How to onboard investors and manage compliance operations

Before you start

Make sure you have:

• Platform admin or compliance officer role
• Access to KYC/AML verification system (integrated or external)
• Understanding of required investor eligibility claims for your asset types
• Regulatory framework requirements (Reg D, UCITS, MiCA, etc.)

Time required: 10-15 minutes per investor for complete onboarding; ongoing monitoring is continuous

Understanding the investor lifecycle

The ATK platform manages investor relationships through an integrated identity-compliance control plane built on the DALP architecture. This control plane coordinates three core subsystems: identity verification, claim attestation, and compliance monitoring. Each verified investor receives a blockchain-based OnchainID contract that carries cryptographically signed claims proving their eligibility status. These claims gate access to tokenized assets—no claim, no transfer—ensuring regulatory requirements enforce themselves at the protocol level rather than through manual intervention.

The identity-compliance control plane tracks investor state transitions throughout their lifecycle. When an investor first registers, the platform captures their KYC information and routes it through verification workflows. Once verified, the system deploys an OnchainID contract and issues eligibility claims that encode their regulatory status (accredited investor, sophisticated investor, jurisdiction, etc.). These claims include expiration dates that automatically trigger renewal workflows. Use the compliance monitoring dashboard to track expiring claims and set renewal reminders 30 days in advance.

As investors interact with the platform—purchasing tokens, transferring holdings, or requesting redemptions—the compliance engine validates every transaction against their active claims. If a claim expires or gets revoked due to sanctions screening, the investor immediately loses transfer capability. The observability stack surfaces these enforcement actions in real time through the compliance metrics panel, showing you exactly which rules blocked which transactions and why.

Entity list status reference

• Registered - Identity successfully registered on-chain and ready for use in workflows.
• Pending registration - Identity invited or created but awaiting registration to complete onboarding.

Step 1: investor registration

Initiate the onboarding process by sending an invitation or providing a registration URL. The investor creates an account through the self-registration portal, verifies their email address, and accepts terms and conditions before proceeding to KYC verification. This multi-step flow prevents fraudulent registrations while maintaining a smooth user experience.

Navigate to Participants > Entities in the left sidebar and click Invite Investor. Choose between email invitation (send invite link to investor email) or direct registration (provide investor with registration URL). The investor receives the invitation, clicks the registration link, creates an account with email/password, verifies their email address, accepts terms and conditions, and lands on the KYC verification portal.

Initiate the onboarding process by sending an invitation or providing a registration URL. The investor creates an account through the self-registration portal, verifies their email address, and accepts terms and conditions before proceeding to KYC verification. This multi-step flow prevents fraudulent registrations while maintaining a smooth user experience.

Navigate to Participants > Entities in the left sidebar and click Invite Investor. Choose between email invitation (send invite link to investor email) or direct registration (provide investor with registration URL). The investor receives the invitation, clicks the registration link, creates an account with email/password, verifies their email address, accepts terms and conditions, and lands on the KYC verification portal.

Email verification is required before proceeding to prevent fraudulent registrations. The platform will not advance an investor to KYC verification until they confirm their email address.

Step 2: KYC/AML verification

The platform collects identity information based on investor type (individual or institutional) and routes it through automated or manual verification workflows. KYC verification metrics show processing times and approval rates in the observability dashboard, helping you identify bottlenecks and maintain service levels.

Data collection requirements

For individual investors, the platform collects full legal name, date of birth, residential address, nationality and citizenship, government-issued ID (passport, driver's license, national ID), tax identification number (SSN, EIN, VAT number), source of funds declaration, and employment and income information for accredited investor determination.

Institutional investors require legal entity name and type (corporation, LLC, trust, etc.), registration/incorporation number, registered address, beneficial owners (25%+ ownership), authorized signatories, corporate documents (articles of incorporation, certificates), tax identification, and financial statements for qualified purchaser determination.

Verification processing

DOB validation: The participant edit workflow only stores dates of birth that parse to a valid calendar date, so malformed inputs are ignored until corrected.

Institutional investors:

If you have integrated a KYC provider (Onfido, Jumio, Trulioo), the platform automatically submits collected data and receives verification results. The service performs document authenticity verification, facial recognition matching, address verification, and database checks against PEP lists, sanctions lists, and adverse media. Results return to the platform automatically and update the investor's status.

For manual verification, navigate to Participants > Entities > Pending KYC and select an investor from the queue. Review uploaded documents and information, then perform verification checks: validate document authenticity, verify address via utility bill or bank statement, screen against OFAC/EU/UN sanctions lists, perform PEP screening, and conduct adverse media searches. Mark the verification as Approved or Rejected based on your findings.

The platform enforces three verification levels matched to asset risk profiles. Level 1 (Basic KYC) verifies name, address, and date of birth. Level 2 (Enhanced KYC) adds document verification and sanctions screening. Level 3 (Enhanced Due Diligence) includes source of funds verification and enhanced monitoring requirements. Set verification level requirements per asset type in the compliance rules configuration.

Step 3: OnchainID deployment

After KYC approval, the platform deploys a unique OnchainID contract for the investor. This contract serves as the blockchain anchor for their identity and holds all verifiable claims about their compliance status. The deployment process takes 30-45 seconds and creates an immutable link between the investor's verified identity and their on-chain presence.

Navigate to the investor details page at Participants > Entities > [Investor Name]. Review the KYC status showing Verified, then click Create OnchainID. The platform deploys the OnchainID contract (30-45 seconds), records the contract address in the investor profile, and registers the OnchainID in the identity registry. The OnchainID contract address appears on the investor profile once deployment completes.

Each investor has a unique on-chain identity contract holding verifiable claims about their status and compliance. The platform automatically links the wallet created during registration as the primary key. If an investor needs multiple wallets—for example, a hot wallet for trading and a cold wallet for long-term holding—they can connect additional wallets through account settings. The platform adds each wallet as a management key on the OnchainID, allowing multiple wallets to share the same identity and claims.

Step 4: issue claims

Claims are cryptographically signed credentials that attest to specific aspects of an investor's eligibility. The platform uses claims as the enforcement mechanism for compliance rules—every token transfer checks the sender's and receiver's claims against the asset's eligibility requirements. No matching claims means no transfer.

Determining required claims

Different asset types require different claim combinations based on their regulatory frameworks. Review the specific asset's compliance requirements before issuing claims to ensure complete coverage. Navigate to Asset Management > [Asset Type] > [Specific Token] and review the Compliance tab showing required claims. Note which claims the investor needs for eligibility.

Common claim types:

• KYC_VERIFIED - Basic identity verification completed
• ACCREDITED_INVESTOR - Accredited investor status (Reg D)
• QUALIFIED_PURCHASER - Qualified purchaser status (3(c)(7) funds)
• JURISDICTION - Country of residence
• INVESTOR_TYPE - Individual, institutional, professional
• SOPHISTICATED_INVESTOR - EU sophisticated investor status
• PEP_STATUS - Politically exposed person classification

Claim issuance process

Navigate to Participants > Entities > [Investor Name] and scroll to the Claims section. Click Issue Claim and select the claim type from the dropdown (for example, ACCREDITED_INVESTOR). The platform automatically fills the claim topic based on type and generates encoded investor information. Enter the expiration date (optional, for example, 1 year for accredited status) and URI linking to supporting documentation (optional).

Click Sign and Issue Claim. The platform signs the claim with the platform claim issuer key, adds the claim to the investor's OnchainID contract, and records the claim in the compliance database. The claim appears in the investor's claims list immediately. The platform is registered as a trusted claim issuer in the system—only trusted issuers can issue claims accepted by compliance modules.

Use case: Investor may have hot wallet for trading and cold wallet for long-term holding, both linked to same OnchainID.

Issue individual claims

Add claims to investor OnchainID:

1. Navigate to Participants > Entities > [Investor Name]
2. Scroll to Claims section
3. Click Issue Claim
4. Select claim type from dropdown (for example, ACCREDITED_INVESTOR)
5. Enter claim data:
   • Claim topic - Automatically filled based on type
   • Claim data - Encoded investor information (auto-generated)
   • Expiration date - When claim expires (optional, for example, 1 year for accredited status)
   • URI - Link to supporting documentation (optional)
6. Click Sign and Issue Claim
7. Platform:
   • Signs claim with platform claim issuer key
   • Adds claim to investor's OnchainID contract
   • Records claim in compliance database
8. Claim appears in investor's claims list

Contract linkage: Non-contract identities skip token prefetch until an account contract exists, so token tiles stay blank until linkage is provisioned.

Claim issuer: Platform is registered as trusted claim issuer in the system. Only trusted issuers can issue claims accepted by compliance modules.

Batch claim issuance

Issue claims to multiple investors:

For common claims needed by many investors:

1. Navigate to Participants > Entities
2. Select multiple investors via checkboxes
3. Click Batch Actions > Issue Claim
4. Select claim type
5. Configure expiration (applies to all selected)
6. Click Issue to All Selected
7. Platform processes batch issuance
8. Review results showing successful/failed claim issuances

Use case: After quarterly accreditation verification, batch-issue renewed ACCREDITED_INVESTOR claims to all qualifying investors.

Verification requirements by jurisdiction

Different regulatory frameworks impose varying verification standards before claims can be issued. Understanding these requirements prevents compliance violations and ensures your claims withstand regulatory scrutiny.

Step 5: manage investor eligibility

The compliance engine continuously validates investor eligibility by comparing active claims against asset requirements. When claims expire or get revoked, the engine immediately blocks transfers involving that investor. Use the compliance monitoring dashboard to track eligibility status across your investor base and identify investors approaching claim expiration.

Check individual investor eligibility by navigating to Asset Management > [Asset Type] > [Token] and reviewing the Compliance tab for required claims. Compare these requirements against the investor's active claims shown in Participants > Entities > [Investor]. Any mismatch indicates an eligibility gap that must be resolved before the investor can hold or transfer the asset.

When you identify missing claims, first determine whether the investor qualifies for the claim. If yes, issue the claim following the process in Step 4. If no, notify the investor of additional requirements they must satisfy. For expired claims, contact investors 30 days before expiration (the compliance dashboard shows expiration warnings), request updated documentation for renewal, review the documentation, and re-issue claims with new expiration dates. If an investor doesn't renew before expiration, their claim expires and tokens become non-transferable until renewal.

If an investor fails ongoing monitoring—for example, they appear on a sanctions list—navigate to their profile, click Actions > Revoke Claim, select the claim to revoke (for example, KYC_VERIFIED), enter the revocation reason, and confirm revocation. The platform removes the claim from the OnchainID, and the investor immediately loses token transfer capability. Consider freezing the investor's holdings via Actions > Freeze Account for serious compliance violations.

Step 6: ongoing compliance monitoring

Continuous surveillance maintains compliance throughout the investor relationship. The platform performs automated re-screening against sanctions lists, monitors transaction patterns for suspicious activity, and tracks claim expiration. The observability stack surfaces all monitoring events through dedicated dashboards that show real-time compliance status.

Configure automatic re-screening by navigating to Platform Settings > Compliance and setting up a periodic re-screening schedule with your KYC provider. The compliance monitoring dashboard displays alerts for any matches against sanctions lists. When screening identifies a match, review the match details from your KYC provider and investigate to determine whether it's a true positive or false positive. For false positives, document your decision with notes. For true positives, revoke claims, freeze the account, and file a Suspicious Activity Report (SAR). For uncertain cases, escalate for enhanced due diligence.

The transaction monitoring system tracks investor activity patterns using blockchain data. Review investor transaction history on token details pages and monitor for unusual transaction sizes, high-frequency trading patterns, and transactions exceeding configured velocity limits. Investigate suspicious activity and file SARs per BSA/AML requirements. The compliance metrics panel shows transaction volume by investor, flagged transactions, and rule violation patterns.

Configure transaction monitoring thresholds in compliance modules to flag transactions over $10,000 (Currency Transaction Report requirement), detect when investors exceed volume limits within defined periods, and identify structuring or smurfing patterns. The monitoring dashboard displays flagged transactions in real time, allowing you to investigate and take action immediately.

Step 7: investor communications

Maintain investor relationships through timely communications about claim expiration, compliance updates, and document requests. Navigate to Participants > Entities > [Investor Name] and use your organization's standard communication channels to send notifications. Common message types include claim expiration reminders (send 30 days before expiration), compliance updates (notify of new requirements), and document requests (request updated documents).

Common workflows

Onboard institutional investor

Institutional investors require additional verification steps to satisfy beneficial ownership requirements. Collect corporate documentation including certificate of incorporation, shareholder register, board resolution authorizing investment, and beneficial ownership disclosure. Verify each beneficial owner holding 25% or more by performing individual KYC on each ultimate beneficial owner (UBO) and issuing individual OnchainIDs.

Create an OnchainID for the corporate entity, link UBO OnchainIDs to the corporate OnchainID, and issue entity-level claims (for example, QUALIFIED_PURCHASER). Designate authorized signatories for the corporate wallet. AML regulations require verification of all natural persons with 25% or more ownership—skipping UBO verification creates regulatory risk.

Handle investor offboarding

Remove investors from the platform only after ensuring they hold zero token balances across all assets. Navigate to the investor profile, click Actions > Offboard Investor, and confirm the investor has redeemed or transferred all holdings. Revoke all claims, deactivate the investor account, archive investor records per your data retention policy (typically 5-7 years), and notify the investor of account closure. Maintain KYC records and transaction history per regulatory requirements even after offboarding—most jurisdictions require 5-7 years retention.

Upgrade investor accreditation

When investors submit documentation for higher qualification levels—income verification for accredited investor, net worth documentation for qualified purchaser, or professional certification for sophisticated investor—review the documentation to confirm it meets SEC or other regulatory standards. Issue the additional claim (for example, QUALIFIED_PURCHASER), which grants the investor access to additional asset offerings. Update the investor tier in your records. Common progression follows: Basic → Accredited → Qualified Purchaser.

Best practices

Apply a risk-based approach to KYC verification by requiring higher verification levels for higher investment amounts. Leverage automated KYC providers for efficiency and consistency across your investor base. Perform enhanced due diligence on high-risk investors including politically exposed persons and investors from high-risk jurisdictions. Refresh KYC annually or when material changes occur, and maintain a detailed audit trail of all verification decisions.

For claim management, set expiration dates on time-sensitive claims (accreditation, jurisdiction) to enforce periodic reverification. Implement a reminder system that alerts investors 30 days before claim expiration. Batch-renew claims during annual refresh cycles to reduce operational overhead. Monitor claim usage and revoke unused claims to maintain data hygiene. Use claim versioning to track renewals and updates over time.

Ongoing monitoring requires regular screening against sanctions lists—OFAC updates lists frequently, so daily screening is recommended for high-risk portfolios. Review PEP lists quarterly, conduct adverse media searches semi-annually, and monitor transaction patterns continuously. Escalate all alerts to compliance leadership within 24 hours to ensure rapid response.

Maintain regulatory compliance by filing Currency Transaction Reports (CTRs) for transactions over $10,000 within 15 days, filing Suspicious Activity Reports (SARs) within 30 days of detection, maintaining an independent compliance audit trail, updating procedures for regulatory changes, and training compliance staff quarterly.

Troubleshooting

OnchainID deployment fails: Check that the platform has sufficient gas for deployment, verify the investor wallet address is valid, ensure the investor doesn't already have an OnchainID, and retry deployment after 30 seconds if network congestion caused the failure.

Claim issuance reverts: Verify the investor has an OnchainID deployed, check that the claim issuer has CLAIM_ISSUER_ROLE, ensure the claim topic exists in the topic registry, and confirm the claim data format is correct (bytes format).

Investor cannot transfer tokens despite claims: Verify all required claims are present (not just some), check claim expiration dates (expired claims are invalid), ensure the claim issuer is a trusted issuer for the token, and review the token compliance module for additional restrictions.

KYC verification stuck in pending: Check KYC provider API connection status, review submitted documents for quality (blurry images fail automated verification), verify the investor completed all required fields, and manually approve if automated verification is unavailable.

For additional help, see Troubleshooting or contact platform support with specific error details.

Next steps

• Asset issuance - Review asset-specific guides for required claims:
  • Issue a bond
  • Issue equity
  • Issue a fund
• Platform settings - Configure system-wide compliance in Admin settings