GrailDrop
All policies
Legal

AML / KYC & Compliance

Last updated · June 1, 2026

GrailDrop is committed to operating a safe, lawful platform. This policy describes our approach to identity verification (Know Your Customer), anti-money-laundering (AML) and counter-terrorist-financing controls, sanctions screening, and the jurisdictions we serve. It supplements our Terms of Service.

1.Identity verification (KYC)

Most browsing and play does not require verification, but we apply a risk-based, tiered approach. We may ask you to verify your identity when you:

  • Claim a high-value physical prize;
  • Request a crypto withdrawal at or above a set threshold;
  • Reach cumulative activity thresholds; or
  • Trigger a fraud, risk, or sanctions flag.

Verification is handled through a third-party provider and may require a government-issued ID, proof of address, and a selfie/liveness check. Your account status moves through unverified → pending → verified; full verification unlocks high-value claims and cash-out. We may pause claims or withdrawals until verification completes.

2.Anti-money-laundering

To deter and detect financial crime, we:

  • Monitor transactions for unusual or structured activity;
  • Apply deposit, claim, and withdrawal thresholds and velocity limits;
  • Screen withdrawal addresses and may use blockchain-analytics tools;
  • Require that withdrawals return to a source you control, where applicable;
  • File reports with the relevant authorities where the law requires, without notifying you where prohibited.

We may request the source of funds for large or unusual transactions, and may freeze or reject activity we reasonably suspect is linked to fraud, money laundering, or sanctions evasion.

3.Sanctions & screening

We screen users and counterparties against applicable sanctions and watch lists. We do not knowingly provide services to sanctioned individuals or entities, or to anyone acting on their behalf. Accounts that match a sanctions designation will be blocked and reported as required.

4.Restricted jurisdictions

GrailDrop is not available everywhere. We restrict access from jurisdictions where our service is prohibited, where we are not licensed to operate, or that are subject to comprehensive sanctions. We use IP geolocation and verification data to enforce this.

You must not use VPNs, proxies, or false information to bypass geographic restrictions. Doing so is a breach of our Terms and may result in forfeiture of balance and prizes and closure of your account. Availability can change as laws change.

5.Age verification

GrailDrop is strictly 18+. We may verify your age at any time and will close accounts found to belong to minors. See Responsible Play for tools and support.

6.Record-keeping

We retain verification and transaction records for the period required by applicable AML and tax law (typically 5–7 years after your last activity), even after account closure. See our Privacy Policy for how this data is protected.

7.Compliance contact

For compliance, AML, or law-enforcement requests, contact our compliance team at compliance@graildrop.io. We respond to valid legal process in accordance with applicable law.

Questions about this policy? Contact us at support@graildrop.io. For legal or compliance matters, email legal@graildrop.io.