# Advisory — Canaria > Compliance programs for every kind of crypto company. Licensed exchange, DeFi protocol, or somewhere in between. Canonical URL: https://canaria.xyz/advisory Licensed exchange, DeFi protocol, or somewhere in between — the compliance obligations are different, and the deliverables should be too. We build the program, not just the policy. Canaria's advisory work is led by operators who have stood up BSA/AML programs at licensed crypto exchanges and designed counterparty due diligence frameworks for DeFi protocols. We design, implement, and hand off compliance programs that hold up under regulatory scrutiny and actually function day-to-day. ## CeFi Advisory — The full regulatory stack You hold a license or you're applying for one. Regulators expect a complete AML/CFT program, documented procedures, and evidence that your controls actually work. We build the program, implement the tools, and get you to a place where an exam isn't something you dread. **Typical client:** A crypto exchange applying for a BitLicense with no existing compliance infrastructure, or a licensed custodian expanding into MiCA jurisdictions and needing to retrofit their program. **Deliverables:** - **Risk assessments** — Enterprise-wide, new product, and new jurisdiction risk assessments tailored to your specific business model and license requirements - **AML / Financial Crime Compliance program** — Complete BSA/AML program with policies, governance structure, and board-level reporting frameworks - **Anti-bribery and corruption policy** — ABC policies and controls designed for the specific corruption risks in crypto operations and counterparty relationships - **KYC / TM / SAR / Travel Rule / Screening procedures** — End-to-end procedures for customer onboarding, transaction monitoring, suspicious activity reporting, travel rule compliance, and watchlist screening - **Licensing and registration guidance** — Application support for BitLicense, MiCA, MAS, FINTRAC, FCA, AFSL, and state-level money transmitter registrations - **Tool implementation** — Selection and implementation of KYC, transaction monitoring, watchlist screening, and payment screening platforms ## DeFi Advisory — Compliance without the centralized playbook Most compliance frameworks assume there's a centralized operator taking custody of funds and onboarding customers. DeFi doesn't work that way. We design compliance programs that account for smart contract interactions, governance structures, and the reality that your "customers" are wallets, not people with passports. **Typical client:** A cross-chain messaging protocol that needs counterparty due diligence across hundreds of integrations, or a DeFi lending protocol whose foundation wants to demonstrate responsible risk management to ecosystem partners. **Deliverables:** - **Risk assessments** — Enterprise-wide, new product, new jurisdiction, new protocol integration, and new asset risk assessments designed for decentralized business models - **Compliance and risk management program** — A program framework built for protocols and foundations, covering governance, risk appetite, sanctions exposure, and counterparty management - **Counterparty due diligence procedures** — Frameworks for assessing integration partners, bridge providers, oracle services, and other protocol-level counterparties - **Wallet screening and watchlist screening procedures** — On-chain screening procedures that identify sanctioned exposure, mixer interactions, and high-risk wallet activity across your protocol - **Tool implementation** — Selection and implementation of due diligence platforms, watchlist screening services, and blockchain analytics tools ## Hybrid Advisory — Compliance where the lines blur Your business doesn't fit neatly into one box. Maybe you're a DeFi protocol whose institutional partners impose compliance requirements as a condition of integration. Maybe you're a licensed exchange running a trading desk that interacts with DeFi liquidity pools. Either way, you need a compliance program that covers both worlds without pretending one of them doesn't exist. **Typical client:** A DeFi vault protocol whose CeFi partners require KYC and screening as a condition of liquidity access, or a prime brokerage that routes client orders through DEXs and on-chain venues. **Deliverables:** - **Dual-framework risk assessments** — Risk assessments that account for both traditional regulatory obligations and on-chain exposure, including shadow regulator requirements from CeFi partners - **Blended compliance program** — A compliance and risk management program that satisfies CeFi partner requirements while remaining practical for decentralized operations - **Partner-facing compliance documentation** — Policies and procedures designed to demonstrate compliance to institutional counterparties who act as de facto regulators - **Wallet screening + KYC procedures** — Hybrid onboarding flows that combine wallet screening and blockchain analytics with traditional KYC where required by partners or regulation - **Tool implementation across both stacks** — Integrated tooling for blockchain analytics, watchlist screening, and traditional compliance platforms that work together ## How we work — four phases, no surprises 1. **Discovery** — We map your business model, jurisdictions, counterparty relationships, and existing controls. We talk to your team. We read your docs. By the end of week one, we know what you have and what's missing. 2. **Gap analysis** — We benchmark your current state against regulatory expectations and industry practice. You get a clear, prioritized list of what needs to happen, in what order, and why each item matters. 3. **Build** — We write the policies, design the controls, configure the monitoring rules, and build the procedures. Your team reviews everything as we go so nothing lands as a surprise. 4. **Handoff** — We train your team, document everything, and make sure the program runs without us. If you need ongoing support or want to plug in CryptoComply, we set that up too. ## Contact - Get in touch: https://canaria.xyz/contact - Email: hello@canariaconsulting.com