Acceptable Use Policy

This Acceptable Use Policy ("AUP") sets out the activities and business categories that are prohibited or conditionally restricted when using the Crezaro payment services platform. It applies to all merchants, users, and anyone accessing the Services. This AUP is incorporated by reference into our Terms of Service and has the same legal effect.

Crezaro's ability to continue providing payment services depends on maintaining the integrity, legality, and financial health of the platform. Prohibited categories reflect requirements from our acquiring banking partners, Visa, Mastercard, Verve, applicable financial regulations, and our own risk policies. These categories are not negotiable — no exception can be granted for businesses in the absolute prohibition list regardless of the merchant's assurances.

1. Prohibited Business Categories

The following categories of businesses, products, and services are absolutely prohibited on the Crezaro platform. No exception, waiver, or approval can be granted for these categories under any circumstances:

1.1 Weapons and Dangerous Materials

Firearms, handguns, rifles, shotguns, and any other weapons capable of causing bodily harm or death, whether or not a licence is required
Firearm components, receiver blanks, conversion kits, high-capacity magazines, and silencers/suppressors
Ammunition, primer, propellant, and related equipment intended for use in weapons
Explosives, detonators, fuses, blasting caps, and related materials
Military-grade or law-enforcement-grade equipment not available to the general public
Chemical, biological, radiological, or nuclear (CBRN) materials or precursor chemicals
Tasers, stun guns, and electroshock weapons (in jurisdictions where prohibited for civilian sale)
Switchblades, gravity knives, or knuckle dusters (in jurisdictions where prohibited)

1.2 Controlled Substances and Drugs

Sale, distribution, or facilitation of purchase of any controlled substance as defined under applicable law, including but not limited to cocaine, heroin, methamphetamine, MDMA, LSD, and synthetic opioids
Prescription pharmaceuticals sold without a valid prescription or dispensed without a licensed pharmacist
Drug paraphernalia specifically designed for the consumption, production, or distribution of illegal substances (including pipes, bongs, rolling papers marketed for drug use, syringes outside of healthcare contexts)
Research chemicals marketed as "legal highs," novel psychoactive substances (NPS), or synthetic cannabinoids
Anabolic steroids for non-medical purposes
Ketamine, GHB, or other substances when sold outside of licensed medical or veterinary supply chains
Cannabis, CBD, and cannabis-derived products in jurisdictions where sale is not fully legal and licensed

1.3 Financial Crime and Fraud

Money laundering — knowingly processing proceeds of crime or structuring transactions to conceal their origin
Terrorist financing — providing financial services to designated terrorist organisations or individuals
Proliferation financing — supporting the development, production, maintenance, or acquisition of weapons of mass destruction
Sanctions evasion — processing transactions involving parties, entities, or jurisdictions subject to comprehensive OFAC, UN, EU, or UK sanctions programmes
Tax evasion schemes or structures designed to evade tax obligations
Processing stolen credit card or debit card details, regardless of whether the merchant themselves obtained them illegally
Carding forums, dark web marketplaces, or platforms facilitating the sale of compromised payment credentials

1.4 Human Exploitation

Human trafficking, smuggling of persons, or any services facilitating the transportation, recruitment, or exploitation of human beings
Forced labour, debt bondage, or modern slavery
Sale of human organs or tissues
Escort services, solicitation, or any business model that facilitates prostitution or sex trafficking
Any content or service that sexually exploits, demeans, or endangers children

1.5 Child Exploitation and Harmful Content

Child sexual abuse material (CSAM) of any kind, under any circumstances — this triggers immediate account termination and mandatory law enforcement referral
Platforms enabling the distribution, viewing, or monetisation of CSAM
Child-directed advertising or marketing for age-restricted products
Grooming services or platforms enabling contact with minors for sexual purposes

1.6 Fraudulent and Deceptive Businesses

Pyramid schemes — businesses where participants earn primarily by recruiting new members rather than selling genuine products or services
Ponzi schemes — where returns to earlier investors are funded by payments from newer investors rather than genuine business profit
Multi-level marketing (MLM) programmes with unfair or deceptive recruitment practices, where income is primarily from recruitment fees rather than legitimate product sales
Get-rich-quick schemes, miracle investment programmes, or guaranteed-return investment products not regulated by applicable financial authorities
Fake charities, fraudulent fundraising, or impersonation of legitimate non-profit organisations
Sale of counterfeit goods — imitation or replica products using a brand's trademarks without authorisation
Stolen goods — sale of property obtained through theft, robbery, or fraud
Academic dishonesty services — essay mills, exam fraud, ghostwriting for academic submission, or diploma mills
Fake identification documents, forged government documents, or counterfeit official papers
Deceptive subscription traps, negative option billing without clear consumer consent and easy cancellation
Psychic services, fortune-telling, or any product making supernatural or paranormal claims with guaranteed outcomes
Products or services making unsubstantiated health claims (e.g. miracle cures, FDA-unapproved cancer treatments)

1.7 Unlicensed Financial Services

Unregistered or unlicensed money transmission, bureau de change, or remittance services
Unlicensed lending, credit extension, or moneylending operations
Unauthorised investment advisory services or discretionary portfolio management
Binary options trading platforms (banned in most jurisdictions including the EU and UK)
Contracts for difference (CFDs) or forex trading platforms without appropriate regulatory authorisation

1.8 Intellectual Property Violations

Businesses whose primary model involves the sale of goods that infringe another party's copyright, trademark, patent, or trade secret rights
Software piracy — sale or distribution of unlicensed software, serial keys, activation codes for commercial software
Sale of pirated films, music, ebooks, or other copyrighted media
IPTV services streaming content without licensing agreements with rights holders

2. Conditionally Restricted Categories

The following categories require prior written approval from Crezaro before account activation or before commencing processing in the relevant category. Merchants in these categories must provide copies of all applicable licences and regulatory approvals. Approval is not guaranteed and may be withdrawn if licensing lapses:

2.1 Gambling and Gaming

Online gambling, sports betting, and casino games — requires a valid gaming licence from a recognised regulatory body (e.g. Nigeria's National Lottery Regulatory Commission (NLRC), UK Gambling Commission, Malta Gaming Authority, or equivalent)
Fantasy sports with real-money entry fees — requires applicable state/jurisdiction licensing
Lotteries and sweepstakes — requires applicable lottery licence and compliance with no-purchase-necessary rules where applicable
Skill games with cash prizes — subject to jurisdiction-by-jurisdiction legal review

2.2 Adult Content

Legal adult content platforms — must implement verifiable age verification, content performer age verification, and performer consent documentation
Adult subscription sites — all performers must be clearly of legal age; platforms must maintain age verification records for at least 7 years
Adult toy and accessories retailers — must have clear age-gating on their storefront and age confirmation at checkout

2.3 Tobacco, Nicotine, and Vaping

Sale of cigarettes, cigars, pipe tobacco, and smokeless tobacco — only permitted to businesses with appropriate tobacco retail licences; requires age verification at checkout
E-cigarettes, vaping devices, and e-liquids — prohibited in jurisdictions where banned or restricted; requires age verification and compliance with advertising restrictions
Nicotine replacement therapy products (patches, gum, lozenges) — permitted without restriction where sold through licensed pharmacies or equivalent

2.4 Alcohol

Sale of alcoholic beverages — requires applicable alcohol retail licence; age verification required at point of sale and/or delivery
Online alcohol delivery services — must comply with jurisdiction-specific delivery regulations

2.5 Cryptocurrency and Digital Assets

Cryptocurrency exchanges, wallets, and trading platforms — requires registration with applicable financial intelligence units (NFIU in Nigeria, FCA in UK, FINTRAC in Canada, FinCEN in US) and full AML/KYC programme
NFT marketplaces — requires enhanced AML controls given FATF guidance on virtual asset service providers
Crypto ATMs — requires money transmitter licences in applicable jurisdictions

2.6 Financial Products and Services

Licensed insurance products — requires applicable insurance regulatory authorisation
Licensed investment products and fund management — requires securities regulator registration (SEC Nigeria, FCA, OSC, SEC)
Licensed debt collection — requires appropriate Consumer Credit Act or equivalent authorisation; prohibited from using harassment, deception, or unfair practices
Licensed microfinance and cooperative lending — requires CBN microfinance licence or equivalent

2.7 Nutraceuticals and Supplements

Dietary supplements, vitamins, and health products — permitted but marketing must not make unapproved health claims; NAFDAC registration required for products sold in Nigeria
Weight loss products — prohibited from making unsupported claims; must not include undeclared controlled substances
Traditional and herbal medicine — must be registered with relevant authorities (NAFDAC in Nigeria, MHRA in UK)

2.8 Telemarketing and Outbound Sales

Telephone marketing — must comply with applicable Do Not Call registries and consent requirements
High-volume outbound sales — subject to chargeback risk review; may require rolling reserve

3. Prohibited Conduct and Technical Misuse

Regardless of business category, the following conduct is expressly prohibited for all merchants:

3.1 Transaction Manipulation

Processing fraudulent, unauthorised, or fictitious transactions
Processing transactions that you know, or should know, are the product of fraud
Submitting transactions on behalf of another business, individual, or entity that has not been approved to use the Services (payment factoring or aggregation without written approval)
Transaction laundering — using your merchant account to process transactions for a different, undisclosed, or higher-risk business
Structuring — splitting a single transaction into multiple smaller transactions to circumvent transaction limits, fraud controls, or regulatory reporting thresholds
Deliberately creating false refunds, credits, or adjustments
Initiating refunds without a legitimate corresponding customer-initiated return or cancellation

3.2 Credential and Account Misuse

Sharing API keys, sandbox credentials, or dashboard login credentials with unauthorised third parties
Using sandbox/test API keys for live production transactions
Creating multiple accounts to circumvent limits, risk controls, or account suspensions
Providing false, misleading, or incomplete information during account registration or KYB verification
Failing to update account information when material changes occur (change of business ownership, business model, banking details)

3.3 Technical Attacks and Abuse

Attempting to reverse-engineer, decompile, disassemble, or extract source code from any part of the Services
Using automated bots, scrapers, or crawlers against the Services beyond documented, authorised API usage
Conducting or facilitating denial of service (DoS or DDoS) attacks against the Services or any third-party infrastructure
Attempting to probe, scan, or test the vulnerability of the Services or any associated network without Crezaro's prior written authorisation
Exploiting security vulnerabilities in the Services; instead, report vulnerabilities to [email protected] under our responsible disclosure programme
Injecting malicious code, malware, or scripts into any part of the Services
Using the Services to send spam, phishing emails, unsolicited marketing, or fraudulent communications
Circumventing rate limits, IP-based access controls, or any other security measures implemented by Crezaro

3.4 Chargeback and Refund Abuse

Maintaining a chargeback rate above 1.0% of total monthly transaction count (Visa threshold) or 1.5% (Mastercard threshold)
Engaging in or facilitating friendly fraud (instructing or incentivising Customers to file chargebacks for legitimate transactions)
Failing to honour your published refund and cancellation policy
Refusing to issue refunds for clearly defective products or undelivered services as a matter of deliberate policy

4. Transaction Limits

The following default transaction limits apply. Individual account limits may be higher or lower based on your business profile, KYB completion level, and transaction history:

Limit Type	NGN Default	Notes
Single card transaction	NGN 1,000,000	Higher limits available on request for verified high-volume merchants
Single bank transfer collection	NGN 50,000,000	Subject to CBN NIP single transfer limits
Daily transaction volume	NGN 5,000,000	Per merchant account; increases with account tier
Monthly transaction volume	NGN 50,000,000	Contact [email protected] to request increase
Daily payout to third parties	NGN 10,000,000	Subject to AML screening
International card transaction	USD 10,000 equivalent	Additional OFAC screening applied

We reserve the right to impose lower limits at any time based on risk assessment, elevated chargeback rates, or regulatory requirements. Requests for limit increases must be submitted through the dashboard with supporting documentation (financial statements, business projections, or evidence of processing history).

5. Monitoring and Enforcement

5.1 Continuous Transaction Monitoring

We monitor all transactions and account activity continuously using a combination of automated machine learning systems and manual review. Monitoring activities include:

Real-time fraud scoring on every transaction using behavioural, device, and network signals
Velocity checks — detecting unusual spikes in transaction volume, frequency, or average ticket size
Sanctions screening on all transaction parties against OFAC SDN, UN Consolidated, EU, HM Treasury, and CBN watchlists
Chargeback rate tracking and automatic alerts when thresholds are approached
Pattern analysis to detect structuring, transaction laundering, and factoring
Periodic merchant business review — we may review your website, products, and marketing materials to confirm they remain consistent with your stated business and this AUP
BIN-level analysis for unusual card acceptance patterns

5.2 Merchant Reviews

We may conduct account reviews at any time, including:

Requesting updated KYB documentation, beneficial ownership information, or source-of-funds declarations
Requesting evidence of product or service delivery, customer contracts, or business operations
Reviewing transaction samples and chargeback history
Requesting a call with your management team

Failure to cooperate with a merchant review within the timeframe specified in our request may result in account suspension.

6. Consequences of Violations

If we determine that you have violated this AUP, applicable law, Card Network rules, or the Terms of Service, we may take one or more of the following enforcement actions, at our sole discretion and without prior notice where the risk is imminent:

6.1 Warning

For less severe or first-time violations, we may issue a formal written warning identifying the violation and providing a specified remediation period (typically 5 to 30 business days). Failure to remediate within the specified period escalates to account suspension.

6.2 Temporary Suspension

We may temporarily suspend your ability to process new transactions while we investigate a concern or while you remediate a violation. During suspension, pending settlements may be held. Temporary suspensions typically last 5 to 30 business days.

6.3 Settlement Holds

We may place a hold on pending settlements where we suspect fraudulent activity, high chargeback risk, regulatory breach, or ongoing investigation. Settlement holds may be maintained for up to 180 days and may extend if legal proceedings are initiated.

6.4 Reserve Requirement

We may impose or increase a rolling or fixed reserve as described in the Terms of Service where the risk profile of your account warrants it.

6.5 Processing Limit Reduction

We may reduce your transaction processing limits, daily limits, or monthly limits as a risk mitigation measure.

6.6 Feature Restriction

We may restrict specific features (recurring billing, international card acceptance, payouts) where those features are being misused.

6.7 Permanent Termination

For serious violations — including but not limited to CSAM, sanctions violations, money laundering, and wilful fraud — we will permanently terminate your Account without notice and without the right to appeal. Permanently terminated accounts are flagged with Card Networks and may be reported to VISA/Mastercard's MATCH (Member Alert to Control High-Risk) list, which may affect your ability to obtain payment processing services from other providers.

6.8 Law Enforcement Referral

Where we identify activity that constitutes or may constitute a criminal offence, we will refer the matter to relevant law enforcement authorities, including:

Nigeria Police Force, EFCC, or NFIU
UK National Crime Agency (NCA), Action Fraud, or HMRC
Canadian RCMP or FINTRAC
US FBI, FinCEN, or OFAC
Any other law enforcement authority with jurisdiction

We will cooperate fully with any law enforcement investigation, including by providing transaction records, account information, and IP logs pursuant to valid legal process. We may also be required to file Suspicious Activity Reports (SARs) or Suspicious Transaction Reports (STRs) with applicable financial intelligence units — we are legally prohibited from disclosing such filings to you (tipping-off prohibition).

6.9 Card Network Reporting

Where required by Card Network rules, we will report violations to Visa, Mastercard, or other Card Networks. This may result in placement on scheme-level risk monitoring programmes or blacklists, including Visa's VMAS and Mastercard's MATCH/TMF programmes.

7. Reporting Violations

If you believe a Crezaro merchant is violating this AUP, using the platform for illegal purposes, or engaging in fraudulent activity, please report it to:

Email: [email protected]
Subject line: "AUP Violation Report"

Please include: the nature of the suspected violation, any evidence you have (URLs, transaction references, screenshots), and your contact information (reports can be made anonymously if preferred). All reports are handled confidentially. We investigate all reports and will take appropriate action. We do not share reporter identities with the subject of the report.

8. Appeals Process

If your account has been suspended, restricted, or terminated due to a suspected violation of this AUP, and you believe the action was taken in error, you may appeal as follows:

How to appeal: Send a written appeal to [email protected] with subject line "Account Appeal — [Your Account ID]"
What to include: A detailed explanation of why you believe the action was taken in error; relevant documentation, evidence, or context; contact information for your authorised representative
Review timeline: Appeals are reviewed by our compliance team within ten (10) business days of receipt of a complete appeal. We may request additional information, which will pause the review clock
Outcome: You will receive a written decision. If your appeal is upheld, access will be restored and any improperly held funds released. If denied, we will provide our reasons to the extent legally permissible
No appeal for certain violations: Accounts permanently terminated for CSAM, confirmed sanctions violations, or confirmed terrorist financing are not eligible for appeal under any circumstances

9. Changes to This Policy

We may update this AUP from time to time to reflect changes in applicable regulations, Card Network rules, our risk appetite, or our product offering. Material changes will be communicated via email to your registered address and/or through a notice in your dashboard, with at least thirty (30) days' notice before the change takes effect. Non-material clarifications may be made without advance notice. Continued use of the Services after the effective date of any update constitutes acceptance of the updated AUP.

10. Contact

For questions about this AUP, acceptable use determinations, or pre-application business category review, contact our compliance team:

Compliance Team
Bolrach Technologies Limited
1 Amore Street, Wuse 2
Abuja, FCT 900271
Nigeria

Email: [email protected]
Appeals: [email protected]
Security vulnerabilities: [email protected]