Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.stablepay.global/llms.txt

Use this file to discover all available pages before exploring further.

Licensing

StablePay is operated by Fincrypt LLP, a registered Virtual Digital Asset Service Provider (VDASP) with FIU-IND (Financial Intelligence Unit - India). This registration is mandated under the Prevention of Money Laundering Act (PMLA) for all entities facilitating virtual digital asset transactions in India.

PMLA Requirements

All transactions processed through StablePay are subject to PMLA requirements:
  • KYC is mandatory — no anonymous transactions are permitted. Every user must complete identity verification before transacting.
  • Transaction monitoring — StablePay monitors all transactions for suspicious activity, including unusual patterns, rapid fiat-crypto cycles, and use of mixers or privacy-enhancing tools.
  • Record keeping — transaction records are maintained as required by regulation.
  • Suspicious Transaction Reporting (STR) — StablePay files reports with FIU-IND when required.

Responsibilities

What StablePay Handles

AreaDetails
KYC verificationIdentity document verification, bank account verification, PEP screening
Transaction monitoringAML/CFT monitoring, suspicious activity detection, STR filing
Sanctions screeningScreening against UNSC, OFAC, and India’s designated lists
Record keepingMaintaining transaction and KYC records per PMLA requirements
Regulatory reportingFiling CTRs and STRs with FIU-IND
Data securityEncryption, access controls, and secure storage of user data

What Partners Are Responsible For

AreaDetails
End-user termsMaintaining your own terms of service and privacy policy for your users
User due diligenceNot knowingly onboarding sanctioned individuals or entities
Accurate dataProviding correct user information (name, phone, email) during user creation
Compliance cooperationResponding to information requests from StablePay’s compliance team
Prohibited useEnsuring your platform is not used for money laundering, terrorism financing, or sanctions evasion

AML/CFT

StablePay maintains an Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) program that includes:
  • Risk-based approach — users and transactions are risk-scored based on geography, volume, patterns, and product usage
  • Enhanced Due Diligence (EDD) — triggered for high-risk customers, PEPs, non-profits, and unusual transaction patterns. See the Limits & EDD guide for details.
  • Sanctions screening — all users are screened against applicable sanctions lists at onboarding and on an ongoing basis
Partners must not knowingly facilitate transactions for sanctioned individuals, entities, or jurisdictions. If you become aware that a user on your platform is subject to sanctions, notify StablePay immediately at compliance@stablepay.global.

Data Residency & Security

  • Storage — all user PII is encrypted with AES-256-GCM and stored in India (AWS ap-south-1)
  • Access — PII access is restricted to authorized personnel and audit-logged
  • Retention — records are retained per PMLA requirements (minimum 5 years after account closure)
  • API security — all API traffic is encrypted via TLS 1.2+, with Bearer token authentication and optional IP whitelisting

Partner Agreement

By integrating the StablePay API, partners accept the Partner Agreement and agree to:
  • Comply with applicable laws in their jurisdiction
  • Maintain appropriate end-user terms and privacy policies
  • Not use the API for prohibited activities
  • Cooperate with StablePay’s compliance team when requested
For questions about compliance, licensing, or regulatory requirements, contact compliance@stablepay.global.