Regulatory Compliance

Compliance

City Gate Capital is built on a foundation of regulatory compliance, financial integrity, and the highest standards of security. We are licensed, audited, and accountable.

Last updated: May 23, 2026

FCA Registered

United Kingdom

FinCEN Registered

United States

AUSTRAC Registered

Australia

MAS Licensed

Singapore

GDPR Compliant

European Union

PCI DSS Level 1

Global

Security & Compliance Certifications

ISO 27001

Information Security Management

SOC 2 Type II

Security, Availability & Confidentiality

PCI DSS Level 1

Payment Card Industry Data Security

GDPR

EU General Data Protection Regulation

UK GDPR

UK Data Protection Act 2018

AML/CFT

Anti-Money Laundering & Counter-Terrorism Financing

1. Regulatory Framework

1.1 Licensing & Registration

City Gate Capital Ltd operates under licences and registrations obtained from financial regulators in the jurisdictions where we provide services. We are registered with the Financial Conduct Authority (FCA) in the United Kingdom, FinCEN in the United States, AUSTRAC in Australia, and the Monetary Authority of Singapore (MAS), among others. Our regulatory status is reviewed and maintained on an ongoing basis.

1.2 Regulatory Oversight

We are subject to ongoing supervision by our primary regulator and cooperate fully with all regulatory examinations, enquiries, and requests. Our compliance programme is reviewed annually by independent external auditors and updated to reflect changes in applicable law and regulatory guidance.

1.3 Jurisdictional Coverage

We operate in 40+ jurisdictions and maintain a dedicated compliance team responsible for monitoring regulatory developments in each market. Where local licensing requirements apply, we either hold the required licence or partner with locally licensed entities.

2. Anti-Money Laundering & Counter-Terrorism Financing

2.1 AML Programme

City Gate Capital maintains a comprehensive AML/CFT programme that meets or exceeds the requirements of the Financial Action Task Force (FATF) Recommendations, the EU's Sixth Anti-Money Laundering Directive (AMLD6), the UK Money Laundering Regulations 2017, and equivalent legislation in all jurisdictions where we operate.

2.2 Know Your Customer (KYC)

All customers are subject to identity verification before accessing our services. Our KYC process includes: government-issued ID verification, biometric liveness checks, address verification, PEP (Politically Exposed Person) screening, adverse media screening, and ongoing monitoring of customer profiles and transaction patterns.

2.3 Transaction Monitoring

We operate a real-time transaction monitoring system that analyses all transactions against risk-based rules and machine learning models. Suspicious transactions are automatically flagged for review by our Financial Intelligence Unit (FIU). Where required by law, we file Suspicious Activity Reports (SARs) with the relevant financial intelligence authority.

2.4 Sanctions Screening

All customers and transactions are screened against international sanctions lists including OFAC (US), HM Treasury (UK), EU Consolidated List, UN Security Council, and other applicable lists. Matches are reviewed by our compliance team and, where confirmed, result in account restriction and regulatory reporting.

2.5 Record Keeping

We retain all KYC documentation, transaction records, and compliance reports for a minimum of 5 years from the date of the transaction or account closure, or longer where required by applicable law.

3. Data Protection & Privacy

3.1 GDPR Compliance

City Gate Capital processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the UK GDPR. We have appointed a Data Protection Officer (DPO) and maintain a comprehensive data protection programme including data mapping, privacy impact assessments, and data subject rights procedures.

3.2 Data Minimisation

We collect only the personal data necessary for the purposes described in our Privacy Policy. We do not collect or retain data beyond what is required for regulatory compliance or service delivery.

3.3 Cross-Border Transfers

International transfers of personal data are conducted under appropriate safeguards including Standard Contractual Clauses (SCCs), adequacy decisions, or other lawful transfer mechanisms as required by applicable data protection law.

4. Information Security

4.1 Security Standards

Our information security programme is certified to ISO 27001 and SOC 2 Type II. We maintain a comprehensive set of security controls including encryption at rest and in transit, access controls, network segmentation, vulnerability management, and incident response procedures.

4.2 Penetration Testing

We conduct annual penetration tests by independent, CREST-certified security firms, as well as continuous automated vulnerability scanning. Critical vulnerabilities are remediated within 24 hours; high vulnerabilities within 7 days.

4.3 Payment Security

Our payment infrastructure is certified to PCI DSS Level 1 — the highest level of payment card industry security certification. Cardholder data is never stored on our servers; all card data is tokenised at the point of entry.

4.4 Business Continuity

We maintain a Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) that are tested annually. Our infrastructure is deployed across multiple availability zones with automatic failover to ensure 99.9% uptime.

5. Consumer Protection

5.1 Deposit Protection

Fiat currency deposits held in City Gate Capital accounts are safeguarded in accordance with applicable e-money regulations. In the UK, customer funds are held in segregated accounts at authorised credit institutions. In the US, funds are FDIC insured up to $250,000 per depositor through our banking partners.

5.2 Complaints Handling

We have a formal complaints handling procedure. Complaints can be submitted to [email protected]. We acknowledge all complaints within 5 business days and aim to resolve them within 15 business days. If you are not satisfied with our response, you may refer your complaint to the relevant financial ombudsman or regulatory authority.

5.3 Vulnerable Customers

We are committed to treating all customers fairly, including those who may be in vulnerable circumstances. Our customer support team is trained to identify and support vulnerable customers, and we offer additional assistance including extended response times and simplified communication.

6. Tax Compliance & Reporting

6.1 FATCA & CRS

City Gate Capital complies with the US Foreign Account Tax Compliance Act (FATCA) and the OECD Common Reporting Standard (CRS). We collect tax identification information from customers and report to relevant tax authorities as required by law.

6.2 Crypto Tax Reporting

We provide customers with annual transaction summaries to assist with tax reporting obligations. In jurisdictions where we are required to report cryptocurrency transactions to tax authorities, we do so in accordance with applicable law.

7. Governance & Accountability

7.1 Board Oversight

Our Board of Directors maintains ultimate responsibility for our compliance programme. A dedicated Risk and Compliance Committee of the Board meets quarterly to review compliance performance, regulatory developments, and risk appetite.

7.2 Chief Compliance Officer

Our Chief Compliance Officer (CCO) reports directly to the Board and is responsible for the day-to-day management of our compliance programme. The CCO has the authority and resources to implement and enforce compliance policies across the organisation.

7.3 Training

All employees complete mandatory AML/CFT, data protection, and information security training upon joining and annually thereafter. Employees in compliance-sensitive roles receive additional specialist training.

7.4 Whistleblowing

We maintain a confidential whistleblowing channel that allows employees, contractors, and third parties to report compliance concerns without fear of retaliation. Reports can be submitted to [email protected] or through our anonymous reporting portal.

8. Compliance Contact

8.1 Compliance Team

For compliance-related enquiries, regulatory correspondence, or to report a concern, contact our Compliance team at [email protected]. For data protection matters, contact our DPO at [email protected]. For legal matters, contact [email protected].

8.2 Regulatory Correspondence

Regulatory authorities and law enforcement agencies should direct formal correspondence to: Compliance Department, City Gate Capital Ltd, International Financial Centre, London, United Kingdom. We respond to all regulatory requests within the timeframes required by applicable law.

Compliance Enquiries

For regulatory correspondence, compliance questions, or to report a concern, contact our Compliance team directly.

[email protected]