Access to AML / KYC Documents (Admin Guide)
Important Note: AML and KYC documents contain highly sensitive personal information. Access is controlled by a dedicated privilege and is disabled by default. Only administrators should manage this permission.
What This Permission Controls
This permission determines whether a user can:
- View AML verification reports
- Download AML / KYC PDF documents
- Access AML documents via the View AML Documents button
It applies to all AML reports, including:
- Biometric AML reports
- Instant (Manual) AML reports
Privilege Details
Privilege Name
Can access Sensitive KYC/AML Documents
Description
Allows the user to access KYC / AML documents.
Default State
❌ OFF (disabled)
Where to Configure the Permission
- Go to Settings → Users and Security
- Select Rex Users
- Open Privileges
- Navigate to the Documents section
- Locate Can access Sensitive KYC/AML Documents
- Click Save
How to Enable Access
- Check Can access Sensitive KYC/AML Documents to ON
- Save the privilege set
- Ensure the privilege set is assigned to the correct users
Once enabled, affected users will immediately be able to:
- See the View AML Documents button
- Download AML reports (PDF)
How to Remove Access
- Toggle the permission OFF
- Save the privilege set
Once disabled:
- Users can no longer download AML documents
Clicking View AML Documents shows an error message:
“You don't have permission to view this document”
This takes effect immediately.
Important Security Behaviours
When the permission is OFF, users:
- ❌ Cannot download AML reports
- ❌ Cannot access documents by copying the URL
- ❌ Cannot retrieve files via right-click or browser tools
- ❌ Cannot bypass access controls in any way
All access paths are blocked.
Audit & Compliance Logging
Every attempt to access AML documents is logged, including:
- Successful downloads
- Failed access attempts due to missing permission
Each log entry records:
- User ID
- User email
- Date and time
- Filename
- Access outcome (permitted or denied)
This applies even when access is denied.
Recommended Access Guidelines
Grant this permission only to users who:
- Are responsible for AML compliance
- Need to review or audit verification documents
- Are authorised under your internal compliance policy
Avoid granting this permission to:
- General agents
- Temporary staff
- Users without AML responsibilities
Common Admin Questions
❓ An agent says they can’t download AML reports
- Check whether their privilege set includes Can access Sensitive KYC/AML Documents
- This permission is OFF by default
❓ Does this affect AML statuses or submissions?
- No
- This permission controls document access only
❓ Is access tracked?
- Yes
- All document access attempts are recorded in the AML Audit Log