Binaryx Protocol DAO LLC (the “Company”) is committed to implementing single
global standards shaped by the most effective anti-money laundering and
counter-terrorism financing standards available in USA operated by the Company.
The Company has established an Anti-Money Laundering and Counter-Terrorist
Financing Policy (“Policy”) for this purpose. The objective of this Policy is to prohibit
and actively prevent money laundering and any activity that facilitates money
laundering or the funding of terrorist or criminal activities.
Although the Company is not an obliged entity under AML legislation of USA and
is not required to have Customer Identification Program (CIP), the Company takes into
account the risks associated with the specifics of its activities and undertakes a
voluntary obligation to conduct Know Your Customer (“KYC”) procedures and Customer
Due Diligence (“CDD”) measures.
Please note! There may be supplementing policies and procedures established in
other documents in support of the Policy referenced in this document, which the
Company may implement from time to time in this Policy (including any supplementing
AML/CFT Procedures) will be periodically reviewed, with timely and suitable changes
made as the risks of the business evolve over time.
If you have any questions about this Policy, please feel free to contact us via email:

All terms in this Policy are used in the meaning of Anti Money Laundering
legislation of the United States of America, such as (by no means an exhaustive list):
● Bank Secrecy Act (BSA);
● The Anti-Money Laundering Act of 2020; and
● other applicable legislation.


1.1. Money Laundering

Money laundering is generally defined as engaging in acts designed to conceal or
disguise the true origins of criminally derived proceeds in order for the proceeds to
appear to have derived from legitimate sources or to constitute legitimate assets. Money
laundering typically occurs in three stages. The cash generated by criminal activities
first enters the financial system at the "placement" stage, where it is converted into
monetary instruments such as money orders or traveler's checks or deposited into
accounts at financial institutions. The funds are transferred or moved into other

accounts or financial institutions during the "layering" stage to further separate the
money from its criminal origin. The funds are reintroduced into the economy and used
to purchase legitimate assets or to fund other criminal activities or legitimate
businesses during the "integration" stage.
Although cash is rarely deposited into securities accounts, the securities industry
is unique in that it can be used to launder funds obtained from other sources as well as
to generate illicit funds within the industry itself through fraudulent activities. Insider
trading, market manipulation, ponzi schemes, cybercrime, and other investment-related
fraud are examples of fraudulent activities.

1.2. Terrorism Financing

Terrorist financing may not involve criminal proceeds, but rather an attempt to
conceal the origin of the funds or their intended use, which could be criminal.
Legitimate funding sources distinguish terrorist financiers from traditional criminal
organizations. Legitimate sources of income include foreign government sponsors,
business ownership, and personal employment, in addition to charitable donations.
Although the motivations of traditional money launderers and terrorist financiers differ,
the methods used to fund terrorist operations may be the same or similar to those used
by other criminals to launder funds. Terrorist attacks do not always necessitate large
sums of money, and the associated transactions may be simple.

1.3. Compliance rules

Our AML policies, procedures, and internal controls are designed to ensure
compliance with all applicable regulations, and they will be reviewed and updated on a
regular basis to ensure that appropriate policies, procedures, and internal controls are
in place to account for both regulatory and business changes.


2.1. Duties and Responsibilities

The board of directors is ultimately responsible, through Senior Management, for
ensuring that the Company maintains a system of internal controls to ensure ongoing
compliance with BSA regulatory requirements. Internal controls are the policies,
procedures, and processes in place at the company to mitigate and manage ML/TF and
other illicit financial activity risks, as well as to ensure compliance with BSA regulatory

The board of directors performs a critical role in establishing and maintaining a
culture that prioritizes compliance, as well as a structure that provides oversight and
holds Senior Management accountable for implementing the Company's BSA/AML
internal controls. The level and type of internal controls are appropriate for the
Company's size or complexity, as well as its organizational structure. Departmental
internal controls, which are part of a comprehensive BSA/AML compliance program,
typically address risks and compliance requirements specific to a specific line of
business or department.

Company's Senior Management consist of all Company’s officers and officers
holding the position of director, manager or equivalent position or any other person
who is directly involved in the Company's decision-making processes at a senior level.
Internal control obligations of Senior Management:
● adopt this Policy, consistent with the requirements of applicable legislation and
regulations and related enactments, as may be relevant to the prevention of
money laundering and terrorist financing;
● provide for controls continuity despite changes in operations, management, or
employee composition or structure;
● ensure that this Policy prevents money laundering and terrorist financing and
the risk assessments that are carried out are reviewed from time to time at
appropriate levels and kept up-to-date as necessary;
● identify and establish specific BSA compliance responsibilities for personnel and
provide oversight for execution of those responsibilities, as appropriate.
Employees will comply with the internal control systems and promptly report
any potential violations of the Company’s AML compliance to the Senior Management.
Such reports will be confidential, and the employee will suffer no retaliation for making

2.2. Compliance Officer

Compliance Officer is a qualified individual or individuals (BSA Compliance
Officer) responsible for coordinating and monitoring day-to-day compliance with BSA
regulatory requirements designated by the board of directors. In addition, a Compliance
Officer is charged with managing all aspects of the BSA/AML compliance program,
including managing the Company’s compliance with BSA regulatory requirements with
the board of directors which is ultimately responsible for the Company’s BSA/AML
compliance. The Compliance Officer is responsible for carrying out the board’s direction,
including the implementation of the Company’s BSA/AML policies, procedures, and

The Company’s board of directors appoint a Compliance Officer and is
responsible for ensuring that a Compliance Officer has appropriate authority,
independence, and access to resources to administer an adequate BSA/AML compliance
program based on the Company’s ML/TF and other illicit financial activity risk profile.
Compliance Officer’s reports to the board of directors must include status of ongoing
compliance with pertinent BSA-related information and be done on a regular basis.
Authority of a Compliance Officer, among others, includes but is not limited to
input regarding: expansion into new products, services, customer types and geographic
locations; or operational changes, such as the implementation of, or adjustments to,
systems that impact the compliance function.
Independence of a Compliance Officer includes, but not limited to: clear lines of
reporting and communication ultimately up to the board of directors or a designated
board committee that do not compromise the Compliance Officer’s independence, the
ability to undertake the Compliance Officer’s role without undue influence from the

Company’s business lines, and identification and reporting of issues to Senior
Management and the board of directors.
Access to suitable resources of a Compliance Officer includes, but not limited to:
adequate staffing with the skills and expertise necessary for the Company’s overall risk
level (based on products, services, customers, and geographic locations), size or
complexity, and organizational structure; and systems to support the timely
identification, measurement, monitoring, reporting, and management of the Company’s
ML/TF and other illicit financial activity risks.

2.3. Checking the Office of Foreign Assets Control Listings

On an ongoing basis, Senior Management will check to ensure that a customer
does not appear on the list of Specially Designated Nationals and Blocked Persons (“SDN
list”) or is not engaging in transactions that are prohibited by the economic sanctions
and embargoes administered and enforced by OFAC. We will consult the SDN list and
listings of economic sanctions and embargoes on a regular basis and subscribe to
receive any available updates as they occur. When the SDN list and listings of current
sanctions and embargoes are updated, Senior Management will review existing
accounts against the SDN list and document the review.


3.1. Know Your Customer

The "Know Your Customer" procedure is the most effective deterrent to
unwittingly being used to launder money and finance terrorism. Know Your Customer
(KYC) refers to the process by which a company identifies and verifies the identity of its
customers. Compliance with AML, Know Your Customer, and sanctions requirements
remains a priority for management, and the Company is taking all necessary steps and
precautions to ensure that it is adhering to appropriate compliance procedures in order
to meet the increasing regulatory demands.
The Company establishes the identity of an applicant for business or a customer
with respect to a relationship or transaction by relying on verification conducted by Sum
And Substance Ltd (UK) (“SumSub”) in accordance with the applicable law and
ensuring that, where reliance is placed on an independent data source, the source, scope
and quality of the data received is reasonably acceptable.
SumSub is a trusted partner of the Company for collecting and processing
customers data on behalf of the Company (please, follow the link to learn more about
them). SumSub is an experienced identity verification Company that will process data of
customers for the purposes of the necessary KYC/AML procedures.
Customer Identification Program (CIP) rule applies only to “customers” who
open new “accounts” with a broker-dealer. In accordance with Wyoming Statute the
current activity of our Company cannot be considered as a “Broker-dealer”. The
Company is an entity who facilitates the exchange of an open blockchain token.
Nevertheless, we will gather the minimum customer identification information to
verify the identity in respect of the KYC Procedure.

Where the Company establishes a business relationship and:
● discovers or suspects, upon subsequent verification, that the applicant for
business or customer is or may be involved in money laundering or terrorist
● fails to secure the full cooperation of the applicant for business or customer in
carrying out or completing its or his or her verification of the applicant for
business or customer; or
● is unable to carry out the required customer due diligence or, as the case may be,
enhanced customer due diligence, requirements in respect of the applicant for
the Company shall
● terminate the business relationship; and
● the employee who engaged in this process shall submit a report to the senior
managment outlining his or her discovery or suspicion regarding conduct of the
applicant for business or customer, which raises concerns regarding money
laundering or terrorist financing.

3.2. Required Customer Information

Prior providing any services for customers, we will collect the following
information, if applicable, for any person, entity or organization that is connected its
wallet to our Marketplace:
● full name;
● date of birth (for an individual);
● email address;
● country of residence;
● phone number;
● an address, which will be a residential or business street address (for an
individual), an Army Post Office (APO) or Fleet Post Office (FPO) box number, or
residential or business street address of next of kin or another contact individual
(for an individual who does not have a residential or business street address), or
a principal place of business, local office, or other physical location (for a person
other than an individual); and
● one or more of the following: a taxpayer identification number, passport number
and country of issuance, alien identification card number, or number and country
of issuance of any other government-issued document evidencing nationality or
residence and bearing a photograph or other similar safeguard.

3.3. Verifying Information

We will ensure that we have a reasonable belief that we know the true identity of
our customers based on the risk by using risk-based procedures to verify and document
the accuracy of the information we receive about our customers. When appropriate
documents are available, we will use them to verify the customer's identity. Given the
increased prevalence of identity fraud, we will supplement the use of documentary

evidence with the non-documentary methods as needed. If we are still unsure about the
customer's true identity, we may resort to non-documentary means.
We will consider whether the identifying information we receive, such as the
customer's name, street address, zip code, telephone number (if provided), and date of
birth, allows us to determine that we have a reasonable belief that we know the true
identity of the customer (e.g., whether the information is logical or contains
Appropriate documents for verifying the identity of customers include the
● for an individual, an unexpired government-issued identification evidencing
nationality or residence and bearing a photograph or similar safeguard, such as a
driver’s license or passport; and
● for a person other than an individual, documents showing the existence of the
entity, such as certified articles of incorporation, a government-issued business
license, a partnership agreement or a trust instrument.
We understand that we are not required to investigate whether the document
provided by the customer for identity verification is validly issued, and that we may rely
on a government-issued identification as proof of a customer's identity. If, on the other
hand, we notice some obvious form of fraud in the document, we must consider that
factor in determining whether we can form a reasonable belief that we know the
customer's true identity.
After the customer's wallet is connected, we will verify the information within a
reasonable time. Depending on the nature of the wallet and the requested transactions,
we may refuse to complete a transaction until we have verified the information, or, in
some cases, we may restrict the types of transactions pending verification. We will file a
Suspicious Activity Report (SAR) in accordance with applicable laws and regulations if
we discover suspicious information indicating possible money laundering, terrorist
financing, or other suspicious activity.
We recognize that the risk of not knowing the customer's true identity is
increased for certain types of wallets. Customers who pose a high risk of not being
properly identified will be identified. We will also take the following additional
measures that may be used to obtain information about the identity of the individuals
associated with the customer when standard documentary methods prove to be
1. Outside of identifying and verifying that a legal person exists, and is who it says it
is, the Company must, where applicable, also verify information in relation to the
legal person’s directors, partners, beneficial owners, and persons acting or
purporting to act on behalf of the applicant for business or customer. Relevant
documentation the Company must obtain include:
a. Register of Directors, Register of Partners or similar documents;
b. Register of Shareholders or other similar documents;
2. Where the Company makes a determination that from its risk assessment a legal
person or the product or service channels in relation to the legal person presents

a higher level of risk, the Company shall perform EDD and obtain and verify such
additional information as the Company considers relevant with respect to the
legal person.
3. Where the Company makes a determination that from its risk assessment an
individual or the product or service channels in relation to him or her presents a
higher level of risk, the Company shall perform enhanced due diligence and
obtain and verify such additional information as the Company considers relevant
with respect to the individual.
The Company in any case takes reasonable measures to verify the beneficial
owners or controllers of a legal person and update information on any changes to the
beneficial ownership or control.
The Company conducts identification of the beneficial owner(s) and director(s)
for the purpose of verifying their identity, taking measures to the extent that allows the
Company to make certain that it knows who they are, and understands the ownership
and control structure. This measure is performed in the course of the onboarding
process and includes the following actions:
● asking for confirmation, that the customer, who is a natural person, is the
beneficial owner of transactions he/she performs with the Company;
● asking for information, who are beneficial owner(s) and director(s) of the
customer, which is a legal entity;
● verification of the customer’s beneficial owner by using an available state
register or document(s) confirming the customer’s beneficial owners (registry
extract, registry card, etc.).
The Company does not accept a situation when a natural person (customer) is
represented by another natural person acting on behalf of the Customer and/or the
natural person (customer) is controlled and/or is not a beneficial owner. The identity of
the beneficial owner(s) and director(s) are verified, regardless of the client's risk

3.4. Identification and monitoring of PEP

The Company understands the increased risks of providing services to PEPs. The
Company shall take measures to ascertain whether the Customer, the Beneficial Owner
of the Customer, or the representative of this Customer is a PEP, their family or close or
if the Customer has become such a person. When the Сompany identifies a Customer as
a PEP such Customer will automatically be subject to enhanced due diligence measures
and increased monitoring.
A politically exposed person is an individual who is or has been entrusted with a
prominent public function. Relatives and Close Associates sometimes referred to as
PEPs are a type of politically exposed person who shares a family or friendship
connection to a PEP.
Family members and close associates of PEPs also qualify as PEPs and the same
measures in relation to establishing business relationships and engaging in transactions

apply to them. Family relations generally cover persons in consanguine and affinity
relations with PEPs. These would include, amongst others:
● a spouse;
● a partner considered by national law as equivalent to a spouse;
● a child;
● a spouse or partner of a child;
● a brother or sister (including a half-brother or half-sister);
● a parent;
● a parent-in-law;
● a grandparent; or
● a grandchild.
The Company establishes Business Relationships with PEPs, their family
members, and close associates. In the course of the onboarding procedure, the Customer
must report that the Customer themselves or a person related to the Customer is PEP,
their family member, or a person known to be a close associate.
The Company applies EDD measures on all PEPs and their family members, and
close associates. The Company applies the following specific measures:
● establish the source of funds and source of wealth of the PEP (i.e. obtaining more
than standard information on the source of funds and source of wealth, including
requiring evidentiary documentation to confirm the PEP’s source of funds and
wealth, verifying information provided against publicly available information
sources such as asset and income declarations);
● require senior management approval to establish or continue a business
relationship with the PEP;
● conduct enhanced monitoring of the business relationship (e.g. increasing the
number and timing of controls (such as EDD and risk assessment reviews)
applied, obtaining information on the reasons for a particular transaction, and
selecting patterns of transactions that need further examination).
Each Customer is also verified against PEP watchlists (manually and/or
automatically) by the employee responsible for the onboarding process.
A PEP’s influence and prominence may not have diminished after leaving the role
and they may continue to have influence and power, making that individual potentially
more susceptible to bribery and corruption, and AML/TF. As such, the Company applies
a risk-based approach in determining whether a PEP should continue to be treated as a
PEP, after ceasing to qualify as such.
As part of its risk-based approach in determining whether the Customer should
continue to be treated as a PEP, the Company considers the following:
● whether the Customer may still pose potential risks (such as where there are
ongoing legal proceedings relating to PEP or where there may be lingering issues
in relation to PEP’s family members or close associates etc.);
● the level of (informal) influence that the individual could still exercise;
● the seniority of the position that the individual held as a PEP;
● the amount of time that had passed since the individual were in the PEP role;

● whether the individual’s PEP function and current function are linked in any way
(e.g. formally by the appointment of the PEP’s successor, or informally by the fact
that the PEP continues to deal with the same substantive matters in an advisory
● the level of inherent corruption risk in the jurisdiction of the individual’s political
● the level of transparency about the source of wealth and origin of funds; and
● whether the individual has links to higher risk industries.

3.5. Recordkeeping

We will document our verification, including all identifying information provided
by a customer, verification methods and results, and the resolution of any discrepancies
discovered during the verification process. We will keep records that include a
description of any document we used to verify a customer's identity, including the type
of document, any identification number contained in the document, the location of
issuance, and, if applicable, the date of issuance and expiration date.
In order to deter and prevent money laundering, terrorist financing, and other
financial crime, the Company must keep the above-mentioned data for at least 5 years,
in accordance with the requirements of Anti-Money Laundering legislation.


Customer due diligence (CDD) is an essential component of the global fight
against money laundering, terrorist financing, and fraudulent activities. Under this
approach, we will collect information on a regular basis, as well as as needed, to identify
our customers and develop an understanding of their normal, expected activities.
Every customer, including its beneficial owners, connected parties, and natural
persons appointed to act on its behalf, will be subject to a background check against
relevant money laundering and terrorism financing information sources to determine
whether the customer poses any money laundering or terrorism financing risks.
We have established, documented, and maintained written policies and
procedures reasonably designed to identify and verify customers as well as comply with
other aspects of the Customer Due Diligence (CDD) Rule for this purpose. Customers
will be asked to provide us with certain minimum CDD information. We will
comprehend the nature and purpose of customer relationships in order to create a
customer risk profile. We will conduct ongoing monitoring to identify and report
suspicious transactions, as well as maintain and update customer information on a
risk-based basis.

4.1. Standard Customer Due Diligence

Standard Customer Due diligence consists of the following key steps:
1. Identifying the customer: this entails gathering and recording information about
the customer to establish who the customer is. Information that must be
gathered and recorded differs based on whether the customer is an individual, a

legal person, or a legal arrangement. Where the customer is a legal person or
legal arrangement, the Company gathers information to understand the
ownership and control structure of the legal person or legal arrangement, by also
identifying the persons responsible for performing managerial functions and
directors (where applicable), as well as any beneficial owners of the customer.
2. Verifying the customer’s identity: this entails gathering evidence, via reliable and
independent information, data and/or documentation, to confirm that a
customer is who he or she or it is and authenticate that the identification
information provided is true and accurate. Verification of customer’s identity also
reduces the risk of impersonation and fraud by persons imitating others.
3. Obtaining details of the purpose or intended nature of the business relationship
or transaction: this requires the Company to establish the reason why a customer
is seeking to establish a business relationship or conduct a one-off transaction.
4. Understanding the customer and its circumstances: this requires the Company to
obtain information on the customer’s business and activities in order to create a
base profile of the types and levels of activities that would be undertaken by that
customer throughout the business relationship. This aids the Company in
identifying any deviations in behavior. In understanding the customer and its or
his or her circumstances, the following relevant information will be considered:
a. nature and details of occupation or employment;
b. nature and details of the customer’s business activities;
c. assets held or managed or to be held or managed (in the case of an
customer that is a trust or holding company);
d. the anticipated level and nature of activity to be undertaken throughout
the business relationship;
e. the customer’s source of funds, i.e. where the funds or assets that will be
used for the business relationship or transaction were derived (e.g.
income, business profits, investments, dividends, inheritance, property
sale, business sale, etc.);
f. the customer’s source of wealth, i.e. how the customer derived his or her
or its wealth, particularly in higher risk scenarios (e.g. income, business
profits, investments, dividends; inheritance, property sale, business sale,
etc.) and level of wealth (i.e. the total value of a applicant for business’ or
customer’s wealth);
g. the rationale behind an ownership structure where the customer has a
complex ownership or control structure;
h. the countries with which the customer intends to engage or have
i. whether the customer has a criminal record or is a known associate of
criminals or criminal organizations; and
j. whether the customer is a PEP.
Depending on the level or risk posed by the customer, in addition to the
information that may be gathered from posing questions, the Company may

require independent information or documentation to verify a customer’s
i. an individual’s pay slips;
ii. an employment letter on behalf of a customer;
iii. review of a customer’s bank statements;
iv. review of a customer’s business website or brochure;
v. a customer’s business plan, estimated financial projections, etc;
vi. a customer’s trade licence;
vii. copies of contracts, or draft contracts relating to the activities to be
viii. review of business databases or regulatory website (in the case of a
regulated entity);
ix. a legal person’s or a legal arrangement’s financial statements;
x. evidence of source of wealth (e.g. extract of inheritance, bill of sale or
receipt from sale of property, copies of trust deeds, etc);
xi. review of internet and news media; and
xii. review of third-party search sites and internationally accepted screening
The Company shall undertake Standard Customer Due Diligence in any of the
following circumstances:
● when establishing a business relationship;
● when effecting a one-off transaction (including a wire transfer) which involves
funds of or above $10,000 or such lower threshold as the entity may establish;
● when there is a suspicion of money laundering or terrorist financing, irrespective
of any exemption or threshold including where a customer is considered by an
entity or a professional as posing a low risk;
● where a business relationship or transaction presents any specific higher risk
scenario; and
● when the Company has doubts about the veracity or adequacy of previously
obtained customer identification data.

4.2. Enhanced Customer Due Diligence

Customers classified as high risk are subjected to Enhanced Customer Due
Diligence (EDD). In addition to the CDD requirements, these customers must undergo
additional due diligence. To mitigate the increased risk, a higher level of due diligence is
required. The reliability of information and information sources, as well as the type and
quality of information sources used, are critical to the integrity of the company's EDD
process, as is the deployment of properly trained analysts who know where and how to
look for information, as well as how to corroborate, interpret, and decide on results.
The nature and severity of the risk determine what the EDD procedure entails.
Additional due diligence could take many forms, such as gathering additional
information to verify the customer's identity or source(s) of income, or conducting an
adverse media check. These checks should be proportionate to the level of risk

identified, providing confidence that any risk has been mitigated and is unlikely to be
One or more of the following EDD measures may be taken in order to manage
and mitigate the ML/TF risk that is higher than usual:
● Obtain additional identification documents, data or information from credible
and independent sources.
● Gather additional information or documents on the purpose and nature of the
business relationship.
● Gather additional information or documents for the purpose of identifying the
source of funds and wealth of the customer.
● Gather information on the underlying reasons of planned or executed
● Increasing the number and frequency of control measures in monitoring
customer relationships and/or transactions.
● Receiving permission from the Senior Management to establish or continue a
business relationship.
Before establishing or continuing a relationship with the high-risk customer, or
undertaking any transaction for the high-risk customer, approval from the Company's
Board of Directors is required. The Board of Directors must provide and document
written justifications for its decision to approve or reject a high-risk customer.

4.3. Ongoing monitoring

Ongoing monitoring is the process of regularly refreshing and enriching KYC data
for AML compliance purposes, to ensure it is comprehensive and up to date, reflecting
current circumstances.
Ongoing monitoring in AML offers multiple benefits, including:
● a more accurate view of risk based on current data;
● full compliance with the latest AML regulations;
● complete customer information to provide relevant services.
The Company will conduct ongoing monitoring to identify and report suspicious
transactions and, on a risk basis, maintain and update customer information, including
information regarding the beneficial ownership of legal entity customers, using the
customer risk profile as a baseline against which customer activity is assessed to
identify when transactions or behaviors fall outside a customer’s profile. Where
behaviors fall outside of a customer’s profile, the Company must determine whether
there are changes in the customer’s circumstances and consider whether the AML/CFT
risks of that customer have also changed.
Any data or other information received and kept under the CDD process must be
kept up-to-date and relevant through updates of information received via ongoing
monitoring and a regular review and assessment of current records, especially as they
relate to higher risk customers.
Certain events may prompt the Company to review information about the
customers and their current circumstances. Examples of such events are:

● a customer applying to establishing a new relationship;
● a customer changing its geographic location or requesting services from a new
geographic location;
● a material change in ownership and/or management structure;
● a customer becoming a PEP, the subject of a sanctions list, or associated with
criminal behavior;
● identification of unusual transactions or activities through transaction
Where the Company makes a determination that a business relationship presents
a higher risk, it shall review and keep up-to-date the customer due diligence information
in respect of the relevant customer at least once every year.
In cases where a business relationship is assessed to present medium or low risk,
the Company shall review and keep up-to-date the customer Due Diligence information
in respect of that customer at least once every 4 years.

4.4. Customer checking

The Company has ongoing CDD systems which are able to detect where a
customer, including its beneficial owner(s), has become:
● a PEP;
● subject to sanctions; or
● has been connected to illegal activity or any higher risk activity.
The Company screens customers on a regular basis to identify them against
sanctions listing, and press and media releases.
However periodic checks may not be sufficient when they relate to sanctions
listings, as this requires timely action (e.g. asset freezing), so the Company aims to check
its customer base as soon as the competent entities issue notifications on updated
sanctions lists.

4.5. Monitoring of transactions

Transaction monitoring is vital to prevent acts of money laundering, terrorist
financing and other illegal activities. For this purpose the Company has established an
effective monitoring system that:
● highlights unusual transactions and/or activities for further scrutiny;
● allows Senior Management to promptly examine unusual transactions and/or
● takes appropriate action based on the results of the review.
Some indications of unusual transactions or activities that may be noted may
● transactions, activities or requests that have no apparent legitimate purpose or
commercial justification;
● unreasonably complex transactions, activities or requests;
● the size or nature of the transactions do not meet the expectations for that

● the customer conceals information about their activities, such as the reason for
the transaction, the source of funds or CDD documentation;
● the customer makes frequent, complex, one-off transactions that are suitable for
a business relationship, but refuses to establish a business relationship;
● transfers to or from high-risk countries that do not match what is expected of
that customer;
● unnecessary routing of funds through third party accounts;
● unusual investment transactions with no apparent purpose;
● extreme urgency in the customer's requests, especially if the customer is not
concerned about factors such as high transfer fees and early repayment fees.
The Company shall consider whether the transactions:
● be monitored in real time (i.e. when transactions and/or activities occur or are
about to occur), post-event (i.e. through retrospective analysis of transactions) or
a combination of both;
● transactions or activities will be monitored manually or automatically depending
on the nature, size and complexity of the Company's business.
4.6. Procedures which apply to customers with underlying clients
Customers with underlying clients refers to a category of individuals or entities
engaging in financial transactions, services, or business relationships with an institution
or organization subject to Anti-Money Laundering (AML) regulations and compliance
measures. Underlying clients are secondary or affiliated individuals or entities that
indirectly benefit from or utilize the services offered by the institution through the
primary customer account.
Examples of some procedures that can be applied to customers with underlying
clients may include but are not limited to enhanced due diligence (EDD), ongoing
monitoring, transactions monitoring, AML Policy review, licensing review.

4.6.1. AML Policy review

AML Policy review includes but not limited to:
● verification that the AML policy aligns with the latest local, national, and
international laws and regulations;
● reevaluation the risk assessment to identify any emerging risks and any changes
in the risk landscape;
● review if the AML Policy have all required information for for conducting
customer due diligence on primary and underlying clients;
● reassess KYC procedures to ensure they capture the necessary customer
information, including beneficial ownership data and source of wealth

4.6.2. Licensing review

Licensing review includes but not limited to:

● verification that the licensing aligns with the latest local, national, and
international laws and regulations;
● reevaluation the risk assessment to identify any emerging risks and any changes
in the licensing procedure;
● review if the license(s) have all required information for conduction due
diligence on primary and underlying clients;
● reassess licensing procedures to ensure they capture the necessary customer
information, including beneficial ownership data and source of wealth


The following list identifies the type of customers who cannot use the Company's
● customers who fail or refuse to submit, the requested data and information for
the verification of his identity, without adequate justification;
● customers from the jurisdictions which are being banned by internal policies
from the Company or international sanctions;
● customers who were identified as the persons subject to International Sanction
● customers who were identified as the persons subject to the UN Sanctions; EU
Sanctions; Sanctions administered by the Office of Financial Sanctions
Implementation, Sanctions administered by the Office of Foreign Assets Control;
● customers whom the Company suspects of money laundering or terrorist
● any other that the Company considers risky to its business or suspicious in
accordance with applicable law in regards to Money-Laundering and
Counter-Terrorist Financing.
The Company will not accept as Сustomers, persons or entitled from:
Afghanistan, Barbados, Belarus, Burma (Myanmar), Burkina Faso, Burundi, Cambodia,
China, Central African Republic, Cuba, Democratic Republic of the Congo, Democratic
People's Republic of Korea (North Korea), Ethiopia, Gibraltar, Guinea, Guinea-Bissau,
Haiti, Iran, Iraq, Jamaica, Jordan, Lebanon, Libya, Morocco, Mali, Nicaragua, Pakistan,
Panama, Philippines, Russia, Senegal, Somalia, South Sudan, Sudan, Syria, Tunisia,
Uganda, the following regions of Ukraine: Crimea, Donetsk and Luhansk, Venezuela,
Yemen, Zimbabwe.
Persons or entities from jurisdictions where a particular license or permit is
required will not be accepted as customers if the Company has not received such a
permit or license.


In relation to Risk Based Approach, the Company shall:
● document and maintain records of the risk assessments conducted;

● consider all relevant risk factors before making a determination of the level of
customer risk or institutional risk;
● apply the appropriate risk mitigation measures and controls based on the level of
risk identified in risk assessments;
● regularly review and update risk assessments on an ongoing basis;
● update risk assessments where there are any changes in relevant risk factors;
● have appropriate mechanisms in place to provide risk assessment information on
In undertaking an assessment of its business risk, the Company considers the
following in relation to each relevant risk factor:

6.1. Customer risk

It is vital for the Company to assess the ML/TF risks associated with each
applicant for business or customer to determine the level of controls and mitigation
measures that must be implemented for each customer. The assessment conducted at
the initial stage of the CDD process would determine the extent of CDD measures to be
applied. This means that the amount and type of information obtained, and the extent to
which this information is verified, should be increased where the ML/TF risks
associated with the applicant for business or customer are higher. CDD may also be
simplified, but not completely excluded, where the associated ML/TF risks are lower, as
may be allowed in accordance with the provisions of the Anti-Money Laundering
Based on a holistic view of the information obtained in relation to each customer,
the Company’s customer risk rating determines the level and type of ongoing
monitoring (including ongoing CDD and transaction monitoring) applied to a customer.
The risk assessment would also support the Company’s decision on whether to
enter into, continue or terminate, a business relationship; or complete or reject a
transaction. As a customer’s risk profile may change over time, the Company reviews
and updates the risk assessment of a customer on an ongoing basis, more frequently for
higher risk customers (at least once a year for higher risk customers).
The customer risk assessment framework includes risk factors such as:
● risks associated with the customer’s business or activity,
● risks associated with the customer’s reputation,
● the customer’s geographic exposure; and
● delivery channel risk factors.


7.1. Internal audit

Internal audit is an important part of the internal control of the Company
designed to mitigate and manage ML/TF and other illicit financial activity risks and to
achieve compliance with BSA regulatory requirements. The board of directors plays a
significant role in establishing and maintaining an appropriate culture that places a

priority on compliance, and holds Senior Management accountable for implementing
Company’s BSA/AML internal control.
Internal audit should determine if designed to assure ongoing compliance with
BSA regulatory requirements and includes, but not limited to:
1. Evaluate the Company's BSA/AML risk assessment and the identification of
ML/TF and other illicit financial activity risks, along with any changes in those
2. Assess continuity of the Company's program despite changes in operations,
management, or employee composition or structure.
3. Facilitate oversight of information technology sources, systems, and processes
that support BSA/AML compliance.
4. Set a mechanism to identify and inform the board of directors and Senior
Management about BSA compliance and identified compliance deficiencies.

7.2. Independent audit

Independent audit is conducted to assess the Company’s compliance with BSA
regulatory requirements and to guard against ML/TF by the internal audit department,
who are not involved in the function being tested; outside auditors, consultants, or other
qualified independent parties.
According to BSA independent audit frequency is not defined and should be
commensurate with the ML/TF and other illicit financial activity risk profile of the
Company and Company overall risk management strategy. The Company conducts an
independent audit annually during 6 months after the end of the fiscal year.
Independent audit includes, but not limited to sufficient information of whether:
● The Company’s BSA/AML risk assessment aligns with the Company’s risk profile.
● The Company’s policies, procedures, and processes for BSA compliance align
with the Company’s risk profile.
● The Company adheres to its policies, procedures, and processes for BSA
● The Company complies with BSA recordkeeping and reporting requirements;
● The Company’s overall process for identifying and reporting suspicious activity is
● The Company’s information technology sources, systems, and processes used to
support the BSA/AML compliance program are complete and accurate.
● Training is provided for appropriate personnel, tailored to specific functions and
positions, and includes supporting documentation.
● Management took appropriate and timely action to address any violations and
other deficiencies noted in previous independent testing and regulatory
examinations, including progress in addressing outstanding supervisory
enforcement actions, if applicable.
Examiners review documents (auditor's reports, scope, workpapers) to gauge
BSA compliance. They assess if reports cover BSA adequacy and independence of
testing. They check if testing adequately addresses risks according to risk profile and is

frequent enough. Also, they monitor timely reporting of violations, track them, and
document corrective actions.


The training is delivered in accordance with Bank Secrecy Act (BSA), BSA/AML
Training Section of BSA/AML Examination Manual, The Anti-Money Laundering Act of
2020, USA PATRIOT Act and this Policy.
The Company is committed to enhancing employee expertise by:
1. Delivering precise and commensurate training in accordance with regulatory
mandates. This encompasses money laundering, terrorist financing, and
proliferation financing protocols.
2. Implementing adept mechanisms and protocols to gauge employees'
comprehension and consciousness regarding the training imparted.
The training for employees is not restricted to any particular employee, although
it is mandatory for the board of directors and Senior Management of the Company.
Notwithstanding the above, the training requirements apply to other employees who are
not a part of the board of directors or senior management in The Company or perform
anti-money laundering, terrorist financing and proliferation financing functions under
an outsourcing arrangement. Training rendered must be appropriate and proportional
to each area.
The Company claims that it is not sufficient to simply train key staff; other staff
must be considered as whole to the Company.
Every training must be at an appropriate frequency, at least once every year and
whenever there is an important update to the regulations. The training includes, but not
limited to:
● AML regulatory requirements;
● potential risk profiles and warning signs;
● financial crime patterns and trends;
● the high-level context for why anti money laundering and countering the
financing of terrorism programs are necessary for the Company and what risks
those programs seek to mitigate; and
● de-risking and the effect of de-risking on the provision of financial services;
● internal AML policies, procedures, and processes.
The process of employee training includes different methodologies, engaging
trainers and trainees in direct interactions live or virtual. This dynamic setup enables
employees to actively participate, thus deepening their grasp of the training subject
matter. The spectrum of employee training manifests in diverse forms. These include
in-house workshops and seminars facilitated by the organization, industry-specific
training sessions conducted locally, international training opportunities, virtual learning
experiences, as well as webinars.
Every training that is held must be properly documented in accordance with the
record keeping requirements.


The Company reserves the right to modify or amend this Policy at its discretion.
The date of the most recent modification may always be found above. When we amend
our Policy, we will notify you in a manner commensurate with the nature of the changes
we make. If and where required by applicable law, we will get your approval to any
major changes. If you do not accept the new version of this Policy, please stop using our
You can always contact us if you have any questions or doubts regarding this
Policy via email: