Regulatory Disclosures

Operating entity

The Tariffi platform is operated by TARIFFI LLC, a Delaware limited liability company (the “Operator”). The Operator contracts with importer customers for IEEPA refund recovery data services and contracts separately with licensed customs broker partners for CAPE filing services. Additional corporate details (mailing address, registered-agent information, UCC-search materials) are shared with qualified counterparties during diligence via legal@tariffi.io.

NOT a licensed customs broker

Tariffi is a software platform that prepares CAPE refund-claim data. We are NOT a licensed customs broker and do NOT engage in customs business as defined under 19 U.S.C. § 1641 or 19 CFR Part 111. All CAPE declarations and post-entry amendments are filed by a licensed customs broker partner, who acts as Filer of Record. CBP deposits any refund directly into the importer's own bank account; Tariffi never holds, receives, or routes customer refund proceeds.

HTS classification scope (CBP Ruling HQ H350722)

AI-assisted HTS classification on the Tariffi platform is capped at the 6-digit HS subheading, consistent with CBP Ruling HQ H350722 (January 2026). All 10-digit HTSUS statistical-suffix determinations on a CAPE declaration are the licensed broker partner's call. Platform outputs below the 6-digit level are informational only and do not bind the broker.

FTC Telemarketing Sales Rule (16 CFR § 310)

Fees charged for recovery services are entirely contingent on successful CBP refund approval and disbursement. We do NOT collect advance fees for recovery services. This is consistent with the FTC Telemarketing Sales Rule's prohibition on advance fees for recovery services (16 CFR § 310.4(a)(2)).

Filer of Record

The Filer of Record on each CAPE submission is a CBP-licensed customs broker partner. CBP deposits the refund directly into the importer's own bank account by ACH; Tariffi is not a CBP Notify Party and never receives, holds, or administers the refund. After the refund lands, Tariffi collects only its contingency fee by a pre-authorized ACH debit from the importer's own account, as governed by the Customer Fee Agreement. Tariffi is not a bank, holds no clearing, escrow, trust, or client-funds account, and does not hold customer funds.

Broker-partner diligence; errors-and-omissions insurance

Before any broker partner is granted access to route filings through the platform, Tariffi will verify: (a) active CBP Part 111 individual and national-permit licensure, (b) the broker's Filer Code, (c) current errors-and-omissions (E&O) insurance coverage at a minimum level appropriate to the broker's filing volume, and (d) a signed broker-partnership agreement confirming flat per-filing compensation under 19 CFR § 111.36(c) with no contingency fee sharing. The importer retains the direct broker-client relationship through the Limited Power of Attorney; Tariffi is not a party to that engagement.

Security controls

Tariffi operates under a defense-in-depth security program: AES-256-GCM encryption at rest, TLS 1.2+ in transit, role-scoped database access with audit-log retention of 7 years (per 19 CFR Part 163), Clerk-managed authentication with MFA, Cloudflare Turnstile bot defense at public intake, and Sentry error-monitoring with source-map fidelity. Application infrastructure runs on Vercel (frontend) and Railway (backend + Postgres) in the United States.

Tariffi is not currently SOC 2 certified and does not hold any third-party security attestation. A diligence package describing the concrete controls above is available to qualified enterprise buyers on request at enterprise@tariffi.io. Tariffi is not a covered entity or business associate under HIPAA and does not accept Protected Health Information.

Data security

Sensitive business data (EIN, CBP 7501 details, entry lines, bank routing for the authorized ACH fee debit) is encrypted at rest with AES-256-GCM. All API traffic is protected via TLS 1.2 or higher.

Contact

For regulatory inquiries, contact support@tariffi.io. For enterprise-diligence and trust-package requests, enterprise@tariffi.io.