Kiip safety and security

This document provides information about Kiip's security architecture, regulatory compliance and risk mitigation measures.

Kiip operates as a non-custodial technology provider, meaning we never hold, control or have access to customer funds at any point in the transaction process.

Non-custodial architecture

Fund control and custody

Kiip's non-custodial architecture ensures complete separation between our technology services and customer fund custody:

• Customer funds remain under client control at all times
• Digital signatures required for all fund movements
• Kiip provides infrastructure, not custodial services
• No third-party access to customer assets

This architecture eliminates counterparty risk associated with traditional payment processors where customer funds are held in processor-controlled accounts.

Security infrastructure

Safe smart account technology

Kiip's payment infrastructure is built on Safe Smart Accounts, an extensively tested and audited security framework:

Performance metrics:

• 550+ million transactions processed
• $100+ billion in assets secured
• 50+ million accounts protected globally
• Comprehensive security audits by leading firms

Official audit documentation: docs.safe.global/advanced/smart-account-audits

This technology represents production-grade infrastructure currently protecting institutional-scale digital assets across global financial institutions.

Licensed financial institution partnerships

Regulatory-compliant fund movement

All fiat currency transactions are processed through licensed financial institutions that maintain full regulatory compliance:

Current licensed partners:

Transak - Licensed money transmitter Monerium - European e-money institution Mt. Pelerin - Swiss regulated financial intermediary

These institutions provide regulated fiat-to-digital asset conversion services, ensuring all deposits and withdrawals comply with applicable financial regulations.

Compliance documentation:

• Transak: transak.com/compliance
• Monerium: monerium.com/financial-information
• Mt. Pelerin: mtpelerin.com/legal-notices

Regulatory compliance framework

Stablecoin regulatory compliance

Kiip exclusively utilizes stablecoins that meet stringent regulatory requirements in major jurisdictions:

EU MiCA (Markets in Crypto-Assets) compliance:

• Full asset backing by cash and government securities
• Mandatory transparent reserve reporting
• Licensed issuer oversight and compliance

US GENIUS Act alignment:

• Reserve requirements consistent with proposed federal regulations
• Regular audit and transparency requirements
• Consumer protection framework implementation

Regulatory documentation:

• Circle EU compliance: circle.com/circle-eea
• GENIUS Act framework: circle.com/genius-act

These regulatory frameworks ensure digital assets maintain equivalent backing and protection standards as traditional bank deposits.

Risk mitigation framework

1. Counterparty risk elimination Kiip's non-custodial model eliminates counterparty risk inherent in traditional payment processors where customer funds are held in processor-controlled accounts. Customer funds remain under direct client control throughout the entire transaction lifecycle.

2. Transaction transparency All transactions are recorded on immutable blockchain ledgers, providing complete auditability and transparency. This eliminates hidden fee structures and provides real-time transaction verification capabilities.

3. Regulatory classification As a non-custodial technology provider rather than a financial institution, Kiip operates with reduced regulatory complexity:

• Technology services exempt from custodial banking requirements
• Streamlined compliance obligations for client organizations
• Global service availability without jurisdictional restrictions

Corporate information

• Legal entity: Kiip.app AS
• Organization number: 931 714 899
• Jurisdiction: Norway

Regulatory status: Kiip operates as a non-custodial technology provider, not as a bank or financial institution. Customer funds are never held by Kiip. All licensing requirements are jurisdiction and business model dependent. KYC/AML compliance is managed by licensed partner institutions where applicable.

Additional security controls

Enhanced compliance options

Kiip supports configurable security controls for organizations with specific compliance requirements, including KYC verification through licensed partner institutions. These controls provide additional security layers while maintaining operational flexibility.

Security framework summary

Infrastructure security:

• Battle-tested technology securing billions in digital assets
• Non-custodial architecture maintaining client fund control
• Licensed financial institution partnerships for regulatory compliance
• Full transparency through immutable blockchain transaction records

Regulatory compliance:

• EU MiCA and US GENIUS Act compliant stablecoins
• Norwegian technology company with clear regulatory classification
• Streamlined compliance obligations for client organizations