The program is proportionate to FulusFlow’s current operating model and will be reviewed as products, corridors, and transaction volumes expand.

Designated compliance officer

Robert Novak, Founder, serves as Compliance Officer and is responsible for day-to-day BSA/AML oversight, policy administration, exception review, partner coordination, and required filing readiness. Compliance inquiries may be directed to [email protected].

Customer identification program (CIP)

Email address and phone number are collected at registration. Government-issued identity verification is required for transactions above $500 through an independent identity verification partner. Enhanced due diligence applies to transactions above $3,000 and may include source-of-funds documentation, additional identity review, and manual approval before processing.

OFAC and sanctions screening

All users are screened against OFAC, UN, and EU sanctions lists before transaction processing. Screening is repeated when risk events occur, including changes to identifying information, threshold-triggering activity, or manual review events.

Transaction monitoring rules

Internal alert threshold for any single transaction at or above $3,000.
Daily rolling structuring alert when user activity reaches or exceeds $9,000.
Velocity limit of 3 transactions per rolling 24-hour period.
Round-number pattern detection and other structuring indicators reviewed by the compliance officer.

Currency transaction reports (CTR)

FulusFlow maintains readiness to file FinCEN Currency Transaction Reports for covered transactions at or above $10,000 through the BSA E-Filing system. Internal alerts are designed to surface potential filing obligations before the formal threshold is reached.

Suspicious activity reports (SAR)

Suspicious activity reports are filed within 30 days of detecting suspicious activity when filing is required. The founder reviews all compliance flags within 24 hours, transaction holds are reviewed within 4 hours, and block-level flags trigger immediate consultation with legal counsel.

Record retention

FulusFlow retains transaction records, identity verification status records, compliance flags, review notes, and reporting support documentation for a minimum of 5 years in accordance with BSA requirements.

Employee training

Compliance training is founder-led. Any support staff or operations personnel are briefed on AML obligations before handling customer transactions or customer-facing exception workflows.

Independent review

An annual review of the AML program is planned. A third-party audit will be commissioned when monthly transaction volume exceeds $50,000 or when the business model materially expands.

New York State exclusion

FulusFlow does not offer services to residents of New York State pending any future licensing strategy, including a potential BitLicense application.

Contact

Compliance questions, partner diligence requests, and regulatory inquiries may be sent to [email protected].