Anti-Money Laundering & Combating Terrorism Financing Policy
The Cryptal AML-CTF policy is a set of measures aimed at stopping the circulation of proceeds from illegal activities.
- 1. General Provisions
- 2. Definitions
- 3. Compliance Officer
- 4. Application of Due Diligence Measures
- 5. Normal Due Diligence Measures
- 6. Identification of a Person
- 7. Risk Assessment
- 8. Reporting of Suspicious Transactions
1. General Provisions
1.1. This Policy for prevention of money laundering and terrorist financing, and compliance with international sanctions (hereinafter Policy), lays down requirements for screening Clients (as defined in section 2.7) and Transactions (as defined in section 2.6) in order to prevent entering into deals involving suspected Money Laundering and Terrorist Financing, and to ensure identification and reporting of such.
1.2. The obligation to observe the Policy rests with the Chief Executive Officer and employees of the Provider of product, including temporary staff, and agents of the Provider of product who initiate or establish a Business Relationship (as defined in section 5), hereinafter all together called the Representative. Every Representative must confirm awareness of the Policy with a signature.
1.3. The policy establishes standards defined according to the principles contained in the 49 Recommendations of Financial Action Task Force (FATF), the Law of Georgia on Facilitating the Prevention of Illicit Income Legalization, and international best practices regarding the prevention of the use of the financial system for money-laundering and the financing of terrorism.
2. Definitions
2.1. Money Laundering – A set of activities with the property derived from criminal activity or property obtained instead of such property with the purpose to:
i. conceal or disguise the true nature, source, location, disposition, movement, right of ownership or other rights related to such property;
ii. convert, transfer, acquire, possess or use such property for the purpose of concealing or disguising the illicit origin of property or of assisting a person who is involved in criminal activity to evade the legal consequences of his or her action;
iii. participation in, association to commit, attempts to commit and aiding, abetting, facilitating and counselling the commission of any of the actions referred to subsections 2.1.i and 2.1.ii.
2.2. Financing of Terrorism – Providing or collecting funds for a terrorist or for terrorist organizations with the intention that they are used or knowing and willing that they are to be used, even without being linked to a specific act, in full or in part, in perpetration of acts that are set forth as a crime under the law.
2.3. International Sanctions – A list of non-military measures decided by the European Union, the United Nations, Office of Foreign Assets Control (OFAC), another international organization or the government of the Georgia and aimed to maintain or restore peace, prevent conflicts and restore international security, support and reinforce democracy, follow the rule of law, human rights and international law.
2.4. Compliance Officer or CO – A representative appointed by the Chief Executive Officer responsible for the effectiveness of the Policy.
2.5. Business Relationship – The relationship of the Provider of product established in its economic and professional activities with the Client.
2.6. Transaction – A cash flow or payment order, wire transfer, credit/debit card payment or cryptocurrency wiring form a Client to the Provider of product.
2.7. Client – A natural or legal person who uses the product of the Provider of product.
2.8. Beneficial Owner – A natural person who:
i. Taking advantage of his influence, exercises control over a transaction, operation or another person and in whose interests or favor or on whose account a transaction or operation is performed taking advantage of his influence, makes a transaction, act, action, operation or step or otherwise exercises control over a transaction, act, action, operation or step or over another person and in whose interests or favor or on whose account a transaction or act, action, operation or step is mad
ii. Ultimately owns or controls a legal person through direct or indirect ownership of a sufficient percentage of the shares or voting rights or ownership interest in that person, including through bearer shareholdings, or through control via other m Direct ownership is a manner of exercising control whereby a natural person holds a shareholding of 25 per cent plus one share or an ownership interest of more than 25 per cent in a company. Indirect ownership is a manner of exercising control whereby a company which is under the control of a natural person holds or multiple companies which are under the control of the same natural person hold a shareholding of 25 per cent plus one share or an ownership interest of more than 25 per cent in a company.
iii. Holds the position of a senior managing official, if, after all possible means of identification have been exhausted, the person specified in clause ii cannot be identified and there is no doubt that such person exists or where there are doubts as to whether the identified person is a beneficial owner.
iv. In the case of a trust, civil law partnership, community or legal arrangement, the beneficial owner is the natural person who ultimately controls the association via direct or indirect ownership or otherwise and is such association's: settlor or person who has handed over property to the asset pool, trustee or manager or possessor of the property, person ensuring and controlling the preservation of property, where such person has been appointed, or the beneficiary, or where the beneficiary or beneficiaries have yet to be determined, the class of persons in whose main interest such association is set up or operates.
2.9. Politically Exposed Person or PEP – is a natural person who is or who has been entrusted with prominent public functions including a head of state, head of government, minister and deputy or assistant minister; a member of parliament or of a similar legislative body, a member of a governing body of a political party, a member of a supreme court, a member of a court of auditors or of the board of a central bank; an ambassador, a high-ranking officer in the armed forces; a member of an administrative, management or supervisory body of a state-owned enterprise; a director, deputy director and member of the board or equivalent function of an international organization, except middle-ranking or more junior officials.
2.9.1. A family member of a person performing prominent public functions is the spouse, or a person considered to be equivalent to a spouse, of a politically exposed person; a child and their spouse, or a person considered to be equivalent to a spouse, of a politically exposed person; a parent of a politically exposed person.
2.9.2. A close associate of a person performing prominent public functions is a natural person who is known to be the beneficial owner or to have joint beneficial ownership of a legal person or a legal arrangement, or any other close business relations, with a politically exposed person; and a natural person who has sole beneficial ownership of a legal entity or legal arrangement which is known to have been set up for the de facto benefit of a politically exposed person.
2.10. Provider of product – Digital Ledger Technologies, Tax Identification Number: 431178218, address: 12 Sulkhan Tstintsadze St., 3rd Floor, Suite 3-9, Saburtalo District, Tbilisi, Georgia – providing the product of exchanging a virtual currency against another virtual currency, exchanging a virtual currency against a fiat currency, and vice versa.
2.11. Virtual currency – A value represented in digital form, which is digitally transferable, preservable or tradable and which persons accept as a payment instrument; a type of unregulated, digital money, which is issued and usually controlled by its developers, and used and accepted among the members of a specific virtual community.
3. Compliance Officer
3.1. The Chief Executive Officer shall appoint a CO whose principal tasks are to:
3.1.1. monitor the compliance of the Policy with the relevant laws and compliance of the activity of the Representatives with the procedures established by the Policy;
3.1.2. compile and keep updated the data regarding countries with low tax risk, high and low risk of Money Laundering and Terrorist Financing and economic activities with great exposure to Money Laundering and Terrorist Financing;
3.1.3. carry out training, instruct and update the Representatives on matters pertaining to procedures for prevention of Money Laundering and Terrorist Financing;
3.1.4. report to Chief Executive Officer once a year (or more frequently, if necessary) on compliance with the Policy, and on Transactions with a suspicion of Money Laundering or Terrorist Financing;
3.1.5. collect, process and analyze the data received from the Representatives or Clients concerning suspicious and unusual activities;
3.1.6. report on events of suspected Money Laundering or Terrorist Financing, and respond to enquiries of such to the corresponding authorities of Georgia;
3.1.7. make proposals on remedying any deficiencies identified in the course of checks.
4. Application of Due Diligence Measures
4.1. The Provider of the product shall determine and take due diligence (hereinafter DD) measures using the results of a conducted risk assessment.
4.2. The Representatives shall pay special attention to the activities of Clients participating in a Transaction and to circumstances that refer to Money Laundering or Terrorist Financing, including to complex, high-value, or unusual Transactions which do not have any reasonable economic purpose.
4.3. Depending on the level of the risk of the Client and/or Transaction and depending on the fact whether the Business Relationship is an existing one or it is about to be established, the Provider of product shall apply either normal DD measures (see Section 5), simplified DD measures (see Section 8) or enhanced DD measures (see Section 9). The Provider of product shall also apply continuous DD measures to ensure ongoing monitoring of Business Relationships.
4.4. DD measures shall include the following procedures:
i. Identifying the Client and verifying its identity using reliable, independent sources, documents or data, including e-identifying;
ii. Identifying and verifying of the representative of the Client and the right of representation;
iii. Identifying the Client's Beneficial Owner;
iv. Assessing and, as appropriate, obtaining information on the purpose of the Business Relationship and the Transaction;
v. Conducting ongoing DD on the Client's business to ensure the Transactions being carried out are consistent with the Provider of product’s knowledge of the Client and its source of funds;
vi. Obtaining information whether the Client is a PEP or PEP’s family member or PEP’s close associate.
4.5. The Provider of product shall establish the source of wealth of the Client, where appropriate.
4.6. To comply with the DD obligation, the Representatives shall have the right and obligation to:
i. request appropriate identity documents to identify the Client and its representatives;
ii. request documents and information regarding the activities of the Client and legal origin of funds;
iii. request information about Beneficial Owners of a legal person;
iv. screen the risk profile of the Client/Transaction, select the appropriate DD measures, assess the risk whether the Client or another person linked with the Transaction is or may become involved in Money Laundering or Terrorist Financing;
v. re-identify the Client or the representative of the Client, if there are any doubts regarding the correctness of the information received in the course of initial identification;
vi. refuse to participate in or carry out the Transaction if there is any suspicion that the Transaction is linked with Money Laundering or Terrorist Financing, or that the Client or another person linked with the Transaction is or could be involved in Money Laundering or Terrorist Financing.
4.7. The goal of continuously applied DD measures is to ensure on-going monitoring of Clients and Transactions. Conducting ongoing monitoring of the Business Relationship includes:
i. scrutiny of Transactions being carried out to ensure that the Transactions being conducted are consistent with the Provider of product's knowledge of the Client, the business and risk profile of the Client;
ii. obtaining information on source of funds for Transactions;
iii. keeping up-to-date the documents, data or information, obtained during taking DD measures;
iv. paying particular attention to Transactions and Client’s conduction, leading to criminal activity or Money Laundering or Terrorist Financing, and clarifying nature, reasons and background of Transactions;
v. paying particular attention to the Business Relationship or Transactions, if the Client is from or the seat of a Client being a legal person is located in a third country, which is included in the list of risk countries.
4.8. Annual review of a Client's legal entity status is carried out regularly once a year. Updated data shall be recorded in the Provider of product’s Client database.
4.9. The Representative updates the data of a Client, who is either a legal person or a natural person, i.e. takes appropriate DD measures every time when:
i. the Client addresses the Provider of product with the request to amend a long-term contract during the term of its validity;
ii. upon identification and verification of the information there is reason to suspect that the documents or data gathered earlier are insufficient, have changed or are incorrect. In this case, the Representative may conduct a face-to-face meeting with the Client;
iii. the data pertaining to the Transactions of Client reveal significant changes in the Client’s area of activity or business volumes, which warrants amending the Client’s risk profile;
iv. the Provider of product has learned through third persons or the media that the activities or data of the Client have changed significantly.
4.10. The Representative shall evaluate the substance and the purpose of the Client’s activities, in order to establish the possible links of the respective Transaction with Money Laundering or Terrorist Financing. The evaluation should result in an understanding about the purpose of the Business Relationship for the Client, the nature of the Client’s business, the risk levels of the Client and, if necessary, the sources of funds related to Transactions.
5. Normal Due Diligence Measures
5.1. The Provider of the product shall conduct normal DD in the following cases:
i. upon establishing a new Business Relationship;
ii. if the value of single Transaction exceeds 30,000 GEL, regardless of whether the financial obligation is performed in one payment or a series of related payments;
iii. in the event of insufficiency or suspected incorrectness of the documents or information previously gathered in the course of carrying out DD measures;
iv. upon suspicion of Money Laundering or Terrorist Financing.
5.2. In the course of conducting normal DD measures, the Representative shall apply the measures of DD as provided for in section 4.4.
5.3. No new Business Relationship can be formed, or Transaction executed, if the Client, in spite of the respective request, has failed to present documents and appropriate information required to conduct DD, or if based on the presented documents, the Representative suspects Money Laundering or Terrorist Financing.
5.4. If, in spite of the respective request, an existing Client has failed to present documents and appropriate information required to conduct DD during the contract period, such behavior constitutes material break of contract that shall be reported by the Representative to the CO, and in such case the contract(s) concluded with the Client shall be cancelled and the Business Relationship shall be terminated as soon as feasible.
5.5. The Provider of product shall not enter into Business Relationships with anonymous Clients.
6. Identification of a Person
6.1. When implementing DD measures the following persons shall be identified:
i. The Client – an individual or legal entity;
ii. Representative of the Client – an individual who is authorized to act on behalf of the Client;
iii. Beneficial Owner of the Client;
iv. Politically Exposed Person (PEP) – if the PEP is the Client or a person connected with the Client.
6.2. Identification of a Client who is an individual or representative of a Client who is a legal entity
6.2.1. The identity of a Client who is an individual or the representative of a Client who is a legal entity must be established each time a Transaction is carried out.
6.2.2. This Policy must be considered when dealing with documents that can be used to identify the Client or its representative and the requirements established for them.
6.2.3. Verification must be done whether or not such person is a PEP.
6.2.4. A new Client and, if necessary, an existing Client shall confirm the correctness of the submitted information and data by signing the Client data registration form.
6.3. Identification of a Legal Entity Client
6.3.1. To identify a Client who is a legal entity, the Representative shall take the following actions:
i. Check the information concerning the legal entity by accessing the relevant electronic databases;
ii. If it is not possible to obtain an original extract from the company registry or the respective data, request documents (extracts from the relevant registry, certificate of registration, or equivalent document) certified or authenticated by a notary public or authenticated officially for verification of the identity of the legal entity;
iii. Ask the representative of a foreign legal entity to present identity documents and a document evidencing of his/her power of attorney, which has been notarized or authenticated pursuant to an equal procedure and legalized or authenticated by a certificate substituting for legalization (apostille), unless otherwise prescribed by an international agreement;
iv. On the basis of the information received from the representative of the foreign legal entity, determine whether or not the legal entity could be linked with a PEP;
v. If the legal address of a Client who is a legal entity is in a third country that is included in the list of risk countries, report this to the CO, who shall decide the additional measures to be applied to identifying and background checking the entity.
6.4. Identification of the Beneficial Owner of the Client
6.4.1. Registration and assessment of the Beneficial Owner(s) of a legal entity is mandatory.
6.4.2. There is no need to identify the Beneficial Owners of a Client or company whose securities have been accepted for trading on a regulated securities market.
6.4.3. In order to establish the Beneficial Owner, the Representative shall take the following actions:
i. Gather information about the ownership and control structure of the Client on the basis of information and documents provided in pre-contractual negotiations or obtained from another reliable and independent source;
ii. In situations where no single person holds the interest or ascertained level of control to the extent of no less than 25 percent, apply the principle of proportionality to establishing the circle of beneficiaries, which means asking information about persons, who control the operations of the legal person, or otherwise exercise dominant influence over the same;
iii. If the documents used to identify a legal person, or other submitted documents do not clearly identify the Beneficial Owners, record the respective information (i.e., whether the legal person is a part of a group, and the identifiable ownership and management structure of the group) on the basis of the statements made by the representative of the legal person, or a written document under the hand of the representative;
iv. To verify the presented information, make enquiries to the respective registries, and request an annual report or another appropriate document to be presented.
v. If no individual is identifiable who ultimately owns or exerts control over a Client and all other means of identification are exhausted, the senior managing official(s) may be considered to be the Beneficial Owner(s).
vi. Pay attention to companies established in high risk regions.
6.5. Identification of a Politically Exposed Person
6.5.1. The Representative shall implement the following measures to establish whether or not a person is a PEP:
i. asking the Client to provide necessary information;
ii. making an enquiry or checking the data on websites of the respective supervisory authorities or institutions of the country of location of the Client.
6.5.2. The matter of whether to establish a Business Relationships with a PEP, or a person associated with him or her, and the DD measures applied to such person shall be decided by the CEO.
6.5.3. If a Business Relationship has been established with a Client, and the Client or its Beneficial Owner subsequently turns out to be or becomes a PEP, CO and CEO shall be notified of that.
6.5.4. In order to establish a Business Relationship with a PEP or a company connected with that person, it is necessary to:
i. take enhanced DD measures (Section 10);
ii. establish the source of wealth of this person and the origin of the money or other property used in the Transaction;
iii. monitor the Business Relationship on a continual basis, and carry out enhanced control over the Transaction.
6.5.5. DD measures, mentioned in Section 6.5.4 might be not applicable regarding local PEPs if there are no relevant circumstances leading to the higher risks.
6.5.6. Respective remark must be made in the Provider of product’s database of Clients on documents of such person in the form of notation “Politically Exposed Person”.
6.6. Documents that can be used for identification
6.6.1. For Clients who are individuals and the representatives of Clients, the following documents can be used for identification:
i. if the individual is a Georgian Citizen – a citizen identity card, or a citizen passport, or any other official document which contains the relevant information and is equivalent to identification under Georgian legislation;
ii. if the individual is a Foreign Citizen – a passport issued by the competent authority of the relevant State or other official document containing relevant data equivalent to the passport under Georgian legislation;
6.6.2. The Representative shall make a copy of the identity page of the document that contains the personal data and a photo.
6.6.3. In addition to an identity document, the representative of a Client shall submit a document in the required format certifying the right of representation.
6.6.4. A legal entity and its passive legal capacity shall be identified and verified on the basis of the following documents:
i. for legal entities registered in Georgia and branches of foreign companies registered in Georgia, the identification shall be conducted on the basis of an extract of a registry card from the commercial register;
ii. foreign legal entities shall be identified on the basis of an extract from the relevant register or a transcript of the registration certificate, or an equivalent document that has been issued by a competent authority or body not earlier that six months before submission thereof.
6.6.5. If original documents are not used for identification, the Representative shall control and verify data by using at least two reliable and independent sources.
7. Risk Assessment
The Provider of the product, in line with international requirements, has adopted a risk-based approach to combating money laundering and terrorist financing. By adopting a risk-based approach, Provider of product is able to ensure that measures to prevent or mitigate money laundering and terrorist financing are commensurate with the identified risks. This will allow resources to be allocated in the most efficient ways. The guiding principle is that resources should be directed in accordance with priorities so that the greatest risks receive the highest attention.
8. Reporting of Suspicious Transactions
8.1. Notification of the CO
8.1.1. If there are any circumstances identified in the Business Relationship that are unusual or suspicious, or there are characteristics that point to Money Laundering, Terrorist Financing, or an attempt of the same, the Representative shall promptly notify the CO.
8.1.2. The CO shall analyze and forward the respective information to the Chief Executive Officer.
8.2. Notification of official state authorities
8.2.1. The CO is authorized to decide whether the transaction is suspicious and, respectively, to forward the information to the respective official state authorities (FIU) and the Chief Executive Officer shall decide whether to postpone the Transaction and/or terminate the Business Relationship.
8.2.2. The CO shall store in a format reproducible in writing any reports received from the Representatives about suspicious and unusual Transactions, as well as all information gathered to analyze such notices, as well as other linked documents and notices to be reported, along with the time of forwarding the notice, and the information about the Representatives who forwarded the same.
8.2.3. The Client or the person participating in the Transaction (including their representative and other connected persons) who is reported as being suspicious, may not be informed of the same.