The Rock Trading Scam www.therocktrading.com Exchange Review fraud truffa

[r34tr783tr78]

Yes I know he delivered the paid service didnt he? All 3 or 4 xtraelv posts on this thread are completely biased one side posts and were clearly paid by you. You are a Scammer Medri/eliale.
Be careful xtraelv I hate scammers accomplices. You might end with some negative feedback.
Medri/eliale is a scammer because
You trick people to create unverified accounts saying in your website "verification isn't mandatory" https://support.therocktrading.com/kb/faq.php?id=27
You wait until the user has serious money on his account and then you block his withdrawals.
But you say nothing about the block and let the user keep depositing more money for months even if your own TOS says in this case you must do "useful efforts by TRT to contact the User and urge the completion of the due verification process" TOS point 8.4 https://www.therocktrading.com/en/service_terms/3
When he complains you keep his money blocked and blackmail him to send his personal documents against your FAQ and TOS.
You first asked for the OPs documents then you wrote the OP didnt have to send them, but you added his money would be kept locked for "much more time". When the OP said he would expose this here you started asking again for his documents as a pretext. OP conclusion X and XI.
You confirmed the facts described on the OP here https://bitcointalk.org/index.php?topic=4975753.msg44951057#msg44951057
When I asked to explain why you blocked the OPs account and demanded verification in the first place you refused to answer repeatedly or gave scamish answers on this thread https://bitcointalk.org/index.php?topic=4975753.msg45512110#msg45512110
You tried to trick members of the forum by creating a new alt account to defend your acts https://bitcointalk.org/index.php?topic=4975753.msg45560191#msg45560191
You are paying for members to post here defending you https://bitcointalk.org/index.php?topic=4975753.msg46020217#msg46020217
You invented fake applicable European Laws to try to justify your acts.
You are trying to disguise your scam by lying about the Op property of the account. You know very well his evidence is more than clear.

[xtraelv]

Yes I know he delivered the paid service didnt he? All 3 or 4 xtraelv posts on this thread are completely biased one side posts and were clearly paid by you. You are a Scammer Medri/eliale.
Be careful xtraelv I hate scammers accomplices. You might end with some negative feedback.

I have never even used the rock as a customer or even spoken to someone from there - let alone being paid by them. To make such blatantly false accusation against me accompanied with threats for expressing my opinion is not cool. You have effectively publicly called me a liar and scammer - that makes you untrustworthy in my view.

Your aggressive demeanor towards me makes me think you are an alt of the OP or somehow vested in this.

Disclosure: I've never traded on that exchange and don't know anyone involved there.

xtraelv posts on this thread are completely biased one side posts and were clearly paid by you

I now require you to provide proof of this "payment". Failing to provide clear verifiable proof of payment makes you a proven LIAR.

People can have different opinions but as soon as you started accusing me and threatening me you became untrustworthy.

Archived for proof of threat and false accusation.

From an account that curiously woke up after a long sleep...



Fortunately you should be able to prove it is not a bought or hacked account by signing a message with todays date with address 1FphoN4MyqwPuWBQaN4PgHZMSkWcuitsBu
https://archive.fo/dTj4A#selection-5885.16-5885.50


What a co-incidence...  

AML & KYC is entrenched in Italian law - FACT
It is reasonably recent that it applies to virtual currencies - FACT
That exchange is located in Italy and subject to Italian law - FACT

This is a typical post by someone who does not want to disclose their identity - for unknown reasons. I tried to help at the start - it could have easily been resolved two months ago simply by sending in KYC.

Someone can have a tantrum and cause numerous posts on the internet. It doesn't make them right. If an exchange has to follow the law they do not have leeway to make exceptions. They legally cannot return the funds unless KYC is completed. It would be different if an exchange is located in some dodgy country.

The Legislative Decree No. 90 of May 25, 2017 has been published in the Ordinary Supplement No. 28 of the Italian Official Gazette No. 140 of 19 June 2017 (the Decree). The Decree amends the legislative decrees No 231 dated 21 November 2007 (Decree 231) and No. 109 dated 22 June 2007, implementing the Directive (EU) 2015/849 (IV AML Directive) on «prevention of the use of the financial system for money laundering or terrorist financing» as well as the Regulation (EU) 2015/847 on information on accompanying transfers of funds.

https://www.dlapiper.com/en/italy/insights/publications/2017/06/anti-money-laundering-directive-in-italy/

Virtual currency providers
Specific rules have also been set forth with reference to providers operating in "virtual currencies", meaning any "digital representation of value, not issued by a central bank or by a public authority, not necessarily linked to a currency with legal tender, used as a means of exchange for the purchase of goods and services and transferred, stored and negotiated electronically".

In detail, the Decree 231 now qualifies as "other non-financial operators" the virtual currency service providers, defined as "natural or legal persons providing to third parties, on a professional basis, services functional to use, exchange, store virtual currencies as well as to convert them in or from currencies with legal tender". Such providers are required to fulfil specific anti-money laundering obligations with regard to virtual currency conversion activities.

It is worthy of notice the fact that, by amending Legislative Decree no. 141, the Decree requires the virtual currency service providers to be registered in a special section of the register held by the so called "Agents and Credit Brokers Body" (Organismo degli Agenti e dei Metiatori Creditizi) which is responsible for the management of the register of financial agents and credit brokers, in accordance with Article 128-undecies of the Consolidated Banking Act.

This provision shall be implemented by a decree to be issued by the Italian Minister of Economy and Finance, detailing the reporting duties of the virtual currency service providers with regard to the operations carried out in Italy. Such reporting must be considered as an essential condition for the lawful performance of the relevant activity by the aforementioned providers.

https://www.dlapiper.com/en/italy/insights/publications/2017/06/anti-money-laundering-directive-in-italy/

It is also clearly stated in their terms:


https://support.therocktrading.com/kb/faq.php?id=64&lang=en_US


https://www.therocktrading.com/en/service_terms/5



They clearly state that they can ask for additional information and refer to their AML policy.

Note:
per our sole discretion we can require additional information or documents despite the status
Please, if you are sending documents via mail (not suggested), you can utilize only the mail we do have on file.
without updated and proper documentation FIAT deposits or withdrawals will be delayed until updated properly
please read our AML policy

I'm sick of people calling something a "scam" when it is compliance to the law.

Archived

[Coinfan]

Your alt allegations are a joke. I wish I had an older account to start this topic.

I don't know if you have any relation with the Rock and I don't really care. The facts on my OP speak from themselves.

Now you quote FAQ, but I still remember you posting

Their FAQ is not their legal terms and conditions.

I debunked many times this note on their FAQ you are quoting as a basis for what the Rock is doing:

"Nota:

    per our sole discretion we can require additional informations or documents despite the status
    without updated and proper documentation FIAT deposits or withdrawals will be delayed until updated properly
    please read our AML policy"

This note say you can require additional information or documents. So, it applies to verified customers that already sent information/documents, not to unverified. It intends to apply to situations of expired or fake documents.

That is completely confirmed by the consequence of not complying with your request for additional documents: "without updated and proper documentation FIAT deposits or withdrawals will be delayed until updated properly".

A consequence that only applies to customers that can do fiat withdrawals: verified customers. The note doesn't say you can block unverified accounts or demand verification.

And it couldn't ever say that without nullifying completely their FAQ clear statement: "Verification is not mandatory, but in order to deposit/withdraw FIAT currencies you will need it."

You quote a comment on italian legislation without actually reading it. My lawyer read the Legislative Decree No. 90 of 25 May 2017.

It only applies to the activities of crypto exchanges when they convert crypto to fiat by allowing fiat withdrawals (check article 3).

It's because of this that the Rock says on their FAQ (that you failed to mention):
“Verification is not mandatory, but in order to deposit/withdraw fiat currencies you will need it” https://support.therocktrading.com/kb/faq.php?id=27.

You can say whatever you want: their TOS and FAQ don't allow them to demand verification from unverified costumers without a very good reason. And they repeatedly refused to justify why they blocked my account.

But it seems you agree they can block withdrawals without any need to explain why and avoid notifying their customer of the block, letting him keep entrapping more money with new deposits.
Even if their TOS says that in this case they must do "useful efforts by TRT to contact the User" TOS point 8.4 https://www.therocktrading.com/en/service_terms/3

At least you don't seem to deny my ownership. But you don't think that is suspicious that, faced with so much evidence that the account is mine, they keep raising suspicions about my property.

[xtraelv]

You quote a comment on italian legislation without actually reading it. My lawyer read the Legislative Decree No. 90 of 25 May 2017.

The information that I quoted above is from DLA Piper (a global law firm)

Virtual currency providers
Specific rules have also been set forth with reference to providers operating in "virtual currencies", meaning any "digital representation of value, not issued by a central bank or by a public authority, not necessarily linked to a currency with legal tender, used as a means of exchange for the purchase of goods and services and transferred, stored and negotiated electronically".

In detail, the Decree 231 now qualifies as "other non-financial operators" the virtual currency service providers, defined as "natural or legal persons providing to third parties, on a professional basis, services functional to use, exchange, store virtual currencies as well as to convert them in or from currencies with legal tender". Such providers are required to fulfil specific anti-money laundering obligations with regard to virtual currency conversion activities.

It is worthy of notice the fact that, by amending Legislative Decree no. 141, the Decree requires the virtual currency service providers to be registered in a special section of the register held by the so called "Agents and Credit Brokers Body" (Organismo degli Agenti e dei Metiatori Creditizi) which is responsible for the management of the register of financial agents and credit brokers, in accordance with Article 128-undecies of the Consolidated Banking Act.

This provision shall be implemented by a decree to be issued by the Italian Minister of Economy and Finance, detailing the reporting duties of the virtual currency service providers with regard to the operations carried out in Italy. Such reporting must be considered as an essential condition for the lawful performance of the relevant activity by the aforementioned providers.

https://www.dlapiper.com/en/italy/insights/publications/2017/06/anti-money-laundering-directive-in-italy/



https://www.dlapiper.com/en/italy/people/

[JollyGood]

Holdings on the account belongs to the owner of the account and not to us.

Provide your information to us or, if you don't trust us to the police and I'll be more than happy to release the funds and close this issue.

Thank you

Hello eliale,

I just started following this thread yesterday.

It has be sad the OP finds himself in a very unfortunate predicament and all this negative PR really has not helped your exchange either.

Regardless of who is or is not to blame I think all parties would agree that 11 months of a customer not having access to his crypto is unacceptable.

Sure, even if you blame the customer OP for this issue may I kindly request a way out where both parties can at least achieve their objectives in a kind respectful manner?

If you feel you did not nothing then do not apologise to him and if the OP thinks he did nothing wrong then he will not apologise to you either but that should not stop a resolution which results in the OP getting back the funds/crypto that he owns but are in your control. In the end the funds belong to him and he has had them in limbo for 11 months, that is something unacceptable.

The 21 August 2018 email exchange between the OP and your CTO (as mentioned and quoted in the OP) is the basis of his defence and his argument. Please, is it possible that rather than the OP send any ID verification for FIAT deposit/withdrawals, you allow him to access his crypto just so he can send it to his desktop wallet.

Maybe both parties can say there was a misunderstanding and you will kindly allow the OP to release the crypto by sending it to his desktop. After that both you and the OP will no longer have to deal with each other.

Many thanks for your consideration.

[eliale]

Holdings on the account belongs to the owner of the account and not to us.

Provide your information to us or, if you don't trust us to the police and I'll be more than happy to release the funds and close this issue.

Thank you

Hello eliale,

I just started following this thread yesterday.

It has be sad the OP finds himself in a very unfortunate predicament and all this negative PR really has not helped your exchange either.

Regardless of who is or is not to blame I think all parties would agree that 11 months of a customer not having access to his crypto is unacceptable.

Sure, even if you blame the customer OP for this issue may I kindly request a way out where both parties can at least achieve their objectives in a kind respectful manner?

If you feel you did not nothing then do not apologise to him and if the OP thinks he did nothing wrong then he will not apologise to you either but that should not stop a resolution which results in the OP getting back the funds/crypto that he owns but are in your control. In the end the funds belong to him and he has had them in limbo for 11 months, that is something unacceptable.

The 21 August 2018 email exchange between the OP and your CTO (as mentioned and quoted in the OP) is the basis of his defence and his argument. Please, is it possible that rather than the OP send any ID verification for FIAT deposit/withdrawals, you allow him to access his crypto just so he can send it to his desktop wallet.

Maybe both parties can say there was a misunderstanding and you will kindly allow the OP to release the crypto by sending it to his desktop. After that both you and the OP will no longer have to deal with each other.

Many thanks for your consideration.

Hello and thank you for your remarks.

Yes!! 11 months is really a lot for a issue that it could be solved in one business day.... and, we do not understand why the customer doesn't want to comply to  rules and AML policies.

We do have 2 major problems here:


1) we cannot breach the law and avoid KYC/AML

2) we do have to be sure the claimer is the real owner of the account (at this point this is a major issue....)

Even if we do have very stict laws in handling documents, If the customer does not trust us in providing his/her documents, we asked him/her multiple times to open a claim with the authorities so, we will be able to solve the issue.

However, it seems like, reading previous posts that he/she does not trust the police as well.....

Please note: TRT is the oldest exchange in existence. We started business on June 1st 2011 and, since then, we processed thousands of SEPA transfers without any major problem and handled tens of thousands customers documents without one single leak.

So, why he/she doesn't want to provide information required by the laws to us or to the authorities?

I let you answer the question.....

Thank you!  

[JollyGood]

Hello and thank you for your remarks.

Yes!! 11 months is really a lot for a issue that it could be solved in one business day.... and, we do not understand why the customer doesn't want to comply to  rules and AML policies.

We do have 2 major problems here:


1) we cannot breach the law and avoid KYC/AML

2) we do have to be sure the claimer is the real owner of the account (at this point this is a major issue....)

Even if we do have very stict laws in handling documents, If the customer does not trust us in providing his/her documents, we asked him/her multiple times to open a claim with the authorities so, we will be able to solve the issue.

However, it seems like, reading previous posts that he/she does not trust the police as well.....

Please note: TRT is the oldest exchange in existence. We started business on June 1st 2011 and, since then, we processed thousands of SEPA transfers without any major problem and handled tens of thousands customers documents without one single leak.

So, why he/she doesn't want to provide information required by the laws to us or to the authorities?

I let you answer the question.....

Thank you!  

Many thanks for your post.

Now it is clear the user does not want FIAT sent to his bank. If he has 35,000 EUR worth of crypto can you allow access to it or allow him to send you his wallet address so you can send it to him?

Personally, I have never used any exchange which asks for KYC as I never trust anybody with my ID. Many people have their own reasons for not wanting to send ID to companies over the net, it is very common. It is equally common for users that are happy to trust to send their ID to exchanges. For those that do or not want to send, both have my respect.

If they ask for KYC then users who do not want to send ID should not sign up, simple. In this case your CTO advised the customer that ID would not be required.

Please could this issue be resolved and all parties involved can say it was a misunderstanding?

Is it possible maybe you could sent the crypto to the user (or allow him to withdraw it) and after that both parties will not trade with each other again.

[eliale]

Hello and thank you for your remarks.

Yes!! 11 months is really a lot for a issue that it could be solved in one business day.... and, we do not understand why the customer doesn't want to comply to  rules and AML policies.

We do have 2 major problems here:


1) we cannot breach the law and avoid KYC/AML

2) we do have to be sure the claimer is the real owner of the account (at this point this is a major issue....)

Even if we do have very stict laws in handling documents, If the customer does not trust us in providing his/her documents, we asked him/her multiple times to open a claim with the authorities so, we will be able to solve the issue.

However, it seems like, reading previous posts that he/she does not trust the police as well.....

Please note: TRT is the oldest exchange in existence. We started business on June 1st 2011 and, since then, we processed thousands of SEPA transfers without any major problem and handled tens of thousands customers documents without one single leak.

So, why he/she doesn't want to provide information required by the laws to us or to the authorities?

I let you answer the question.....

Thank you!  

Many thanks for your post.

Now it is clear the user does not want FIAT sent to his bank. If he has 35,000 EUR worth of crypto can you allow access to it or allow him to send you his wallet address so you can send it to him?

Personally, I have never used any exchange which asks for KYC as I never trust anybody with my ID. Many people have their own reasons for not wanting to send ID to companies over the net, it is very common. It is equally common for users that are happy to trust to send their ID to exchanges. For those that do or not want to send, both have my respect.

If they ask for KYC then users who do not want to send ID should not sign up, simple. In this case your CTO advised the customer that ID would not be required.

Please could this issue be resolved and all parties involved can say it was a misunderstanding?

Is it possible maybe you could sent the crypto to the user (or allow him to withdraw it) and after that both parties will not trade with each other again.

Hello,

no, we cannot. Present EU AML directives are quite clear.

But, if we could, in the specific case, we are not positive he/she is the real account owner. So, for his/her protection, and for all of us including our customers, we cannot release funds based on a chat claim....

For example: let's suppose your account has been hacked, would you be happy if we were releasing your funds based on a chat claim?? 

But again, if he does not trust us, he/she can open a cliam with the authorities, they'll contact us, provide us with the information and we'll release funds.  It is a longer procedure but the choice is not up to us.

[Mirae]

Hello and thank you for your remarks.

Yes!! 11 months is really a lot for a issue that it could be solved in one business day.... and, we do not understand why the customer doesn't want to comply to  rules and AML policies.

We do have 2 major problems here:


1) we cannot breach the law and avoid KYC/AML

2) we do have to be sure the claimer is the real owner of the account (at this point this is a major issue....)

Even if we do have very stict laws in handling documents, If the customer does not trust us in providing his/her documents, we asked him/her multiple times to open a claim with the authorities so, we will be able to solve the issue.

However, it seems like, reading previous posts that he/she does not trust the police as well.....

Please note: TRT is the oldest exchange in existence. We started business on June 1st 2011 and, since then, we processed thousands of SEPA transfers without any major problem and handled tens of thousands customers documents without one single leak.

So, why he/she doesn't want to provide information required by the laws to us or to the authorities?

I let you answer the question.....

Thank you!  

Many thanks for your post.

Now it is clear the user does not want FIAT sent to his bank. If he has 35,000 EUR worth of crypto can you allow access to it or allow him to send you his wallet address so you can send it to him?

Personally, I have never used any exchange which asks for KYC as I never trust anybody with my ID. Many people have their own reasons for not wanting to send ID to companies over the net, it is very common. It is equally common for users that are happy to trust to send their ID to exchanges. For those that do or not want to send, both have my respect.

If they ask for KYC then users who do not want to send ID should not sign up, simple. In this case your CTO advised the customer that ID would not be required.

Please could this issue be resolved and all parties involved can say it was a misunderstanding?

Is it possible maybe you could sent the crypto to the user (or allow him to withdraw it) and after that both parties will not trade with each other again.

Hello,

no, we cannot. Present EU AML directives are quite clear.

But, if we could, in the specific case, we are not positive he/she is the real account owner. So, for his/her protection, and for all of us including our customers, we cannot release funds based on a chat claim....

For example: let's suppose your account has been hacked, would you be happy if we were releasing your funds based on a chat claim?? 

But again, if he does not trust us, he/she can open a cliam with the authorities, they'll contact us, provide us with the information and we'll release funds.  It is a longer procedure but the choice is not up to us.

how would a hacker remain in the control of that account for 11 months ? How would a hacker have access to the bank account where the early small withdrawals were sent ?

[JollyGood]

Hello,

no, we cannot. Present EU AML directives are quite clear.

But, if we could, in the specific case, we are not positive he/she is the real account owner. So, for his/her protection, and for all of us including our customers, we cannot release funds based on a chat claim....

For example: let's suppose your account has been hacked, would you be happy if we were releasing your funds based on a chat claim??  

But again, if he does not trust us, he/she can open a cliam with the authorities, they'll contact us, provide us with the information and we'll release funds.  It is a longer procedure but the choice is not up to us.

I appreciate the response and you looking in to the matter. As you mentioned in your first post to me your exchange has been going a long time so I respect you when you say you cannot release funds based on chat claims.

I read the title of thread but I cannot right now see this being selective scamming because I have seen what selective scamming looks like in the threads here and more:

https://bitcointalk.org/index.php?topic=5007142.0
https://bitcointalk.org/index.php?topic=4619534.0
https://bitcointalk.org/index.php?topic=5034589.0

Yours seems to be a genuine business going back all those years so sure I think there is a misunderstanding between the user and your team

The user in question stated he has the same email address which you can cross reference from the IP address from the email and he has the same email address.

Your AML/KYC rules changed after the User was an existing customer. When he became aware of it he was told by your CTO that he did not have to send ID otherwise he would have moved his crypto out earlier.

Surely there has to be a way out of this where you do not have to send FIAT and he does not have to send his ID. Please would you look at the conversation between the User and your CTO where there was incorrect information given to the OP?

Please would you kindly consider allowing the OP to write to your email address with his crypto wallet address so you can cross reference his IP address along with any questions you want to ask to verify his account (such as his previous trades and dates) then you can release his crypto to him?

Thank you

[eliale]

Your AML/KYC rules changed after the User was an existing customer. When he became aware of it he was told by your CTO that he did not have to send ID otherwise he would have moved his crypto out earlier.

The user accepted the new TOS.

Still, since 2011, if we are not positive about the identity, we do have to check for security issues. Believe me, we have seen any kind of examples in the past 8 years....

I want to believe he/she is the owner. In this case, I'm positive he/she will provide to us, or to the authorities, what we need in order to promptly release funds. As simple as that

Thank you!

PS: The CTO is not  the Compliance officer.

[JollyGood]

The user accepted the new TOS.

Still, since 2011, if we are not positive about the identity, we do have to check for security issues. Believe me, we have seen any kind of examples in the past 8 years....

I want to believe he/she is the owner. In this case, I'm positive he/she will provide to us, or to the authorities, what we need in order to promptly release funds. As simple as that

Thank you!

PS: The CTO is not  the Compliance officer.

So in order to clear this up and for the user to get access to his funds again, you want him to login to his account and upload his ID?

Specifically which ID do want from him? Please list it here.

Since there are issues between yourself and the User will you guarantee that you will not start making more problems but asking him for more and more things because under your ToS you can use (if you want to) loopholes to make things very difficult for the OP.

If he agrees, after you get the ID how long will it take for him to get either the FIAT to his bank or access to transfer the crypto out of your wallets?

[r34tr783tr78]

Medri/Eliale you are a scammer and a liar. The OP already posted europeans directives only apply to State members for them to create regulations. And the OP just posted the italian regulation created to execute these directives

My lawyer read the Legislative Decree No. 90 of 25 May 2017.[/b]

It only applies to the activities of crypto exchanges when they convert crypto to fiat by allowing fiat withdrawals (check article 3).

You cant ask for OP documents under your TOS/FAQ or italian law.

[eliale]

The user accepted the new TOS.

Still, since 2011, if we are not positive about the identity, we do have to check for security issues. Believe me, we have seen any kind of examples in the past 8 years....

I want to believe he/she is the owner. In this case, I'm positive he/she will provide to us, or to the authorities, what we need in order to promptly release funds. As simple as that

Thank you!

PS: The CTO is not  the Compliance officer.

So in order to clear this up and for the user to get access to his funds again, you want him to login to his account and upload his ID?

Specifically which ID do want from him? Please list it here.

Since there are issues between yourself and the User will you guarantee that you will not start making more problems but asking him for more and more things because under your ToS you can use (if you want to) loopholes to make things very difficult for the OP.

If he agrees, after you get the ID how long will it take for him to get either the FIAT to his bank or access to transfer the crypto out of your wallets?

Sure,

our FAQ: https://support.therocktrading.com/kb/faq.php?cid=1&lang=en_US

and our AML policy: https://www.therocktrading.com/en/service_terms/5

If all docs are going to be fine, in one or two business days funds will be released (sooner if possible)

Thank you!

[JollyGood]

Sure,

our FAQ: https://support.therocktrading.com/kb/faq.php?cid=1&lang=en_US

and our AML policy: https://www.therocktrading.com/en/service_terms/5

If all docs are going to be fine, in one or two business days funds will be released (sooner if possible)

Thank you!

Considering the OP will not send you any ID, is there please any other way to solve this issue?

[eliale]

Sure,

our FAQ: https://support.therocktrading.com/kb/faq.php?cid=1&lang=en_US

and our AML policy: https://www.therocktrading.com/en/service_terms/5

If all docs are going to be fine, in one or two business days funds will be released (sooner if possible)

Thank you!

Considering the OP will not send you any ID, is there please any other way to solve this issue?

Yes, if he/she doesn't trust us, we strongly suggest him/her to report it to the authorities in order to solve once forever this issue.

More than this we cannot do anything......

[Coinfan]

1) we cannot breach the law and avoid KYC/AML

no, we cannot. Present EU AML directives are quite clear.

He knows very well that european directives don't have direct effect on private relations. Only bind states to adopt internal legislation.  https://en.wikipedia.org/wiki/Directive_(European_Union).

I told him that more than a month ago:

You quoted European directives?! You have to know that directives are only binding on State members in order to compel them to approve national legislation. They are completely irrelevant on the relations between private persons, as you well know.

He is invoking european directives (only the 5th AML european directive of 2018 applies to crypto exchanges, but Italy hasn't yet execute it with internal legislation) well aware that they are irrelevant to this case.

But as I said, Italy adopted their Legislative Decree No. 90 of 25 May 2017 on AML and KYC duties, but his article 3, n.º 5, says that crypto exchanges are restrictively ("limitatamente") subject to this duties only on their operations of conversion from crypto to fiat. That is, to customers who ask for fiat withdrawals. I left clear 4 years ago to him on an email exchange that I wouldn't ask for any fiat withdrawal. And he confirmed their TOS: that in this case verification was voluntary.

What they are doing is completely contrary to their own TOS/FAQ and to italian law.

Again I want to thank r34tr783tr78, Mirae and now JollyGood for their attention to this case.

[xtraelv]

1) we cannot breach the law and avoid KYC/AML

no, we cannot. Present EU AML directives are quite clear.

He knows very well that european directives don't have direct effect on private relations. Only bind states to adopt internal legislation.  https://en.wikipedia.org/wiki/Directive_(European_Union).

I told him that more than a month ago:

You quoted European directives?! You have to know that directives are only binding on State members in order to compel them to approve national legislation. They are completely irrelevant on the relations between private persons, as you well know.

He is invoking european directives (only the 5th AML european directive of 2018 applies to crypto exchanges, but Italy hasn't yet execute it with internal legislation) well aware that they are irrelevant to this case.

But as I said, Italy adopted their Legislative Decree No. 90 of 25 May 2017 on AML and KYC duties, but his article 3, n.º 5, says that crypto exchanges are restrictively ("limitatamente") subject to this duties only on their operations of conversion from crypto to fiat. That is, to customers who ask for fiat withdrawals. I left clear 4 years ago to him on an email exchange that I wouldn't ask for any fiat withdrawal. And he confirmed their TOS: that in this case verification was voluntary.

What they are doing is completely contrary to their own TOS/FAQ and to italian law.

Again I want to thank r34tr783tr78, Mirae and now JollyGood for their attention to this case.

https://gettingthedealthrough.com/area/50/jurisdiction/15/anti-money-laundering-italy/

Studio Legale Pisano is an Italian boutique firm which specialises in all areas of white-collar crime, including corporate criminal responsibility, corruption, market abuse and false accounting, tax crimes, money laundering, fraud and recovery of assets, bankruptcy crimes, environmental and health-and-safety crimes.

Qualifying assets and transactions
Is there any limitation on the types of assets or transactions that can form the basis of a money laundering offence?

There is no limitation on the types of assets that can form the basis of a money laundering offence, and there is no monetary threshold to prosecution. However, where the goods laundered have a limited value, or they derive from a less serious predicate offence (punished with imprisonment for less than five years), mitigating circumstances could apply, which can decrease the amount of the effective punishment.

Reform of anti-money laundering regulation (vanberings - law firm)

https://vanberings.com/EN/Site/News/2017/Reform-of-anti_money-laundering-regulation

DECRETO LEGISLATIVO 25 maggio 2017, n. 90
http://www.gazzettaufficiale.it/eli/id/2017/06/19/17G00104/sg

It specifically refers to:

qq) virtual currency: the digital representation of value, not issued by a central bank or a public authority, not necessarily linked to a currency that is legal tender, used as a medium of exchange for the purchase of goods and services e-transferred, stored and negotiated electronically.

<snip>
I have on the Rock Trading exchange 35519 euros
<snip>

An entity is required to carry out an adequate client and/or beneficial owner due diligence in case of ongoing business relationship or occasional transaction involving the transfer or the handling of payment of an amount equal to or higher than 15,000 Euro

n) identification data: name and surname, place and date of birth, residence and domicile, where different from residence of the registry, the details of the identification document and, where assigned, the tax code or, in the case of subjects other than natural person, the name, the registered office and, where assigned, the fiscal Code;

[JollyGood]

PS: The CTO is not  the Compliance officer.

So why did he give wrong advice to the OP?

Why did you continue to accept deposits from him even though you changed your ToS and then when he questioned it your CTO overstepped the mark and not only said ID was not required but also made it clear that some people from the company will try hard to make life difficult but nevertheless ID was not required?

Yes, if he/she doesn't trust us, we strongly suggest him/her to report it to the authorities in order to solve once forever this issue.

More than this we cannot do anything......

He first traded with you 6 years ago. If you treat your oldest customers in this way how can anybody take your exchange or business seriously? You could easily return his crypto to him and as long as there is no FIAT involved then there is no need for him to send ID.

I am sure the OP is doing the right thing by not sending his ID. The reason is because it seems quite clear you will not release his funds and the primary reason is simply because you want to make things more difficult after he came here asking for help. It brought bad PR for your exchange.

There is no limitation on the types of assets that can form the basis of a money laundering offence, and there is no monetary threshold to prosecution. However, where the goods laundered have a limited value, or they derive from a less serious predicate offence (punished with imprisonment for less than five years), mitigating circumstances could apply, which can decrease the amount of the effective punishment.

If somebody does not trade and just deposits, then wants his fund back in the same format he sent them, then there is no need for ID verification.

Do you expect someone to send you his ID after you accept his deposits when you already told him he does not need to send ID.

This is sounding more and more like selective scamming. I am 100% in agreement for the OP to never send you ID.

Please return his crypto in the same format (XRP, BTC etc) that he sent it to you therefore ID verification can be bypassed.

You would destroy your reputation and an old exchange by selective scamming a 6 year old loyal customer just for 35,000 EURO?

[xtraelv]

If somebody does not trade and just deposits, then wants his fund back in the same format he sent them, then there is no need for ID verification.

That is not correct. Once a customer sends funds there is a "business relationship".

I'm not familiar with Italian law specifically but I am very familiar with various other countries laws regarding AML legislation.

It is different if you are dealing with a dodgy exchange that hides behind anonymity or dodgy country that give any  legal status to Crypto.
Those exchanges are not even legal entities and therefore cannot possibly comply with AML laws.
Legal exchanges cannot return funds if the source requires to be identified. They are not likely to tell anyone publicly the exact concerns and while I have no idea of the exact reason the customer requires to provide KYC for AML purposes - my guess is that it is because their balance is over 15K euros. There could potentially also be an issue with the source or the destination of the funds.

A large number of exchanges are going through changes that require them to comply with AML laws.  

The main anti-money laundering duties (enshrined in Italian law)  relate to:

Customer due diligence
Data retention duties
and
Reporting duties.

At this regard, the obliged entity shall:

carry out an adequate client and/or beneficial owner due diligence in case of ongoing business relationship or occasional transaction involving the transfer or the handling of payment of an amount equal to or higher than 15,000 Euro or in any case, i) in case of doubts concerning the truthfulness of the data obtained or suspects of money-laundering or terrorism financing regardless of any exemption applicable; ii) clients located in high risk countries identified by the European Commission; iii) cross-border correspondence with a corresponding credit institution or financial institution in a third country; iv) ongoing professional relationships or transaction performance with clients and in case of politically exposed persons.

shall retain a copy of the documents collected during the customer's due diligence, indicating: i) the relevant date of the establishment of the business relationship; ii) personal data of the customer and/or the beneficial owner iii) the scope and nature of the legal relationship or of the transaction in place; iv) means of payment used by the customer.

shall submit without delay a suspicious transaction report to the UIF (Financial Intelligence Unit for Italy) when they become aware of, suspect or have reasonable grounds to suspect that terrorism financing or money laundering are in process or terrorism operations are being carried out or attempted, or whatever funds, regardless of their size, come from criminal activity.

https://vanberings.com/EN/Site/News/2017/Reform-of-anti_money-laundering-regulation

https://publications.europa.eu/en/publication-detail/-/publication/0bff31ef-0b49-11e5-8817-01aa75ed71a1/language-en