1. Purpose

This KYC & AML Policy defines CHERNOMOR approach to customer due diligence, sanctions controls, anti-abuse governance, and risk-based onboarding for cloud and telecom infrastructure services.

Our objective is to prevent misuse of infrastructure for fraud, sanctions evasion, unlawful traffic, and other prohibited activities.

2. Scope and applicability

This policy applies to all prospective and active business clients, channel partners, and counterparties using CHERNOMOR infrastructure or telecom-related services.

This policy works together with contractual acceptable-use and compliance requirements included in onboarding and service agreements.

3. Risk-based compliance framework

CHERNOMOR applies a risk-based model aligned with sanctions and anti-money laundering expectations relevant to infrastructure operations. Controls are proportionate to client profile, use case, geography, and traffic characteristics.

We do not offer anonymous provisioning for high-risk production services and reserve the right to request additional evidence where risk signals are present.

4. Customer due diligence (KYB/KYC)

• Verify legal entity identity and registration status.
• Validate authorized representatives and commercial purpose.
• Collect ownership and control information where required by risk level.
• Review intended service use cases, traffic model, and target geography.
• Require acceptance of service policies, lawful-use commitments, and onboarding controls.

5. Sanctions, PEP, and adverse-media screening

Before activation and at defined intervals thereafter, CHERNOMOR may screen relevant counterparties against sanctions lists and risk indicators, including politically exposed person (PEP) and adverse-media signals where applicable.

Potential matches are escalated to compliance review before onboarding or continuation decisions are made.

6. Datacenter, ISP, telecom-carrier, and regulator alignment

Our infrastructure model depends on datacenter providers, internet providers, telecom carriers, and associated network partners with strict anti-abuse and lawful-order requirements.

We maintain onboarding records, policy acceptance evidence, and traffic auditability to satisfy reasonable carrier, vendor, and regulator review requests.

CHERNOMOR may immediately restrict, suspend, or terminate services when a provider, telecom carrier, or competent authority requires urgent action for compliance, sanctions, fraud, or network-protection reasons.

7. Telecom compliance controls for messaging infrastructure

For messaging-enabled services, CHERNOMOR applies dedicated telecom compliance controls to reduce abuse risk and protect network integrity. These controls are part of routine operational governance, not optional safeguards.

Suspicious traffic indicators, fraud patterns, and spam-like behavior may trigger escalation, temporary restrictions, enhanced review, or enforcement actions based on risk severity and policy requirements.

• Continuous monitoring of telecom traffic behavior for policy deviations and abuse indicators.
• Identification and investigation of suspicious activity using route, pattern, and anomaly signals.
• Fraud and spam prevention controls including throttling, blocking, and escalation workflows.
• Compliance alignment with telecom network policies, provider acceptable-use requirements, and lawful directives.

8. Ongoing monitoring and trigger events

• Monitor onboarding consistency against observed traffic and operational behavior.
• Apply rate, pattern, and anomaly controls to detect suspicious or prohibited activity.
• Escalate sudden route shifts, identity mismatch signals, and policy deviations.
• Re-validate client profile where material ownership, geography, or use-case changes occur.

9. Enhanced due diligence (EDD)

Enhanced due diligence may be applied to higher-risk clients, cross-border high-risk patterns, unusual transaction flow indicators, or adverse intelligence results.

EDD may include additional ownership documentation, expanded compliance questionnaires, source-of-funds context where relevant, and stricter traffic controls before full activation.

10. Prohibited and restricted activities

• Use of services for unlawful financial activity, sanctions evasion, fraud, impersonation, or deceptive routing.
• Unauthorized bulk messaging, spoofing, phishing, malware distribution, or abuse of verification channels.
• Attempts to bypass carrier controls, jurisdictional restrictions, or regulator directives.
• Any activity that breaches contractual policy, provider acceptable-use rules, or applicable law.

11. Escalation and enforcement

Where suspicious activity indicators are identified, CHERNOMOR may apply temporary controls, request clarifications, initiate formal compliance review, and suspend service while investigation is ongoing.

We may decline onboarding, terminate services, or cooperate with lawful authority requests where required by law and risk posture.

12. Record retention and confidentiality

Compliance-related onboarding and review records are retained according to legal and operational requirements and are protected by confidentiality and access-control measures.

Retention periods may extend where required for dispute handling, audit defense, sanctions review, or legal/regulatory obligations.

13. Governance and policy updates

Policy ownership is assigned to CHERNOMOR leadership responsible for compliance and operations. Controls are periodically reviewed based on regulatory change, threat patterns, and provider requirements.

This document may be updated at any time. New versions are published with a revised effective date.

Questions about this policy can be sent to sales@chernomor.cc. This document is provided for transparency and does not constitute legal advice.