CurveBlock
UK platforms that issue or facilitate trade in digital fund shares operate within established AML/CTF and data protection regimes. Under the Money Laundering Regulations and related supervisory expectations, firms must carry out customer due diligence, verify beneficial ownership, monitor transactions for suspicious activity and retain records for specified periods. These obligations are operationally material: they set the cadence of onboarding, the depth of identity evidence required and the types of ongoing monitoring that platforms must run.
Data protection and privacy sit alongside AML duties. The UK Data Protection Act and associated privacy rules require platforms to have lawful bases for processing personal data, to limit retention, and to provide transparency to customers about how their data is used. That creates design constraints for identity verification vendors, custody providers and any third‑party AML utilities used by platforms. It also means that platforms must manage the tension between sharing sufficient KYC information with counterparties and protecting customer privacy.
From a risk perspective, robust AML/KYC reduces the chance that illicit flows taint a fund or that platforms face regulatory enforcement. It also introduces costs and frictions: more intrusive checks can lengthen onboarding and require secure data handling. For retail investors considering fractional digital shares, it is therefore reasonable to expect clear disclosures about AML and data practices, transparent explanations of required identity steps, and evidence that platforms segregate and protect personal data while meeting their legal obligations.