AML/CFT Policy
Anti-Money Laundering/Countering the Financing of Terrorism Policy
For
Responsible Officer/Document Owner | Chief Operating Officer |
Document Classification | Internal/External Use |
Version No. | 1 |
Abbreviations
AML/CFT Anti-Money Laundering and Countering Financing of Terrorism
CDD Customer Due Diligence
CIP Customer Identification Programme
EDD Enhanced Due Diligence
EU European Union
FAFT Financial Action Task Force
KYC Know Your Customer
ML/FT Money Laundering and Financing Terrorism
OFAC Office of Foreign Assets Control
OFSI Office of Financial Sanctions Implementation
Palremit Palremit Corporation and/or its affiliates or subsidiaries as the case may be.
PEP Politically Exposed Person
SDD Simplified Due Diligence
UBO Ultimate Beneficial Owner
UN United Nations
US United States of America
- Policy Statement
- Recognizing the critical importance of preventing money laundering and the financing of terrorism, Palremit Corporation (“Palremit”, “we”, “us”, “our”) has developed this policy to promote integrity and ethical conduct in its operations. We are dedicated to monitoring, detecting, preventing, and reporting suspicious activities in the delivery of our service across multiple jurisdictions.
- In implementing this Policy, we aim to:
- Ensure that our services are provided in compliance with local laws and international best practices on anti-money laundering and countering the financing of terrorism.
- Ensure that the identities of users, clients, or business partners are satisfactorily verified and known throughout the business relationship.
- Identify and promptly report suspicious users, clients, and transactions, and fully cooperate with relevant authorities.
- Provide awareness and guidance to all employees towards identifying suspicious activities and transactions and ensuring that appropriate actions are taken in that regard.
- This Policy shall apply to Palremit and all its affiliates and subsidiaries.
- Money Laundering and Terrorist Financing
- Money laundering is an illegal act or process of changing or concealing the identity of illegally obtained money, funds, or assets to make them appear to have originated from a legitimate source. Money laundering may include the act of a person who:
- Engages, directly or indirectly, in a transaction that involves proceeds of an unlawful activity.
- Acquires, receives, possesses, disguises, transfers, converts, exchanges, carries, disposes, uses, removes from, or brings into a country proceeds of any unlawful activity.
- Conceals, disguises, or impedes the establishment of the true nature, origin, location, movement, disposition, title of, rights with respect to, or ownership of, proceeds of an unlawful activity.
- Participates in, is an accomplice in, attempts to, aids, facilitates, or provides counsel regarding any of the acts referred to above.
- Money Laundering is usually a process of the three (3) stages below:
- Placement: When the criminal introduces illegal profits and ill-gotten gains into the financial system. It is the physical disposal or dealing of the initial proceeds derived from illegal activities.
- Layering: This is when the criminal engages in a series of fund conversions or movements to distance them from its source. The illicit proceeds are separated from their source by creating complex layers of financial transactions designed to disguise the audit trail and provide an appearance of legitimacy as well as anonymity.
- Integration: Once layering succeeds, the criminal proceeds have been successfully laundered, i.e. cleaned, and are regarded for all intent and purpose as legitimate funds and then reintroduced back into the financial system through investment, purchase of goods/services, etc.
- Financing terrorism is any transaction linked to terrorist activities. The fund used may be legitimate and not necessarily owned by a terrorist but is transferred or used in relation to terrorism or for the purpose of promoting terrorism. Essentially, financing of terrorism involves:
- Providing or collecting property for carrying out an act of terrorism.
- Providing services for terrorism purposes.
- Arranging for retention or control of terrorist property, or
- Dealing with terrorist property.
- Money laundering is an illegal act or process of changing or concealing the identity of illegally obtained money, funds, or assets to make them appear to have originated from a legitimate source. Money laundering may include the act of a person who:
- Governance
- Board of Directors
The roles and responsibilities of the Board of Directors in relation to this Policy shall include but not be limited to:
- Ratifying AML/CFT policies and programs, including training programs, developed or approved by the AML/CFT Officer.
- Appointing a qualified AML/CFT Officer from the management team with comprehensive technical knowledge of the Palremit’s internal service delivery processes and standard AML/CFT requirements.
- Reviewing and approving recommendations from the AML/CFT Officer to the Board.
- AML/CFT Officer
The roles and responsibilities of an AML/CFT Officer under this Policy shall include but not be limited to:
- Coordinating, implementing, monitoring, and ensuring adherence to this Policy by stakeholders and members of staff.
- Ensuring compliance with applicable laws and regulations on AML/CFT.
- Ensuring the maintenance of records of compliance with this Policy.
- Preparing routine reports to the Board on AML/CFT compliance.
- Developing specific ML/FT indicators that will assist in detecting money laundering/ financing of terrorism.
- Ensuring adequate technology and controls are implemented to minimize risks of money laundering and terrorist financing.
- Organizing periodic AML/CFT compliance and reporting training sessions for various categories of employees and stakeholders.
- Investigating suspicious transactions and where required, reporting such transactions to responsible technical partners or the appropriate authority.
- Serving as the primary representative for the Company in interactions with relevant law enforcement agencies, including receiving and submitting AML/CFT reports.
- Employees
Employees shall:
- Familiarize themselves with their respective roles in effectively implementing this Policy.
- Ensure compliance with this Policy in the discharge of their respective duties.
- Report any violation of this Policy to the AML/CFT Officer.
- Identify and report suspicious activities and transactions to the AML/CFT Officer.
- Attend AML/CFT training sessions organized by Palremit to enhance competency and knowledge.
- Risk Management Operating Procedure
Palremit’s Risk Management Operating Procedure encompasses risk assessment, risk profiling, risk rating, and risk mitigation.
- Risk AssessmentRisk is assessed on three (3) major basis:
- Customer/Client Assessment
The risk profile of users or client may be assessed on the following basis:
- Economic: assessing users based on the purpose or nature of their business. For example, shell companies located in high-risk jurisdictions or cash-intensive businesses (i.e., casinos, jewel, real estate and precious metals dealers) may be categorized as high-risk.
- Geographic: assessing the users based on their geography, place of residence or place of business. Users resident or doing business in countries under economic or terrorism sanctions by international organizations such as the UN, EU, OFAC, or FATF may be categorized as high risk.
- Behavioral: assessing users’ behaviors for unusual transaction patterns.
- Political exposure: A user who is a political figure or who has close affiliation with a political figure (i.e., spouse, sibling, or friend) is a Politically Exposed Person (PEP). PEPs generally pose higher risks than others, particularly in countries with higher levels of bribery and corruption.
- Product/Service Risk Assessment
Certain service offerings pose more risks compared to others. This includes cryptocurrency transactions, cross-border transactions, currency exchange transactions, electronic funds payments, and over-the-counter transactions.
- Delivery Channel Risk Assessment
Given that Palremit’s services are delivered virtually, this inherently involves risks that necessitate robust verification and monitoring measures.
- Risk Profiling and Rating
Risk Profiling shall be based on verification of the following information:
- Confirmation of address provided.
- Confirmation of source of income (where applicable).
- Confirmation of occupation or nature of business.
- Declaration of status as a PEP.
- Risk Rating
Upon completion of risk assessment and profiling of the user or client, a risk rating will be assigned in the manner below:
LOW | MEDIUM | HIGH |
Applies to clients who, after holistic assessment and profiling, are determined to be low risk. | Applies to clients who, after holistic assessment and profiling, are determined to be medium risk. | Applies to clients who, after holistic assessment and profiling, are determined to be high risk. |
- Risk Mitigation
Risk mitigation measures shall include and not be limited to:
- Increased awareness of high-risk situations within business lines.
- Increased levels of Know Your Customer (KYC) or Enhanced Due Diligence (EDD) for users with medium to high-risk rating.
- Increased monitoring of transactions.
- Customer Identification Programme (CIP)
- Know Your Customer (KYC)
This process is vital when:
- Establishing business relationships or providing services to a new client or user.
- There is uncertainty in respect of the authenticity or adequacy of previously obtained information from a client or user.
- Customer Due Diligence (CDD)Relevant information and documentation are as follows:
- Individuals
- Name and surname.
- Citizenship.
- Date of birth
- State of birth.
- National Identification number.
- Residence address.
- Name, tax identification number and address of the principal place of business in the case of a natural person pursuing economic activity.
- Corporate Entities and Organizational Unit without Legal Personality
- Name of entity.
- Form of business organization.
- Address of the registered office or address of business.
- Tax identification number, and in the case of unavailability of such a number, the state of registration, the commercial register as well as the number and date of registration.
- Identification data highlighted in subparagraph 5.2.1 (a) – (c) of representatives.
- Ultimate Beneficial Owner (UBO) (applicable to corporate entities)
Details of UBO required shall include information and documentation listed in subparagraph 5.2.1 above.
- Palremit may undertake independent verification of information provided either internally or externally through third party verification companies or a reliable source.
- Simplified Due Diligence (SDD)
- SDD may be applied to users, clients or transactions assessed to be low risk according to this Policy, provided that:
- Information on the identity of the client is publicly available; or
- Palremit relies on checks and controls of another competent authority.
- SDD shall however not be applicable in instances where there are:
- Suspicions of money laundering or terrorist financing.
- Doubts regarding the authenticity or completeness of user or client identification data obtained so far.
- Enhanced Due Diligence (EDD)
- Where a user or a client or transaction has been determined to have a high-risk profile, EDD shall be applied in addition to CDD. This may include:
- Verification of documents presented by appropriate authorities and professionals depending on the document being verified.
- Identification and background of the client or user or the beneficiary (business profile or the structure of the company when it is a corporate client).
- Documentation and confirmation of the user or client’s source of funds and assets, the reasons and circumstances of the intended or conducted transactions etc.
- Increased monitoring to identify unusual patterns of transactions that need further analysis.
- Obtaining additional information on the user directly from the user and through public databases.
- Requesting additional information on the nature of business to be transacted.
- With respect to cross-border correspondent relationships with a receiving institution in a third country, Palremit shall also:
- Acquire information about the nature of operations of the receiving institution.
- Determine reliability and degree of supervision over the recipient institution.
- Evaluate its procedures for counteracting ML/FT.
- Prior to establishing relations, secure approval of the AML/CFT Officer.
- Determine and document the scope of Palremit’s responsibility in such an instance and the responsibility of the receiving institution for counteracting ML/FT.
- Ascertain that the receiving institution applies CDD measures to customers with direct access to accounts held at Palremit, and ensure this information is available upon request.
- Inability to Perform or Complete CDD:
Where Palremit is unable to perform or complete CDD as a result of the actions or inactions of the user or client, Palremit shall:
- Not establish a business relationship with the client.
- Not perform an occasional transaction.
- Not conduct transactions through the account.
- Terminate a business relationship.
- Politically Exposed Persons (PEP)
- PEPs are individuals who have been or are performing prominent public functions or occupying significant public positions in any country or international organization or any close associate of a senior political figure.
- Engaging with corrupt PEPs may result in serious consequences for Palremit, including loss of public confidence, frequent inquiries, judicial and administrative orders of seizure, and money laundering charges.
- It should be noted that engaging with family members or close associates of PEPs attracts similar risks.
- In addition to conducting the CDD, Palremit will;
- Determine whether a user or its UBO is a PEP or PEP associate by gathering sufficient and appropriate information from the customer and through publicly available information.
- Qualify PEPs as high risk given the increased risk of ML/TF and undertake EDD for each PEP.
- Require approval of AML/CFT Officer to engage in business relationships or to provide services to a PEP.
- Use reasonable effort at the onset of business relationship and on an ongoing basis to establish and determine the source of wealth of the client.
- Ongoing Monitoring and Reporting
- Palremit shall maintain ongoing monitoring of economic relations and transactions to:
- Identify unusual patterns or volumes of transactions.
- Identify potential violation of AML/CFT laws and regulations.
- Ensure that funds are not sourced from illegal activities.
- Update identification data and verify documentation.
- Palremit shall put measures in place to monitor transactions to ensure they are consistent with its knowledge of the user’s or user’s business and to ensure that any unusual activity or transaction is immediately flagged and reported to the AML/CFT Officer for investigation.
- Palremit shall maintain ongoing monitoring of economic relations and transactions to:
- Suspicious Transaction Reporting (STR)
- Suspicious transactions or activity may include but shall not be limited to:
- Transactions structured in a manner as to avoid reporting or record keeping.
- Exerting pressure on Palremit officials to complete transactions quickly without complying with due process.
- Inability or failure of the user or client to provide satisfactory identification documents or answers to questions on the nature of business of the organization they represent.
- Multiple transfers of the same nature within a single day without justification based on type of business operated.
- Execution of high value dollar transactions with accounts that were previously inactive.
- Frequent transactions within a small circle of entities without satisfactory evidence of actual business being conducted etc.
- All staff shall immediately report suspicious activity or transactions to the AML/CFT Officer for investigation.
- Investigation of Suspicious Transactions
- Immediately upon receipt of a report of suspicious activity or transaction, the AML/CFT Officer shall commence investigation.
- When investigating a suspicious activity or transaction, the AML/CFT Officer will consider among other things:
- Suspicious transactions or activity may include but shall not be limited to:
- The unusual volume or frequency of the transaction (i.e., transactions inconsistent with the user’s usual activities).
- The purpose of the transaction.
- The geographic destination or origin of transaction, and
- The parties concerned (i.e., if the recipient is a PEP).
- Upon completing the investigation, the AML/CFT Officer will prepare a report for record-keeping. If the activity or transaction is deemed suspicious, the AML/CFT Officer will notify the appropriate authority or service provider in the prescribed manner, stating the findings and other requisite information within 48 hours of concluding the investigation.
- Where required by applicable law or regulation, Palremit may suspend the processing of a suspicious transaction.
- Upon adjudging a transaction to be suspicious, Palremit shall restrict the user or client’s account for a maximum period of 24 hours from the confirmation of receipt of notification by the relevant authority while waiting further directives.
- All AML/CFT investigations and reports must be handled without alerting the user or client of such investigation or report and with as much discretion and confidence as is practicable to avoid inadvertent or inappropriate disclosure.
- Suprathreshold Transactions
Except as otherwise provided by law, transfer of funds exceeding an equivalent of €15,000 shall be reported to the appropriate authorities or service provider in no later than 7 days. Where a user undertakes suprathreshold transaction(s) that cannot be justified, the user may be reclassified as high risk, suspended, and required to provide additional documentation or information under an EDD process.
- Notice of Suspected Crime
- Palremit shall immediately notify the appropriate authority or service provider in the prescribed manner, if there are suspicions that the asset subject to a transaction or received in the account of a user originates or relates to a crime other than a crime of ML/TF or a fiscal crime.
- Palremit shall restrict activity on the account of such user till further direction is received from the relevant authority or service provider for a maximum period of 96 hours.
- Whistleblowing
- Whistleblowing is encouraged at all levels in Palremit. Reports of criminal activity, improper conduct, policy violations, legal breaches, or corporate governance breaches by Palremit or its staff will be investigated.
- Whistleblowing Procedure
- Staff and stakeholders may report any actual or suspected criminal or ML/TF activity to the Human Resources or the AML/CFT Officer at [email protected] or [email protected], respectively.
- Reports may be made anonymously. However, where the whistleblower discloses his/her identity at any point in time, such identity shall remain undisclosed and confidential until otherwise expressly permitted by the whistleblower.
- Reports of criminal activities unrelated to ML/TF or violations of Palremit policies, shall be investigated by the Human Resources Officer. Upon concluding such investigation, reports and findings shall be sent to the legal team for guidance on next steps.
- Matters of violation of corporate governance policies shall be reported to the legal team for recommendations to the Board.
- It is the responsibility of the management to ensure that whistleblowers are well protected.
- Any staff or stakeholder who an allegation or report (of whatever nature) has been made against must be formally informed in writing with details of evidence in support. Ample opportunity shall be made available for a response.
- Except in the event of a malicious and unfounded allegation, no member of staff or stakeholder shall be subject to discrimination by reason of being a whistleblower pursuant to this Policy.
- Any whistleblower who believes that he/she has been treated in a manner that constitutes a violation of this Policy or applicable law may lodge a complaint with the Human Resource Officer or any member of senior management.
- The appointment of a member of staff may be terminated immediately if found to have contravened any part of the Policy (alone or in partnership with others) in line with the Employee Handbook.
- Procedure for Responding to Authorized Requests
Requests received from the authorities regarding information on ML/FT shall be treated as follows:
- All requests from the authorities shall be handled by the AML/CFT Officer. In the absence of the aforementioned officer, such a request shall be handled by any member of senior management or any other person so designated.
- The request shall be attended to within 48 hours of receipt of the notification.
- Investigations further to such request shall be made confidential.
- A copy of the report shall be recorded internally and forwarded to the requesting authority.
- Record Keeping
- Retention of Records
All records relating to this Policy shall be retained by Palremit for a minimum of 10 years for potential use in ML/FT proceedings. These records include, but shall not be limited to:
- Records of transactions.
- Records of reports and investigation of suspicious transactions.
- Records of customers including identification documents.
- Records of reports and returns to appropriate authorities.
- Records of training and compliance with this Policy.
- Accessibility of Records
Records shall:
- Only be made available for audit, investigation or such other purpose as may be specified by applicable law.
- Be stored securely in a manner that facilitates easy retrieval for the aforementioned purposes and provides satisfactory audit trail for investigation (where the need arises).
- Training
- Periodic job-specific training shall be organized by the AML/CFT Officer for members of staff at various levels. Attendance shall be mandatory for the respective category of staff.
- AML/CFT training shall also form part of the acculturation exercise for new staff at Palremit.
- The AML/CFT Officer shall:
- Ensure that AML/CFT trainings are well documented and stored for record purposes.
- Conduct regular evaluation of effectiveness of AML/CFT training.
- Third-Party Relationships
- Where Palremit engages a third-party service provider, Palremit shall ensure that such third-party maintains AML/CFT policy and processes that meet the minimum requirements under applicable law.
- Palremit shall also obtain guarantees of third party’s compliance with applicable AML/CFT laws.
- Sanctions Compliance
- To avoid entering business relationship or providing services to persons on the sanction lists, Palremit shall check client or user’s data in the sources located at the following web addresses:
- Listy osób i podmiotów, wobec których stosuje się szczególne środki ograniczające, na podstawie art. 118 ustawy z dnia 1 marca 2018 r. o przeciwdziałaniu praniu pieniędzy i finansowaniu terroryzmu – Ministerstwo Finansów – Portal Gov.pl (www.gov.pl)https://www.gov.pl/web/finanse/sankcje-miedzynarodowe-giif
- https://www.gov.pl/web/mswia/lista-osob-i-podmiotow-objetych-sankcjami
- Palremit may also use a broader catalog of sanction lists for verification. This includes and shall not be limited to:
- Office of Financial Sanctions Implementation List (OFSI) – https://www.gov.uk/government/publications/financial-sanctions-consolidated-list-of-targets/consolidated-list-of-targets
- UN Sanctions List – https://www.un.org/securitycouncil/content/un-sc-consolidated-list
- OFAC Sanction List – https://sanctionssearch.ofac.treas.gov/
- EU Consolidated Sanction List – https://data.europa.eu/data/datasets/consolidated-list-of-persons-groups-and-entities-subject-to-eu-financial-sanctions?locale=en
- Section 311 Designated Entities under the US Patriot Act.
- Verification of the client on the sanction lists must be done as part of CDD prior to establishing a business relationship/conducting a transaction or reviewing and updating client information or risk assessment.
- If a client or user is found on any sanction lists, the following shall apply according to other provisions of this Policy:
- Restriction of account(s) owned or operated by such user or client.
- Preventing the completion of any transaction.
- Reporting suspicious activity to the appropriate authorities or partners (where required).
- Applying such other measures as may be required by law.
- In the event Palremit already has a business relationship with the user or client, Palremit shall terminate such relationship on the written approval of the AML/CFT Officer.
- To avoid entering business relationship or providing services to persons on the sanction lists, Palremit shall check client or user’s data in the sources located at the following web addresses:
- Regulatory Compliance
- Transactions on Palremit’s platform shall be subject to the applicable laws and regulations on AML/CFT. Applicable laws or regulation may include the laws and regulations applicable in any of the following jurisdiction depending on the specific circumstances: Austria, Belgium, Sweden, France, Germany, Greece, Georgia, Cyprus, Norway, Latvia, Luxembourg, Italy, Denmark, Monaco, Spain, United Kingdom, Switzerland, Portugal, Poland, Romania, Slovakia, Estonia, China, Japan, Indonesia, Malaysia, India, Pakistan, Singapore, Türkiye, Qatar, Philippines, UAE, Maldives, Kuwait, Thailand, Israel, Madagascar, Egypt, Niger, Nigeria, Kenya,Ghana, Kenya, Benin, Algeria, Angola, Cameroun, CAR, Cote d’Ivoire, Morocco, Liberia, Gambia, Gabon, Guinea, Togo, Rwanda, Tanzania, Uganda, Zambia, Seychelles, Senegal, South Africa, Tunisia, Mauritius, Bahamas, Canada, Costa Rica, Cuba, D.R, Mexica, Panama, Jamaica, United States of America, Haiti, Argentina, Peru, Chile, Brazil, Colombia, Uruguay, Venezuela, Australia and Fiji.
- On request, Palremit will use its reasonable efforts to assist the regulators in the aforementioned countries in the enforcement of the respective laws or regulations.
- Policy Review
This policy is subject to review annually or when otherwise necessary to ensure compliance with applicable laws and regulations. Any amendment to this policy shall be communicated to employees and stakeholders.