Every FX order on Musubi is a complete, timestamped regulatory record from intent through settlement. This page covers what your compliance and legal teams need to know.
The Audit Trail
Each order captures the full lifecycle with immutable timestamps:
| Event | Timestamp Field | What It Proves |
|---|
| Order initiated | created_at | When the sender authorized the payment intent |
| Order expiry deadline | expires_at | Maximum window for the trade |
| Quote submitted | quote_submitted_at | When the market maker offered a rate |
| Quote accepted | quote_accepted_at | When the institution selected this quote |
| Quote validity | quote_valid_until | How long the offered rate was valid |
| Settlement completed | settled_at | When the atomic DvP finalized |
Settlement Proof
Every settled trade produces a single transaction_hash — a cryptographic proof covering all four legs of the atomic DvP. This hash:
- Proves that both currency legs settled simultaneously (no partial settlement)
- Is independently verifiable by any participant
- Serves as the definitive settlement reference for reconciliation
- Can be provided to regulators as proof of execution
Regulatory Reporting Fields
| Field | Purpose | Regulatory Relevance |
|---|
sender_party_id | Sender identity | Originator identification (FATF R.16) |
receiver_party_id | Receiver identity | Beneficiary identification (FATF R.16) |
jurisdiction_sender | Sender jurisdiction (ISO 3166) | FSA reporting scope (Japan) |
jurisdiction_receiver | Receiver jurisdiction (ISO 3166) | FSC reporting scope (Korea) |
kyc_aml_ref | KYC/AML clearance UUID | Links to your KYC provider’s verification record |
intent_signature | Sender’s cryptographic signature | Proves sender authorization without network access |
fx_rate | Executed exchange rate | Best execution documentation |
target_amount / source_amount_actual | Trade amounts | Transaction value for threshold reporting |
market_maker_party_id | Liquidity provider identity | Counterparty identification |
transaction_hash | Settlement proof | Atomic execution evidence |
Dual-Jurisdiction Reporting
Musubi operates across two regulatory jurisdictions:
| Jurisdiction | Regulator | Key Requirements |
|---|
| Japan | Financial Services Agency (FSA) | PSLMA compliance, JAFIC notification for transactions over JPY 2,000,000 |
| South Korea | Financial Services Commission (FSC) | VASP Act compliance, KoFIU reporting for transactions over KRW 10,000,000 |
jurisdiction_sender and jurisdiction_receiver fields on every order enable routing to the correct reporting regime.
KYC/AML
Every order requires a kyc_aml_ref — a UUID that references your external KYC/AML clearance record. This reference is:
- Validated at order creation — orders without a valid KYC reference are rejected
- Immutable on the order — cannot be modified after creation
- Available to regulators — cross-referenceable with your KYC provider
The KYC verification itself happens in your existing KYC system. Musubi validates that a clearance reference exists and is active; it does not perform KYC directly.
Intent Signature
When you create an order, you provide an intent_signature — a cryptographic signature over the order payload. This signature:
- Proves sender authorization — only your institution’s private key could produce it
- Is verifiable off-chain — regulators can verify the signature without accessing the settlement network
- Is tamper-evident — any modification to the order payload invalidates the signature
This is analogous to an authorized signatory on a payment instruction, but cryptographically enforceable.
Privacy Guarantees
| What | Who Can See It |
|---|
| Your order details | You, your custodian, the network operator |
| Your identity | NOT visible to market makers (RFQs are anonymized) |
| Competing quotes | You and your custodian (not other institutions) |
| Rate negotiation details | NOT visible to the receiver institution |
| Settlement confirmation | All parties to the trade |
Planned Compliance Enhancements
The following capabilities are on the roadmap for production readiness:
| Enhancement | Regulatory Driver | Status |
|---|
| Travel Rule fields (originator/beneficiary name, account, address) | FATF R.16, Japan PSLMA Art. 62-4, Korea VASP Act Art. 7 | Planned |
| Sanctions screening gate | Japan FEFTA, Korea Foreign Transactions Act | Planned |
| AML transaction monitoring with threshold alerts | Japan PSLMA Art. 62-3, Korea KoFIU reporting | Planned |
| Fee decomposition (spread, fees, mid-market rate) | Japan FSA fee disclosure, Korea FSC transparency | Planned |
| Record retention enforcement (5-year JP / 10-year KR) | Japan PSLMA Art. 63-14, Korea VASP Act | Planned |
| Audit trail hash integrity (SHA-256 chain) | Tamper detection for examination | Planned |
These enhancements are required before production licensing. Musubi is currently deployed on testnet for POC validation. Contact your Musubi integration manager for the production compliance timeline.
