To use Coinbase, you must provide your real identity and supporting documents, and Coinbase can request more information at any time if required by law or if they suspect any illegal activity connected to your account.
Consumer impact (what this means for users)
Consumers must provide government-issued identity documents and financial information as a condition of service, and Coinbase may request additional documentation at any time — including during active account use — potentially freezing access to funds until verification is complete.
What you can do
⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
Export Your Data
California residents and others with applicable data rights can request a copy of the personal data Coinbase holds about them, including identity verification documents, by submitting a data access request through the Coinbase Privacy page or Help Center.
Cross-platform context
See how other platforms handle KYC/AML Identity Verification Requirements and similar clauses.
Coinbase collects and stores sensitive personal and financial identity documents, and can restrict your account while verification is pending, meaning delays in providing documents can limit your access to funds.
View original clause language
Before you are permitted to use the Coinbase Services, you must register for a Coinbase account and verify your identity. Coinbase may require you to provide additional information and documents at the request of any competent authority or in case of the application of any applicable law or regulation, including laws related to anti-laundering (money) or for counteracting financing of terrorism. Coinbase may also require you to provide additional information and documents in cases where it has reasons to believe that your transactions are connected to money laundering, terrorism financing, or other illegal activities.
REGULATORY FRAMEWORK: This provision reflects obligations under the Bank Secrecy Act (31 U.S.C. § 5311 et seq.), FinCEN's Customer Identification Program rules (31 C.F.R. § 1020.220), FinCEN's 2013 virtual currency guidance (FIN-2013-G001), and OFAC's sanctions compliance requirements (31 C.F.R. Parts 500-598). The collection and retention of identity documents also implicates the CCPA (Cal. Civ. Code § 1798.100) for California residents, GLBA privacy provisions (15 U.S.C. § 6801 et seq.), and state biometric privacy laws (e.g., Illinois BIPA, 740 ILCS 14/1 et seq.) if biometric facial recognition is used in the verification process.
🔒
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Applicable agencies
FTC
The FTC has jurisdiction over the privacy and security of personal data collected during KYC processes under Section 5 and the Gramm-Leach-Bliley Act's Safeguards Rule.
State attorneys general enforce state biometric privacy laws (e.g., Illinois BIPA) and state consumer data protection statutes applicable to the collection and storage of identity verification documents.