Having some small experience in the compliance space, it looks like the company in question (Or an employee of it) has been flagged via some government database of Dangerous parties. When a company churns you without notice or explanation, it’s usually a good signal they have reason to believe you’re a criminal or a terrorist.

If I were the company in question I’d pay for a KYC AML service and run my own info to see if anything came back up.

What's the path forwards when a company breaches their own terms of service like this?