Header Background

Licenses & Compliance

Table of contents
Close

Licenses & Compliance

Licenses Libertum holds

What is the DASP licence?

The Digital Asset Service Provider (DASP) licence is the regulatory cornerstone of El Salvador’s progressive digital asset framework. It authorises Libertum to operate as a fully licensed provider of digital asset services, covering tokenization, issuance, secondary trading, custody and settlement.

For the Libertum ecosystem, this licence is more than a credential — it is the legal infrastructure that ensures every asset, transaction and investment on the platform is fully compliant and globally scalable.

What is the MSB registration?

A Money Services Business (MSB) registration with the Financial Crimes Enforcement Network (FinCEN) under the U.S. Department of the Treasury. Mandatory registration for companies engaged in money transmission, currency exchange, issuing prepaid access, or dealing in digital assets such as stablecoins and cryptocurrencies.

Libertum holds MSB registration to operate compliant fiat / stablecoin flows for U.S.-related transactions through T-Pay and S-Suite.

What other jurisdictions are in progress?

Libertum is actively working on additional jurisdiction-specific licences and registrations to support cross-border tokenization at scale. Specific timing and scope is shared on the Roadmap as each one is publicly committed.

Why does Libertum need licences if everything is on chain?

Because Libertum bridges traditional finance with blockchain. Token transfers themselves are on chain, but everything around them — fiat on/off-ramps, custody of funds during the subscription window, KYC verification, secondary-market intermediation — touches regulated activity. Operating without proper licences would put Libertum and our customers at material legal risk.

KYC and KYB

What’s the difference between KYC and KYB?

Both run via SumSub:

  • KYC (Know Your Customer) is for individual investors. ID verification, selfie, sometimes proof of address and source of funds.
  • KYB (Know Your Business) is for entities — corporations, LLCs, partnerships, trusts, etc. Beneficial-owner ID + KYC for owners ≥ 25%, certificate of incorporation, articles, tax registration, bank reference.

KYC unlocks investor-side actions; KYB unlocks issuer-side actions.

Who is SumSub and why does Libertum use them?

SumSub is an EU-licensed identity verification provider used across the global financial industry. They handle the document review, biometric checks, and AML screening; Libertum receives only the result (APPROVED, REJECTED, etc.) and stores the linkage between identity and wallet on chain via the Identity Registry.

What’s the SumSub status flow?

NOT_STARTED → STARTED → IN_PROGRESS → PENDING → APPROVED / REJECTED / RESUBMIT. Most clean cases reach APPROVED automatically; ambiguous cases route to human review.

What jurisdictions can investors come from?

Per offering, the issuer configures Country Allow / Country Restrict modules. Common patterns:

  • Reg D offerings (US accredited) — Country Allow: US; Max Balance set to comply with concentration rules.
  • Reg S offerings (non-US) — Country Restrict: US (and any other restricted jurisdictions per the offering).
  • Open offerings — broad allow-list with sanctioned-country block.

The platform also enforces a global block on jurisdictions Libertum is not permitted to serve.

On-chain compliance enforcement

How is compliance enforced on chain?

For ERC-3643 (T-REX) tokens, every transfer is checked against a chain of compliance modules before any tokens move. The transfer reverts if any check fails. The chain is:

  1. Sender frozen? → revert if yes (unless force-transfer)
  2. Sender has enough non-frozen balance? → check freezePartialTokens
  3. Receiver verified in IdentityRegistry? → revert if no
  4. Each compliance module passes? — Country Allow, Country Restrict, Supply Limit, Max Balance, Hold Time
  5. All pass → execute transfer

See Compliance Enforcement for the full chain.

What are the compliance modules?

Five modular ERC-3643 compliance modules:

ModuleWhat it does
Country AllowOnly allows transfers to wallets whose verified identity has a country claim in the allow-list
Country RestrictBlocks transfers to wallets in a specified blocklist
Supply LimitEnforces a hard cap on total supply
Max BalancePrevents any single wallet from holding more than X tokens
Hold TimeBlocks transfer of tokens within N seconds of mint

Composable per offering. The Modular Compliance controller chains them together so every transfer must pass all enabled checks.

What happens if I move to a country the offering restricts?

Existing holdings stay where they are; you can’t transfer the tokens to another wallet because compliance would reject. Some offerings allow you to retain existing holdings while restricting future trades; others may require divestment under their terms. Contact the issuer’s transfer agent for offering-specific guidance.

Can the issuer override compliance to recover tokens?

Authorised agents can use force-transfer (forcedTransfer) for legitimate compliance scenarios — court orders, restitution, lost-wallet recovery. Force-transfer bypasses sender frozen status BUT still requires receiver verification. Tokens can never end up in a non-compliant wallet.

What’s the Identity Registry?

An on-chain contract that maps wallet addresses to identity claims. When your KYC is approved, Libertum’s relayer registers your wallet (and the identity claims attached to it — country, accreditation status, etc.) on the offering’s IdentityRegistry. Compliance modules read from this registry to make their decisions.

Who are the trusted issuers / claim issuers?

Trusted issuers are the parties authorised to attest to specific claim topics. Typically: SumSub (KYC verified), Libertum’s identity service, or a per-tenant KYC provider for whitelabel marketplaces. The Trusted Issuers Registry on chain lists who is allowed to attest to what.

Audit trail and reporting

What audit trail is available for regulators?

Every compliance action produces multiple audit records:

  • On-chain event (immutable) — Transfer, AddressFrozen, AddressUnfrozen, TokensFrozen, RecoveryAddress
  • Off-chain database record — actor, timestamp, decision, reason
  • SumSub webhook log — every KYC decision archived
  • Issuer’s Transfer Journal — UI surface combining both
  • Investor’s Transaction History — investor-facing slice

External auditors get a full picture by combining off-chain exports with on-chain event indexing — both views agree because Libertum’s event indexer writes off-chain records only when on-chain events are observed and confirmed.

What about consumer protection / investor protection?

Libertum enforces investor-side protections in code:

  • 2FA on every login for any account that has financial powers
  • Withdrawal limits at three thresholds (per-tx, daily, admin-approval)
  • Audit log of every administrative action
  • Whitelisted recovery addresses for high-value wallets

Plus the standard regulatory framework — Libertum is a regulated entity under DASP / MSB and is bound by their consumer-protection requirements.