United Kingdom Compliance
Introduction
ChainGuard operates within the United Kingdom as a security + identity layer that provides non-custodial Web3 security infrastructure. This page explains how ChainGuard complies with UK regulatory requirements.
What ChainGuard Is NOT
ChainGuard does NOT:
- Custody funds
- Store private keys
- Transmit virtual assets
- Execute transactions
- Mediate payments
- Act as an exchange
- Act as a broker
- Fall under custodial wallet rules
- Qualify as a money transmitter
- Process fiat payments
- Take control of user funds
This protects ChainGuard from being misclassified under UK regulatory regimes.
Applicable Regulations
| Regulation | Applies? | Explanation | Details |
|---|---|---|---|
| UK GDPR | ✔ | Data governance, deletion rights, minimization | See Data Protection & Privacy. We process personal data for identity verification, device binding, and audit trails. Full compliance with data subject rights, legal bases, and data minimization principles. |
| FCA Cryptoasset Regime | ⚠ Partial | Does NOT apply as custodial service provider | We do NOT custody funds, store private keys, or operate as a cryptoasset exchange (see "What ChainGuard Is NOT" above). Our non-custodial vaults and identity services fall outside FCA cryptoasset custody definitions. However, we may assist regulated entities with compliance tools. |
| AML Regulations | ✔ | Customer due diligence and monitoring | We implement AML-compatible controls including customer identification, transaction monitoring, and suspicious activity reporting. See VAT & AML. |
| PSD2 | ❌ No | Does NOT apply - not a payment service provider | We do NOT initiate payments, process payment transactions, or provide payment services (see "What ChainGuard Is NOT" above). PSD2 licensing requirements do not apply to our non-custodial infrastructure services. |
| E-Money Regulations | ❌ No | Does NOT apply - not issuing e-money | We do NOT issue electronic money, store value, or act as an e-money institution (see "What ChainGuard Is NOT" above). E-Money Regulations do not apply to our non-custodial services. |
Regulatory Position
ChainGuard's non-custodial architecture means:
- FCA Registration: Evaluating registration requirements based on service classification
- UK GDPR Compliance: Full compliance with UK data protection laws
- AML Obligations: Customer due diligence and transaction monitoring
- Post-Brexit Framework: Operating under UK-specific regulatory requirements
Compliance Framework
UK GDPR
- Lawful basis for processing
- Data subject rights (access, deletion, portability)
- Data protection impact assessments
- Breach notification procedures
FCA Requirements
- Cryptoasset registration (if applicable)
- Financial promotions compliance
- Consumer protection measures
- Operational resilience
AML Compliance
- Customer due diligence (CDD)
- Enhanced due diligence (EDD) for high-risk customers
- Suspicious activity reporting (SAR)
- Record-keeping requirements
Data Protection
ChainGuard implements comprehensive UK GDPR compliance:
- Privacy notices and consent mechanisms
- Data minimization principles
- Security of processing
- Data breach procedures
- International transfers (where applicable)
Ongoing Compliance
We continuously monitor:
- FCA regulatory guidance
- ICO (Information Commissioner's Office) updates
- HM Treasury cryptoasset policy
- Industry best practices
Contact
For questions about ChainGuard's UK compliance posture, please contact our compliance team.
