Browse our policies below.
GUIDELINES FOR ANTI-MONEY LAUNDERING, COMBATING FINANCING TERRORIST AND SANCTION MEASURES
These Guidelines have been adopted to ensure that the Company complies with the rules and regulations set out in:
These Guidelines are the subject of a review by the Management Board at least annually. The proposal for a review and the review of these Guidelines may be scheduled more often by the decision of the Company's Money Laundering Reporting Officer (MLRO) or the Internal Control Officer.
These Guidelines shall be accepted and approved by the resolution of the Management Board.
The Company means legal entity with following data:
The Guidelines – this document including all annexes as provided above. The Guidelines include inter alia the Company's Internal control rules regarding the Guidelines and the Company's risk assessment policy regarding risk based approach for ML/TF risks.
The Money Laundering (ML) means the concealment of the origins of illicit funds through their introduction into the legal economic system and transactions that appear to be legitimate. There are three recognized stages in the money laundering process:
The Terrorist Financing (TF) means the financing and supporting of an act of terrorism and commissioning thereof as well as the financing and supporting of travel for the purpose of terrorism in the meaning of applicable legislation.
Sanctions mean an essential tool of foreign policy aimed at supporting the maintenance or restoration of peace, international security, democracy and the rule of law, following human rights and international law or achieving other objectives of the United Nations Charter or the common foreign and security Policy of the European Union. Sanctions include:
International sanctions may ban the entry of a subject of an international sanction in the state, restrict international trade and international transactions, and impose other prohibitions or obligations.
The subject of Sanctions is any natural or legal person, entity, or body, designated in the legal act imposing or implementing Sanctions, with regard to which the Sanctions apply.
The Customer means a natural person or a legal entity which has the business relationship with the Company or a natural person or legal entity with which the Company enters into the occasional transaction.
The Beneficial Owner means a natural person who, taking advantage of their influence, makes a transaction, act, action, operation or step or exercises control in another manner over a transaction, act, action, operation or step or over another person and in whose interests or for whose benefit or on whose account a transaction or act, action, operation or step is made. In the case of a legal entity, the beneficial owner is a natural person whose direct or indirect holding, or the sum of all direct and indirect holdings in the legal person, exceeds 25 percent, including holdings in the form of shares or other forms of bearer.
MLRO means Money Laundering Reporting Officer, who is appointed to the Company as a compliance officer in the meaning of § 17 of MLTFPA.
The Employee means the Company´s employee, including persons which are involved in application of these Guidelines in the Company.
The Management Board means management board of the Company.
The Business Relationship means a relationship that is established upon conclusion of a long-term contract by the Company in economic or professional activities for the purpose of provision of a service or distribution thereof in another manner or that is not based on a long-term contract, but whereby a certain duration could be reasonably expected at the time of establishment of the contact and during which the Company repeatedly makes separate transactions in the course of economic or professional activities while providing a service.
The Occasional Transaction means the transaction performed by the Company in the course of economic or professional activities for the purpose of provision of a service or sale of goods or distribution thereof in another manner to the Customer outside the course of an established business relationship.
Virtual currency means a value represented in the digital form, which is digitally transferable, preservable or tradable and which natural persons or legal persons accept as a payment instrument, but that is not the legal tender of any country or funds for the purposes of Article 4(25) of Directive (EU) 2015/2366 of the European Parliament and of the Council on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, pp 35–127) or a payment transaction for the purposes of points (k) and (l) of Article 3 of the same Directive.
PEP means a natural person who performs or has performed prominent public functions and with regard to whom related risks remain.
The organizational structure of the Company must correspond to its size and the nature, scope, and level of complexity of its activities and services provided, including the risk appetite and related risks, and must be structured in accordance with the principle of three lines of defense. The organizational structure of the Company must correspond to the complete understanding of potential risks and their management. The reporting and subordination chains of the Company must be ensured in such a way that all employees know their place in the organizational structure and know their work duties.
The Management Board is the carrier of the culture of compliance with the requirements of money laundering and terrorist financing prevention, guaranteeing that the Management Board members and employees of the Company operate in an environment where they are fully aware of the requirements for the prevention of money laundering and terrorist financing and the obligations associated with these requirements, and the relevant risk considerations are taken into account to a suitable extent in the decision-making processes of the Company.
The Management Board members bear ultimate responsibility for the measures taken to prevent the use of the Company’s services for money laundering or terrorist financing. They provide oversight and are accountable for:
The first line of defense has the function of applying the due diligence measures upon business relationship and occasional transactions and applying due diligence measures during the business relationship. First line of defense comprises the structural units and employees of the Company with whose activities risks are associated and that must identify and assess these risks, their specific features and scope and that manage these risks by way of their ordinary activities, primarily by way of application of due diligence measures. The risks arising from the activities of and provision of services by the Company belong to the first line of defense. They are the managers (owners) of these risks and responsible for them.
The employees of the Company must act with the foresight and competence expected from them and according to the requirements set for their positions, proceeding from the interests and the goals of the Company, and ensure that the country's financial system and economic space are not used for money laundering and terrorist financing. The Company takes measures to assess the suitability of the employees before they start working with the relevant training.
For the aforementioned reasons, the employees are required to:
The second line of defense consists of the risk management and compliance functions. These functions may also be performed by the same person or structural unit depending on the size of the Company and the nature, scope and level of complexity of their activities and provided services, incl. the risk appetite and risks arising from activities of the Company.
The objective of the compliance function is to guarantee that the Company complies with effective legislation, guidelines and other documents and to assess the possible effect of any changes in the legal or regulative environment on the activities of the Company and on the compliance framework. The task of compliance is to help the first line of defense as the owners of risk to define the places where risks manifest themselves (e.g., analysis of suspicious and unusual transactions, for which compliance employees have the required professional skills, personal qualities, etc.) and to help the first line of defense manage these risks efficiently. The second line of defense does not engage in taking risks.
Risk policy is implemented, and the risk management framework is controlled by the risk management function. The performer of the risk management function ensures that all risks are identified, assessed, measured, monitored, and managed, and informs the appropriate units of the Company about them. The performer of the risk management function for the purposes of AML primarily performs the supervision over adherence to risk appetite, supervision over risk tolerance, supervision over identification of changes in risks, performs the overview of associated risks, and performs other duties related to risk management.
The Management Board have appointed an MLRO for performing the second line of defense functions. This person is not operationally involved in the areas that the MLRO will be monitoring and verifying and is thus independent in relation to these. The MLRO is accountable for the following activities:
The MLRO reports to the Management Board quarterly. This report must be in writing and include at least the following items:
The third line of defense is comprised by the independent and effective internal audit function. The internal audit function may be performed by one or several Employees, the Company's structural unit with the relevant functions or by the third party, which provides the relevant service to the Company.
The Employees, the Company's structural unit or third party, which performs the internal audit function must have the required competency, tools, and access to the relevant information in all structural units of the Company. The internal audit methods must comply with the size of the Company, the nature, scope, and level of complexity of the activities and provided services, incl. the risk appetite and risks arising from activities of the Company.
The decision to conduct an internal audit is made by a resolution of the Management Board. The Management Board must assess the need to conduct an internal audit at least annually.
Customer due diligence (CDD) measures are required for verifying the identity of a new or existing Customer as a well-performing risk-based ongoing monitoring of the business relationship with the Customer. The CDD measures consist of 3 levels, including the simplified and enhanced due diligence measures, as specified below.
The CDD measures are taken and performed to the extent necessary considering the customer’s risk profile and other circumstances in the following cases:
The Company does not establish or maintain the business relationship and not perform transaction if:
In the case of receiving information in foreign languages within the framework of CDD implementation, the Company may request to demand translation of the documents to another language appliable for the Company. The use of translations should be avoided in situations when the original documents are prepared in a language appliable for the Company.
Achieving CDD is a process that starts with the CDD measures implementation. When that process is complete, the Customer assigns documented individual risk level which shall form the basis for follow-up measures, and which is followed up and updated when necessary.
The Company has applied CDD measures adequately if the Company has the inner conviction that they have complied with the obligation to apply due diligence measures. The principle of reasonability is observed in the consideration of inner conviction. This means that the Company must, upon the application of CDD measures, acquire the knowledge, understanding and assertation that they have collected enough information about the Customer, the Customer’s activities, the purpose of the business relationship and of the transactions carried out within the scope of the business relationship, the origin of the funds, etc., so that they understand the Customer and the Customer’s (business) activities, thereby taking into account the Customer’s risk level, the risk associated with the business relationship and the nature of such relationship. Such a level of assertation must make it possible to identify complicated, high-value and unusual transactions and transaction patterns that have no reasonable or obvious economic or legitimate purpose or are uncharacteristic of the specific features of the business in question.
The Company's main economic activity is the virtual currency services. For this reason, the Company offers to their Customers the following transaction types:
The Company provides aforementioned services only for the following virtual currencies:
Verification of the information for the Customer's identification means using data from a reliable and independent source to confirm that the data is true and correct, also confirming, if necessary, that the data directly related to the Customer is true and correct. This inter alia means that the purpose of verification of information is to obtain reassurance that the Customer who wants to establish the business relationship is the person they claim to be.
The face-to-face identification (personal meeting with the Customer) or identification using information technology means (using of high-confidence e-identification system) is deemed to be the reliable and independent verification of the information obtained in the course of identification.
In situations not specified in the above mentioned identification methods the reliable and independent source (must exist cumulatively) is verification of the information obtained in the course of identification:
Simplified due diligence (SDD) is applied where the Customer’s risk profile indicates low risk and where, in accordance with the risk assessment produced by the Company, it has been identified that in such circumstances the risk of money laundering or terrorist financing is lower than usual. Regarding the Company services provided and the Company's risk assessment, the Company will not apply SDD measures to their Customers. Thus, to all Customers at least standard due diligence measures shall be applied as specified below.
Standard due diligence measures are applied to all Customers if CDD measures must be applied in accordance with the Guidelines. The following standard due diligence measures should be applied:
The CDD measures specified above must be applied before establishing the business relationship. The exact instruction for application standard due diligence measures is provided in the Guidelines.
In addition to CDD, the Company applies enhanced due diligence (EDD) measures in order to manage and mitigate an established risk of money laundering and terrorist financing that is higher than usual.
The Company always applies EDD measures, when:
Prior to applying EDD measures, the Company's employee ensures that the business relationship or transaction has a high risk and that a high-risk rate can be attributed to such business relationship or transaction. Above all, the employee assesses prior to applying the EDD measures whether the features described above are present and applies them as independent grounds (that is, each of the factors identified allows application of EDD measures with respect to the Customer).
When applying EDD measures, the following additional and relevant due diligence measures shall be followed:
The amount of EDD measures and this scope shall be determined by the employee, who is applying such measures. The employee shall notify about EDD measures applied within 2 working days after the start of applying of the EDD measures by sending relevant notification to the MLRO.
In the case of application of EDD measures, the Company monitors the business relationship more often than usual and reassesses the Customer’s risk profile no later than every six months.
The Company identifies the Customer who is a natural person and, where relevant, their representative and retains the following data on the Customer:
The following valid identity documents may be used as the basis for the identification of a natural person:
During the verification of the data obtained during the identification of the Customer and representative from a credible and independent source, the first credible and independent sources is always:
The following information obtained may be the second reliable and independent source:
The Customer who is natural person can´t use representative in the course of business relationship or occasional transaction with the Company.
The Company identifies the Customer which is a legal entity and their representative and retains the following data on the Customer:
The following documents issued by a competent authority or body not earlier than six months before their use may be implied for identification of the Customer:
The Company verifies the correctness of the Customer's data specified above, using information originating from a credible and independent source for that purpose. Where the Company has access to the commercial register, register of non-profit associations and foundations or the data of the relevant registers of a foreign country, the submission of the documents specified about does not need to be demanded from the Customer.
The identity of legal entity and the right of legal entity's representation can be verified on the basis of a document specified above, which has been authenticated by a notary or certified by a notary or officially, or on the basis of other information originating from a credible and independent source, including means of electronic identification and trust services for electronic transactions, thereby using at least two different sources for verification of data in such an event.
During the verification of the data from a credible and independent source obtained during the identification of the legal entity, the source considered credible and independent when the Company:
Two different sources during the identification of a legal entity means that the data medium, place or measure of obtaining information must be different (i.e. it cannot be the same data medium).
The representative of the legal entity shall be identified as the Customer, who is a natural person in accordance with these Guidelines. The Company must also identify and verify the nature and scope of the right of representation. The name, date of issue and name of issuer of the document that serves as a basis for the right of representation must be ascertained and retained, except in case, when the right of representation was verified using information originating from the relevant register (e. g. the commercial register, register of non-profit associations and foundations or the relevant register of a foreign country).
The Company must observe the conditions of the right of representation granted to the legal entity's representatives and provide services only within the scope of the right of representation.
The Company must identify the beneficial owner of the Customer and take measures to verify the identity of the beneficial owner to the extent that allows the Company to make sure that they know who the beneficial owner is.
The Company shall request from the Customer information to the Customer's beneficial owner (e. g. providing the Customer with an opportunity to specify their beneficial owner in KYC questionnaire).
The Company doesn´t establish the business relationship, if the Customer, who is a natural person has beneficial owner who is not the same person as the Customer.
The beneficial owner of a legal entity is identified in stages where the obliged entity proceeds to each subsequent stage if the beneficial owner of the legal entity cannot be determined in the case of the previous stage. The stages are as follows:
If the documents used for the legal entity´s identification or the other submitted documents do not indicate directly who the beneficial owner of the legal entity is, the relevant data (incl. data about being a member of a group and the ownership and management structure of the group) are registered on the basis of the statement of the representative of the legal entity or the document written by hand by the representative of the legal entity.
The Company shall apply reasonable measures to verify the accuracy of the information established on the basis of statements or a handwritten document (e.g. by making inquiries in the relevant registers), requiring the submission of the legal entity's annual report or other relevant document. If the Company has doubts about the accuracy or completeness of the relevant information, the Company shall verify the information provided from publicly available sources and, if necessary, request additional information from the Customer.
Where the Company establishes the business relationship with the Customer whose information on beneficial owners must, in accordance with the statutes of a Member State of the European Union, be submitted to the state or be registered there, the Company shall obtain a relevant registration certificate or registry extract upon identification of the Customer´s beneficial owner.
The beneficial owner does not have to be identified in the case of the Customer listed on a regulated market that is subject to disclosure requirements consistent with European Union law or subject to equivalent international standards which ensure adequate transparency of ownership information.
[1] For the purpose of simplifying these Guidelines, relation to "AML" includes also prevention of terrorism financing and implementation of Sanctions.
[2] this measure shall be always applied, where the Company comes in contact with the high-risk third country via the Customer or transaction.
[3] this measure shall be always applied, where the Customer is a PEP
[4] For example, the fact that the data collected in the course of identification are true and correct can be proven by a confirmation in a format that can be reproduced in writing received from a reliable and independent source, which states that the person lives (e. g. consumes utilities there, i.e. proves that the person lives at that place), studies or works (profession or area of activity) at the place they declared, etc.
[5] direct ownership is a manner of exercising control whereby the natural person owns a 25 percent shareholding plus one share or an ownership right of over 25 percent in the company
[6] indirect ownership is a manner of exercising control whereby a 25 percent shareholding plus one share or an ownership right of over 25 percent in the company is owned by a company that is controlled by a natural person or several companies that are controlled by the same natural person.
[7] a member of senior management is a person who makes the strategic decisions that fundamentally affect business activities and/or practices and/or the company general (business) trends or in its absence 15.8.2. carries out everyday or regular management functions of the company within the scope of executive power (e.g. chief executive officer (CEO), chief financial officer (CFO), director or president, etc.).