Assetera Docs
Concepts

Tenancy & responsibility

One multi-tenant Marketplace API, per-tenant catalogs, and who is responsible for KYC/AML under a reliance vs a tied-agent arrangement.

Assetera serves its own investors and distribution partners' customers through one shared, multi-tenant Marketplace API. There is no per-partner deployment: every partner (and Assetera itself) is a tenant of the same service, strictly isolated from the others.

Assetera is a tenant of its own API.

How a tenant is resolved

The tenant a request belongs to is never a request parameter or header the caller can set. It is a signed claim in the caller's token, minted by that tenant's own identity client, and the API reads it server-side and scopes every query to it.

A tenant sees only its own catalog, its own users' activity and its own audit trail. Its catalog is set by entitlement (instruments are assigned to a tenant), so two partners can be offered different subsets of the same underlying assets. (See the catalog lifecycle.)

Who is responsible for KYC / AML

Assetera runs the compliance layer. Assetera is the responsible party for KYC and AML. A partner operates under one of two arrangements, which change who performed the customer due diligence, not who monitors trading:

Reliance agreementTied agent
The partner isa separately regulated entityan appointed representative under Assetera's licence
Who did the CDDthe partner (Assetera relies on it)Assetera (or on Assetera's behalf)
Transaction monitoring & market-integrityAsseteraAssetera
Regulatory responsibilityshared per the agreementAssetera carries it

In both cases Assetera remains responsible for transaction monitoring, market-integrity controls, and, where it is the executing broker, MiFIR transaction reporting.

Reliance does not mean "no data"

Under a reliance agreement a partner's already-verified customer can transact without Assetera re-running KYC: the token carries the KYC status, level, verification date and the source of KYC. But reliance is about who performed CDD, not who monitors transactions. A defined minimum still travels:

  • Per partner: the agreement reference, the entity that performed CDD (with its LEI), a commitment to retrieve the underlying records on request, and the reporting role: is the partner the executing broker (they carry MiFIR reporting) or white-label (Assetera carries it)?
  • Per customer: a stable identifier, KYC status/level, investor category, and wallet address(es).
  • Per transaction: who/what/when/how much, plus reportable identifiers where Assetera is the executing broker.

The exact regulatory setup (reliance vs tied agent, executing-broker vs white-label, and the precise minimum data set) is fixed per partner with Assetera's Compliance team. The above is the shape of the model, not a legal determination.

Next

On this page