I believe we’re speaking about 2 different things here, so I’ll elaborate further to avoid confusion.
What @wh0zwh0 is referring to is the extra details which can be required on a later stage once an account is already activated. To put in different terms: each company can define its so-called Risk-based approach while complying with the JMLSG guidelines, i.e. the documents required during account setup. As a market standard, we may request an ID + Proof of address document to verify an account.
Collecting POA on an early stage of the account creation can provoke a delay with the activation - since we need to verify the authenticity of the document, the visibility of the information on it and compare the details provided by the client. What we decided instead is to accept a Selfie* (regional exceptions apply): we take a new approach to identity, combining a person’s ID with their physical biometrics. That new technology allows us to verify that the document truly belongs to the person making the account. So biometrics adds another layer of protection against stolen IDs and impersonation attacks.
Nonetheless, as mentioned - we monitor every single account, and as such, on a later stage, we may require a POA to comply with the JMLSG standards. Up until the POA is provided, we can disallow withdrawals. This doesn’t mean that the funds are “frozen”, nor that your assets are somehow at risk. Instead, all this means that you’re dealing with a company which ensures compliance with the highest regulatory requirements and that a proper & transparent reporting is present.