Behind the Curtain: How OTC and Precious‑Metals Markets Verify Who Can Trade

Over‑the‑counter (OTC) and precious‑metals desks sit at the intersection of capital, counterparty risk and regulation. For students and teachers in fintech, understanding how firms verify who can trade is a practical gateway into digital identity, KYC/AML, accredited‑investor checks, and institutional onboarding workflows. This article uses StoneX's public permissions for OTC, securities and precious‑metals trading as a case study to unpack the verification steps and build classroom simulations you can use in a lab or coursework.

Why verification matters in OTC and precious‑metals markets

Unlike exchange‑traded products, OTC transactions are often negotiated bilaterally and can expose counterparties to concentrated credit, market and compliance risk. Market participants must therefore verify:

• Who the counterparty is (institutional identity).
• Whether the counterparty meets regulatory investor status (e.g., accredited investor).
• Whether the counterparty is subject to sanctions, PEP or adverse media screening.
• Whether the trading posture fits permissioning and risk controls (trade limits, product restrictions).

Case study snapshot: StoneX permissions as a practical anchor

Public summaries (e.g., firm filings and market notices) note that entities like StoneX Financial Limited (SFL) are authorized to arrange and execute transactions in certain OTC products, specific securities and precious metals. This permission set is a useful real‑world anchor: to operate across these markets, StoneX and similar firms implement layered verification and onboarding processes. We will use that permission profile as a running example while explaining the technology and workflows behind onboarding, KYC and investor checks.

Core components of a trade onboarding and verification workflow

1. Initial intake and identity capture: collect legal name, jurisdiction, registration numbers (e.g., company number, LEI), and primary contacts.
2. Document verification: upload and verify incorporation documents, licenses, proof of address and signatory authority.
3. Beneficial ownership and control: map UBOs, directors and sanctioned parties using corporate registry checks and BOI rules.
4. Accredited‑investor / investor suitability checks: capture certifications, financial statements or broker reliance documentation.
5. AML and sanctions screening: run name, PEP, sanctions and adverse‑media checks against global watchlists.
6. Risk scoring and permissioning: apply product permissions, credit limits, and trade controls based on risk appetite.
7. Ongoing monitoring: periodic re‑KYC, transaction monitoring and periodic revalidation of investor status.

Technology building blocks

Common fintech building blocks used to automate and secure the above steps include:

• eKYC platforms: OCR and biometric verification for identity documents.
• LEI and company‑registry APIs: establish corporate identity and registration details.
• Sanctions/PEP screening engines: automated matching with fuzzy logic.
• Verifiable credentials and digital signatures: non‑repudiable assertions of investor status or corporate standing.
• Case management systems: human reviews, remediation and audit trails.

KYC vs. accredited‑investor checks: what differs?

Both KYC and accredited‑investor checks verify parties, but they focus on different questions and data:

• KYC (Know Your Customer) asks: is this person or entity who they claim to be, and are they subject to money‑laundering or sanctions risk?
• Accredited‑investor checks ask: does this investor meet the financial sophistication or wealth thresholds required to access certain products?

Operationally, KYC is mandatory for onboarding almost any counterparty. Accredited‑investor checks are product or jurisdiction specific — for example, U.S. rules define accredited investors by income, net worth, or institutional status, while other jurisdictions have different thresholds.

How firms prove accredited investor status

Methods used in real-world workflows include:

• Self‑certification forms combined with attestations from regulated intermediaries.
• Third‑party verification: obtaining proof of income/net worth via tax returns, bank statements or regulated accountant attestations.
• Reliance on institutional status: if the counterparty is a regulated bank, pension fund or insurance company, that entity often automatically qualifies.
• Digital verifiable credentials issued by trusted authorities (emerging practice).

Institutional identity workflows (step‑by‑step)

Below is a simplified operational flow you can replicate in a classroom lab to illustrate institutional onboarding.

1. Intake: collect company legal name, jurisdiction, tax ID, LEI and primary contact. Create a sandbox profile.
2. Document upload: request certificate of incorporation, board resolution for trading authority and AML policies.
3. Verify identity: use LEI lookup and commercial registry APIs to confirm registration details.
4. UBO mapping: request shareholder register or use structured questionnaires to identify owners above the BOI threshold (e.g., 25%).
5. Risk checks: run sanctions and PEP screening; flag matches for manual review.
6. Permissions: assign product permissions (OTC metals, securities) and credit/trade limits according to risk score.
7. Final approval: compliance signs off; a trading account and API keys or trading ticketing permissions are provisioned.

Risk controls used at the desk level

Once onboarding is complete, firms implement controls to reduce trade and compliance risk:

• Pre‑trade blocks for unverified counterparties.
• Investor‑status based product gating (e.g., only accredited investors see certain precious‑metal derivatives).
• Counterparty credit limits and concentration limits.
• Audit trails and encrypted records for regulatory inspection.
• Automated suspicious activity detection tied to KYC data.

Designing classroom simulations and exercises

Teachers can build compact simulations to help students experience the end‑to‑end verification lifecycle. Below are three ready exercises.

Exercise 1 — Mock institutional onboarding (90 minutes)

1. Divide students into teams: Compliance, Sales, Technology and the Client.
2. Give the Client team a dossier (incorporation docs, sample shareholder list, contact details) and the Sales team a term sheet for a precious‑metals OTC trade.
3. The Compliance team requests documents and runs checks using public LEI lookup and a sandbox sanctions list you provide. Technology teams enable a simple intake form and document upload (Google Forms or local mock).
4. Outcome: Compliance either green‑lights trading permissions, requests further proof of accredited status or rejects onboarding. Debrief on decision drivers.

Exercise 2 — Accredited‑investor verification (take‑home)

Students draft a verification policy for retail clients. They should compare at least two approaches (self‑certification vs third‑party proof) and justify the operational and legal tradeoffs. Encourage linking to broader identity economics for context (see our primer on Economics of Digital Identity).

Exercise 3 — Build a digital credential prototype (project)

Students design a minimal verifiable credential that captures accredited status or corporate authority. They should specify fields, issuer rules and expiry, and consider portability (see principles in Identity Portability).

Practical checklist for labs and small teams

• Start with a clear scope: Which products require accredited checks? Which don’t?
• Create a sandbox sanctions list and a mock LEI registry for lookups.
• Use role cards so students understand responsibilities: who approves KYC, who handles equity ownership questions, who signs off on credit limits.
• Log decisions and produce a one‑page audit trail for each simulated onboarding.

Emerging trends to discuss in class

Three themes are shaping how verification will evolve in OTC and precious‑metals markets:

• Verifiable credentials and identity portability: reduce friction while preserving auditability.
• API‑driven registry lookups (LEI, corporate registries): automate corporate identity verification.
• Machine learning for behavioral and transaction monitoring: smarter, but requiring explainability and governance.

Teachers may also find cross‑disciplinary links useful — for example, exploring age and identity verification ethics in education contexts (The Future of Age Verification in Education) or integrity and credential resilience (Future‑Proofing Your Digital Certificates).

Ethical and regulatory considerations

When teaching or building simulations, emphasize privacy minimization and proportionality. Collect only what is necessary, encrypt sensitive documents, and be transparent in simulated policies about data retention and use. Discuss jurisdictional differences — what qualifies as an accredited investor in one country may not in another — so students learn to consider global compliance.

Final takeaway

Onboarding and verification in OTC and precious‑metals markets combine identity proofing, regulatory checks and bespoke risk controls. Using StoneX's permission profile as a case study makes these abstract controls concrete: firms must authenticate institutions, validate investor status, and gate products and trading permissions accordingly. For students and teachers, hands‑on simulations — from mock KYC flows to verifiable credential prototypes — are the most effective way to internalize these workflows and to explore the tradeoffs between automation, risk and regulatory compliance.

If you're building a course module, consider pairing this article with a practical lab: a sandbox intake form, a mock sanctions list and a small team exercise that assigns Compliance, Sales and Tech roles. That combination will demonstrate not just the checklist of verification steps, but how those steps interact in live trading decisions.