Trust, Compliance & Governance
AurumShield maintains a structured legal, security, compliance, and governance framework designed to support institutional physical gold transactions, counterparty onboarding, custody coordination, and high-value settlement workflows.
I — Governance Framework
Core operating principles, compliance controls, and security mechanisms governing institutional physical gold settlement.
Platform documentation requirements are designed to support workflows aligned with the LBMA Responsible Gold Guidance, including responsible sourcing, identity verification, source-of-origin documentation, and audit-ready recordkeeping.
Responsible sourcing documentation aligned with OECD due diligence expectations is captured as part of the standard transaction workflow, supporting institutional counterparties that require documented provenance.
Every counterparty completes structured entity verification, sanctions screening against OFAC, EU, UN, and relevant lists, and continuous monitoring with automated re-screening at defined intervals.
No physical intake occurs without verified upstream documentation. Origin attestation, export clearances, tax compliance, and responsible sourcing records must be validated before material moves.
No single individual can both initiate and approve a settlement-critical action. Role-based access with maker-checker separation governs trade initiation, approval, and settlement authorization.
The settlement pipeline is fail-closed by design. Capital and title do not move until all defined conditions — physical verification, compliance standing, custody confirmation, and funding — are verifiably satisfied.
Every state transition, authorization event, and settlement action is recorded as a structured, append-only audit event. Events are tamper-evident, cryptographically chained, and retained for a minimum of seven years.
AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, session management, and structured incident response procedures protect the integrity of transaction data.
II — Legal & Compliance
Master Service Agreement governing platform access, settlement mechanics, and counterparty obligations.
Data collection, processing, international transfers, and privacy rights under GDPR, CCPA, and BSA regulatory frameworks.
Anti-money laundering compliance, customer identification program, sanctions screening, and continuous monitoring protocols.
Counterparty risk mitigation, physical transit risk, and settlement controls.
III — Risk & Settlement
Settlement progresses only when all six gate conditions are verified. If any condition fails, the transaction halts and the exception is logged.
Capital and title are locked and released only when delivery-versus-payment conditions are satisfied. No partial or unauthorized settlement can occur.
Defined transaction states with constrained transitions. Invalid state transitions are rejected and logged as exception events with full context.
Settlement operations are designed to be safely retryable without risk of duplicate transactions or double-spending conditions.
Exceptions follow defined escalation paths with documented resolution. No silent failures — every anomaly is logged and routed.