1) You are the owner of the account
or
2) You control an account which belongs to another person and, most likely, she is not aware.
Again this could be verified by signing a message with a funding bitcoin address.
It could be an option but not enough for EU AML and Italian directives we must follow.
But, again, the
OP accepted our new TOS released last April 2018 where it is clearly stated the following:
https://www.therocktrading.com/en/service_terms/38. AML REQUIREMENTS
1. When registering on the Website, the User is required to provide any necessary information and/or documents that TRT deems, in its sole discretion, to be suitable to maintain compliance with any law, regulation and internal policy (see the Anti-Money Laundering Policy adopted by TRT).
2. During the account verification process, the User must provide all documents that will be required. In particular, by registering an account on the Website, the user agrees to provide TRT, or another party delegated to carry out the anti-money laundering obligations imposed by law on behalf of TRT, with updated, accurate and complete information as required by the registration process, as well as to keep this information updated.
3. In the event of anomalous or not completely transparent operations on the User's account, TRT may request further information from the User, including but not limited to document authentication, and may also freeze all transactions pending the performance of the appropriate checks on the account.
4. TRT is entitled to block, suspend and close accounts of Users who have not been properly verified, notwithstanding any useful efforts by TRT to contact the User and urge the completion of the due verification process.
5. Documents, data, photos and other information material collected during the registration and verification of an account are subject to the retention requirement that TRT has to comply with under the anti-money laundering regulations, also using the services offered by a third party provider.
6. TRT applies regular checks on user accounts also through the request to provide information on the origin of the Assets if and when expressed or converted into virtual currency or legal tender currency. In addition, TRT is entitled to block or freeze any User account, at its discretion and without prior notice, in case of suspected illegal origin of the Assets.Also, reading our AML policies, you'll read:
LEGISLATIVE GROUNDS
Following the implementation of Directive 2015/849/EU (known as the Fourth AMLD) into our legal system, the relevant national legislation has been significantly amended, extending its scope to service providers relating to the use of virtual currency, limited to the performance of the activity of converting virtual currencies from or into legal tender currencies.
The IV AMLD has been implemented in our legal system with the Legislative Decree. 90/2017, which amended and supplemented the Anti-Money Laundering Decree. The Anti-Money Laundering Decree consists of three main pillars:
proper customer verification;
retention of customer data and information;
suspicious transaction reports.
The regulatory provisions of the Anti-Money Laundering Decree provide for an accurate identification of customer information and introduce the concept of a "risk-based approach" according to the "sensitivity" of customers, comparing customer due diligence obligations with the risk related to the customer, the product and the geolocation.Authorities at national level called upon to supervise compliance with the regulations are the Ministry of the Economy of Finance, the Financial Information Office (FIU) at the Bank of Italy, the Supervisory Authorities of each sector where the parties required to apply the regulations operate, the Anti-Mafia Investigative Directorate (DIA) and the Tax Authorities.
---------------------------------------------
In case of an inspection by the Authorities we cannot say " ohhhh we checked the signature...." They would simply fine us....
Or, after releasing the funds,
IF and I repeat
IF the OP was impersonating the real owner and, suddenly the real owner claim the assets, we cannot say " I'm sorry but we released funds based on a transaction signature...." (btw, according to our forensic analysis it would be quite difficult to do so)
She would have 100% reason to sue us for wrong doing and, she would be right to do so....
Not easy tu run a FIAT/Crypto exchange in a regulated area.....
Anyway thank you for the suggestion!