Data Minimization
Collect and process the identity, transaction, screening and case data needed for AML obligations, while avoiding unrelated customer data in compliance workflows.
■ // NDPR_NDPA
Data protection for AML operations. Built into the control stack.
4tress.ai is designed to help regulated institutions process AML data responsibly while supporting Nigerian data protection expectations around minimization, rights, residency, security and auditability.
This page is a practical policy draft for product and commercial review. It should be reviewed by qualified legal counsel before publication or client contracting.
Lawful Basis & Purpose
Process personal data for regulatory compliance, fraud and AML prevention, contractual service delivery and legitimate operational security needs.
Data Residency
Support cloud, hybrid, on-premise and sovereign deployment patterns so institutions can align infrastructure with residency and internal policy requirements.
Data Subject Rights
Provide workflows and records that help clients respond to access, correction, restriction and deletion requests where legally appropriate.
Security Controls
Use encryption in transit and at rest, role-based access, audit logging, environment segregation and controlled administrative access.
Audit Trails
Maintain immutable logs for access, review, screening, case actions, report generation and administrative changes relevant to AML evidence.
Breach Handling
Support incident response workflows for investigating, containing, documenting and notifying relevant parties after suspected data security incidents.
Vendor Controls
Help institutions document primary/supporting vendor roles, subprocessors, operational support responsibilities and exit-management expectations.
Retention
Support AML record retention expectations, including evidence preservation and archival controls for customer, alert, case, report and audit records.