Predikt is a non-custodial software interface that routes signed orders to the Hyperliquid Layer-1 protocol via a builder code. Because we never take custody of user funds and never act as a counterparty, we do not fall within the full Crypto-Asset Service Provider (CASP) Customer Due Diligence regime of MiCA Title VI. We nevertheless apply a risk-based AML programme modelled on the EU Anti-Money-Laundering Directives, the FATF Travel Rule, and the OFAC / EU / UN consolidated sanctions lists. This page describes that programme.
1. Legal positioning
Predikt is operated by Predikt OÜ (Estonia, incorporation in progress). Our position, supported by external counsel, is that providing a signing interface to an open public protocol — without custody, matching, or counterparty role — does not in itself constitute a regulated crypto-asset service under Regulation (EU) 2023/1114 (MiCA) Art. 3(1)(16). We are not registered as a Virtual Asset Service Provider (VASP) and we do not hold a CASP authorisation.
Notwithstanding the above, the EU AML framework — Directive (EU) 2018/843 (AMLD5) on the prevention of the use of the financial system for money laundering, and Directive (EU) 2018/1673 (AMLD6) harmonising the criminal definition of money laundering — sets benchmarks that any crypto-adjacent business should meet. We have voluntarily adopted the controls below.
2. Sanctions screening (mandatory, blocking)
At every wallet connection, before any order may be signed, the connecting EVM address is screened against three lists:
- OFAC SDN — U.S. Office of Foreign Assets Control, Specially Designated Nationals list, including Tornado Cash-tainted addresses.
- EU Consolidated Sanctions List — maintained by the European External Action Service under Regulations such as (EU) 269/2014 (Russia), (EU) 2017/1509 (DPRK).
- UN Security Council Consolidated List — implemented via Implementing Decision 1267/1989/2253.
Screening is performed via a third-party API provider (e.g. Chainalysis free Sanctions API, TRM Labs, or Elliptic — the exact provider is set out in our Transparency Report and may change). A wallet that matches a sanctioned address is permanently blocked from connecting. The block is recorded in our immutable audit log (SHA-256 hash chain anchored to Arbitrum daily — see Transparency).
3. Geographic restrictions
Independently of sanctions screening, Predikt applies hard geo-blocks for certain jurisdictions (United States, Italy, Netherlands, Belgium) and partial category blocks for others (France, Germany, Spain, Portugal, Austria, Poland — political and sports outcome markets). See Geo Restrictions for the full list and the technical implementation.
4. Transaction monitoring threshold
We monitor on-chain order flow attributable to our builder address and apply the following thresholds:
- Single trade ≥ €10,000 notional: flagged, recorded, and subject to a soft review. The user receives a banner asking them to acknowledge a self-declaration of source of funds. At v1 there is no hard block — but the trade and the acknowledgement are retained for five years.
- Aggregate 7-day volume ≥ €50,000 from the same wallet: additional review, including a wallet-cluster check via Chainalysis KYT-style heuristics.
- Aggregate 30-day volume ≥ €100,000: enhanced due diligence trigger; in extreme cases the wallet may be soft-paused pending response.
The €10,000 threshold reflects the AMLD5 reporting trigger for cash and equivalent transactions and the FATF Recommendation 16 (Travel Rule) usual benchmark. We chose a soft rather than hard block at v1 because (a) we do not custody funds and therefore cannot physically prevent settlement on the underlying L1, and (b) hard-blocks without CASP-grade CDD risk excluding legitimate users without meaningfully reducing risk. This calibration will be re-assessed when v2 ships and when MiCA / 6AMLD / the future EU AML Regulation enter force.
5. Source-of-funds self-declaration
Above the soft threshold, the connecting wallet is prompted with a modal asking the user to declare the lawful source of funds (e.g. salary, business revenue, prior crypto trading, inheritance). The declaration is stored alongside the wallet address and the trade identifier and is treated as confidential personal data (lawful basis: legal obligation, GDPR Art. 6(1)(c) read with AMLD5).
6. Suspicious Activity Reports (SAR)
Where reasonable suspicion of money laundering or terrorist financing arises — including but not limited to (a) clusters of small structured deposits below the threshold, (b) source-of-funds declarations that appear false, (c) Chainalysis Reactor red-flag exposure to known mixers, darknet markets, or sanctioned entities — we file a Suspicious Activity Report with the Estonian Financial Intelligence Unit (Rahapesu Andmebüroo) within the AMLD5-required deadline of three business days from the date the suspicion crystallised.
SARs are filed even where we are not strictly obliged to, on the basis that voluntary cooperation with FIUs is in the long-term interest of the platform and its users.
7. Record retention
AML-related records — wallet addresses screened, screening result, threshold flags, source-of-funds declarations, SARs filed — are retained for five years from the date of the underlying event, in line with AMLD5 Art. 40. Records are stored encrypted at rest and access is restricted to the Money Laundering Reporting Officer (MLRO) on a need-to-know basis.
8. Travel Rule and counterparty data
Because we do not custody or hold funds, the Travel Rule (Regulation (EU) 2023/1113 on information accompanying transfers of funds and crypto-assets) does not directly apply to us — there is no originator/beneficiary VASP pair. Where a user transacts with a counterparty wallet that triggers our sanctions or risk-cluster screening, we treat that exposure as a transaction-monitoring signal rather than a Travel Rule obligation. We will revisit this position as the AMLR (EU AML Regulation) implementing acts are finalised.
9. Law-enforcement and regulator requests
Lawful requests from competent authorities — court orders, subpoenas, production orders, mutual legal assistance treaty (MLAT) requests — are processed by our MLRO. Requests must be served at the Estonian registered office of Predikt OÜ once incorporation is complete; in the interim, requests may be sent to law-enforcement@predikt.markets. We respond within five business days for non-urgent requests and within 24 hours for emergency/risk-to-life requests. We publish an annual Law Enforcement Transparency Report (see Transparency).
10. Governance and review
The AML programme is owned by the Money Laundering Reporting Officer (currently: Antoine de la Fouchardière, CEO). The programme is reviewed at least annually and immediately after any material regulatory change (e.g. publication of MiCA Level 2 measures, entry into force of AMLR, FATF country re-rating).
11. Contact
AML enquiries: aml@predikt.markets. Law enforcement: law-enforcement@predikt.markets. General complaints: see Complaints procedure.
Draft note (2026-05-27): This document is a working draft. Final clauses, the choice of sanctions-screening provider, and threshold calibration are subject to formal legal review by external counsel and to ongoing dialogue with the Estonian Financial Supervision Authority. Citations: AMLD5 (Directive (EU) 2018/843), AMLD6 (Directive (EU) 2018/1673), MiCA (Regulation (EU) 2023/1114), Travel Rule (Regulation (EU) 2023/1113), FATF Recommendation 15 and 16.