Compliance & Legal Framework
Legal & Compliance
Comprehensive legal framework ensuring regulatory compliance and protecting all stakeholders.
Regulatory Compliance Status
Current compliance status across key jurisdictions
Kenya
- Central Bank of Kenya (CBK) consultation completed
- Capital Markets Authority (CMA) guidance obtained
- National Environment Management Authority (NEMA) approval
- Data Protection Act compliance certified
International
- GDPR compliance framework implemented
- AML/KYC procedures established
- FATF guidelines compliance
- UN Sustainable Development Goals alignment
Token Classification
Utility Token Status
TANA is classified as a utility token providing access to ecosystem services and governance rights. It is not considered a security under Kenyan or international law.
Key Characteristics
- • Provides access to platform services
- • Enables governance participation
- • Facilitates impact measurement rewards
- • No expectation of profit from others' efforts
Legal Structure
Corporate Structure
- • Tana Impact Foundation: Non-profit entity (Kenya)
- • Tana Technologies Ltd: Commercial entity (Kenya)
- • Tana Token Foundation: Token governance (Switzerland)
Governance Framework
Hybrid governance combining traditional corporate governance with decentralized autonomous organization (DAO) principles for community decision-making.
International Compliance
Anti-Money Laundering (AML)
- • Customer Due Diligence (CDD) procedures
- • Transaction monitoring systems
- • Suspicious activity reporting
- • Regular compliance audits
Know Your Customer (KYC)
- • Identity verification requirements
- • Risk-based approach to verification
- • Ongoing monitoring procedures
- • Enhanced due diligence for high-risk users
Risk Management
Identified Risks
- • Regulatory changes in key jurisdictions
- • Technology risks and smart contract vulnerabilities
- • Market volatility and liquidity risks
- • Operational risks in community implementation
Mitigation Strategies
- • Continuous regulatory monitoring and engagement
- • Regular security audits and bug bounty programs
- • Diversified treasury management
- • Comprehensive insurance coverage
Data Protection & Privacy
Comprehensive data protection framework ensuring user privacy and regulatory compliance
Data Collection Principles
- • Minimization: Collect only necessary data for platform operation
- • Purpose Limitation: Use data only for stated purposes
- • Transparency: Clear communication about data use
- • User Control: Users can access, modify, and delete their data
Technical Safeguards
- • End-to-end encryption for sensitive data
- • Decentralized storage using IPFS
- • Zero-knowledge proofs for privacy-preserving verification
- • Regular security assessments and penetration testing
Environmental & Social Compliance
Alignment with international environmental and social standards
International Standards Compliance
- • UN Sustainable Development Goals (SDGs)
- • Paris Climate Agreement alignment
- • IFC Performance Standards
- • Global Reporting Initiative (GRI) Standards
- • ISO 14001 Environmental Management
- • ISO 26000 Social Responsibility
- • TCFD Climate-related Financial Disclosures
- • SASB Sustainability Accounting Standards