AML Manual

INFO > AML MANUAL

RISK MANAGEMENT AND PROCEDURES MANUAL FOR THE PREVENTION AND SUPPRESSION OF MONEY LAUNDERING AND TERRORIST FINANCING

01. Introduction

Civic Asset Management Private Limited (hereinafter referred to as “the Company”) is a limited liability company incorporated in the Republic of Maldives, under registration number C13042021, offering its clients investments and/or ancillary services, as these are defined in Maldives Securities Act (Law no:2/2006) and following Regulations (2015/R-57), the Law which provides for the provision of investment services, the exercise of investment activities, the operation of regulated markets and other related matters (hereinafter referred to as the “Regulation on Registration and Management of Investment Funds”). It is therefore a Maldives Private Investment Fund Company (a “PIFC company”) within the meaning of the above-mentioned Law.

In order to address our AML compliance and Risk Management CAM will provide its updated AML and Risk Management Policy and manual to the Maldives Capital Market development Authority (hereinafter referred to as “CMDA”) to attest to its compliance to AML compliance issues. The procedures and policies detailed in this document (hereinafter referred to as “the Manual”) ensure compliance of all of the employees of the Company, and any other relevant persons, with the obligations of the Laws, and specifically compliance with the Law no 10/2014 of the Maldives Monetary Authority (MMA) for the prevention of Money Laundering and Terrorist Financing Act, (hereinafter referred to as the “AML Law”).

02. Purpose

The purpose of this Manual is to provide guidance on the employees of the Company on all the procedures followed by the Company in order to achieve full compliance with the relevant Anti-Money Laundering Laws and/or Regulations with the aim of eliminating any exposure to money laundering and terrorist financing.

The present Manual should be read in conjunction with the Internal Operations Manual of the Company, and the procedures which are followed for account opening. The Manual will be periodically reviewed (semi – annually) and updated when is deemed to be necessary by the AML Compliance Officer of the Company or following any amendments of the revenant Laws/and Regulations. Any such revisions of the Manual must be approved by the Board of Directors.

Contact details of the AML Compliance Officer of the Company: Name: Mrs. Aishath Thaimeen
Email: thaimeen@civicassetmgt.com
Phone: +9607936161

All employees of the Company have read and are fully aware of the present Manual.

03. Legal Framework

Investment Firms, on the course of their business, are required to comply with the provisions of the AML Law, and any other Regulations issued by the MMA and CMDA from time to time, regarding the prevention of Money Laundering and Terrorist Financing. The main purpose of the revenant Laws is to define and criminalize the laundering of proceeds generated from all serious criminal offences, aiming at depriving criminals from the profits of their crimes.

In particular, in accordance with the AML Law, PIFCs are obliged to set out policies and procedures for preventing money laundering activities. Those procedures, which are implemented by the Company, as these are required by the Law, and are the following:

a. Identification and due diligence procedures of clients.

b. Record keeping procedures in relation to clients’ identity and their transactions.

c. Internal reporting procedures to a competent person (e.g., Anti-Money Laundering Compliance Officer) appointed to receive and consider information that give rise to knowledge or suspicion that a client is engaged in money laundering activities.

d. Appropriate procedures of internal control, risk management, with the purpose of preventing money laundering activities.

e. The detailed examination of every transaction that due to its nature is considered vulnerable to money laundering, and especially for complicated or unusually large transactions and transactions that are taken place without an obvious financial or legal purpose.

f. Measures for making employees aware of the abovementioned procedures to prevent money laundering and of the legislation relating to money laundering.

g. Provision of regular training to their employees in the recognition and handling of transactions suspected to be associated with money laundering.

04. Definitions

1. Beneficial owner: means the natural person or natural persons, who ultimately own or control the customer and/or the natural person on whose behalf a transaction or activity is being conducted. The beneficial owner shall at least include:

a) In case of corporate entities:

i. The natural person or natural persons, who ultimately own or control a legal entity through direct or indirect ownership or control of a sufficient percentage of the shares or voting rights in that legal entity, including though bearer share holdings, a percentage of 25% plus one share be deemed sufficient to meet this criterion

ii. The natural person or natural persons, who otherwise exercise control over the management of a legal entity.

b) In the case of legal entities, such as foundations and legal arrangements, such as trusts, which administer and distribute funds:

i. Where the future beneficiaries have already been determined, the natural person or natural persons who is the beneficiary of 25% or more of the property of a legal arrangements or entity;

ii. Where the individuals that benefit from the legal arrangement or entity have not yet to be determined, the class of persons in whose main interest the legal arrangement or entity is set up or operates;

iii. The natural person or natural persons who exercise control over 25% or more of the property of a legal arrangement or entity.


2. EU Directive shall mean the Directive (EU) 2015/849 of the European Parliament and of the Council of 20th of May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC.

3. Politically exposed person (hereinafter referred to as “PEP”): means the natural persons who are or have been entrusted with prominent public functions in the Republic of Maldives or any other country and their immediate family members or persons known to be close associates of such persons.

4. Financial Intelligence Unit (hereinafter referred to as “FIU”): shall mean the department in the Office of the Attorney of the Republic, taking measures of the preventing the legalization of the criminal proceeds.

05. COMPANY’S OBLIGATIONS

5.1 THE BOARD OF DIRECTORS
The Board of Directors of the Company (hereinafter referred to as the “BOD”) hereby recognizes its obligations under the AML Law and AML Directive to prohibit and actively pursue the prevention of money laundering and any activity that facilitates money laundering or the funding of terrorist or criminal activities. The BOD assesses and on a regular basis reviews the effectiveness of the policies, arrangements and any procedures put in place, so as to comply with the obligations under the Relevant Laws and takes appropriate measures to address any deficiencies.

The AML Directive includes the main duties and responsibilities of the BOD in relation to the prevention of money laundering and terrorist.

The BOD of the Company has the following responsibilities:

1. Determines, records and approves the general policy principles of the Company in relation to the prevention of money laundering and terrorist financing and communicates them to the Compliance Officer.

2. Appoints a Compliance Officer and, where is required, they appoint assistant Compliance Officers and determine their duties and responsibilities, which are recorded in the AML Directive.

3. Approves the risk management and procedures manual as required by the AML Directive, which is communicated to all employees of the Company, that manage, monitor or control in any way the customers’ transactions and have the responsibility for the application of the practices, measures, procedures and controls that have been determined.

4. Ensures that all requirements of the AML Law and the AML Directive are applied and assures that appropriate, effective and sufficient systems and controls are introduced for achieving the prevention of money laundering and terrorist financing.

5. Assures that the Compliance Officer and any other person who has been assigned with the duty of implementing the procedures for the prevention of money laundering and terrorist financing, have complete and timely access to all data and information concerning customers’ identity, transactions’ documents and other relevant files and information maintained by the Company so as to be fully facilitated in the effective execution of their duties.

6. Ensures that all employees are aware of the person, who has been assigned the duties of the Compliance Officer, as well as his assistants, to whom they report any information concerning transactions and activities for which they have knowledge or suspicion that might be related to money laundering and terrorist financing.

7. Establishes a clear and quick reporting chain based on which information regarding suspicious transactions is passed without delay to the Compliance Officer, either directly or through his assistants and notifies accordingly the Compliance Officer for its explicit prescription in the risk management and procedures manual.

8. Ensures that the Compliance Officer has sufficient resources and technological equipment, for the effective discharge of his duties.

9. Assesses and approves the Annual Report and takes all action as deemed appropriate under the circumstances to remedy any weaknesses and/or deficiencies identified in the Annual Report.

5.2 OBLIGATIONS OF THE INTERNAL AUDIT DEPARTMENT
The Internal Auditor’s obligations have been set as follows:

To review and evaluate, on an annual basis, the appropriateness, effectiveness and adequacy of the policies, practices, measures, procedures and control mechanisms applied for the prevention of money laundering and terrorist financing. In addition, to periodically carry out inspections on randomly selected transactions in order to confirm that all the relevant business and due-diligence documents are in place, and that such transaction is consistent with his economic profile, has the economic substance and all due diligence methods as prescribed hereunder, were properly applied.

To submit the findings and observations, in a written report form, to the board of directors which decides the necessary measures that need to be taken to ensure the rectification of any weaknesses and/or deficiencies which have been detected. The minutes of the abovementioned decision of the board of directors and the internal auditor’s report are submitted to the Commission within 20 days from the date of the meeting.

06. THE MONEY LAUNDERING COMPLIANCE OFFICER

6.1 APPOINTMENT OF COMPLIANCE OFFICER
Further to the requirements of the AML Directive issued by the Commission, the Board of Directors of the Company appointed one officer/employee as the Money Laundering Compliance Officer (hereinafter referred to as the “AMLCO” or “Compliance Officer”) of the Company. The AMLCO of the Company is the one responsible for the administration, review, interpretation, and application of this Manual. In performing this role, the AMLCO shall consider the nature, scale and complexity of the Company’s business, and the nature and range of investment services and activities undertaken in the course of the business.

The person appointed to be the Compliance Officer of the Company is a person with a good knowledge of the relevant Laws and Regulations, and she is competent to consider information that gives rise to knowledge or suspicion of engagement in money laundering activities and to perform her duties set out in this Manual.

The AMLCO shall also have the resources, expertise as well as access to all relevant information necessary to perform her duties adequately and efficiently.

6.2 THE DUTIES OF THE AML COMPLIANCE OFFICER
The Compliance Officer of the Company has several duties and responsibilities as these can be found in the AML Law. As per the AML Law of Maldives the Compliance Officer of the Company is responsible for the following:

1. To design the internal practice, measures, procedures and controls relevant to the prevention of money laundering and terrorist financing and describes and explicitly allocates the appropriateness and the limits of responsibility of each department. It is provided that, the above includes measures and procedures for the prevention of the abuse of new technologies and systems providing financial services, for the purpose of Money Laundering and terrorist Financing as well as measures so that the risk of money laundering and terrorist financing is appropriately considered and managed in the course of the daily activities of the Company with regard to the development of new products and possible changes in the Company’s economic profile.

2. Develops and establishes the customers’ acceptance policy and submits it to the board of directors for consideration and approval.

3. To prepare a risk management and procedures manual regarding money laundering and terrorist financing.

4. Monitors and assesses the correct and effective implementation of the policy, the practices, measures, procedures and controls of point (a) and in general the implementation of the risk management and procedures manual of point (c). In this regard, applies appropriate monitoring mechanisms which will provide him all the necessary information for assessing the level of compliance of the departments and employees of the Company with the procedures and controls which are in force. In the event that he identifies shortcomings and/or weaknesses in the application of the required practices, measures, procedures and controls, gives appropriate guidance for corrective measures and where deems necessary informs the board of directors.

5. Receives from the Company’s employee’s information which is considered by the latter to be knowledge of money laundering or terrorist financing activities, or which is cause for suspicion connected with money laundering or terrorist financing. The information is received in a written report form (hereinafter to be referred to as “Internal Suspicion Report”), a specimen of such report is attached in the First Appendix.

6. Evaluates and examines the information received as per point (e), by reference to other relevant information and discusses the circumstances of the case with the informer and, where appropriate, with the informer’s superiors. The evaluation of the information of point (e) has been done on a report (hereinafter to be referred to as “Internal Evaluation Report”, a specimen of which is attached in the Second Appendix.

7. If following the evaluation described in point (f) above, the Compliance Officer decides to notify FIU, then he/she should complete a written report and submit it to FIU electronically, as soon as possible.

8. If following the evaluation described in paragraph (f) above, the Compliance Officer decides not to notify FIU, then he fully explains the reasons for such a decision on the “Internal Evaluation Report” as above.

9. The Compliance Officer acts as a first point of contact with FIU, upon commencement and during investigation as a result of filing a report to FIU according to point (g).

10. Ensures the preparation and maintenance of the lists of clients categorized following a risk-based approach which contains inter alia, the names of the customers, their account number and the date of the commencement of the business relationship. Moreover, ensures the updating of the said lists with all new or existing customers, in the light of additional information obtained.

11. Detects, records, and evaluates, at least on an annual basis, all risks arising from existing and new clients, and services and updates and amends the systems and procedures applied by the Company for the effective management of the aforesaid risks.

12. Evaluates the systems and procedures applied by a third person on whom the Company relies for customer identification and due diligence purposes and approves the cooperation with it.

13. Ensures that the branches and subsidiaries of the Company that operate in countries outside the European Economic Area, have taken all necessary measures for achieving full compliance with the provisions of the present Directive, in relation to customer identification, due diligence and record keeping procedures.

14. Provides advice and guidance to the employees of the Company on subjects related to money laundering and terrorist financing.

15. Acquires the required knowledge and skills for the improvement of the appropriate procedures for recognizing, preventing and obstructing any transactions and activities that are suspected to be associated with money laundering or terrorist financing.

16. Determines the Company’s departments and employees that need further training and education for the purpose of preventing money laundering and terrorist financing and organizes appropriate training sessions/seminars. In this regard, prepares and applies an annual staff training program and assess the adequacy of the education and training provided.

17. Prepares correctly and submits timely to the Commission the monthly prevention statement and provides the necessary explanation to the appropriate employees of the Company for its completion.

18. Prepares the annual report within two months from the end of each calendar year.

19. Responds to all requests and queries from FIU and the Commission, provides all requested information and fully cooperates with FIU and the Commission.

20. Maintains a registry which includes the reports of points (e), (f), and (g), and relevant statistical information.

07. Measures & Procedures on a Risk Based Approach

The Company applies appropriate measures and procedures, on a risk-based approach, to focus its efforts in those areas where the risk of money laundering terrorist financing appears to be higher.

7.1 IDENTIFICATION AND ASSESSMENT OF THE OF ML/TF RISKS
When the Company identifies any potential risks to money laundering and/or terrorist financing, it takes into account customer risk factors, countries and geographical areas, products, services and transactions risk factors, as well as any risk factors related to the delivery channels. However, these factors are not exhaustive, and the Company will take a holistic view of the risk associated with each situation.

1. Customer risk factors
When identifying the risk associated with the customers, including customer’s beneficial owners, the Company takes into account the following

a) the customer’s and the customer’s beneficial owner’s business or professional activity; For example, the Company considers information not limited to the following;

i. If the customer or beneficial owner have links to sectors that are commonly associated with higher corruption risk, such as construction, pharmaceuticals and healthcare, the arms trade and defense, the extractive industries or public procurement;

ii. If the customer or the beneficial owner have links to sectors that are associated with higher ML/TF risk, for example certain Money Service Businesses, casinos or dealers in precious metals;

iii. If the customer or beneficial owner have links to sectors that involve significant amounts of cash;

iv. If the customer is a legal person or a legal arrangement, the purpose of their establishment and nature of their business;

v. If the customer or customer’s beneficial owner is a PEP;

vi. Whether the customer which is a legal person subject to enforceable disclosure requirements that ensure that reliable information about the customer’s beneficial owner is publicly available, for example public companies listed on stock exchanges that make such disclosure a condition for listing;

vii. Whether the customer is a credit or financial institution acting on its own account from a jurisdiction with an effective AML/CFT regime and is it supervised for compliance with local AML/CFT obligations. (Is there evidence that the customer has been subject to supervisory sanctions or enforcement for failure to comply with AML/CFT obligations or wider conduct requirements in recent years?);

viii. Whether the customer is a public administration or enterprise from a jurisdiction with low levels of corruption;

ix. Whether the customer’s or the beneficial owner’s background is consistent with what the firm knows about their former, current or planned business activity, their business’s turnover, the source of funds and the customer’s or beneficial owner’s source of wealth;

b) the customer’s and the customer’s beneficial owner’s reputation. For example, the Company considers information not limited to the following;

i. Any adverse media reports or other relevant sources of information about the customer, for example if there any allegations of criminality or terrorism against the customer or the beneficial owner, and where this information in reliable;

ii. Whether the customer’s assets have been frozen due to administrative or criminal proceedings or allegations of terrorism or terrorist financing. (Does the firm have reasonable grounds to suspect that the customer or beneficial owner or anyone publicly known to be closely associated with them has, at some point in the past, been subject to such an asset freeze?);

iii. Whether the customer or beneficial owner has been the subject of a suspicious transactions report in the past?

iv. Whether the Company has any in-house information about the customer’s or the beneficial owner’s integrity, obtained, for example, in the course of a long-standing business relationship;

c) the customer’s and the customer’s beneficial owner’s nature and behavior. For example, the Company considers information not limited to the following;

i. Whether the customer has legitimate reasons for being unable to provide robust evidence of their identity;

ii. Whether the Company have any doubts about the veracity or accuracy of the customer’s or beneficial owner’s identity;

iii. Whether there are indications that the customer might seek to avoid the establishment of a business relationship? For example, does the customer look to carry out one transaction or several one-off transactions where the establishment of a business relationship might make more economic sense?

iv. Whether customer’s or beneficial owner’s source of wealth or source of funds can be easily explained (through their occupation, inheritance or investments)

v. Whether customer is a non-profit organization whose activities could be abused for terrorist financing purposes;

vi. Whether customer issued bearer shares, or it has a nominee shareholder;

vii. Whether customer’s ownership and control structure is transparent and it does make sense. If the customer’s ownership and control structure is complex or opaque, is there an obvious commercial or lawful rationale?

2. Countries and geographical areas
When the Company identifies risks associates with countries and geographical areas, the Company will consider the risk related to:
a. the jurisdictions in which the customer and beneficial owner are based.
b. the jurisdictions that are the customer’s and beneficial owner’s main places of business; and
c. the jurisdictions to which the customer and beneficial owner have relevant personal links.

3. Products, Services and Transactions risk factors
When the Company identifies the risk associated with their products, services or transactions, the Company considers risks related to:

a) The level of transparency, or opaqueness, the product, service or transaction affords;

In relation to this risk, the Company will consider factors such as

i. The extent that products or services allow the customer or beneficial owner or beneficiary structures to remain anonymous or facilitate hiding their identity.

(Examples of such products and services include bearer shares, fiduciary deposits, offshore vehicles and certain trusts, and legal entities such as foundations that can be structured in such a way as to take advantage of anonymity and allow dealings with shell companies or companies with nominee shareholders)

ii. The extent that it is possible for a third party that is not part of the business relationship to give instructions, for example in the case of certain correspondent banking relationships;

b) The complexity of the product, service or transaction;

When the Company consider the above risk, associated with a product, service or transaction’s complexity, consider factors, not limited to the following:

i. The extent that a transaction is complex and involves multiple parties or multiple jurisdictions, for example in the case of certain trade finance transactions.

ii. The Company’s understanding of the risks associated with its new or innovative product or service, in particular where this involves the use of new technologies or payment methods.

c) The value or size of the product, service or transaction.

When the Company consider the above risk, associated with a product, service or transaction’s value or size, considers factors, not limited, to the following:

i. The extent that products or services are cash intensive, as there are many payment services but also certain current accounts;

ii. The extent that products or services facilitate or encourage high-value transactions. In particular, of whether there are any caps on transaction values or levels of premium that could limit the use of the product or service for ML/TF purposes

4. Delivery Channels risk factors
When the Company assesses the risks associated with the way in which the customer obtains the products or services, considers, not limited, to the following:

a. Whether the customer is physically present for identification purposes;

b. Whether customer has been introduced by a third party;

c. Whether customer been introduced through a tied agent, that is, without direct firm contact; In such a case the Company should be satisfied that the agent has obtained enough information so that the firm knows its customer and the level of risk associated with the business relationship.

7.2 MANAGEMENT AND MITIGATION OF RISKS
When the Company identifies all possible risk which might face, then it takes the necessary measures and procedures to manage and mitigate such risks. Among these measures and procedures are the following:

a. Identification of the client and verification of the client’s identity on the basis of information obtained from a reliable and independent source;

b. Identification of the beneficial owner and taking risk-based and adequate measures to verify his/her identity on the basis of documents, data or information issued by or received from a reliable and independent source. As regards to legal persons, trusts and similar legal entities, taking risk-based and adequate measures to understand the ownership and control structure of the client;

c. Obtaining information on the purpose and intended nature of the business relationship;

d. Conducting ongoing monitoring of the business relationship including scrutiny of transactions undertaken throughout the course of the relationship to ensure that the transactions being conducted are consistent with the data and information held by the firm in connection with the client.

Client and beneficial owner identification must occur before the establishment of a business relationship, given that the Company prohibits any client’s transaction or trade before the necessary documentation and information is provided. By way of derogation, the client’s and beneficial owner’s identity verification may be completed during the establishment of a business relationship if this is necessary in order not to interrupt the normal conduct of business and where there is limited risk of money laundering or terrorist financing occurring. In such situation, these procedures shall be completed as soon as practicable after the initial contact.

Reviews of existing records must take place on a regular basis, thus ensuring that the documents, data or information held are kept up-to-date. Client due diligence procedures shall be applied not only to all new clients but also at appropriate times to existing clients on a risk sensitive basis.

7.3 CATEGORIZATION OF CLIENT AS A LOW, MEDIUM AND HIGH RISK
Following the client’s risk assessment, the Company categorize clients as a low, medium and high risk.

The categorization is automatically performed through the electronic system employed by the Company.

The Company applies enhanced due diligence measures for all customers that they have been categorized as high risk, according to the provisions below.

The Company has prepared and maintained registers for the categories of customers, which contain, inter alia, the customers’ names, account numbers, and date of commencement of business relationship. The registers are promptly updated with all new or existing customers, in the light of additional information received.

The Company examines on a regular basis the validity and adequacy of customer identifications. In particular:

For high-risk clients annually
For medium risk client every two years For low risk clients every three years

DYNAMIC RISK MANAGEMENT
Risk management is a continuous process, carried out on a dynamic basis. Risk assessment is not an isolated event of a limited duration. Customers’ activities change as well as the services and financial instruments provided by the Company change. The same happens to the financial instruments and the transactions used for money laundering or terrorist financing. The measures, the procedures and controls are kept under regular review so that risks resulting from changes in the characteristics of existing customers, new customers, services and financial instruments are managed and countered effectively.

7.4 RELEVANT INTERNATIONAL ORGANIZATIONS
When the AMLCO of the Company implements appropriate measures and procedures on a risk-based approach, and on implementing the customer identification and due diligence procedures, consults data, information and reports that are published in the following relevant international organizations:

a. FATF – www.fatf-gafi.org;
b. the Council of Europe Select Committee of Experts on the Evaluation of Anti- Money Laundering Measures (MONEYVAL) – www.coe.int/moneyval;
c. The Wolfsberg AML Principles – https://www.wolfsberg-principles.com/
d. Basel Committee: https://www.bis.org/bcbs/
e. The EU Common Foreign & Security Policy (CFSP)- http://ec.europa.eu/external_relations/cfsp/sanctions/lis t/consol-list.htm;
f. the UN Security Council Sanctions Committees – www.un.org/sc/committees;
g. the International Money Laundering Information Network (IMOLIN) – www.imolin.org.

08. Client Identification & Due Diligence Procedures

8.1 OBLIGATION FOR CUSTOMER IDENTIFICATION AND DUE DILIGENCE PROCEDURES
The Company and the employees of the Company exercise all reasonable and/or foreseeable verifications and care when accepting a new client.

The identification procedures and customer due diligence measures are applied by the Company in the following cases:

i. When establishing a business relationship
ii. When there is a suspicion of money laundering or terrorist financing regardless of the amount of the transaction.
iii. When there are doubts about the veracity or adequacy of previous customer identification data.

8.2 CUSTOMER ACCEPTANCE POLICY
The Company has established a Customer Acceptance Policy, which is completely in line with the provisions of the AML Law and AML Directive, to prevent and/or eliminate any exposure to money laundering and terrorist financing.

8.3 FAILURE OR REFUSAL TO SUBMIT INFORMATION FOR THE VERIFICATION OF CUSTOMERS’ IDENTITY
Failure or refusal by a customer to submit, before the establishment of a business relationship or the execution of an occasional transaction, the requisite data and information for the verification of his identity and the creation of his economic profile, without adequate justification, constitutes elements that may lead to the creation of a suspicious that the customer is involved in money laundering or terrorist financing activities. In such an event, the Company does not proceed with the establishment of the business relationship or the execution of the occasional transaction while at the same time the Compliance Officer considers whether it is justified under the circumstances to submit a report to FIU.

In addition, if, during the business relationship, a customer fails or refuses to submit, within a reasonable timeframe, the required verification data and information, the Company terminates the business relationship and closes all the accounts of the customer while at the same time examines whether it is justified under the circumstances to submit a report to FIU.

8.4 CONSTRUCTION OF AN ECONOMIC PROFILE
In order for the Company to accept a client, firstly is satisfied that that is dealing with a real person, therefore obtains evidences of identity to verify that the person is who he claims to be. In particular, for individual clients the Company in order to verify the true identity of the clients, seeks and obtains an identification card/and or passport in accordance with the relevant jurisdiction, and utility bill showing the client’s residential address issued within the last 3 months (for example land-line phone, water, electricity);

In addition, in the cases of a legal person, the Company obtains adequate data and information to verify the identity of the beneficial owners, and to understand the ownership and control structure of the customer.

The information that is collected from clients before the establishment of business relationship, with the aim of constructing the customer’s economic profile, are the following:
a. The purpose and the reason for requesting the establishment of a business relationship;
b. the anticipated account turnover, the nature of the transactions, the expected origin of incoming funds to be credited in the account and the expected destination of outgoing transfers/payments;
c. the customer’s size of wealth and annual income and the clear description of the main business/professional activities/operations.

The data and information that are used for the construction of the customer’s-legal person’s economic profile include, inter alia,
a. the name of the company;
b. the country of its incorporation;
c. the head offices address;
d. the names and the identification information of the beneficial owners, directors and authorised signatories;
e. financial information;
f. ownership structure of the group that the company may be a part of (country of incorporation of the parent company, subsidiary companies and associate companies, main activities and financial information).

The said data and information are recorded in a separate form designed for this purpose which is retained in the customer’s file along with all other documents as well as all internal records of meetings with the respective customer. The said form is updated regularly or whenever new information emerges that needs to be added to the economic profile of the customer or alters existing information that makes up the economic profile of the customer.

Transactions and deposits executed for the customer are compared and evaluated against the information kept for the customer’s economic profile. Significant deviations are investigated, and the findings are recorded in the respective customer’s file. Transactions that are not justified by the available information on the customer, are thoroughly examined so as to determine whether suspicions over money laundering or terrorist financing arise for the purposes of submitting an internal report to the compliance officer.

8.5 SOURCES OF FUNDS
When the clients deposit funds in the amount of USD 5,000 and above the Company takes the necessary actions to ascertain the sources of funds from the clients.

8.6 CLIENT ACCOUNT OPENING PROCEDURES
Upon the initial client meeting the necessary due diligence procedures, as described above, are applied to ensure all Know Your Client (KYC) policies are adhered to, all documents necessary for proceeding with KYC procedure are provided and the Company may accept the client and proceed to the account opening.

Subsequently the client completes the account opening forms indicating all required information.

The responsible administrator collects all initial information of the client and forwards it directly to Senior Management and to the Anti-Money Laundering Compliance Officer for examination, review and approval. Following the approval, the
administrator records all necessary information into the Company’s software systems and communicates it to the related departments.

When the account is opened, it should be closely monitored. At least twice a year, a review should be carried out and a note prepared summarizing the results of the review, which must be kept in customer’s file. At frequent intervals, the Company should compare the estimated against the actual turnover of the account. Any serious deviation should be investigated, not only for possible action by the Company in relation to the particular account concerned, but also to gauge the reliability of the lawyer or the accountant/auditor who has introduced the customer.

8.7 SIMPLIFIED CLIENT DUE DILIGENCE
The Company may apply simplified measures in situations where the ML/TF risk associated with a business relationship has been assessed as low.

8.8 ENHANCED CLIENT DUE DILIGENCE
The Company applies enhanced customer identification and due diligence measures in respect of high-risk clients and in all other situations which by nature can present high risk of money laundering or terrorist financing.

8.8.1 EXAMPLES OF CLIENTS CATEGORIZED AS HIGH RISK
i. Non – face to face customers
ii. Accounts in the names of companies whose shares are in bearer form
iii. Trusts Accounts
iv. ‘Client accounts’ in the name of a third person
v. ‘Politically exposed persons’ accounts
vi. Electronic gambling /gaming through the internet
vii. Customers from countries which inadequately apply FATF’s recommendations
viii. Cross-frontier correspondent banking relationships with credit institutions – Clients from third countries
ix. Any other Clients that their nature entail a higher risk of money laundering and terrorist financing
x. Any other Client determined by the Company itself to be classified as such.

8.8.2 NON-FACE TO FACE CLIENTS
In situations where a customer, especially a non-resident of the Republic, requests the establishment of a business relationship or an occasional transaction by mail, telephone or through the internet without presenting himself for a personal interview, the Company follows the established customer identification and due diligence procedures, as applied for customers with whom it comes in direct and personal contact and obtain the same exact identification information and documents as required by the AML Law and this AML Directive, depending on the type of the customer.

The said identification information and documents kept by the Financial Organization in its records shall take the following form:

1. Original, or
2. True copy of the original, where the certification is made by the Financial Organization in cases where it establishes the customer’s identity itself, once the original is presented thereto, or
3. True copy of the original, where the certification is made by third parties, in cases where they establish the customer’s identity, pursuant to Article 67 of the AML Law and the provisions of paragraph 25 of this AML Directive, or
4. True copy of the original, where the certification is made by a competent authority or person that, pursuant to the relevant provisions of the laws of their country, is responsible to certify the authenticity of documents or information.
5. Copy of the original, provided that at least one of the below procedures is followed:
a) The first payment of the operations is carried out through an account opened in the customer’s name with a credit institution operating and licensed in a third country, which, according to the Advisory Authority’s decision, imposes requirements on combating money laundering equivalent to those of the EU Directive.

b) Α direct confirmation of the establishment of a business relationship is obtained through direct personal contact, as well as, the true name, address and passport/identity card number of the customer, from a credit institution or a financial institution with which the customer cooperates, operating in a Member State or in a Third Country, which, according to the Advisory Authority’s decision, imposes requirements on combating money laundering equivalent to those of the EU Directive (or a true copy of the confirmation).

c) Telephone contact with the customer at his home or office, on a telephone number which has been verified from independent and reliable sources. During the telephone contact, the Company shall confirm additional aspects of the identity information submitted by the customer during the procedure of opening his account.

d) Communication via video call with the customer, provided the video recording and screen shot safeguards apply to the communication. It is provided that a customer, whose identity was verified hereunder cannot deposit an amount over €2.000 per annum, irrespective of the number of accounts that he keeps with the Company, unless an additional measure of paragraph (b) of the present or of article 64(1)(a)(ii) of the Law is taken in order to verify his identity. During the internet communication, the Company shall confirm additional aspects of the identity details submitted by the customer when opening his account.

e) Communication with the customer through at an address that the Financial Organization has previously verified from independent and reliable sources, in the form of a registered letter (For example, such communication may take the form of a direct mailing of account opening documentation to him, which the customer shall return to the Company or the Company may send security codes required by the customer to access the accounts opened through the internet).

f) Performing an electronic verification

Electronic identity verification is carried out either directly by the Company or through a third party. Both the Company and the said third parties cumulatively satisfy the following conditions:

1. the electronic databases kept by the third party or to which the third party or the Company has access are registered to and/or approved by the Data Protection Commissioner in order to safeguard personal data (or the corresponding competent authority in the country the said databases are kept)

2. electronic databases provide access to information referred to both present and past situations showing that the person really exists and providing both positive information (at least the customer’s full name, address and date of birth) and negative information (e.g. committing of offences such as identity theft, inclusion in deceased persons records, inclusion in sanctions and restrictive measures’ list by the Council of the European Union and the UN Security Council)

3. electronic databases include a wide range of sources with information from different time periods with real-time update and trigger alerts when important data alter

4. transparent procedures have been established allowing the Company to know which information was searched, the result of such search and its significance in relation to the level of assurance as to the customer’s identity verification

5. procedures have been established allowing the Company to record and save the information used and the result in relation to identity verification.

8.8.3 POLITICALLY EXPOSED PERSONS
In those case where the Company will identify that a customer or beneficial owner is a PEP will take the following actions:

1. Take adequate measures to establish the source of wealth and the source of funds to be used in the business relationship in order to be satisfied that it does not handle the proceeds from corruption or other criminal activity, taking into account the degree of high risk associated with the business relationship. The source of wealth and the source of funds will be verified on the basis of reliable and independent data, documents or information where the risk associated with the PEP relationship is particularly high;
2. Obtain senior management approval for entering into, or continuing, a business relationship with a PEP. The appropriate level of seniority for sign- off should be determined by the level of increased risk associated with the business relationship, and the senior manager approving a PEP business relationship should have sufficient seniority and oversight to take informed decisions on issues that directly impact the firm’s risk profile;

3. When considering whether to approve a PEP relationship, senior management should base their decision on the level of ML/TF risk that the Company would be exposed to if it entered into that business relationship and how well equipped the firm is to manage that risk effectively;

4. Apply enhanced ongoing monitoring of both transactions and the risk associated with the business relationship. The Company should identify unusual transactions and regularly review the information they hold to ensure that any new or emerging information that could affect the risk assessment is identified in a timely fashion. The frequency of ongoing monitoring should be determined by the level of high risk associated with the relationship.

The Company will apply all of the abovementioned measures to PEPs, their family members and known close associates and should adjust the extent of these measures on a risk-sensitive basis.

8.9 ANONYMOUS OR NUMBERED ACCOUNTS
The Company is prohibited from keeping anonymous or numbered accounts. Additionally, the Company shall pay special attention to any money laundering or terrorist financing threat that may arise from products or transactions that might favor anonymity and take measures to prevent their use for money laundering or terrorist financing purposes.

8.10 RELIANCE ON THIRD PARTIES FOR CUSTOMER IDENTIFICATION AND DUE DILIGENCE PURPOSES
The Company is permitted to rely on third parties to meet the requirements for client due diligence and customer identification procedures, provided that the third person makes immediately available all data and information, which must be certified true copies of the originals, that were collected in the course of applying customer identification and due diligence procedures. However, the ultimate responsibility for meeting those requirements shall remain with the Company which relies on the third party.

In such a case the Company will obtain data and information so as to verify that the third person is subject to professional registration in accordance with the competent law of its country of incorporation and/or operation as well as supervision for the purposes of compliance with the measures for the prevention of money laundering and terrorist financing.

8.11 SPECIFIC CUSTOMER IDENTIFICATION ISSUES

8.11.1 KYC DOCUMENTATION FOR NATURAL PERSONS OR JOINT ACCOUNT BETWEEN NATURAL PERSONS
Prior to accepting new clients and allowing them to trade with the Company, the following documents shall be obtained for the verification of clients’ identity:

Requirements
a. Certified copy of Passport or other form of identity with photograph included;
b. A recent certified proof of home address in the person’s name.
c. All documents/certificates must not be more than 6 months old
d. Bank account details for settlement purposes;
e. Colored copy of Credit Card (if required)
f. Filled out Front Office Questionnaire;
g. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

In case of joint accounts of two or more persons, the identity of all individuals that hold or have the right to manage the account are verified in accordance to the aforementioned requirements. All requested information must be provided to the Company prior the creation of the joint account. Joint Account Application Declaration form must be duly signed by the clients and match the details provided in Personal Details documentation. In the Declaration Form the clients must agree to be jointly and severally responsible for the Account and must acknowledge that they have read and understood the Company’s terms and conditions.

It is noted that in the case of joint accounts, the holder of the trading account and the holder of the bank account are married, the Company needs to collect the marriage certificate and POI of the 3rd party; in this case we do not need a Joint account. If the WT deposit is coming from a mutual bank account, SWIFT confirmation of the deposit shall be collected; in this case we do not need a Joint account.

The marriage certificate shall be issued by a government official is an official statement that two people are married.

Joint Accounts risk weight will be assessed by the Company and further information and documentation may be requested where the Company deems appropriate.

For a joint account of 3 or more people without relation, approval from the Risk Management is required as well as the AMLCO. In addition, the accounts must be under the same domain. The clients must choose the main account form which they will trade.

All requested information must be provided to the Company prior the creation of the joint account. Joint Account Application Form must be duly signed by the clients and match the details provided in Personal Details documentation. In the Joint Account Application Form the clients must agree to be jointly and severally responsible for the Account and must acknowledge that they have read and understood the Company’s terms and conditions.

8.11.2 KYC DOCUMENTATION FOR LEGAL PERSONS (PRIVATE COMPANIES, PARTNERSHIPS, JOINT VENTURES)
A different identification procedure is followed for corporate clients interested in opening an account with the Company. The documentation for identification and documentation purposed that needs to be obtained by the corporate clients is presented below:

Requirements:
a. Certificate of incorporation and Certificate of Good Standing of the legal person;
b. Certificate of Registered Office
c. Certificate of Directors and Secretary
d. Certificate of Registered Shareholders in the case of private companies and public companies that are not listed in a regulated market of a European Economic Area country or a third country with equivalent disclosure and transparency requirements
e. Memorandum and articles of association of the legal person
f. A resolution of the board of directors of the legal person for the opening of the account and granting authority to those who will operate it
g. In the cases where the registered shareholders act as nominees of the beneficial owners, a copy of the trust deed/agreement concluded between the nominee shareholder and the beneficial owner, by virtue of which the registration of the shares on the nominee shareholder’s name on behalf of the beneficial owner has been agreed
h. Documents and data for the verification of the identity of the persons, in accordance with points 10 and 11 hereto, that are authorised by the legal person to operate the account, as well as the registered shareholders
i. Copies of its latest audited financial statements (if available), and/or copies of its latest management accounts.
j. Personal information on one Director (different verification documentation required for identity and proof of address):
• Copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name.
All documents/certificates must be not more than 6 months old
k. Personal information on Ultimate Beneficial Owners with 10% beneficial ownership or more (different verification documentation required for identity and proof of address):
l. Certified copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name.
All documents/certificates must be not more than 6 months old
m. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

8.11.3 KYC DOCUMENTATION FOR PRIVATE COMPANIES
The due diligence documentation that is required for private companies is indicated below:

Applicable to:
• Unregulated private companies irrespective of jurisdiction;
• Public companies not listed on stock exchanges;
• Unregulated limited liability partnerships

Non-applicable to:
• Private companies with bearer shares in issue

Requirements:
1. Copy of Certificate of Incorporation, or Certificate of Registration of the Partnership and any Change of Name Certificates;
2. Copy of Certificate of Registered Office
3. Copy of Certificate of Shareholders / Limited Partners;
• In case the Shareholders/ Limited Partners are other legal entities the following additional documentation is required:
– A legal structure chart showing all intermediate entities up to the Ultimate Beneficial Owners;
– Full legalization documents of the ultimate legal entity which exercises actual control or, in the case of many ultimate legal entity shareholders, of those legal entities that exercise such control. The legalization documents of intermediary holding companies are not required. The term “legalisation documents” includes (i) Certificate of Incorporation, (ii) Certificate of Registered Office, (iii) Register of Shareholders, (iv) Register of Directors,
(v) Memorandum & Articles, whereas the term “control” applies to direct and indirect ownership of over 50%;
– Additional to requirement #8 below, a resolution from the above ultimate legal entity exercising control.
• In cases the Shareholders/ Limited Partners are Nominees, additionally the below are required either the Nominee agreement OR a resolution from such Nominee shareholder(s).
4. Copy of Certificate of Directors/ General Partners;
5. Personal information on one Director/ General Partner (different verification documentation required for identity and proof of address):
• Copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name.
All documents/certificates must be not more than 6 months old
6. Copy of the Memorandum & Articles of Association or Limited Partnership Agreement
7. Latest Audited Financial Statements (prepared and signed by Auditors)
8. Resolution signed by a Director (whose personal details are disclosed to us) naming the Ultimate Beneficial Owners with 10% or more and % of their beneficial ownership in the Company
9. WorldCheck Search
10. Personal information on Ultimate Beneficial Owners with 10% beneficial ownership or more (different verification documentation required for identity and proof of address):
• Certified copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name. All documents/certificates must be not more than 6 months’ old
11. Copy of the list of authorised Signatories with signature specimens (Authorised by a Director/ General Partner whose name and position can be seen in the documents provided to us). Authorised signatories for trading and back office purposes should also be included.
12. If applicable, a Certified copy of a Power of Attorney for the person(s) who will be opening the account (in case this person isn’t a Director).
13. Personal information of Attorney/s (different verification documentation required for identity and proof of address):
• Copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name. All documents/certificates must be not more than 6 months old
14. Bank account details of the account through which cash settlement of trades will be taking place.
15. Front Office Questionnaire
16. Letter confirming that they are trading as Principals.
17. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

8.11.4 KYC DOCUMENTATION FOR PRIVATE COMPANIES WITH BEARER SHARES, OR PRIVATE COMPANIES WITH THE CAPACITY TO ISSUE BEARER SHARES AS PER THE M&AS.
The due diligence documentation that is required for private companies with bearer shares is indicated below:

Requirements:
1. Notarized copy of Certificate of Incorporation and any Change of Name Certificates;
2. Notarized copy of Certificate of Registered Office;
3. Notarized copy of Certificate of Shareholders;
• In case the Shareholders are other legal entities the following additional documentation is required:
– A legal structure chart showing all intermediate entities up to the Ultimate Beneficial Owners;
– Full legalization documents of the ultimate legal entity which exercises actual control or, in the case of many ultimate legal entity shareholders, of those legal entities that exercise such control. The legalization documents of intermediary holding companies are not required. The term “legalisation documents” includes (i) Certificate of Incorporation, (ii) Certificate of Registered Office, (iii) Register of Shareholders, (iv) Register of Directors,
(v) Memorandum & Articles, whereas the term “control” applies to direct and indirect ownership of over 50%;
– Additional to requirement, a resolution from the above ultimate legal entity exercising control.
• In cases the Shareholders are Nominees, additionally the below are required either the Nominee agreement OR a resolution from such Nominee shareholder(s).
4. Notarized copy of Certificate of Directors;
5. Personal information on one Director:
• Copy of his/her Passport (with photograph and signature specimen included);
• 1 recent copy of confirmation of address in the person’s name. All documents/certificates must be not more than 6 months old
6. Notarized copy of the Memorandum & Articles of Association;
7. A written confirmation by the company’s directors once every year that the shareholding structure has not been altered by the issue of new bearer shares or the cancellation of existing ones;
8. Bearer shares declarations depending on whether the Client/ CP has bearer shares already in issue or has registered shares in issue but has capacity as per its M&As to issue bearer shares;
9. Latest Audited Financial Statements (prepared and signed by Auditors);
10. Resolution signed by all Director (whose personal details are disclosed to us) naming the Ultimate Beneficial Owners with 10% or more and % of their beneficial ownership in the Company;
11. Personal information on Ultimate Beneficial Owners with 10% beneficial ownership or more:
• Certified copy of his/her Passport (with photograph and signature specimen included);
• 1 recent copy of confirmation of address in the person’s name; All documents/certificates must be not more than 6 months old
12. Notarized copy of the list of authorised Signatories with signature specimens (Authorised by a Director/ General Partner whose name and position can be seen in the documents provided to us). Authorised signatories for trading and back-office purposes should also be included;
13. If applicable, a Certified copy of a Power of Attorney for the person(s) who will be opening the account (in case this person isn’t a Director);
14. Personal information of Attorney/s:
• Copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name. All documents/certificates must be not more than 6 months old
15. Bank account details of the account through which cash settlement of trades will be taking place;
16. Front Office Questionnaire;
17. In cases of a Client / CP acting on behalf of underlying clients the Best Practice Questionnaire is required;
18. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

8.11.5 KYC documentation for funds from non-approved countries
The due diligence documentation that is required for funds from non-approved countries is indicated below:

Applicable:
• Open or closed-end Investment Funds; Occupational Pension Schemes; Exchange Traded Funds (ETFs); Mutual Funds; Unit Trusts; Hedge Funds; Investment Trusts; SICAVs; SICAFs from non-EU or non-Approved countries (the “Funds”);
• Subsidiaries / trading vehicles of the above

A. If the administrator and manager of the Fund are not regulated or situated in an approved country:

Requirements:
1. Proof of regulated status from the non-approved country regulator
2. Latest available version of Prospectus/ Offering Memorandum/ Placement Memorandum as applicable;
3. Certified copy of Certificate of Incorporation, or Certificate of Registration of the Partnership and any Change of Name Certificates;
4. Certified copy of Certificate of Registered Office (not applicable if this is provided through a recent Prospectus or M&As)
5. Certified copy of Certificate of Directors / General Partners
6. Personal information on one Director / General Partner (different verification documentation required for identity and proof of address):
• Certified copy of his/her Passport (with photograph and signature specimen included).
• 1 recent confirmation of address in the person’s name certified as true copy. All documents/certificates must be not more than 6 months old.
7. Certified Copy of the Memorandum & Articles of Association or Partnership Agreement as applicable
8. Latest Audited Financial Statements (prepared and signed by Auditors)
9. Letter provided by the Administrator of the Fund stating that he undertakes all necessary AML/KYC procedures in relation to the Funds clients.
10. Certified List of Signatories with signature specimens (Authorized by a Director/ General Partner whose name and position can be seen in the documents provided to us). Authorized signatories for trading and back-office purposes should also be included.
11. If applicable, a Certified copy of a Power of Attorney for the person(s) who will be opening the account (in case this person isn’t a Director).
12. If applicable, personal information of Attorney/s (different verification documentation required for identity and proof of address):
• Copy of his/her Passport (with photograph and signature specimen included)
• 1 recent copy of confirmation of address in the person’s name All documents/certificates must be not more than 6 months old
13. Bank account details of the account through which cash settlement of trades will be taking place
14. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

B. If the manager and administrator of the fund are regulated and situated within an EU or Approved country

Requirements:
1. Proof of regulated/ registered status;
2. List of authorized Signatories (duly authorized);
3. Latest available version of Prospectus/ Offering Memorandum/ Placement Memorandum as applicable;
4. Latest Audited Financial Statements (approved and signed by Auditors);
5. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions
6. Name of Administrator and Manager of the Fund

8.11.6 KYC DOCUMENTATION FOR REGULATED FUNDS FROM EU OR APPROVED COUNTRIES
The due diligence documentation that is required for regulated funds from EU or approved countries is indicated below:

Applicable to:
• Open or closed-end Investment Funds; Occupational Pension Schemes; Exchange Traded Funds (ETFs); Mutual Funds; Unit Trusts; Hedge Funds; Investment Trusts; SICAVs; SICAFs registered/ regulated in EU or Approved countries (the “funds”);
• Subsidiaries / trading vehicles of the above

Requirements:
1. Proof of regulated/ registered status;
2. List of authorised Signatories (duly authorised);
3. Latest available version of Prospectus/ Offering Memorandum/ Placement Memorandum as applicable;
4. Latest Audited Financial Statements (approved and signed by Auditors);
5. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions
6. Name of Administrator and Manager of the Fund

8.11.7 KYC DOCUMENTATION FOR REGULATED FINANCIAL INSTITUTIONS FROM EU OR APPROVED COUNTRIES
The due diligence documentation that is required for regulated financial institutions from EU or approved countries is indicated below:

Applicable to:
• Banks, Credit, Investment, Insurance, Custody or Fund Management Institutions as well as Broker-Dealers from EU or Approved countries;
• Subsidiaries or branches of the above entities

Requirements:
1. Proof of regulated status;
2. List of authorised Signatories (duly authorised);
3. Latest Audited Financial Statements (approved and signed by Auditors);
4. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

8.11.8 KYC DOCUMENTATION FOR REGULATED FINANCIAL INSTITUTIONS FROM NON- APPROVED COUNTRIES
The due diligence documentation that is required for regulated financial institutions from non-approved countries is indicated below:

Applicable to:
• Banks, Credit, Investment, Insurance, Custody or Fund Management Institutions as well as Broker-Dealers from non-EU or non-Approved countries;
• Subsidiaries or branches of the above entities

Non-applicable to:
• Credit, Investment, Insurance, Custody or Fund Management Institutions where a customized list applies

Requirements:
1. Certified copy of Certificate of Incorporation, or Certificate of Registration of the Partnership and any Change of Name Certificates
2. Certified copy of Certificate of Registered Office
3. Certified copy of Certificate of Shareholders/ Limited Partners
• In case the Shareholders/ Limited Partners are other legal entities the following additional documentation is required:
– A legal structure chart showing all intermediate entities up to the Ultimate Beneficial Owners;
– Full legalization documents of the ultimate legal entity which exercises actual control or, in the case of many ultimate legal entity shareholders, of those legal entities that exercise such control. The legalization documents of intermediary holding companies are not required. The term “legalisation documents” includes (i) Certificate of Incorporation, (ii) Certificate of Registered Office, (iii) Register of Shareholders, (iv) Register of Directors,
(v) Memorandum & Articles, whereas the term “control” applies to direct and indirect ownership of over 50%;
– Additional to requirement #8 below, a UBO resolution from the above ultimate legal entity exercising control.
• In cases the Shareholders/ Limited Partners are Nominees, additionally the below are required either the Nominee agreement OR a UBO resolution from such Nominee shareholder(s).
4. Certified copy of Certificate of Directors/ General Partners
5. Personal information on one Director/ General Partner:
• Certified copy of his/her Passport (with photograph and signature specimen included).
• 1 recent confirmation of address in the person’s name certified as true copy. All documents/certificates must be not more than 6 months old
6. Certified Copy of the Memorandum & Articles of Association or Limited Partnership Agreement
7. Latest Audited Financial Statements (prepared and signed by Auditors)
8. Resolution signed by a Director (whose personal details are disclosed to us) naming the Ultimate Beneficial Owners with 10% or more and % of their beneficial ownership in the Company
9. Personal information on Ultimate Beneficial Owners with 10% beneficial ownership or more:
• Certified copy of his/her Passport (with photograph and signature specimen included).
• 1 recent confirmation of address in the person’s name (preferably a utility bill) certified as true copy. All documents/certificates must not be more than 3 months old
10. Certified List of Signatories with signature specimens (Authorised by a Director/ General Partner whose name and position can be seen in the documents provided to us). Authorised signatories for trading and back-office purposes should also be included.
11. If applicable, a Certified copy of a Power of Attorney for the person(s) who will be opening the account (in case this person isn’t a Director).
12. Personal information of Attorney/s:
• Copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name. All documents/certificates must be not more than 6 months’ old
13. Bank account details of the account through which cash settlement of trades will be taking place.
14. Front Office Questionnaire
15. In cases of clients/ CPs acting on behalf of underlying clients the Best Practice Questionnaire is required.
16. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

8.11.9 KYC DOCUMENTATION FOR PUBLIC COMPANIES LISTED ON EU OR APPROVED COUNTRIES’ REGULATED STOCK MARKETS
The due diligence documentation that is required for Public Companies listed on EU or approved countries is indicated below:

Applicable to:
• Public companies having their securities listed on Regulated Stock Markets in EU or Approved countries;
• Subsidiaries of the above

Requirements:
1. Proof of listed status;
2. List of authorised Signatories (duly authorised);
3. Latest Audited Financial Statements (approved and signed by Auditors);
4. In cases of clients/ CPs acting on behalf of underlying clients the Best Practice Questionnaire is required.
5. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

8.11.10 KYC DOCUMENTATION FOR TRUSTS
The Company does not accept as client Trusts.
The due diligence documentation that is required for trusts is indicated below:

Applicable to:
• Bare Trusts, Discretionary Trusts, Private Trusts, Public (Charitable) Trusts, Purpose Trusts

Non-applicable to:
• Unit Trusts (i.e. Investment Trusts / Mutual funds) which are regulated (see Funds)
• Occupational Pension Schemes established as trusts which are regulated (see Funds)

Requirements:
1. Notarized copy of the Trust Deed in order to identify the Trust structure;
2. KYC of the Beneficiaries
3. KYC of the Trustees
4. KYC of the Settlors
5. Notarized copy of the list of authorized Signatories with signature specimens (Authorized by a Trustee/ Director of the Trustee whose name and position can be seen in the documents provided to us). Authorized signatories for trading and back-office purposes should also be included.
6. If applicable, a Certified copy of a Power of Attorney for the person(s) who will be opening the account (in case this person isn’t a Director).
7. Personal information of Attorney/s:
• Copy of his/her Passport (with photograph and signature specimen included).
• 1 recent copy of confirmation of address in the person’s name. All documents/certificates must be not more than 6 months old
8. Bank account details of the account through which cash settlement of trades will be taking place.
9. Front Office Questionnaire
10. In cases of a Client/ CP acting on behalf of underlying clients the Best Practice Questionnaire is required.
11. Letter and Terms of Business or other signed agreement, namely: The Terms and Conditions

NOTES:
i. Fund Manager: KYC on a Fund is not complete without client identification (KYC) of the Fund Manager. The justification for this is that although Company’s client/ CP is the Fund the control rests with the Fund Manager therefore client identification will be incomplete without the identification of the Fund Manager

ii. Subsidiaries/ Trading vehicles: In case our client/ CP is a subsidiary/ trading vehicle of a Fund then a proof of such a relationship is required by means of a Shareholders’ Register or Audited Financial Statements or Prospectus.

iii. Audited Financial Statements: In situations where our client/ CP may not provide their own distinct set of Audited Financial Statements, and providing that our client/ CP is a subsidiary of a parent company, the Consolidated Financial Statements of the parent company can be provided instead.

iv. Corporate Directors: In cases of Corporate Directors or General Partners (i.e. where the Director/ GP is another legal entity), Proof of Directors of the Corporate Director and copy of the Identity Documents of at least one of the natural Persons who are Directors of the Corporate Director need to be provided instead.
v. Umbrella funds / sub-funds / segregated portfolio companies: Where a fund operates a number of sub-funds or segregated portfolios (either through share classes, separately incorporated entities or fund allocations) these can be represented as direct sub-accounts of the parent fund and no additional KYC checks are required for the sub-funds or segregated portfolios (except for authorized signatories if different).

vi. Occupational Pension Funds: In cases of Occupational Pension Funds we perform KYC on both the employer and the Pension Fund. In such cases the client identification requirements and risk profile of the Pension Fund is the same as the one applicable to the employer.

vii. Funds at the Pre-investor or Start-up phase: We do not initiate a relationship with a fund which is in the pre-investor or start-up phase. In such cases, interim client identification procedures can commence at the pre-investor or start-up phase, however KYC ‘Approved’ status will only be granted once the final executed copy of the Prospectus/ Offering Memorandum/ Placement Memorandum is submitted.

viii. Certified (True) Copy means that the person certifying the copy of the document has had sight of the original document at certification and is in a position to certify that the copy is a True and Complete copy of the original document. The Company recognizes such certifications when made by independent reputable sources. Such sources indicatively include the Client’s Bank operating in the EU or an Approved Country, the Client’s Legal Counsel, a Solicitor / Lawyer or Public Accountant regulated by a professional body (membership number required), Notary Public, the Police or similar authority. The Company requires that the certification process includes the Authenticator stating his name, capacity / Position, signature, date and Official Seal on the documents being certified.

ix. Proof of address: Proof of address can be demonstrated through any of the following documents: Utility Bill, Bank Statement, Credit Card Statement, Voting Card, Telephone Directory, Tenancy Agreement or other similar 3rd party documentation.

x. Notarized copies: Documents should be Notarized in accordance with the provisions of the Hague Convention.

xi. Company board resolution signatories: The resolution needs to be signed by either:
• A Director of the Company provided he is not also a UBO or
• An independent solicitor, auditor, Regulated Financial Institution from the EU or an Approved country

xii. Certification standards: Copies of documents should be certified as true copies if the Client/ CP is from the EU or an Approved country and Notarized if the Client/ CP is from any other jurisdiction.

xiii. EU or Approved Countries are the countries considered as having equivalent AML/CFT systems to the EU. These countries include Argentina, Australia, Brazil, Canada, Hong Kong, Japan, Mexico, New Zealand, Russian Federation, Singapore, Switzerland, South Africa and the United States.
xiv. Non EU/Approved Countries include all other countries that do not belong in the list mentioned above.

09. Ongoing monitoring of Accounts & Transactions

The Company has a full understanding of normal and reasonable account activity of its customers as well as of their economic profile and have the means of identifying transactions which fall outside the regular pattern of an account’s activity or to identify complex or unusual transactions or transactions without obvious economic purpose or clear legitimate reason.

The Company has established an adequate automated electronic management system (CRM) for monitoring accounts and examining transactions based on the level of risk. The respective system achieves the following:
a. identifying all high-risk customers – Therefore, the Company is able to produce detailed lists of high-risk customers so as to facilitate enhanced monitoring of accounts and transaction;
b. detecting of unusual or suspicious transactions that are inconsistent with the economic profile of the customer for the purposes of further investigation;
c. ascertaining the source and origin of the funds credited to accounts;
d. extract data and information that is missing regarding the customer identification and the construction of a customer’s economic profile;
e. add up the movement of all related accounts on a consolidated basis and detect unusual or suspicious activities and types of transactions.

The monitoring of accounts and transactions 18. are carried out in relation to specific types of transactions and economic profile, as well as by comparing periodically the actual movement of the account with the expected turnover as declared at the establishment of the business relationship. Furthermore, the monitoring covers customers who do not have a contact with the Financial Organization as well as dormant accounts exhibiting unexpected movements.

10. Recognition & Reporting Suspicious Transactions

10.1. REPORTING OF SUSPICIOUS TRANSACTIONS TO FIU
The employees of the Company recognize their obligation, in cases where there is an attempt of executing transactions which knows or suspects that are related to money
laundering or terrorist financing, to report, through the Compliance Officer their suspicion to FIU in accordance with paragraph 9 (1) (g) of the Directive.

The employees’ reports are evaluated by the Compliance Officer and if it is considered necessary the Compliance Officer notify the Financial Intelligence Unit (FIU). After the submission of a suspicious report the customers’ accounts concerned as well as any other connected accounts are placed under the close monitoring of the Compliance Officer. After submitting the suspicious report, the Financial Organization adheres to any instructions given by FIU and, in particular, as to whether or not to continue or suspend a particular transaction or to maintain the particular account active. According to section 26(2)(c) of the Law, FIU may instruct the Financial Organization to refrain from executing or delay the execution of a customer’s transaction without such action constituting a violation of any contractual or other obligation of the Financial Organization and its employees. Furthermore, after the submission of a suspicious report the customers’ accounts concerned as well as any other connected accounts are placed under the close monitoring of the compliance officer.

Transactions executed for the customer are compared and evaluated against the anticipated account’s turnover, the usual turnover of the activities/operations of the customer and the data and information kept for the customer’s economic profile. Significant deviations are investigated, and the findings are recorded in the respective customer’s file. Transactions that are not justified by the available information on the customer, are thoroughly examined so as to determine whether suspicions over money laundering or terrorist financing arise for the purposes of submitting an internal report to the compliance officer and then by the latter to FIU.

All necessary measures and actions must be taken based on the investigation findings, including any internal reporting of suspicious transactions/activities to the compliance officer.

10.2. SUSPICIOUS TRANSACTIONS
The definition of a suspicious transaction as well as the types of suspicious transactions which may be used for money laundering and terrorist financing are almost unlimited.

A suspicious transaction will often be one which inconsistent with a customer’s known, legitimate business or personal activities or with the normal business of the specific account, or in general with the economic profile that the Company has created for the customer.

The Company maintains adequate information and knows enough about its customers’ activities in order to recognize on time that a transaction or a serious of transactions is unusual, suspicious or inconsistent with the economic profile of the customer. If a suspicious activity is detected, the employees of the Company immediately contacts’ the Compliance Officer and additional due diligence will be performed before accepting client’s requests or before providing any services.

The AML Directive gives some examples of suspicious transactions/ activities. However, these are not limited. Examples of suspicious transactions/activities are:

1. Transactions with no discernible purpose or are unnecessarily complex.
2. Use of foreign accounts of companies or group of companies with complicated ownership structure which is not justified based on the needs and economic profile of the customer.
3. The transactions or the size of the transactions requested by the customer do not comply with his usual practice and business activity.
4. Large volume of transactions and/or money deposited or credited into, an account when the nature of the customer’s business activities would not appear to justify such activity.
5. The business relationship involves only one transaction, or it has a short duration.
6. There is no visible justification for a customer using the services of a particular Administrative Services Firm. For example, the customer is situated
far away from the particular Administrative Services Firm and in a place where he could be provided services by another Administrative Services Firm.
7. Any transaction the nature, size or frequency appear to be unusual, e.g. cancellation of an order, particularly after the deposit of the consideration
8. Transactions which are not in line with the conditions prevailing in the market, in relation, particularly, with the size of the order and the frequency.
9. The settlement of any transaction but mainly large transactions, in cash.
10. Settlement of the transaction by a third person that does not seem to be related with the instructor.
11. Instructions of payment to a third person that does not seem to be related with the instructor.
12. Transfer of funds to and from countries or geographical areas which do not apply, or they apply inadequately FATF’s recommendations on money laundering and terrorist financing.
13. A customer is reluctant to provide complete information when establishes a business relationship about the nature and purpose of its business activities, anticipated account activity, prior relationships with Administrative Services Firms, names of its officers and directors, or information on its business location. The customer usually provides minimum or misleading information that is difficult or expensive for the Company to verify.
14. A customer provides unusual or suspicious identification documents that cannot be readily verified.
15. A customer’s home/business telephone is disconnected.
16. A customer that makes frequent or large transactions and has no record of past or present employment experience.
17. Difficulties or delays on the submission of the financial statements or other identification documents, of a customer/legal person.
18. A customer who has been introduced by a foreign Administrative Services Firm, or by a third person whose countries or geographical areas of origin do not apply, or they apply inadequately FATF’s recommendations on money laundering and terrorist financing.
19. Shared address for individuals involved in cash transactions, particularly when the address is also a business location and/or does not seem to correspond to the stated occupation (e.g., student, unemployed, self-employed, etc.).
20. The stated occupation of the customer is not commensurate with the level or size of the executed transactions.
21. Financial transactions from non-profit or charitable organizations for which there appears to be no logical economic purpose, or in which there appears to be no link between the stated activity of the organization and the other parties in the transaction.
22. Unexplained inconsistencies arising during the process of identifying and verifying the customer (e.g., previous or current country of residence, country of issue of the passport, countries visited according to the passport, documents furnished to confirm name, address and date of birth etc.)
23. Complex trust or nominee network.
24. Transactions or company structures established or working with an unneeded commercial way. e.g., companies with bearer shares.
25. Use of general nominee documents in a way that restricts the control exercised by the company’s board of directors.
26. Changes in the lifestyle of employees of the Company, e.g., luxurious way of life or avoiding being out of office due to holidays.
27. Changes the performance and the behavior of the employees of the Company.

10.3. EXAMPLES OF TERRORIST FINANCING
A) Sources and methods
The funding of terrorist organizations is made from both legal and illegal revenue generating activities. Criminal activities generating such proceeds include kidnappings (requiring ransom), extortion (demanding “protections” money), smuggling, thefts, robbery and narcotics trafficking.

Legal fund-raising methods used by terrorist groups include:
i. Collection of membership dues and/or subscriptions,
ii. Sale of books and other publications,
iii. Cultural and social events,
iv. Donations,
v. Community solicitations and fund-raising appeals.

B) Non-profit organizations
Non – profit and charitable organisations are also used by terrorist groups as a means of raising funds and/or serving as cover for transferring funds in support of terrorist acts. The potential misuse of non – profit and charitable organisation can be made in the following ways:
i. Establishing a non- profit organization with a specific charitable purpose but which actually exists only to channel funds to a terrorist organization.
ii. A non – profit organization with a legitimate humanitarian or charitable purpose is infiltrated by terrorists who divert funds collected for an ostensibly legitimate charitable purpose for the support of a terrorist group.
iii. The non – profit organization serves as an intermediary or cover for the movement of funds on an international basis.
iv. The non – profit organization provides administrative support to the terrorist movement.

Unusual characteristics of non – profit organizations indicating that they may be used for an unlawful purpose are the following:
i. Inconsistencies between the apparent sources and amount of funds raised or moved
ii. A mismatch between the type and size of financial transactions and the stated purpose and activity of the non – profit organization.
iii. A sudden increase in the frequency and amounts of financial transactions for the amount of non – profit organization.
iv. Large and unexplained cash transactions by non- profit organizations.
v. The absence of contributions from donors located within the country of origin of the non – profit organization.

11. Record Keeping Requirements

11.1. RECORD KEEPING AND TIME PERIOD OF KEEPING DOCUMENTS/DATE
The Company should keep the following documents and information for use in any investigation into, or analysis, of possible money laundering or terrorist financing by national authorities:
• The name and address of clients and copies or records of official identification documents (like passports, identity cards, or driving licenses).
• The name and address (or identification code) of counterparties.
• The form of instruction or authority.
• The account details from which any funds were paid.
• The form and destination of payment made by the business to the client.
• Business correspondence.

The documents/date of above are kept of a period of at least five (5) years, which is calculated after the execution of the transactions or the termination of the business relationship.

11.2. FORMAT OF RECORDS
The retention of the documents/data, other than the original documents or their certified true copies that are kept in a hard copy form, may be in other forms, such as electronic form, provided that the Company is able to retrieve the relevant documents/data without undue delay and present them at any time, to the Commission or to FIU, after a request.

The Company has established a Retention Policy which is in accordance with the provisions of the AML Law/and or AML Directive, as well any potential needs of FIU and the Commission.

11.3. CERTIFICATION AND LANGUAGE OF DOCUMENTS
The documents are in their original from or in a certified true copy form. In the case that the documents /data are certified as true copies by a different person than the Company itself, the documents/data must be apostilled or notarized.

Language other than English
In those cases, whereas the Company receives documents that are in a language other than English the following procedure is followed:

a) The Company requests from the client a true translation of the respective document, from a certified translator, which is attached with the document that is in another language.

b) If the client does provide the Company with a true translation, then it’s on the discretion of the Company to arrange internally for the corresponding translation from a certified translator. The Company uses the Official Translation Form as seen below. The respective Official Translation Form is kept with the documents of the Client.

Official Translation Form

Account:
Name:
Date:

1. Document used to Prove the Identity (POI)

Type of Document:
Full name:
Document Number:
Issuing Date:
Expiry Dare:
Date of Birth:
Citizenship:
Residence Country:
Issuing Country:
Additional Notes:

2. Document used to prove the residence/address (POR)
Type of Document:
Issuer Authority:
Holder Name written on the Document:
Document issue Date:
Address on the document:
Country:
City:
Document Number:
Expiry date (if applicable):
Deposit Date:
Additional Notes:

1. Other Documents
Type of Document:
Issuer Authority:
Holder Name written on the Document:
Document issue Date:
Country:
City:
Document Number:
Expiry date (if applicable):
Additional Notes:

2. Validation of the Translation (to be filled accordingly by the person performing the translation)

I …………………………………………….…, further certify that the English translation of the document appears, to the best of my abilities, to be true and accurate.

I further certify that I am competent/native speaker in both English and ……………………. to render and certify such translation.

Signature:

Date:

 

12. EMPLOYEES’ OBLIGATION, EDUCATION AND TRAINING

12.1. EMPLOYEES’ OBLIGATIONS
Each employee of the Company, whose duties are associated with the provisions of investment and/or ancillary services as defined in the Investment Services Law, and who directly or indirectly deals with clients of the Company, is expected to know the requirements of the applicable Laws and Regulations which affects his or her job responsibilities and relates to Money laundering and Terrorist financing.

The employees of the Company recognize their obligations to report the transactions that know or suspect that relates to money laundering or terrorist financing and failure to do so can rendered them personally liable.

Therefore, an employee who knows or reasonably suspects that a client is engaged in money laundering or terrorist financing offences, commits an offence if he does not report this act to FIU as soon as it reasonably practicable after it comes to his attention.

12.2. EMPLOYEE’S EDUCATION AND TRAINING PROGRAM
The Company recognizes its obligation to ensure that that its employees are fully aware of their legal obligations, in accordance with the AML Law and AML Directive, by providing a complete education relating to anti – money laundering and terrorist financing, through an internal and external training.

In case the Company will employ new staff, they will receive anti-money laundering training as part of the mandatory new-hire training program. The training program aims at educating employees on the latest developments in the prevention of money laundering and terrorist financing, including the practical methods and trends used for this purpose.

All applicable employees of the Company complete and participate in an AML training periodically. The employees of the Company, at times, participates in training programs and seminars relating to money laundering and terrorist financing so as to become aware of their AML responsibilities and obligations and being updated regarding any changes of the relevant Laws. Apart from this, an internal ongoing training will be given at regular intervals so as to ensure that the employees are reminded of their duties and responsibilities and are kept informed of any new developments.

In addition, the Compliance Officer on a regular basis provides advice and guidance to the employees of the Company on issues related to money laundering and terrorist financing. The employees of the Company are responsible to attend the training programs organized by the Company, become familiar with the Company’s Anti- Money Manual and be competent in regards to the Manual

13. Appendixes

13.1  FIRST APPENDIX – INTERNAL SUSPICION REPORT FOR MONEY LAUNDERING AND TERRORIST FINANCING

 

INTERNAL SUSPICION REPORT FOR MONEY LAUNDERING AND TERRORIST FINANCING

INFORMER’S DETAILS

Name:                                                                                                    Tel:

 

Department:

Fax:

Position:

CUSTOMER’S DETAILS

Name:

 

Address:

 

Date of Birth:

Tel:                                                                                                        Fax:                                                                                             

Occupation:

Details of Employer:

Passport No:

Nationality:

ID Card No.

Other ID Details:

INFORMATION/SUSPICION

 

Brief description of activities/transaction:

 

Reason(s) for suspicion:

 

Informer’s Signature

Date

FOR COMPLIANCE OFFICER’S USE

Date Received                                                                        Time Received:

Ref:

Reported to FIU: Yes/No                                                       Date

Reported:                                                                                 Ref

 

13.2  SECOND APPENDIX – INTERNAL EVALUATION REPORT FOR MONEY LAUNDERING AND TERROSTING FINANCING

 

INTERNAL EVALUATION REPORT FOR MONEY LAUNDERING AND TERRORIST FINANCING

Reference

Customer’s Details:

Informer:

Department:

Inquiries undertaken (brief description)

 

 

 

Attached documents

 

 

 

Compliance officer’s decision

 

 

 

File number

Compliance officer’s signature

Date