Back to Docs

Cider.trade Compliance Policy

Last Updated: June 9, 2026

This Compliance Policy establishes the risk management, compliance, governance, security, operational, and data protection standards maintained by Cider.trade ("Cider").

Cider is committed to maintaining a secure, compliant, transparent, and privacy-conscious platform while facilitating user-directed access to digital asset markets and blockchain infrastructure through approved third-party service providers.

Purpose of this Compliance Policy

This Compliance Policy is designed to ensure that Cider:

  • Maintains high standards of operational integrity;
  • Promotes responsible participation in digital asset markets;
  • Supports lawful use of blockchain technologies;
  • Protects user information and platform security;
  • Manages risk appropriately;
  • Maintains effective governance procedures; and
  • Adapts to evolving legal and regulatory requirements.

Compliance is a core component of Cider's operating philosophy and is integrated into the design, development, deployment, and operation of its products and services.

Our Role and Purpose

Cider is a technology platform that provides software, infrastructure, routing systems, APIs, automation tools, analytics, execution connectivity, wallet integrations, treasury management tools, and related blockchain services.

Cider does not operate as a cryptocurrency exchange.

Cider does not act as a broker, dealer, investment advisor, securities exchange, clearing agency, or custodian unless expressly disclosed in connection with a specific product or service.

Transactions facilitated through the Platform may be executed through approved third-party providers, including:

  • Centralized exchanges;
  • Decentralized exchanges;
  • Liquidity providers;
  • Market makers;
  • Custodians;
  • Brokers;
  • Payment processors;
  • Banking partners;
  • Identity verification providers;
  • Compliance service providers; and
  • Public blockchain networks.

Cider's role is limited to providing technological infrastructure and facilitating user-directed interactions with these providers.

Compliance Governance

Cider maintains a compliance governance framework designed to identify, assess, manage, and monitor operational, regulatory, legal, financial crime, cybersecurity, and reputational risks.

Compliance oversight is integrated across management, operations, technology, and third-party service provider relationships.

The framework is designed to:

  • Promote accountability;
  • Ensure risk awareness;
  • Maintain operational integrity;
  • Support regulatory compliance efforts; and
  • Continuously improve internal controls.

Compliance Roles and Responsibilities

Cider assigns compliance responsibilities across dedicated roles to maintain effective oversight of platform operations, risk, and security.

Compliance Officer

The Compliance Officer is responsible for:

  • Oversight of compliance activities;
  • Risk assessment programs;
  • Regulatory monitoring;
  • Third-party compliance reviews;
  • Compliance policy development;
  • Internal investigations;
  • Escalation of compliance issues;
  • Regulatory engagement where appropriate; and
  • Periodic compliance reporting to management.

Operations and Risk Management

Operations personnel are responsible for:

  • Monitoring operational risks;
  • Escalating suspicious activity;
  • Managing incident response processes;
  • Coordinating transaction reviews;
  • Maintaining service integrity; and
  • Supporting compliance investigations.

Technology and Security Team

The Technology and Security Team is responsible for:

  • Platform security;
  • Infrastructure monitoring;
  • Access controls;
  • Security incident response;
  • Vendor security assessments;
  • Data protection controls; and
  • Technical compliance requirements.

External Advisors

Cider may engage legal, compliance, cybersecurity, accounting, regulatory, and blockchain specialists to provide independent advice and periodic reviews.

Third-Party Service Provider Standards

Cider relies on third-party providers for various services including execution, liquidity, custody, compliance, identity verification, payments, and infrastructure.

Prior to integration, Cider seeks to work only with providers that maintain:

  • AML compliance programs;
  • Sanctions screening procedures;
  • Information security controls;
  • Transaction monitoring systems;
  • Internal governance procedures;
  • Regulatory compliance procedures;
  • Data protection safeguards;
  • Law enforcement response procedures;
  • Business continuity processes; and
  • Appropriate licensing where required.

Cider reserves the right to suspend, limit, or terminate integrations with providers that no longer satisfy these standards.

AML, Sanctions, and Financial Crime Prevention

Cider does not knowingly facilitate:

  • Money laundering;
  • Terrorist financing;
  • Sanctions evasion;
  • Fraud;
  • Market manipulation;
  • Insider trading;
  • Proceeds of crime;
  • Corruption; or
  • Other unlawful activities.

Users are prohibited from using the Platform in connection with unlawful conduct.

Cider reserves the right to:

AML — Platform Actions

  • Restrict access;
  • Refuse service;
  • Suspend accounts;
  • Restrict transactions;
  • Freeze platform access where legally permissible;
  • Conduct internal reviews; and
  • Cooperate with lawful investigations.

Where transactions are executed through third-party providers, those providers may independently apply:

AML — Third-Party Provider Procedures

  • KYC procedures;
  • KYB procedures;
  • AML monitoring;
  • Sanctions screening;
  • Risk scoring;
  • Transaction monitoring; and
  • Enhanced due diligence requirements.

Users acknowledge that such compliance procedures are governed by the policies of the applicable provider.

Restricted Jurisdictions

Cider may restrict access to the Platform in certain jurisdictions due to:

  • Regulatory requirements;
  • Sanctions restrictions;
  • Compliance considerations;
  • Licensing limitations;
  • Geopolitical risks; or
  • Operational concerns.

Cider reserves the right to implement:

Restricted Jurisdictions — Controls

  • Geo-blocking;
  • Access controls;
  • Transaction restrictions;
  • Enhanced compliance reviews; and
  • Service limitations.

Market Integrity

Cider supports fair and orderly digital asset markets.

Users may not use the Platform to engage in:

  • Wash trading;
  • Spoofing;
  • Layering;
  • Manipulative trading practices;
  • Artificial volume generation;
  • Front running;
  • Fraudulent conduct; or
  • Other abusive market behavior.

Where suspicious conduct is identified, Cider may investigate and take appropriate action.

Data Governance and Privacy

Cider seeks to collect only information reasonably necessary to:

  • Operate the Platform;
  • Provide Services;
  • Maintain security;
  • Resolve support requests;
  • Prevent abuse;
  • Meet legal obligations;
  • Investigate incidents; and
  • Improve platform performance.

Cider does not sell personal information.

All personal information is handled in accordance with applicable privacy laws and Cider's Privacy Policy.

Data Retention

Cider maintains data retention procedures designed to balance:

  • User privacy;
  • Security requirements;
  • Legal obligations;
  • Regulatory expectations; and
  • Operational needs.

Transaction and operational records may be retained for limited periods necessary to:

Data Retention — Purposes

  • Resolve disputes;
  • Support investigations;
  • Detect fraud;
  • Maintain platform integrity;
  • Respond to legal requests; and
  • Comply with applicable laws.

Data is deleted, anonymized, or archived when no longer required.

Information Security

Cider maintains technical and organizational measures designed to protect information and systems.

These controls may include:

  • Encryption;
  • Access controls;
  • Multi-factor authentication;
  • Network monitoring;
  • Security logging;
  • Infrastructure hardening;
  • Vendor reviews;
  • Vulnerability management;
  • Secure software development practices; and
  • Incident response procedures.

Security controls are periodically reviewed and updated.

Law Enforcement and Regulatory Cooperation

Cider may respond to:

  • Court orders;
  • Subpoenas;
  • Regulatory requests;
  • Government investigations;
  • Law enforcement inquiries; and
  • Other lawful requests.

All requests are reviewed for legal validity and scope prior to disclosure.

Information is disclosed only to the extent required by applicable law or necessary to protect legal rights and platform security.

Internal Audits and Reviews

Cider conducts periodic reviews of:

  • Security controls;
  • Compliance procedures;
  • Third-party service providers;
  • Operational risks;
  • Data governance processes; and
  • Incident management procedures.

Findings may result in updates to policies, procedures, controls, or service provider relationships.

Continuous Improvement

The digital asset industry evolves rapidly.

Accordingly, Cider continuously reviews:

  • Regulatory developments;
  • Industry standards;
  • Security threats;
  • Compliance expectations;
  • User protection measures; and
  • Operational best practices.

This Compliance Policy may be updated periodically to reflect these developments.

Questions Regarding Compliance

Questions regarding this Compliance Policy may be directed to:

Compliance Department

Cider.trade

Email: compliance@cider.trade

Website: www.cider.trade

Support: support@cider.trade

This Compliance Policy reflects Cider's commitment to responsible platform operation and lawful use of digital asset technologies.