Ramps on tbDEX Compliance Guide

Intro to Ramps on tbDEX

tbDEX is a suite of open standards that enables Wallets to easily offer a global bridge between fiat and digital assets through one integration, also known as Ramps.

In this guide, we’ll walk through how PFIs can offer On-Ramps and Off-Ramps as a service to Wallets on tbDEX, and the credentials that PFIs can use to fulfill their compliance obligations for these transactions. 

Setting the stage

To illustrate how Ramps work on tbDEX and the credentials used to fulfill compliance requirements, this guide will focus on a hypothetical example of Alice, a US-based person, using an app called Mobile Wallet to On-Ramp from fiat US Dollars (USD) to Bitcoin (BTC), and later Off-Ramp back to USD.

Mobile Wallet is a mobile application that individuals use to:

1. Purchase digital assets using fiat currency from PFIs on tbDEX. (Mobile Wallet is a self custodial wallet for digital assets)

2. Sell digital assets for fiat currency through a PFI on tbDEX.

3. Manage their digital identity information. Mobile Wallet also acts as a self-custodial digital wallet for Identity information.

• It creates a DID for the user and securely stores the private keys for that DID directly on-device.

• It stores Verifiable Credentials issued to the user directly on-device.

  
  

Let’s assume that:

• Alice has already gone through KYC at the PFI she wants Ramps from.

• Alice has obtained a Known Customer Credential (KCC) from the PFI.

Now let’s dive into the steps a PFI would take to offer Ramps on tbDEX through Mobile Wallet, and show how a PFI fulfills their compliance obligations using DIDs and VCs.

On-Ramps

In order to On-Ramp from USD to BTC, Alice searches in Mobile Wallet for a PFI offering this service (an “Offering”) and finds a PFI she has worked with before for this purpose. Alice selects this PFI’s On-Ramp Offering.

Step 1: Setting requirements for the On-Ramp Offering

To offer the On-Ramp service, the PFI has already published an Offering on tbDEX for the currency pair of interest to Alice, which is USD to BTC. Within the Offering, the PFI has also set a requirement for a KCC that was issued by their own PFI to a user whose country of residence is the United States. 

⚠️ Note: As a Compliance Officer at this PFI, this means setting the following requirement with your Engineering team: “tbDEX On-Ramp Offerings must require a Verifiable Credential of type ‘KnownCustomerCredential’ that was issued from our PFI’s DID, and contain ‘US’ within the ‘country_of_residence’ property”.

As a reminder, what this means is the PFI will only provide USD > BTC On-Ramp services to Alice if she has gone through that PFI’s KYC process for the United States. By selecting this PFI’s Offering, Alice must either a) go through the PFI’s KYC process again, or b) present a suitable KCC as proof that she has already been KYC’d by the PFI. 

⚠️ Note: Refer to the Known Customer Credential Guide for details on how to initiate your PFI’s Identity Verification flow in the event Alice doesn’t already have a suitable KCC.

Step 2: Alice presents her KCC for the On-Ramp

Since Alice already has a suitable KCC from the PFI, Mobile Wallet makes this next step easy for Alice. Mobile Wallet automatically searches Alice’s credentials for a KCC that meets the requirements of the PFI’s Offering, and upon finding the KCC, Mobile Wallet prompts Alice to present her KCC in lieu of prompting Alice to complete KYC again. After receiving consent from Alice, Mobile Wallet shares the KCC with the PFI, along with the pay-in and pay-out instructions needed to pull USD from Alice’s funding source, and deposit BTC into Mobile Wallet. 

⚠️ Note: Due diligence should be performed on Mobile Wallet to ensure there are proper controls in place to mitigate the risk of someone other than Alice presenting the KCC.

Step 3: The PFI verifies the presented KCC for the On-Ramp

Upon receiving the KCC from Alice, the PFI runs a series of automated checks to verify the presented KCC is authentic, not unexpired, not tampered with, and remains in good standing from a Compliance standpoint. For a detailed overview of these checks and how to perform them, refer to the Known Customer Credentials Guide.

Step 4: Fulfillment of the On-Ramp

Lastly, after confirming Alice has fulfilled the PFI’s KYC requirements, the PFI debits USD and sends BTC to the addresses Alice provided.

Off-Ramps

At this point Alice needs to convert some of her BTC back to USD. Similar to the On-Ramp service, the following steps occur:

1. Mobile Wallet renders Off-Ramp offerings that are published on tbDEX for the currency pair of interest to Alice: BTC to USD

2. Alice selects a PFI she has worked with previously for this purpose

3. Alice presents her KCC, which was originally issued from this PFI, to fulfill the requirements

4. The PFI verifies the KCC

5. Alice sends the PFI BTC

6. Upon confirmed receipt of the BTC, the PFI initiates a fiat transfer of USD to the bank account information Alice provided

⚠️ Note: The PFI also ensures the name included in the pay-out information matches the information they have on-file for Alice, mitigating the risk of these funds being delivered to someone else’s fiat account. The PFI is responsible for implementing reasonable controls to mitigate fraud and AML risks associated with the transaction, since they are ultimately responsible for the settlement process and reporting any suspicious activity to the appropriate regulatory agency.

What is possible

This guide covered how to offer On-Ramp and Off-Ramp services on tbDEX in a manner that supports a PFI’s KYC program by using a KCC to securely and privately fulfill a PFI’s existing KYC requirements for these transactions.