Compliance coverage
Atlas is built to support the obligations that EU KYB/AML teams actually carry — customer due diligence, beneficial-ownership transparency, sanctions/PEP screening, ongoing monitoring, and the record-keeping that makes all of it defensible. This page maps platform capabilities to the obligation categories they support.
This page describes how Atlas supports compliance programmes. It is not legal advice and does not assert certification against any specific regulation. Your compliance team owns the mapping to your jurisdiction's current requirements.
Obligation → capability map
Coverage by obligation
| Obligation | How Atlas supports it |
|---|---|
| Customer due diligence (CDD) | A structured investigation gathers registry identity, structure, and risk in one repeatable run |
| Beneficial ownership (UBO) | Ownership-chain traversal computes UBOs with a configurable control threshold (25% baseline, 10% for enhanced scrutiny) per jurisdiction |
| Sanctions / PEP screening | The SPEPWS module screens individuals; results are written to protected fields that providers cannot overwrite |
| Adverse media | The AMLRR module surfaces adverse-media and reputational signals, classified by severity and category |
| Ongoing monitoring | New provider data flows through reconciliation; material changes raise conflicts and risk indicators |
| Risk rating | A configurable risk matrix applies the firm's policy consistently and reproducibly |
| Record-keeping & auditability | Every value retains its claims and mutation history; reports are stored and reproducible |
The UBO threshold, concretely
Beneficial-ownership rules differ by regime, so the control threshold is configurable rather than hard-coded:
Effective ownership is computed multiplicatively along each chain, circular structures are detected and flagged, and the threshold is resolved per jurisdiction (with a reference-data override). This is the difference between "we list the shareholders" and "we computed the UBOs and can show the chain."
Defensibility as a compliance feature
The record-keeping obligation is where Atlas's architecture pays off directly. Because every canonical value carries:
- the winning claim (source + trust + timestamp),
- the alternative claims that lost,
- the mutation history of who changed it and when,
- and the risk rationale (which matrix cell and rules applied),
…an audit request becomes a lookup, not an archaeology project. See Claims & survivorship and Mutation queue.
Data residency & isolation
Multi-tenant isolation is enforced at the database layer via Row-Level Security, and provider credentials are encrypted per tenant. This supports per-customer data-segregation requirements. See Security & multi-tenancy and ADR-022.
For the specific registry and list coverage in TrustRelay's operating markets, see Benelux & Romania.