Acceptable Use Policy

This Acceptable Use Policy ("AUP") applies to everyone who accesses AMLRegister — whether on the public website, through the API, or through any authenticated interface provided to enterprise customers. It supplements our Terms of Service, forms part of our contract with you, and reflects legal obligations and community norms that keep the Service fair and useful for all.

Some behaviours described here are unlawful anywhere; others reflect the particular risks of an AML tool and are prohibited because they undermine the mission of the Service. We reserve the right to enforce this AUP by any means including warning, rate-limiting, suspension, termination, cooperation with law enforcement, and pursuit of civil remedies.

You must not use the Service to commit, facilitate, or conceal any criminal activity. This includes, without limitation: money laundering; terrorism financing; sanctions evasion; fraud; market manipulation; tax evasion; bribery; trafficking of any kind; unauthorised access to computer systems; distribution of malware; theft; extortion; or the creation or distribution of child sexual abuse material.

You must not use the Service in a manner that breaches applicable anti-corruption or bribery laws — including the UK Bribery Act 2010, the US Foreign Corrupt Practices Act, and equivalent laws in other jurisdictions.

You must not submit queries in a way that constitutes, facilitates, or could reasonably be interpreted as "tipping off" a subject of a suspicious activity report, a freezing order, or a regulatory investigation. Compliance professionals should handle notifications through their own internal processes, not by signalling through third-party tools.

You must not: (a) use automated tools, bots, or scrapers to access the Service except through our official API within documented rate limits; (b) attempt to interfere with, degrade, or disable the Service, or any other user's use of the Service, through denial-of-service attacks, flood queries, or other means; (c) probe, scan, or test the vulnerability of the Service without our prior written consent; (d) breach or attempt to breach any security or authentication measure; (e) use the Service to host, transmit, or link to malicious code.

You must not reverse engineer, decompile, or attempt to derive the source code of the Service, except to the extent such activity is permitted by applicable law notwithstanding the restriction.

You must not misrepresent your identity, impersonate another person, or access the Service under false credentials. You must not create multiple free accounts to circumvent rate limits or evade a suspension.

You must not submit content — including wallet addresses you attribute, labels, notes, or uploaded files — that (a) infringes any third party's intellectual property; (b) is defamatory, obscene, harassing, threatening, hateful, or otherwise inappropriate; (c) contains personal data you are not authorised to process for the relevant purpose; or (d) is materially false or misleading.

You must not scrape, copy, or resell the data contained within AMLRegister — including flagged-wallet lists, risk scores, and category attributions — except as explicitly permitted by your contract with us. Aggregated, anonymised statistics may be quoted with attribution.

Where you export a report, you must not remove or obscure the AMLRegister branding, verification hash, or disclaimer text. You must not modify report content in a way that misrepresents its source or content.

Free users of the Service are subject to rate limits — currently twelve (12) checks per minute per IP address — to protect the Service for the wider community. These limits may change without notice. If you have a legitimate need for higher throughput, please contact us to discuss API or enterprise access.

Paid API tiers include documented rate limits and, where applicable, burst allowances. Sustained overage may trigger automatic throttling and, if persistent, contractual review. We reserve the right to reject traffic that appears abusive even if it falls within advertised limits.

"Fair use" for free or flat-fee tiers is measured against typical legitimate use. Behaviour that is materially inconsistent with such use — even if technically within limits — is not fair use and may lead to enforcement.

You must not use the Service to circumvent: (a) sanctions administered by any authority whose sanctions apply to you; (b) controls imposed by another compliance tool or service provider; (c) rate limits, subscription tiers, or quotas imposed by us; or (d) account suspension or termination decisions we have made. Attempts to circumvent will themselves be treated as violations of this AUP.

You must not use the Service to determine whether you, a related person, or a related entity is the subject of monitoring by any obliged entity, regulator, or law enforcement agency.

Use of the Service for academic research, journalism, and educational purposes is welcomed, subject to respect for privacy, copyright, and the other provisions of this AUP. Where your research or reporting will involve publication of data derived from the Service, please cite AMLRegister as the source and link back to https://amlregister.com where reasonably practicable.

We may, at our discretion, grant expanded access for documented research projects. Please contact compliance@amlregister.com to discuss.

If you become aware of misuse of the Service — including suspected violations of this AUP by others — please report it to us at compliance@amlregister.com. Include as much detail as possible, along with any evidence. We do not disclose reporter identities without their consent except where required by law.

We investigate reports promptly and proportionately. We will not retaliate against anyone who submits a good-faith report, and we will update reporters on outcomes where doing so is lawful and does not compromise ongoing investigations.

Where we determine that a violation of this AUP has occurred, we may take one or more of the following actions: warn the user; rate-limit or throttle their traffic; suspend their account or session; terminate their account or commercial relationship; remove offending content; cooperate with law enforcement; or pursue civil remedies. The remedy chosen is proportionate to the severity and persistence of the violation.

Serious, repeated, or criminal violations will always be escalated to termination and, where appropriate, reporting to law enforcement. We reserve the right to cache evidence of violations for the period required to conduct a thorough investigation and any subsequent proceedings.

If you believe you have been incorrectly suspended or rate-limited, you may appeal by contacting compliance@amlregister.com. Appeals are handled by a team independent of the initial enforcement decision.

We may update this AUP from time to time to address emerging misuse patterns, new features, or changes in law. Updated versions will be posted at the same URL with a new Effective date. Material changes will be notified through the Service or by email.

Your continued use of the Service after an update constitutes acceptance of the revised AUP. If you disagree with the update, you should stop using the Service and, if applicable, request account closure.

The Service is not intended for use by minors (persons under 18, or the local age of majority if higher). We do not knowingly provide the Service to minors and will close any account we become aware of being operated by a minor. The nature of the Service — crypto AML screening — makes it unsuitable for under-18 use.

Enterprise customers using the Service to support compliance programmes targeting vulnerable adult populations (for example, age-restricted financial products, or recovering-addict gambling-support services) should apply elevated privacy safeguards and should not use the Service to aggregate identifiable data about those populations beyond what is strictly necessary for the declared compliance purpose.

Where the Service is used as part of a safeguarding or child-protection investigation, the user must have legal authority for the investigation and must minimise collateral processing of personal data about any persons other than the investigation subjects. Law enforcement and authorised NGOs undertaking such work are welcome to use the Service within these constraints.

The Service must not be used to harass, threaten, dox, or otherwise target identifiable individuals. Even where a wallet is publicly attributed to a person, the Service is a compliance tool, not a vehicle for private investigations or personal vendettas. Compiling reports on a named individual without a legitimate due-diligence basis is a violation of this AUP.

Journalistic investigation into matters of public interest is treated differently from personal targeting. Good-faith journalism, academic research, and criminal investigation by properly authorised agencies are legitimate uses even when they involve identifiable individuals, provided the investigator acts proportionately and in compliance with applicable law.

If you become aware that the Service is being used to harm a specific individual — for example, you are the subject of such activity — please contact us at compliance@amlregister.com. We take such reports seriously and will investigate promptly. Where appropriate, we will suspend the offending account and support any formal complaint process the subject chooses to pursue.

You must respect the intellectual property rights of the Company and of third parties when using the Service. This includes our trade marks, copyrighted materials (such as reports, templates, and documentation), confidential methodologies, and proprietary attribution data. Use of any such material outside the scope of your licence is a violation of this AUP and may also infringe applicable law.

You must not strip, modify, or obscure any copyright notices, trade mark attributions, verification hashes, or disclaimers on material generated by the Service. Reports carry attribution for legal and evidentiary reasons; removing that attribution is both a violation of this AUP and, in many jurisdictions, a breach of copyright law.

If you reasonably believe that content on the Service infringes your intellectual property rights, please contact us at compliance@amlregister.com with sufficient detail to identify the alleged infringement and your rights in the material. We will investigate promptly and take appropriate action, which may include removal of content, suspension of the offending account, or other remedies.

We welcome good-faith security research. If you believe you have identified a vulnerability in the Service, please report it through our coordinated disclosure process at security@amlregister.com. Reports should include a clear description of the issue, reproduction steps, and any evidence of exploitability. We will acknowledge within three business days.

Good-faith research conducted within the scope of our disclosure policy will not result in legal action against the researcher. Activities that exceed scope — such as accessing or modifying another user's data, conducting denial-of-service attacks, or social engineering against staff — are not authorised and fall outside the protection of the policy.

We do not currently operate a paid bug bounty programme but may publicly acknowledge significant contributions with the researcher's consent. We do our best to respond substantively to all well-formed reports regardless of severity.

Scraping, data-mining, or otherwise systematically extracting information from the Service through non-API channels is prohibited. This includes scraping the public website or any publicly accessible report pages for bulk data collection. Individual casual use — such as loading a handful of reports for your own compliance review — is not prohibited.

We detect scraping through a combination of signature analysis, volume thresholds, and behavioural fingerprints. Detected scrapers are rate-limited, challenged with captchas, or blocked depending on severity. Persistent scraping after a block may result in legal action, particularly where the scraper is demonstrably commercial.

If you have a legitimate bulk-access need, please contact us about our API and enterprise options. In most cases, programmatic access is faster, cheaper, and more reliable than attempting to scrape. We are happy to work with journalists, researchers, and academics who have defensible bulk-access needs through a lightweight approval process.

Questions about this AUP can be sent to compliance@amlregister.com. We commit to reviewing and responding to good-faith questions in a timely manner.

This AUP is a living document. Patterns of abuse evolve, technology changes, and our understanding of what works evolves. We publish clarifications and expanded examples on our Insights page from time to time; those publications do not themselves amend the AUP but indicate how we interpret and apply it. Material amendments to the AUP itself are handled through the change process described in the Changes section above.

When the rules in this AUP appear to conflict with your specific needs, please raise the question with us before acting. Good-faith dialogue resolves most edge cases without formal process; we would rather have a conversation than an incident.