Anti-Money Laundering Program

Last Updated: 5/11/2026 | Version 2.0

Kashu, Inc. ("Kashu") is a software platform that supports business financial operations on top of regulated payment and banking rails operated by Kashu's partners. The Services are made available exclusively to U.S.-organized businesses, and consist of three integrated pillars: Platform Access, Transaction Intelligence, and Program Administration, as further described in the Kashu Terms of Service.

As part of the Program Administration pillar, Kashu maintains an Anti-Money Laundering ("AML") and Bank Secrecy Act ("BSA") compliance program that supports the customer-identification, customer-due-diligence, sanctions-screening, and suspicious-activity-detection obligations of Kashu's partners under the Bank Secrecy Act, the USA PATRIOT Act, FinCEN regulations including the Customer Due Diligence Rule (31 CFR 1010.230), the Corporate Transparency Act and its Beneficial Ownership Information rule, OFAC sanctions programs, and applicable state law.

This Statement is a customer-facing summary of Kashu's AML program. It does not modify, replace, or limit Kashu's internal compliance procedures or the regulatory obligations of Kashu's partners.

1. Program Governance

Kashu's AML program is administered by a designated BSA Compliance Officer who reports directly to senior management and to the Board of Directors or its equivalent. The BSA Compliance Officer oversees daily operations of the program, coordinates with Kashu's partners on referrals and reporting, manages training and policy maintenance, and monitors regulatory developments.

2. Customer Identification and Verification (KYB and KYC)

Before a Program Account can be activated, Kashu verifies the identity of the business entity (Know Your Business, "KYB"), each Beneficial Owner of 25% or more, the Control Person, and each Authorized Individual who will access the Services (Know Your Customer, "KYC"). Verification data may include formation documents, Employer Identification Number, registered and operating addresses, beneficial-ownership disclosures, government-issued identification, and biometric identity verification.

Kashu's procedures align with the Customer Identification Program requirements that apply to its partners, and are further described in the Kashu Customer Identification Program. Biometric identity verification is handled in accordance with the Biometric Data Notice in the Kashu Privacy Policy.

3. Customer Due Diligence and Ongoing Monitoring

Kashu applies a risk-based approach to customer due diligence:

  • Business users are risk-rated at onboarding and reviewed periodically.
  • Higher-risk customers are subject to Enhanced Due Diligence ("EDD") procedures.
  • Transactions and account activity are monitored on an ongoing basis using automated tools that detect unusual activity, velocity patterns, structuring behavior, and inconsistencies with the User's declared business profile.
  • Accounts exhibiting suspicious or inconsistent activity are escalated for manual review.

Risk factors evaluated for EDD include, without limitation:

  • Industry, merchant category, and business activity;
  • Geographic factors, including the location of the business, its owners, and counterparties;
  • Ownership structure, including foreign ownership, layered entities, or politically exposed persons;
  • Transaction volume, size, frequency, and counterparty patterns; and
  • Public-records, regulatory, and adverse-media findings.

4. Sanctions and Watchlist Screening

The User entity, each Beneficial Owner, the Control Person, each Authorized Individual, and linked counterparties are screened against U.S. and international sanctions and watchlists, including:

  • U.S. Department of the Treasury Office of Foreign Assets Control (OFAC) Specially Designated Nationals (SDN) and Consolidated Sanctions lists;
  • U.S. Department of Commerce Bureau of Industry and Security (BIS) Denied Persons, Entity, and Unverified lists;
  • U.S. Department of State debarred-parties lists;
  • Politically Exposed Persons (PEP) and adverse-media databases; and
  • Card-network and partner-institution screening requirements.

Screening occurs at onboarding and on an ongoing basis. A match or potential match may result in account hold, restriction, declination, or termination, and may be reported to Kashu's partners and to regulators as required by applicable law.

5. Suspicious Activity Reporting (SAR)

When suspicious activity is detected, Kashu's Compliance team conducts an internal review and escalates findings to Kashu's partners — including Monarch Technologies, Inc., the licensed money transmitter (MSB Registration No. 31000186536125; NMLS ID 1908316) — for the filing of Suspicious Activity Reports with FinCEN in accordance with applicable thresholds and timing requirements. Kashu may also notify law enforcement or regulatory authorities where permitted, and cooperates fully with official investigations and subpoenas.

Federal law prohibits disclosure of the existence or content of a SAR. Kashu and its personnel comply with all confidentiality and non-disclosure requirements applicable to suspicious activity reporting.

6. Training and Awareness

All employees receive AML and sanctions compliance training upon hire and at least annually thereafter. Training covers BSA/AML fundamentals, recognizing red flags, sanctions screening, data privacy obligations, escalation procedures, and SAR confidentiality. Personnel with compliance responsibilities receive role-specific training and are subject to competency assessments.

7. Recordkeeping

Kashu maintains records of customer identification data, verification methods and outcomes, transaction history, sanctions-screening results, and compliance reviews for a minimum of five (5) years following closure of the Program Account, or for such longer period as required by applicable law, regulator direction, or partner-institution requirements. Records are stored using encryption in transit and at rest, role-based access controls, and other safeguards described in the Kashu Privacy Policy.

8. Independent Review

Kashu's AML program is subject to periodic independent audits and risk assessments to verify its design and operational effectiveness. Findings are reviewed by the BSA Compliance Officer and senior management, and corrective actions are tracked to completion in accordance with applicable BSA/AML expectations.

9. Commitment to Integrity

Kashu is committed to upholding the highest standards of ethics, transparency, and regulatory compliance. Our objective is to provide U.S. businesses with modern business financial-operations tooling, while ensuring that the Kashu platform and the infrastructure of Kashu's partners are never used to facilitate money laundering, terrorist financing, sanctions evasion, fraud, or other illicit financial activity.

10. Relationship to Other Policies

This Statement should be read together with the Kashu Customer Identification Program, Acceptable Use Policy, Privacy Policy, Terms of Service, Refund Policy, and Software & Technology Services Agreement (STSA). In the event of any conflict between this customer-facing summary and Kashu's internal compliance procedures, the internal procedures — administered by the Compliance Department under the oversight of the designated BSA Compliance Officer — shall control with respect to BSA/AML matters.

11. Contact

For questions regarding this Statement or to report suspicious activity, please contact us as follows:

Kashu, Inc.

Attn: BSA/AML Compliance — Legal Department

1603 Capitol Ave, Ste 415 #674380

Cheyenne, WY 82001

Email: legal@kashupay.com

Product
Capabilities
Features
Transfers
How It Works
White Label Us
Product
Merchant Processing
Company
Book a Demo
About Us
Why Kashu
Our Fees
Careers
Company
Resources
Affiliate Program
Refer Merchants
MRP Dashboard Login
Affilate Dashboard Login
Fraud Shield
Brand Kit
Merch Shop
Accessibility
Resources
Contact Us
By using this site, you agree to our Terms of Service and Privacy Policy, including the use of cookies for analytics, personalization, and marketing. Kashu is an independent financial technology platform and is not a bank. Money transmission services are provided by Monarch Technologies, Inc., a licensed Money Services Business (MSB: 31000186536125) and NMLS registered provider (NMLS ID: 1908316). Customer funds are held in custodial accounts at Fresno First Bank, Member FDIC, for the benefit of users.

All trademarks, service marks, and logos used are the property of their respective owners. Use of these marks does not imply endorsement or partnership.

For more information, please contact our offices at 1603 Capitol Ave, Ste #415, Cheyenne, WY 82001.

© 2026 Kashu, Inc. All rights reserved.