Acceptable Use Policy

Last updated: 08/12/25 

This Acceptable Use Policy (“AUP”) forms part of the AML Buddy Terms & Conditions. By  accessing or using AML Buddy, the Customer agrees to comply with this AUP. 

AML Buddy is designed for lawful identity verification, AML/KYC compliance, onboarding,  and fraud-prevention workflows. To protect the integrity of the platform and its data  suppliers, the following rules apply. 

1. General Principles 

Customers must: 

  • use the platform only for lawful and authorised purposes; 
  • ensure all data submitted is accurate and provided with a lawful basis; 
  • follow all security requirements and user responsibilities; 
  • keep account credentials confidential; 
  • ensure that all end-users comply with this AUP. 

Failure to comply may result in suspension or termination of access. 2. Prohibited Activities 

The Customer and its users may not engage in the following activities. 

2.1 Unlawful or prohibited purposes 

Customers must not use AML Buddy for: 

  • financial crime, identity theft, or fraud; 
  • any processing without a lawful basis; 
  • background checks, employment screening, tenant checks, or consumer profiling; 
  • impersonation or unauthorised access to another person’s identity. 

2.2 Submission of harmful or inappropriate data 

Customers must not submit: 

  • intentionally false identity information; 
  • stolen or unlawfully obtained personal data; 
  • abusive, offensive, or malicious content; 
  • any malware, virus, or harmful code. 

2.3 Misuse of identity verification services 

The following activities are prohibited: 

  • generating large batches of synthetic identities; 
  • using randomly generated names or identity data at scale;
  • reverse-engineering verification responses; 
  • attempting to replicate, rebuild, or extract supplier datasets; 
  • using AML Buddy for unrelated analytics or machine learning; 
  • treating AML Buddy as a general-purpose data lookup tool. 

2.4 Unauthorised technical activities 

Customers may not: 

  • perform penetration testing or security scanning without written approval; 
  • bypass access controls or authentication mechanisms; 
  • interfere with platform availability or performance; 
  • scrape or harvest data from the interface; 
  • overload systems through excessive API calls; 
  • probe, scan, or test networks, servers, or endpoints. 

2.5 Account and credential misuse 

Customers may not: 

  • share passwords, logins, or API keys; 
  • provide platform access to unauthorised persons; 
  • attempt to access another user’s account; 
  • use credentials issued to another individual or entity. 

2.6 Restricted use cases 

AML Buddy may not be used for: 

  • credit scoring or creditworthiness assessment; 
  • behavioural profiling; 
  • marketing or enrichment databases; 
  • consumer eligibility decisions outside AML/KYC compliance. 

These restrictions are required under GDPR and by third-party data suppliers. 3. Free Checks and Trial Usage 

Free or trial checks may be used only for evaluation and integration testing. They may not be used for: 

  • load testing or stress testing; 
  • volume performance benchmarking; 
  • batch synthetic identity submissions; 
  • production use. 

4. Compliance Responsibilities 

The Customer is responsible for: 

  • ensuring a lawful basis for all Personal Data processed; 
  • complying with AML, KYC, sanctions, fraud prevention, and data protection laws; 
  • ensuring that all uploaded data complies with copyright and third-party rights;
  • ensuring its end-users comply with this AUP. 

The Customer remains responsible for its own compliance and that of its users. 5. Security Responsibilities 

Customers must: 

  • maintain secure device and network configurations; 
  • protect all credentials and API keys; 
  • immediately report any suspected security incident, breach, or misuse; 
  • comply with any updated security instructions issued by AML Buddy; 
  • ensure strong passwords and secure operating practices. 

6. Suspension and Enforcement 

AML Buddy may suspend or terminate access immediately if the Customer: 

  • violates this AUP; 
  • poses a security risk; 
  • misuses AML or identity verification services; 
  • breaches terms imposed by identity data suppliers; 
  • engages in any unlawful or harmful activity. 

Further action may be taken if required by law. 

7. Reporting Violations 

To report misuse or suspected violations, contact: 

security@amlbuddy.com 

8. Updates to the AUP 

This AUP may be updated from time to time. Continued use of AML Buddy after an update  constitutes acceptance of the revised AUP.