AML KYC Policy

1. Anti-Money Laundering/ Know Your Customer (AML/KYC)

The Company protects itself from involvement in money laundering or suspicious activity by the following:

1. Performing an enterprise-wide risk assessment to determine the risk profile of the Company
2. Establishing AML policies and procedures
3. Implementing internal controls throughout its operations that are designed to mitigate risks of money laundering
4. Performing know your customer (“KYC”) procedures on all users
5. Designating a Compliance Officer with full responsibility for the AML Program
6. Conducting an annual AML audit
7. Providing AML training to all employees

Policies and Procedures

The Policy will be approved by the Company’s Board.  The Policy once approved will be provided to all employees.  Each employee will acknowledge the Policy in writing.  All policies and procedures will be reviewed and updated or revised as needed, but no less often than annually.

Internal Controls

The Company has developed and implemented internal controls for the purpose of ensuring that all of its operations comply with all AML legal requirements and that all required reports are made on a timely basis. Some of those internal controls are listed within this document and include, but are not limited to, the Customer Identification Program, the Suspicious Activity Reporting system, and the required reports on the Program’s effectiveness to the Board.

Training

All of the officers and employees of the Company are required to receive AML training at least annually.  The Company will track the training progress of all employees and maintain documentation of each employee, the date of the AML training as well as a description of such training. New employees will receive appropriate AML training within 30 days of their hire date. Training for all employees will include not only the legal elements of AML laws and regulations but will also cover job specific applications of these laws. Ongoing training will be provided and updated regularly to reflect current developments and changes to laws and regulations.

2. Customer Identification

It is the Company’s policy to ensure that it has reasonably identified each customer who uses the Company’s virtual currency exchange platform. Users may be identified using a variety of methods.

Account Opening Procedures

Additionally, the Company will, as part of its account-opening process:
(i) cross-check the names of users against compliance databases such as the OFAC Specially Designated Nationals list and other governmental watch lists;
(ii) require users to provide proof of  identification;
(iii) not permit any trades to be made with incomplete account-opening information.

Proof of Identification

Businesses

1. Business name
2. Name of businesses representative for the account
3. The address of the customer’s principal place of business and, if different, the customer’s mailing address. If the customer has a local address different from its principal place of business, the local address.
4. Official issued identification number of the principal(s) involved with the account (e.g., passport number, social security number, employee identification number or individual taxpayer identification number)
5. Copy of valid photo identification of the principal(s) involved with the account (e.g., drivers license, armed forces identification, passport, alien identification card)
6. Customer due diligence procedures will be followed to determine the beneficial owners of corporate or trust accounts. This would include determining if the customer is an agent of or on behalf of another; obtaining information about the structure or ownership of a customer who is a legal entity that is not publicly traded in the respective region; and where the customer is a trustee, obtaining information about the trust structure, determining the provider of the funds and any persons who have control over the funds or the power to remove the trustee.

Individual

1. Name, Date and place of birth
2. Residence address and mailing address if different (PO Box alone will not be acceptable)
3. Official issued identification number (e.g., passport number, social security number, employee identification number or individual taxpayer identification number)
4. Copy of valid photo identification of the principal(s) involved with the account (e.g., drivers license, armed forces identification, passport, alien identification card)

Verification

Documents used in opening an account must be verified prior to establishing the account.  Verification of identity will require multi-factor authentication, layered security and other controls to ensure a meaningful user identity confirmation process based on account size or other factors.

The following are examples of verification methods the Company may use:

1. Obtaining proof of address, such as a copy of a utility bill or bank statement from the account holder.
2. Having a telephone call after the account is open.
3. Obtaining a financial statement for a business account.
4. Comparing the identifying information with information available from a trusted third party source, such as a credit report from a consumer-reporting agency like Veratad, Lexus Nexus Instant ID, Jumio etc
5. Analyzing whether there is logical consistency between the identifying information provided, such as the customer’s name, street address, ZIP code, telephone number, date of birth, and social security number (logical verification).
6. Utilizing knowledge-based challenge questions.
7. Utilizing complex device identification (such as “digital fingerprints” or geo-location checks).
8. Obtaining a notarized copy of an individual’s birth certificate or a business’ certificate of incorporation sealed with an apostille for valid identification.
9. The company will not be able to verify multiple accounts of the customers in line with their identity documents which lead to the closure of their accounts.

3. Suspicious Transaction & Activity Reports

The Company will diligently monitor transactions for suspicious activity. Transactions that are unusual will be carefully reviewed to determine if it appears that they make no apparent sense or appear to be for an unlawful purpose. Internal controls will be implemented so that a monitoring system is in place to detect such activity as it occurs. When such suspicious activity is detected, the Compliance Officer will determine whether a filing with any law enforcement authority is necessary.

Suspicious activity can include more than just suspected money laundering attempts.  Activity may be suspicious, and the Company may wish to make a filing with a law enforcement authority, even if no money is lost as a result of the transaction.

The Compliance Officer will initially make the decision of whether a transaction is potentially suspicious. Once the Compliance Officer has finished his review of the transaction details, he or she will consult with the Company’s senior management to make the decision as to whether the transaction meets the definition of suspicious transaction or activity and whether any filings with law enforcement authorities are required.

The Compliance Officer will maintain a copy of the filing as well as all back up documentation. The fact that a filing has been made is confidential. No one, other than those involved in the investigation and reporting should be told of its existence. In no event should the parties involved in the suspicious activity be told of the filing. The Compliance Officer may inform the Company’s Board of the filing and the underlying transaction.

4. Reporting Requirements

Reasonable procedures for maintaining records of the information used to verify a person’s name; address and other identifying information are required under this Policy. The following are required steps in the record keeping process:

1. The Company is required to maintain a record of identifying information provided by the customer.
2. Where the Company relies upon a document to verify identity, the Company must maintain a copy of the document that the Company relied on that clearly evidences the type of document and any identifying information it may contain.
3. The Company must also record the methods and result of any additional measures undertaken to verify the identity of the customer.
4. The Company must record the resolution of any discrepancy in the identifying information obtained.
5. All transaction and identification records will be maintained for a minimum period of five years.

5. AML Audit

The Compliance Officer is responsible for directing the annual AML audit of the Company’s operations. The independent audit will be conducted by an independent third party, with working knowledge of compliance requirements, or by Company personnel with working knowledge of compliance requirements, none of whom work for the Compliance Officer. The Compliance Officer will develop corrective action plans for all issues that are raised in the audit and will provide the audit report and all corrective action plans to the Company’s senior management for review. Reports of the corrective action will continue until all are resolved.

For further queries on compliance, email us at [email protected]