Compliance & Trust

Trust is the currency of P2P. Our platform is built on "economic trust" (deposits), but we also ensure it through strict legal and technical procedures.

Mandatory KYC / AML There are no anonymous users on Looty. Every trade participant (both buyer and seller) must undergo a one-time KYC (Know Your Customer) procedure through our partner, Sumsub.

• Why? This filters out users with fake documents, prevents the creation of multi-accounts for fraud, and ensures compliance with global AML (Anti-Money Laundering) regulations.

• How? We do not store your passports or personal documents on our servers. The entire process happens within Sumsub's secure environment. We only receive a status from them: "Verified" or "Rejected."

Multi-Layered Trust "Badges" Each user profile displays visible "badges" that confirm their level of verification:

• ✅ KYC Verified: The user has passed full identity verification via documents (Sumsub).

• 🛡️ AML Checked: The user's EVM wallet, linked to the account, has been automatically checked (also via Sumsub) for links to "dirty" funds or sanctioned addresses.

• 🦁 PoN Verified: (Proof of Narnia) This reputational badge is automatically issued if the user owns an NFT from the partner collection, Proof of Narnia. This serves as an additional signal of belonging to a trusted Web3 community.

Security of Fiat Requisites Your financial data (card numbers, Wise/Revolut logins) is critical information. We ensure its security at the architectural level:

• Isolated Storage: Requisites are stored in a separate, secured subcollection in our Firestore database.

• Strict Access Rules (Firestore Rules): Special security rules are configured. No one can read this data except:

  1. The user (owner) themselves.

  2. The counterparty (and only after a trade has been initiated).

  3. Our cloud functions (for AI analysis and arbitration).

• No one else—neither other users nor the public internet—has access to it.

Curated List of Payment Methods Unlike "wild" P2P markets, we do not allow users to create payment methods "on the fly" (e.g., "transfer to my friend's card"). We only support a strictly defined list of global and local payment systems (such as Wise, Revolut, Zelle, PIX, etc.) for which we can ensure reliable arbitration and verification. This is the core of our "Matching Requisites" Protocol (see Section 4).