"s AML policy is currently one of the most successful ways to deal with fraud, money laundering and other illegal activities that users can commit. The correct implementation of its points will allow achieving a higher level of security for customers, as well as maintaining the company"s reputation as a reliable partner for customers.

Basic Rules

  1. This document is formed taking into account the legislation on AML and international sanctions.
  2. Thanks to this document, you can determine the security measures of the company. This is required to check for suspicious transactions that may be related to money laundering and illegal transactions.
  3. Members of the company must have instructions for verifying information that complies with the law.
  4. Amendments to legislative acts are examined independently of each other.
  5. The founders must create instructions for all employees of the company.
  6. Employees of the company must confirm that they have read the instructions issued.
  7. Everyone who works for the company is personally responsible for compliance with the law.

Cooperation with users, identification

2.1 Members of the company must apply the rules to all users without exception.

2.2 The Company does not operate with representatives and other intermediaries, as the interaction must be conducted with the individual himself.

2.3 Users are identified by:

  • identity card, which indicates the full name, place of residence, date of birth;
  • for legal entities, it is required to provide an extract from the Commercial Register, registration number, legal address, contact details.

Risks, level of control measures

3.1 When establishing contact with users, it is required to calculate all the existing risks of committing illegal actions.

3.2 During user verification, it is required to take into account the specifics of geographic location, user risks, and potential operations.

3.3 Geographic risks are highly prioritized, especially if the client is located in a sanctioned area, in countries that support terrorism, areas with a high level of corruption.

3.4 Significant risks for the client are manifested if he or someone from his family is a PEP, is on the EU or UN list as a person under sanctions, has involvement in money laundering.

3.5 The risk of transactions is quite high if the payment is made by third parties, there is no commercial basis in the transaction, the list of persons involved in the transaction is hidden, money is transferred from different accounts, the client receives non-standard amounts. A client has a high level of unreliability if he meets one of the above points. In this case, cooperation with him is impossible.

3.6 There are several reasons why a company may refuse to cooperate with clients. These include the following:

  • a person lives in a state that has a high rate of unreliability;
  • the client is under international financial sanctions, which implies the refusal of any service;
  • the user belongs to PEP or members of his family are included in this category;
  • the person was involved in money laundering or sponsoring terrorist organizations.

If it is possible to find evidence of involvement in sponsoring terrorism or other situations, then a more detailed check of the client"s reliability is required, increasing the amount of effort for this procedure.

Electronic risks and their definition

There are a number of risks that are directly related to the IT industry, the transfer of important information through electronic services. There is also the danger of transmitting deliberately incorrect information. In addition, there are problems with viruses that can harm the system and make the resource vulnerable to hacker attacks. The AML policy of the service is aimed at combating all electronic risks, as they pose a danger to the client and the service itself. Additionally, digital dangers such as system failures should be noted.

In order to counter the dangers in this area, company employees need to take the following measures:

  • use exclusively internal services of the company in their work;
  • use only those programs that are legal and have approved content;
  • use technical means that have been approved by the company without introducing external media and other means into it.

There is also a set of techniques that help reduce the risk of misinformation. To do this, personal data must be confirmed during a personal meeting, if possible. In addition, you can provide verification using video communications or other methods provided by the company. In case of suspicion, the user may be asked for documents that will confirm the specified data.

There is a developed technique that allows you to reduce the risk of encountering cyber attacks. These include:

  • regular checks of systems for the reliability of procedures;
  • security system testing;
  • the use of such software, which will be regularly updated, and will also have built-in anti-virus protection;
  • minimization or elimination of risk factors when working with information.

In order to minimize the risk of data loss, it is required to use fuses for networks and servers, to create backup copies of the main server, and the system must comply with PCI DSS certification. To improve the effectiveness of the implementation of the AML policy, the company"s employees take special annual courses that cover the main aspects of work in this area.

Using Due Diligence

An important point of the AML policy is the application of due diligence, as it has a significant impact on security issues. First of all, due diligence should cover those users who are suspected of being involved in illegal transactions. The most common transactions are related to money laundering and the allocation of funds for the activities of terrorist organizations. These transactions have non-standard features of the conduct, often complex schemes are used, and there is no economic purpose in them. The main checks in this area are:

  • identification of the user using several documents, communication with the client using a video call or personal presence;
  • verification of who benefits from transactions;
  • analysis of the user"s business relations;
  • monitoring transactions, client contacts, periodically rechecking the information provided, requesting evidence of the source of funds;
  • complex data analysis allows you to detect facts that can be confirmed using documents (not only originals, but also certified copies), which allows you to dispel doubts in suspicious moments;
  • all verification procedures should be carried out before opening access to the service so that dubious users cannot start fraudulent activities;
  • All transactions must be sealed with a signature.

Extended due diligence may also apply. This is only relevant for certain cases. One of them is the receipt of information about the client from a place where it should not actually be. It is also relevant when doubts arise during the verification of the data provided by the user. As a rule, doubts arise in the absence of the possibility of identifying the user or recipient of the benefits of the transaction.

If serious suspicions arise as part of the implementation of the AML policy, company employees can check information using the register of credit institutions that also operate within the framework of the policy area under consideration. Electronic information delivery methods may also be used to provide authentication. All information must be accurate, as evidenced by notarization and other means. It can also be used to make payments through a credit institution with which the client works in a state that supports the implementation of AML protocols.

PEP check

During the start of cooperation, the client is required to fill out a special form, on the basis of which the verification will be carried out. The form must contain information regarding whether he acts as a PEP, whether he has any connection with such a person. If the PEP has anything to do with the client, then this must be indicated. Verification for this category of persons is carried out on the basis of sources to which public access is open.

Verification of persons who are under international sanctions

This type of verification is also carried out based on the data entered by the user. They are subsequently used for identification. Based on the information received, the company"s employees check the presence of relevant names in the lists of persons who are under international sanctions.

Money laundering check

Among the many possible crimes in the financial sector, money laundering is one of the most common dangerous crimes. For this reason, much attention is paid to verification in this area. If the possibility of committing such a crime is suspected, a full-scale check begins. Before it begins, you need to pay attention to the signs that are characteristic of the violation in question. These include:

  • behavior and appearance do not correspond to the transaction conducted by the user;
  • the client needs outside help to sign the document;
  • the user is suspected of dishonest activity;
  • there is no evidence of demand for the actions taken;
  • too high a rate, which looks unreasonable;
  • cash transactions are carried out in non-standard ways;
  • the presence of various operations that are not related to the work of the client;
  • finances are transferred to other accounts or to any other country;
  • the user does not provide an explanation for the suspicious transaction;
  • the exchange involves amounts that are non-standard for the client;
  • there are signs of a fictitious transaction;
  • settlements are carried out through financial institutions located in countries where they are not taxed.

Reasons for denying customer service based on AML policy

There are a number of reasons why a company does not conclude an agreement with a client, which makes further cooperation impossible. Clients of the company can only be adults who act on their own behalf. Representatives of individuals, even if they are official, cannot conduct activities within the framework of the service, which is one of the foundations of safe work. It also excludes cooperation with persons who have not provided a complete list of documents for further work. If a person is suspected of provocations, then he will also be deprived of the opportunity to be served on the site.

Denial of service is received by people who are under international sanctions, suspected of carrying out illegal activities (this is detected on the basis of documents provided by the client), people related to PEP and having direct connections with them, as well as cases described in the Service Rules in clause 8.9.