Liquidity.io Docs

Liquidity.io LLC is a registered broker-dealer operating under SEC regulations. All secondary trading of private securities requires compliance with the Securities Act of 1933 and applicable state "blue sky" laws.

The compliance stack is powered by liquidityio/compliance and integrated into the ATS via the CEX compliance service (liquidityio/cex/pkg/compliance).

KYC / Identity Verification

Identity verification is handled through liquidityio/compliance with multiple provider backends.

Provider	Function	Use Case
Jumio	Document verification, liveness	Primary IDV for individual accounts
Onfido	Document + biometric verification	Fallback IDV, international coverage
Plaid	Bank account verification, income	Funding verification, Reg CF income checks

Individual KYC

Government-issued photo ID (passport, driver's license, national ID)
Selfie / liveness check (Jumio or Onfido)
SSN verification (US residents)
Address verification via utility bill or bank statement
Verification completes in under 2 minutes for most submissions

Institutional KYB

Certificate of incorporation
Beneficial ownership documentation (all 25%+ owners)
Authorized signers with individual KYC
EIN / tax ID verification
Review typically completes within 1-2 business days

AML / Sanctions Screening

Screening Lists

All customers and counterparties are screened against:

OFAC SDN -- U.S. Office of Foreign Assets Control Specially Designated Nationals
EU Consolidated Sanctions -- European Union consolidated list
UK HMT Sanctions -- Her Majesty's Treasury financial sanctions
PEP Lists -- Politically Exposed Persons (domestic and foreign)
Adverse Media -- Negative news screening via third-party feeds

Screening runs at onboarding and is re-run daily for all active accounts.

Transaction Monitoring

The AML monitoring service (liquidityio/compliance/pkg/aml) enforces real-time rules:

Rule	Threshold	Action
CTR threshold	Single transaction > $10,000	Flag for Currency Transaction Report
Structuring detection	Transactions $9,000-$9,999	Flag for potential structuring
24h velocity	Volume > $50,000 without enhanced KYC	Block until enhanced due diligence
Rapid transfers	> 100 transactions in 24h	Block and flag for review

Travel Rule

For crypto transfers exceeding $3,000, the Travel Rule requires originator and beneficiary information to be transmitted between VASPs. Liquidity.io collects and transmits:

Originator: name, account number, address
Beneficiary: name, account number at receiving VASP
Transfer amount and asset type

Pre-Trade Compliance

Every order passes through the CEX compliance service before reaching the matching engine. Two pre-trade checks run in sequence:

1. General Pre-Trade Check (`complianceSvc.PreTradeCheck()`)

Check	Description
Jurisdiction	Validates the user's jurisdiction against 30+ supported countries
Sanctions	Real-time OFAC/EU/UK/PEP screening of both parties
KYC status	Confirms identity verification is complete and not expired
Account standing	Confirms account is not frozen, suspended, or under investigation
Position limits	Validates against per-account and per-asset position limits

2. Offering Pre-Trade Check (`complianceSvc.OfferingPreTradeCheck()`)

Check	Description
Accreditation (Reg D 506b)	Self-certified accredited investor, `accreditationStatus === 'completed'`
Accreditation (Reg D 506c)	Third-party verified accredited investor via Jumio/Onfido
Reg CF investment limits	Non-accredited: max of $2,500 or 5% of annual income/net worth
Reg S geofencing	US vs. non-US investor determination for offshore offerings
Reg A+ limits	$75M annual offering cap per issuer
PEP / EDD	Enhanced due diligence required for politically exposed persons
Resale restrictions	12-month hold period enforcement for Reg D/CF lots (FIFO)

Fail-closed: If buyer details cannot be fetched, the order is rejected. Per Disclosure 1.2: "the Firm may decline to participate in any transaction if such information is not provided to its satisfaction."

Accreditation Enforcement

Primary Market (BUY orders)

Asset `accreditationType`	Requirement	Verification
`506c` (Reg D)	Verified accredited ONLY	Third-party verification via Jumio/Onfido
`506b` (Reg D)	Self-certified accredited	Self-certification, `accreditationStatus === 'completed'`
`Retail` / `null`	No accreditation needed	--

Code Enforcement Points

All order creation paths are gated:

Path	Layer	Module
Standard orders	CEX pre-trade	`liquidityio/cex/pkg/compliance`
Order modifications	CEX pre-trade	`liquidityio/cex/pkg/compliance`
Pre-IPO orders	CEX pre-trade	`liquidityio/cex/pkg/compliance`
Bulk orders	CEX pre-trade	Routed through standard pre-trade pipeline

Resale Restrictions

Default 12-Month Hold

Securities issued under Reg D and Reg CF are subject to a 12-month holding period. Enforced via restriction_end_date on sell order lots (FIFO tracking).

Resale Exemptions

Regulation	Exemption	Status
Reg D 506(b/c)	Unsolicited sale to accredited investors within 1 year	Enforced
Reg CF	Non-accredited can sell to accredited within 1 year	Enforced
Reg CF	Family member exemption (estate, gift, divorce)	Not yet implemented
Reg S	Free trading among non-US investors	Not yet implemented
Reg S	Block US investor purchases during 1-year distribution	Not yet implemented

RegCF Investment Limits

Non-accredited investors are subject to SEC Reg CF investment caps:

Maximum of the greater of $2,500 or 5% of annual income/net worth
Accredited investors have no investment limit

Post-Trade Surveillance

The surveillance service (liquidityio/cex/pkg/surveillance) runs as a post-trade hook on every executed trade.

Detection	Description
Wash trading	Detects matched trades between related accounts or same beneficial owner
Structuring	Identifies transactions split to avoid reporting thresholds
Velocity anomalies	Flags unusual transaction frequency or volume spikes
Price spike detection	Monitors for abnormal price movements that may indicate manipulation
Layering / spoofing	Detects rapid order placement and cancellation patterns
Front-running	Monitors for suspicious order timing relative to large block orders

Flagged activity is escalated to the compliance team and, where required, reported to FINRA and relevant regulators.

Regulatory Reporting

FINRA

Report	Frequency	Description
OATS (Order Audit Trail System)	Real-time	Full order lifecycle audit trail
ATS-N	Quarterly + amendments	ATS operational transparency filing
CAT (Consolidated Audit Trail)	T+1	All orders, quotes, and trades
Form ATS	Annual + amendments	ATS registration and amendments
TRACE	Real-time	Fixed income transaction reporting

International

Report	Jurisdiction	Description
MiFID II	EU	Transaction reporting, best execution, RTS 25 clock sync
MiFIR	EU	Trade and transaction reporting to ARMs
FCA	UK	Transaction reporting for UK-regulated activities

The reporting service (liquidityio/cex/pkg/reporting) generates all required feeds as a post-trade hook, configured with the ATS name and CRD ID.

Disclosure Requirements

Currently Enforced

Accredited investor verification at each transaction (Disclosure 1.1)
Fail-closed on verification failure (Disclosure 1.2)
Transfer restriction enforcement via restriction dates (Disclosure 2.2)
Portfolio ownership validation for sellers (Disclosure 9.1)

Future Implementation

Signed disclosure acknowledgment before each secondary trade (Disclosure 11.1)
ROFR / issuer consent check at order creation time (Disclosure 5.2)
Investor sophistication assessment beyond KYC

E2E Test Coverage

Test	File	What it validates
Accreditation gate (API)	`universe/e2e/23-accreditation-guard.spec.ts`	Unaccredited BUY on 506b/506c -- rejected
Pre-IPO gate (API)	Same file	Unaccredited pre-IPO BUY -- rejected
Dividend labels (API)	`universe/e2e/24-dividend-labels.spec.ts`	No INTERNAL transactions with DISBURSEMENT metadata
Dividend labels (UI)	Same file	Wallet shows "Dividend" label

Run:

E2E_BASE_URL=https://exchange.next.liquidity.io npx playwright test e2e/23 e2e/24

Regulatory Compliance