| Q1 | Is address-level monitoring (without amounts) sufficient for AML? |
| Q2 | Real-time vs batch monitoring — what do regulators expect? |
| Q3 | What does the EMI need to know about each wallet? KYB at mint, KYC at on-ramp — enough? |
| Q4 | EMI interaction: What compliance checks must happen when users interact with EMI (mint, burn, on-ramp)? KYB vs KYC — who needs what, when? |
| Q5 | Periodic reporting: Are there mandatory periodic reporting requirements? What exactly must be reported, to whom, and how often? |
| Q6 | Network monitoring: Is there a regulatory requirement to monitor network activity on an address basis? If so, what scope and depth? |
| Q7 | Incidents: How do we notice incidents (suspicious activity, AML hits)? What are the notification, escalation, and reporting obligations? |
| Q8 | Audit reporting: What audit reporting is required — scope, frequency, attestation, and to whom? |