Compliance boundaries

Security

Compliance boundaries

BroSettlement can support controls, records, access separation, and transaction traceability that matter in regulated operations.

It does not replace your legal, licensing, compliance, KYC/KYB, AML, Travel Rule, fiat rail, or banking responsibilities.

BroSettlement can support

  • API-level access control and signed requests.
  • IP allowlists, nonce replay protection, key rotation, and RBAC.
  • Client-controlled signing policy through the Co-Signer.
  • Audit-friendly transaction lifecycle records.
  • Append-only ledger entries for reconciliation.
  • Separation of duties across owner, admin, operator, reader, and service roles.

BroSettlement does not provide

  • Legal or regulatory advice.
  • A guarantee of MiCA, VASP, CASP, or other licensing outcomes.
  • Built-in KYC/KYB.
  • AML screening as a bundled compliance provider.
  • Travel Rule automation.
  • Fiat acquiring, banking accounts, SEPA, SWIFT, ACH, card acquiring, or bank accounts.
  • SOC 2, ISO 27001, insurance, or third-party audit claims unless supplied by current BroLabel evidence.

BroSettlement is intended to sit beneath:

  • Your product UX.
  • Your customer onboarding flow.
  • Your KYC/KYB and AML providers.
  • Your fiat partners.
  • Your compliance policies.
  • Your treasury and finance workflows.
API authenticationSecure API requests with Ed25519 signatures, timestamps, nonces, and IP allowlists.Organizations and rolesSeparate access across humans and service accounts.

---