
Policies
Browse our policies below.
đ âKYC Policy
KYC Policy
1. Purpose and Scope
This policy outlines the Know Your Customer (KYC) procedures to comply with Czech laws, including Act No. 253/2008 Coll. on AML. It applies to all customers, employees, and third parties involved in customer onboarding and monitoring under the VSOP license.
2. Objectives
- Prevent money laundering and terrorist financing.
- Verify customer identities effectively.
- Mitigate risks through due diligence and monitoring.
- Ensure compliance with Czech AML regulations and GDPR.
3. Core KYC Procedures
3.1 Customer Identification
All customers must provide valid identification:
- Individual Clients:
- Full name, date of birth, address, and nationality.
- Government-issued photo ID (e.g., passport, national ID).
- Address proof (e.g., utility bill, bank statement, max 3 months old).
- Non-Face-to-Face Verification:
- Video verification or digital signatures.
- Two-factor authentication where necessary.
3.2 Due Diligence Measures
- Standard CDD:
- Identify the client and verify their identity.
- Establish the purpose of the relationship.
- Enhanced Due Diligence (EDD) for High-Risk Customers:
- Politically Exposed Persons (PEPs).
- Customers from high-risk jurisdictions.
- Unusual or high-value transactions.
- Additional documentation (e.g., source of funds and wealth).
3.3 Risk-Based Approach (RBA)
- Classify customers as low, medium, or high risk.
- Automate risk scoring through approved tools.
- Focus resources on high-risk profiles for closer scrutiny.
3.4 Ongoing Monitoring
- Continuously review transactions to detect anomalies.
- Flag and investigate unusual or suspicious activity.
- Update customer profiles periodically or upon risk changes.
4. Reporting and Record-Keeping
4.1 Suspicious Activity Reporting
- Flag suspicious transactions or behaviours internally.
- Report confirmed suspicions to the Financial Analytical Office (FAU) promptly.
4.2 Record Retention
- Maintain all customer and transaction records for at least 10 years.
- Retain risk assessments, identification documents, and monitoring logs securely.
4.3 Data Protection
- Comply with GDPR and Czech data protection laws.
- Secure customer data using encryption and restricted access.
5. Training and Accountability
- Regular training for employees on KYC, AML, and data protection compliance.
- Clear escalation procedures for suspicious activity.
- Accountability at all levels:
- Compliance Officer: Ensures policy adherence and regulatory reporting.
- Employees: Follow KYC procedures and escalate issues promptly.
- Management: Allocate resources and oversee policy implementation.
6. Policy Governance
6.1 Non-Compliance Consequences
- Revocation of VSOP license.
- Regulatory fines or penalties.
- Disciplinary actions for employees.
6.2 Policy Review
- Annual policy review or updates based on regulatory changes.
7. Approval and Implementation
This policy is approved by Kem Finityâs board and effective as of 01/01/2025. All employees and partners must comply fully with the outlined procedures.