That is, the client's funds that didn't pass AML remain at the same unique address created for the request's payment until the client specifies a return address and presses the send button.
Does this term apply?
Zeusmix does not charge a fee for refunds. Refunds for TRC-20, BEP-20, and ERC-20 tokens are made by sending the user the private key that holds their funds.
Anyway, this is the weirdest way, potentially causing further problems since private keys are not supposed to be shared between 2 or more parties. If I somehow get caught on AML radar, I can just withdraw my funds while I file complaint that it wasn't me who did it.