Skip to main content
GitHubProjects
[COMPLIANCE & LEGAL FRAMEWORK]

Legal & Compliance

Comprehensive legal framework ensuring regulatory compliance and protecting all stakeholders.

[REGULATORY_COMPLIANCE_STATUS]
Current compliance status across key jurisdictions

[KENYA]

  • Central Bank of Kenya (CBK) consultation completed
  • Capital Markets Authority (CMA) guidance obtained
  • National Environment Management Authority (NEMA) approval
  • Data Protection Act compliance certified

[INTERNATIONAL]

  • GDPR compliance framework implemented
  • AML/KYC procedures established
  • FATF guidelines compliance
  • UN Sustainable Development Goals alignment
[TOKEN_CLASSIFICATION]

Utility Token Status

TANA is classified as a utility token providing access to ecosystem services and governance rights. It is not considered a security under Kenyan or international law.

Key Characteristics

  • • Provides access to platform services
  • • Enables governance participation
  • • Facilitates impact measurement rewards
  • • No expectation of profit from others' efforts
[LEGAL_STRUCTURE]

Corporate Structure

  • Tana Impact Foundation: Non-profit entity (Kenya)
  • Tana Technologies Ltd: Commercial entity (Kenya)
  • Tana Token Foundation: Token governance (Switzerland)

Governance Framework

Hybrid governance combining traditional corporate governance with decentralized autonomous organization (DAO) principles for community decision-making.

[INTERNATIONAL_COMPLIANCE]

Anti-Money Laundering (AML)

  • • Customer Due Diligence (CDD) procedures
  • • Transaction monitoring systems
  • • Suspicious activity reporting
  • • Regular compliance audits

Know Your Customer (KYC)

  • • Identity verification requirements
  • • Risk-based approach to verification
  • • Ongoing monitoring procedures
  • • Enhanced due diligence for high-risk users
[RISK_MANAGEMENT]

Identified Risks

  • • Regulatory changes in key jurisdictions
  • • Technology risks and smart contract vulnerabilities
  • • Market volatility and liquidity risks
  • • Operational risks in community implementation

Mitigation Strategies

  • • Continuous regulatory monitoring and engagement
  • • Regular security audits and bug bounty programs
  • • Diversified treasury management
  • • Comprehensive insurance coverage
[DATA_PROTECTION_&_PRIVACY]
Comprehensive data protection framework ensuring user privacy and regulatory compliance

Data Collection Principles

  • Minimization: Collect only necessary data for platform operation
  • Purpose Limitation: Use data only for stated purposes
  • Transparency: Clear communication about data use
  • User Control: Users can access, modify, and delete their data

Technical Safeguards

  • • End-to-end encryption for sensitive data
  • • Decentralized storage using IPFS
  • • Zero-knowledge proofs for privacy-preserving verification
  • • Regular security assessments and penetration testing
[ENVIRONMENTAL_&_SOCIAL_COMPLIANCE]
Alignment with international environmental and social standards

International Standards Compliance

  • • UN Sustainable Development Goals (SDGs)
  • • Paris Climate Agreement alignment
  • • IFC Performance Standards
  • • Global Reporting Initiative (GRI) Standards
  • • ISO 14001 Environmental Management
  • • ISO 26000 Social Responsibility
  • • TCFD Climate-related Financial Disclosures
  • • SASB Sustainability Accounting Standards