The Rules are developed and periodically updated by the Company’s compliance officer based on the general principles set up by the Company’s management board with respect to prevention of money laundering and terrorist financing. The Rules shall be communicated to all employees of the Company that establish business relationship, manage and monitor transactions of customers. The obligation to observe the Rules rests with the management board, the compliance officer, employees and any other outsourced professional staff who initiate or establish Business Relationship and monitor further transactions.
The Management Board shall appoint a Compliance Officer whose principal duties are:
- acting as a contact person;
- monitoring compliance with the other regulatory acts and procedures established by the Rules;
- keeping updated information regarding countries with high and low risk of Money Laundering and Terrorist Financing and economical activities with great exposure to Money Laundering and Terrorist Financing;
- obtaining the competence, means and access to relevant Company’s information, education, professional suitability, abilities, personal qualities, experience and good reputation;
- managing the collection and analysis of information referring to unusual transactions or transactions or circumstances suspected of money laundering or terrorist financing, which have become evident in the activities of the obliged entity;
- reporting in the event of suspicion of money laundering or terrorist financing;
- performing any other duties and obligations related to compliance with the requirements of the legislation.
Due diligence measures
Customer due diligence is one of the main tools for ensuring the implementation of mandatory regulations aimed at preventing money laundering and terrorist financing and at applying sound business practices. Customer due diligence ensures the application of adequate risk management measures in order to ensure permanent monitoring of customers and their transactions, gathering and analyzing relevant information. Upon application of customer due diligence measures, the Company will follow principles compatible with its business strategy and, based on prior risk analysis and depending on the nature of the Customer’s Business Relationship.
For the purpose of identification, assessment and analysis of risks of money laundering and terrorist financing related to its activities, the Company prepares a risk assessment, taking into account geographical, customer and product risks.
No new Business Relationship can be formed, if the Customer has failed to present documents and appropriate information required to conduct due diligence, or if based on the presented documents, the Representative suspects Money Laundering or Terrorist Financing.
The Company applies the following risk categories:
- Low risk (normal, expected activity);
- Normal risk (the risk level is normal, there are no high-risk characteristics present);
- Greater than normal risk (the risk level requires application of enhanced due diligence measures, further requests and document submission).
- Prohibited (the institution will not tolerate any dealings of any kind given the risk)
For every Customer who does not fall into the “normal risk” category, the Compliance officer shall make assessment of the Customer’s profile and estimate applicable risk category. Only the Compliance Officer shall have the right to change the risk category recorded for a Customer. When establishing the risk category of a Customer being a natural person, the country of residence of the Customer, the region where the Customer operates, and status of PEP shall be taken into account. The existence of Customer’s good business reputation is presumed where circumstances calling into doubt are absent. Proof of good business reputation need only be provided if the person wishes to provide additional proof of this.
For every Customer the Compliance officer shall make assessment of the Customer’s profile and estimate applicable risk category. Only the Compliance Officer shall have the right to change the risk category recorded for a Customer. When establishing the risk category of a Customer being a natural person, the country of residence of the Customer, the region where the Customer operates, and status of PEP shall be taken into account. The existence of Customer’s good business reputation is presumed where circumstances calling into doubt are absent. Proof of good business reputation need only be provided if the person wishes to provide additional proof of this.
Before offering a new financial service or product, new or non-traditional sales channels to customers, or the introduction of new or emerging technologies, the management board of the company, assesses the risks of money laundering and terrorist financing involved, shall map the risks associated with each new product, service, technology or sales channel. In assessing risks, both actual and potential risks are assessed and, if necessary, additional information on risks and their hedging measures is collected.
After mapping the risks, the management board of the company shall assess the likelihood of the realization of risks and the level of risk, with particular emphasis on risk-enhancing and mitigating circumstances.
After assessing the risks and their effects, the company assesses which of the most appropriate countermeasures to hedge the specific risks to the level of risk of the company and, if necessary, arranges the implementation of countermeasures.
The respective data is stored in a written format and/or in a format reproducible in writing and, if required, it shall be accessible by all appropriate staff of the Company (Management Board, Representatives, Compliance officer etc). Copies of the documents, which serve as the basis for identification of a person, and of the documents serving as the basis for establishing a Business Relationship, shall be stored for at least five (5) years following the termination of the Business Relationship. Personal data is processed pursuant to the GDPR requirements.The data of the document prescribed for the digital identification of a Customer, information on making an electronic query to the identity documents database, and the audio and video recording of the procedure of identifying the person and verifying the person’s identity shall be stored at least five (5) years following the termination of the Business Relationship. The following documents shall also be stored: (1) manner, time and place of submitting or updating of data and documents; (2) name and position of Representative who has established the identity, checked or updated the data.
Implementation of International Sanctions
The Company shall comply with regulations of the EU and the UN. The Company is also intended to comply also with partner countries sanction acts (sanctions administered by the UK Office of Financial Sanctions Implementation and sanctions administered by the US Office of Foreign Assets Control).
The Company shall ensure that all Representatives who have contacts with Customers or matters involving Money Laundering are provided with regular training and information about the nature of the Money Laundering and Terrorist Financing risks, as well as any new trends within the field. The Compliance Officer shall arrange regular training concerning prevention of Money Laundering and Terrorist Financing to explain the respective requirements and obligations.
Initial training is provided at the start of Representatives employment. The Representatives who are communicating with the Customers directly may not start working before they have reviewed and committed to the adherence of these Rules or participated in the Money Laundering and Terrorist Financing prevention training.
Training is provided regularly, at least once a year, to all Representatives and other relevant designated staff of the Company. Training may be provided also using electronic means (conference calls, continuous email updates provided confirmation on receipt and acceptance is returned and similar means). Training materials and information shall be stored for at least 3 (three) years.
Internal audit and amendment of the Rules
Compliance with the Rules shall be inspected at least once a year by the Compliance Officer. If the inspection reveals any deficiencies in the Rules or their implementation, the report shall set out the measures to be applied to remedy the deficiencies, as well as the respective time schedule and the time of a follow-up inspection.
If a follow-up inspection is carried out, the results of the follow-up inspection shall be added to the inspection report, which shall state the list of measures to remedy any deficiencies discovered in the course of the follow-up inspection, and the time actually spent on remedying the same. The inspection report shall be presented to the Management Board which shall decide on taking measures to remedy any deficiencies discovered.
List of prohibited countries
You confirm that you are not a national or resident of the following prohibited jurisdictions: Afghanistan, Algeria, Bahrain, Bangladesh, Bolivia, Cambodia, Central African Republic, Iran, Iraq, Jordan, Kuwait, Lebanon, Libya, Mali, Mauritania, Nepal, North Korea, Oman, Pakistan, Palestinian Territory, Somalia, Sri Lanka, Sudan, Syria, Yemen.