✨ See how much you could save with Tilli — calculate your ROI in 2 minutes.
Compliance Policy

Tilli AML, Sanctions, and Financial Crime Compliance Policy

Last updated: May 11, 2026

This policy describes Tilli's risk-based onboarding, screening, monitoring, and operational controls designed to reduce misuse of applicable payment, onboarding, disbursement, money-movement, and related Services for money laundering, sanctions evasion, fraud, terrorist financing, or other unlawful financial activity.

United States operations Utilli LLC (doing business as Tilli)
India operations Tilli Software India Private Limited

1. Purpose

Tilli is committed to maintaining risk-based policies, procedures, and controls designed to help prevent the misuse of applicable Services for money laundering, sanctions evasion, fraud, terrorist financing, or other unlawful financial activity.

2. Covered Entities

For United States operations, the relevant entity is Utilli LLC (doing business as Tilli). For India operations, the relevant entity is Tilli Software India Private Limited. Those entities are referred to in this policy individually or collectively, as applicable, as Tilli or Tilli Software.

3. Scope and Applicability

This policy applies on a risk-based basis to the products, customers, partners, jurisdictions, and workflows for which Tilli reasonably determines AML, sanctions, KYC, KYB, fraud, or financial-crime controls are necessary or appropriate.

  • TilliPay and payment-related workflows.
  • Digital disbursements, ACH, settlement, or other money-movement services.
  • Partner, merchant, vendor, or other direct customer onboarding.
  • Direct customer or partner accounts involving payment or financial functionality.
  • Workflow-triggered payment or onboarding actions initiated through Beacon, Nudge, tilliX, JAREIS, or related Tilli Services.
  • OTP, partner, or referral-party relationships involved in regulated or payments-sensitive services.

This policy does not assume that every SaaS workflow or every end user of a Tilli customer is Tilli's direct regulated customer. Where Tilli provides software tools to a customer that manages its own end-consumer relationship, Tilli may determine that certain AML, KYC, or onboarding obligations primarily remain with the customer or a regulated partner rather than with Tilli directly.

4. Governance and Oversight

Tilli maintains designated responsibility for AML and related financial-crime compliance oversight. Governance responsibilities may include policy ownership, risk assessment, onboarding control design, suspicious-activity escalation, sanctions and fraud monitoring, training coordination, testing, and partner or authority response management.

5. Risk-Based Customer and Partner Segmentation

Tilli's compliance controls may vary depending on the relationship and service model. Tilli may distinguish between indirect end users of a customer's workflow, direct customers such as sub-merchants or vendors, partner and referral-party relationships, and higher-risk customers, counterparties, use cases, geographies, or transaction patterns that require enhanced due diligence.

6. Customer Identification and Due Diligence

Where applicable, Tilli may require customer, partner, payee, vendor, merchant, or beneficial-owner information before or during onboarding, activation, settlement, or continued use of an applicable Service.

  • Legal name, business name, addresses, and contact details.
  • Date of birth or date of formation, as applicable.
  • Tax identification, registration, or business-identification details.
  • Authorized representative details.
  • Beneficial ownership information for legal entities.
  • Purpose of the relationship and expected transaction profile.
  • Documentary and non-documentary verification information.
  • Ongoing profile updates and periodic refreshes.

Refusal to provide reasonably requested compliance information may result in onboarding denial, delayed activation, restricted access, suspension, rejection of transactions, or termination of the affected relationship or workflow.

7. Sanctions and Restricted-Party Screening

Tilli may screen customers, partners, beneficial owners, payees, counterparties, transactions, or related data against sanctions lists, restricted-party lists, geolocation signals, negative news, or other compliance-relevant indicators. If Tilli identifies a potential match or elevated risk, Tilli may hold or reject transactions, restrict or suspend the affected workflow or account, request additional documentation, escalate the matter for manual review, or notify partners, processors, networks, or authorities where required or appropriate.

8. Transaction Monitoring and Suspicious Activity Review

For applicable Services, Tilli may use automated and manual controls to review activity for red flags, anomalies, suspicious behavior, fraud indicators, sanctions concerns, structuring, unusual velocity, account misuse, or other potentially unlawful or unauthorized activity.

Monitoring may consider transaction amount, frequency, origin, destination, changes in risk profile, geographic inconsistency, unusual payment or disbursement activity, data mismatches, evasion patterns, or attempts to use Beacon, Nudge, tilliX, JAREIS, or other Tilli Services to initiate, mask, automate, or scale prohibited payment or onboarding activity.

9. Holds, Restrictions, and Service Controls

Tilli may delay, reject, reverse where permissible, or otherwise restrict transactions, onboarding steps, activations, settlements, account changes, or automated CTAs when reasonably necessary for fraud prevention, sanctions screening, KYC or KYB review, suspicious-activity investigation, legal process response, partner or processor requirements, or safety, security, and reputation protection.

10. Recordkeeping

Tilli may maintain records relating to onboarding, verification, due diligence, screenings, investigations, compliance decisions, reports, and other AML or sanctions controls for periods reasonably necessary to comply with law, partner requirements, audit expectations, dispute needs, or internal risk-management requirements.

11. Training

Tilli may provide AML, sanctions, fraud, and financial-crime compliance training to relevant employees, contractors, and operators based on role and risk.

12. Testing and Review

Tilli may conduct periodic review, testing, validation, partner review, or independent assessment of applicable AML, sanctions, fraud, and onboarding controls. This policy should be reviewed at least annually and may be updated more frequently to reflect changes in law, risk, product design, banking or processor requirements, and operational experience.

13. Confidentiality and Law-Enforcement Cooperation

Compliance investigations, alerts, reports, and related records may be treated as confidential and restricted to those with a legitimate need to know. Tilli may cooperate with regulators, law enforcement, banking partners, processors, or other lawful authorities as required or appropriate.

14. Customer and Partner Responsibilities

Customers and partners using applicable Services must provide timely, accurate, and complete compliance information reasonably requested by Tilli, avoid using the Services to conceal, structure, facilitate, or automate unlawful financial activity, avoid routing activity through Beacon, Nudge, tilliX, JAREIS, or other Tilli tools in a manner intended to evade screening or monitoring, and comply with applicable law and product-specific compliance instructions.

15. Contact and Escalation

Email: legal@tilli.pro

Mailing Address: 8260 Greensboro Dr, Suite 270, McLean, VA 22102, United States