Zenoo
Regulator-ready from day one

Built for the regulators that examine you.

One platform. Multiple jurisdictions. Every decision auditable, every event timestamped, every export regulator-ready. We map our capabilities to the rules that govern your business so your next examination takes 40 minutes, not two weeks.

The regulatory clock has already started.

AMLA is operational. Companies House verification is live. The EU AML Package applies in July 2027. Most platforms need 12 to 18 months of custom work to meet it. Zenoo deploys in 4 to 6 weeks.

  1. November 2025
    UK Companies House ID verification went live
    Zenoo KYB Pipeline integrates the Companies House API for verified officer and PSC data.
  2. July 2025
    EU AMLA operational
    New EU supervisory authority started operating. Zenoo audit capabilities support oversight.
  3. July 2027
    EU AML Package applies
    Major deadline. Zenoo covers core requirements today. Most platforms need 12 to 18 months of custom work; Zenoo deploys in 4 to 6 weeks.
  4. 2028
    AMLA direct supervision begins
    Selected high-risk entities under AMLA oversight. Audit trail becomes critical.
  5. January 2028
    US investment adviser AML rule (revised)
    New AML obligations for advisers. Zenoo adaptable.

Region

European Union

The EU AML Package and AMLA define the next decade of compliance for any institution serving European customers. Most provisions apply from 10 July 2027, with AMLA direct supervision from 2028.

European Union Most provisions apply 10 July 2027. AMLA operational July 2025. Direct supervision from 2028.

EU AML Package & AMLA

A single rulebook across 27 member states, FATF-aligned risk scoring, expanded scope (crypto, luxury, professional sports), lower beneficial ownership thresholds, and direct supervision of high-risk entities by the new AMLA authority.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
FATF-aligned risk scoring across 4 dimensions 4-dimension Risk Engine (Customer, Country, Product/Service, Delivery Channel) with configurable models and champion/challenger testing. Full
Expanded scope (crypto, luxury, professional sports) Risk models configurable per entity type. Marketplace adapters for Chainalysis, Elliptic, TRM Labs cover crypto. Full
Lowered beneficial ownership thresholds Full KYB Pipeline traces UBO through multiple corporate layers via Companies House PSC, Middesk, and AI research. Full
AI / ML governance requirements Every agent call logged with reasoning, confidence score, and threshold. Red Team Agent adversarially validates findings. Full
AMLA direct supervision readiness 32 immutable audit event types, four-eyes tracking, regulator-ready one-click exports. Full
Harmonised CDD across 27 member states Locale adaptation, jurisdiction-aware risk models, multi-language onboarding via Seamless UX. Partial
European Union In force since 3 December 2020 (transposition); applied to obliged entities from 3 June 2021.

6th Anti-Money Laundering Directive (6AMLD)

Extends predicate offences to 22 categories, criminalises aiding and abetting, introduces criminal liability for legal persons, harmonises minimum penalties.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Extended predicate offences (22 categories) Risk Engine alert categories configurable for all predicate offences. Full
Criminal liability for legal persons KYB Pipeline + Risk Engine cover corporate entity scoring, UBO chain tracing, director and PSC screening. Full
European Union Stablecoin provisions from 30 June 2024. Other CASP provisions from 30 December 2024.

MiCA — Markets in Crypto-Assets

Authorisation regime for crypto-asset service providers, market integrity rules, consumer protection, AML obligations aligned with the Travel Rule.

Primary product: Marketplace
Requirement Zenoo capability Coverage
Travel Rule and wallet screening for VASPs Marketplace adapters for Chainalysis, Elliptic, TRM Labs handle travel rule compliance and wallet risk scoring. Full
CASP customer due diligence KYC + KYB workflows configurable per crypto entity type. Sanctions screening across consolidated lists. Full
European Union Regulation in force May 2024. EU Digital Identity Wallets to be available by 2026.

eIDAS 2.0 & EU Digital Identity

Cross-border electronic identification and trust services, including the EU Digital Identity Wallet for individuals.

Primary product: Seamless UX
Requirement Zenoo capability Coverage
eIDAS-compliant identity provider integration Marketplace adapter framework integrates eIDAS-compliant providers as they become certified. Partial
Cross-border identity verification Multi-jurisdiction onboarding with GBG, Onfido, Veriff and others through Marketplace. Partial
Germany Ongoing supervision under EU AMLR, GwG (German AML Act), and MaRisk.

BaFin — German Federal Financial Supervisory Authority

BaFin examines German credit institutions and financial service providers under EU and German AML rules. Strong emphasis on documentation, internal controls, and audit-readiness.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Audit-ready documentation for BaFin examinations 32 immutable audit events, four-eyes tracking, one-click examination exports — answers BaFin queries in minutes, not weeks. Full
Internal controls and risk management (MaRisk) Role-based dashboards, SLA monitoring, automated escalation rules. Full
GwG-aligned CDD Risk-tiered KYC and KYB workflows; jurisdiction-aware risk models. Full

Region

United Kingdom

The UK Money Laundering Regulations and FCA Financial Crime Guide remain the operating standard. Companies House identity verification (live since November 2025) is the latest material change.

United Kingdom In force since 26 June 2017. Last amended 2022 / 2023.

UK Money Laundering Regulations 2017 (MLR 2017)

CDD and EDD requirements, ongoing monitoring, beneficial ownership identification, SAR workflows, 5-year record retention, firm-wide risk assessment.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Customer due diligence (CDD) KYC and KYB onboarding with risk-based verification tiers. Full
Enhanced due diligence (EDD) for high-risk Automatic EDD triggers based on risk tier; deep-mode AI research. Full
Ongoing monitoring Alert inbox with continuous screening; SLA monitoring; perpetual KYC triggers. Full
Beneficial ownership identification Companies House PSC integration with UBO tracing through multiple corporate layers. Full
Record keeping (5 years) Immutable audit trail with configurable retention up to 7 years on Enterprise. Full
Firm-wide risk assessment Risk Engine with champion / challenger testing and what-if backtesting. Full
United Kingdom Continuously updated. Latest material updates in 2025.

FCA Financial Crime Guide

Systems and controls expectations for FCA-supervised firms, including sanctions screening, transaction monitoring, proliferation financing controls, and cryptoasset business obligations.

Primary product: Marketplace
Requirement Zenoo capability Coverage
Sanctions screening LSEG World-Check, Dow Jones, LexisNexis adapters for real-time sanctions screening. Full
Cryptoasset business obligations Chainalysis, Elliptic, TRM Labs adapters for travel rule and wallet screening. Full
Systems and controls effectiveness Role-based dashboards, SLA monitoring, automated alert triage with AI. Full
United Kingdom Companies House identity verification live since November 2025.

Economic Crime and Corporate Transparency Act (ECCTA)

Reforms Companies House from passive registry to active gatekeeper. Mandatory ID verification for officers and PSCs. New "failure to prevent fraud" offence.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Companies House ID verification (officer / PSC) KYB Pipeline integrates Companies House API for verified officer and PSC data. Full
Failure to prevent fraud offence Audit Trail demonstrates systematic, auditable compliance methodology. Indirect

Region

United States

BSA, PATRIOT Act, and FinCEN rules form the federal AML core. Beneficial ownership reporting (CTA / BOI) has been narrowed to foreign reporting companies only; the investment adviser AML rule was delayed to January 2028.

United States BSA in force since 1970. Updates ongoing.

FinCEN — Financial Crimes Enforcement Network

FinCEN administers the Bank Secrecy Act, sets rules for AML programmes, customer identification, due diligence, and SAR / CTR filing.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Customer Identification Program (CIP) Identity verification through Marketplace providers; document capture; biometric matching. Full
Customer due diligence (CDD) Risk-tiered CDD workflows; 4-dimension FATF scoring. Full
Beneficial ownership requirements KYB Pipeline: multi-source entity discovery, ownership tracking, PSC identification. Full
SAR workflow support Case lifecycle with documented decision chains; 30 / 60-day deadline tracking via SLA monitoring. Partial
Record retention Configurable retention up to 7 years on Enterprise. Full
United States In force since 2001.

USA PATRIOT Act (Title III)

Enhanced CDD for correspondent banking, prohibition on shell bank accounts, special due diligence for PEPs, information sharing under Section 314.

Primary product: AI Agents
Requirement Zenoo capability Coverage
Enhanced CDD for correspondent banking Jurisdiction-aware risk models; FATF grey / black list indicators in 209-country database. Full
Special due diligence for PEPs KYC Researcher and Alert Analyst screen against OFAC SDN, EU Consolidated, UN Security Council, HMT lists. PEP family and associate detection. Full
Shell bank prohibition KYB Pipeline analyses shell company indicators across 12 weighted factors. Full

Region

Asia-Pacific

MAS (Singapore), HKMA / HK AMLO, and AUSTRAC (Australia) all operate within the FATF framework while imposing local specifics around CDD, monitoring, and reporting.

Singapore COSMIC platform live April 2024.

MAS & COSMIC

The Monetary Authority of Singapore supervises financial institutions under the AML / CFT framework. COSMIC enables centralised information sharing on red-flagged entities.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Red flag indicators as sharing triggers Automated risk indicator detection with confidence-scored findings; structured for COSMIC sharing. Indirect
Operational safeguards for confidentiality Role-based access, field-level security, IP allowlisting. Partial
Australia In force since 2006. Tranche 2 expansion 2024 / 2025.

AUSTRAC (AML / CTF Act)

AUSTRAC supervises reporting entities including banks, gambling, remittance, crypto, and (from Tranche 2) lawyers, accountants, and real estate professionals.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Customer identification procedure Identity verification through Australian-capable providers via Marketplace. Full
Ongoing customer due diligence Perpetual KYC triggers and ongoing monitoring. Full
AML / CTF programme Configurable compliance programme with risk assessment. Full
Hong Kong In force since 2012. Latest amendments 2023.

Hong Kong AMLO

Anti-Money Laundering and Counter-Terrorist Financing Ordinance covers customer due diligence, record keeping (6 years), and suspicious transaction reporting.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
Customer due diligence CDD workflows with jurisdiction-aware risk models. Full
Record keeping (6 years) Configurable retention up to 7 years on Enterprise. Full

Region

Global standards

FATF Recommendations are the global benchmark used by national regulators worldwide. The Wolfsberg Principles guide international correspondent banking.

Global Continuously updated. Most recent revision October 2025.

FATF Recommendations (October 2025 update)

The 40 Recommendations are the international standard for AML / CFT. FATF mutual evaluations measure technical compliance and effectiveness across 200+ jurisdictions.

Primary product: Compliance Hub
Requirement Zenoo capability Coverage
R.10 — Customer due diligence Full CDD lifecycle: identification, verification, ongoing monitoring. Full
R.11 — Record keeping 32 immutable event types; configurable retention; millisecond timestamps. Full
R.15 — New technologies (incl. VASPs) Crypto compliance vendors (Chainalysis, Elliptic, TRM Labs) integrated. Full
R.18 — Internal controls and programmes Role-based access, risk model governance, champion / challenger testing. Full
R.20 — Suspicious transaction reporting Case lifecycle with documented escalation paths; decision reasoning logged. Partial
R.24 — Beneficial ownership (legal persons) Multi-source UBO tracing; ownership chain documentation. Full

Platform certifications

Independent third-party verification of the Zenoo platform itself.

SOC 2 Type II

Infrastructure and application controls. Verified 2026-03-01.

ISO 27001

Information security management system.

GDPR

Data processing aligned. DPA available on request.

Penetration testing

Annual independent testing.

Your compliance stack was built for a different era. The threats have moved on.

Faster Deployment

Get up and running in days, not months – without complex integrations or heavy IT lifts.

Global Coverage

209 countries, one platform. Adapt to local regulations without rebuilding your stack.

Always Current

37 releases, zero downtime. Regulations change. Your platform keeps pace.

See what changes. 30 minutes. Your data. No slides.

Just your work email. We'll take it from there.

By submitting this form, you are agreeing to the Privacy Policy