FANN is committed to high legal and regulatory standards across AML/KYC controls, data protection, financial regulation, and art-market due diligence.
Last Updated: April 2025
Anti-Money Laundering & Know Your Customer
FANN runs a tiered KYC program with risk-based checks, source-of-funds review for higher value activity, and continuous monitoring where required.
General Data Protection Regulation (EU)
We process EU/EEA personal data under GDPR requirements and support data subject rights requests within legal timelines.
California Consumer Privacy Act
California users can request access, deletion, and other privacy rights under CCPA/CPRA. FANN does not sell personal data.
Dubai & UAE Financial Regulation
Our UAE operations align with applicable financial regulations and FATF-aligned risk controls for higher-value activity.
Provenance & Due Diligence
We perform provenance and authenticity checks, with additional documentation requirements for higher-value artworks.
OFAC / UN / EU Consolidated Lists
Users and transactions are screened against major sanctions lists. Potential matches trigger immediate review and controls.
15+ Jurisdictions
Regulatory Coverage
ISO 27001
Certification In Progress
Licensed KYC Partner
Identity Verification
If you suspect fraud, money laundering, sanctions evasion, or illicit artworks, report it immediately. All reports are handled confidentially and investigated seriously.
FANN retains personal data only as long as needed for the original purpose or as required by law.
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Transaction Records | 7 years | Legal requirement (AML/tax law) |
| Identity Documents (KYC) | 5 years after last transaction | AML regulation |
| Community Posts & Comments | Duration of account | Legitimate interest |
| Marketing Preferences | Until consent withdrawn | Consent |
| Server & Access Logs | 12 months | Security & fraud prevention |
| Support Correspondence | 3 years after resolution | Legitimate interest |
ISO 27001 Information Security Management
FANN is progressing through ISO 27001 readiness and certification activities.
SOC 2 Type II
A SOC 2 Type II audit is planned with an accredited independent auditor.
Quarterly Internal Reviews
Quarterly reviews assess AML/KYC effectiveness, privacy controls, sanctions accuracy, and provenance diligence.