AML / KYC Policy
Last updated: June 26 , 2023
1. Introduction
This Anti-Money Laundering ("AML") and Know Your Customer ("KYC") policy notice outlines the guidelines and procedures implemented by QUAILPAY LIMITED a company registered in British Columbia, Canada under the company number BC1275630, with its registered office address at 308-8988 Fraserton Court, Burnaby, BC, Canada, with the postal code V5J5H8 ("Company"). The Company operates a cryptocurrency exchange platform, [please provide the final link] (the "Platform").
2. Objective of AML/KYC processes implementation by the Company
The objective of implementing AML/KYC processes is to ensure compliance with the laws of British Columbia, Canada, and international regulations, with the aim of preventing money laundering, terrorist financing, and other illicit activities. The Company is fully committed to achieving full compliance with applicable laws and international regulations regarding anti-money laundering and countering the funding of terrorism. To this end, the Company has adopted and enforces specific provisions outlined in anti-money laundering and countering the funding of terrorism rules and regulations, with the primary objective of preventing and detecting instances of money laundering, terrorist financing, and other unlawful activities.
In addition to adhering to legal requirements, the Company has established internal policies, guidelines, and additional resources to create a comprehensive framework for conducting rigorous due diligence on clients, monitoring transactions, and reporting any suspicious activities. By implementing robust KYC (Know Your Customer) and AML (Anti-Money Laundering) measures, the Company aims to safeguard its Platform, clients, and the overall integrity of the financial system.
Specifically, the Company is committed to promptly detecting and duly reporting any actions that may involve the conversion or transfer of funds originating from criminal activity or participation therein, as well as any attempts to conceal or disguise the illicit origin of such funds, or assisting individuals involved in criminal activities to evade legal consequences. Any involvement in concealing the true nature, source, location, disposition, movement, rights, or ownership of funds derived from criminal activity, or knowingly receiving funds derived from criminal activity, is also a matter of concern for the Company. In such cases, the Company diligently questions such behavior and promptly reports any suspicions of money laundering to the relevant authorities. The information and documentation gathered during these processes serve to support authorities in analyzing and investigating suspected instances of money laundering.
The regulatory framework for anti-money laundering and countering the funding of terrorism, which applies to the Company, adopts a risk-based approach. This means that the Company is obliged to implement measures, policies, controls, and procedures that are proportionate to the risks it faces, with the aim of preventing and mitigating those risks from materializing.
As each client presents varying levels of risk to the Company, a client-specific risk assessment is conducted when establishing a business relationship or carrying out occasional transactions. This assessment allows the Company to identify potential risks, particularly in cases where money laundering or terrorist financing is suspected or when doubts arise regarding the accuracy or adequacy of previously obtained customer identification data. The assessment enables the Company to develop a risk profile for each client and categorize the level of risk as low, medium, or high.
3. Implementation of "Know Your Client" Procedures
To appropriately assess the ML/FT risk, it is crucial to determine the client's risk profile. This enables the application of an appropriate level of Customer Due Diligence (CDD). CDD aims to ascertain the client's identity and establish a comprehensive client profile, facilitating the identification of any unusual behavior. If such behavior raises suspicions of money laundering or terrorist financing, it must be thoroughly investigated and promptly reported to the relevant authorities. The collected documentation and information will assist authorities in analyzing and investigating suspected instances of ML/FT.
The CDD process encompasses the following measures:
Customer Identification and Verification:
During customer registration, the Company gathers and verifies the necessary information and documentation to establish the customer's identity. To ensure the validity and authenticity of identification documents, the Company employs rigorous document verification procedures. Customer identification and verification are conducted based on a risk-based approach, taking into account factors such as the customer's profile, transaction history, and jurisdiction.
Ongoing Monitoring and Due Diligence:
The Company implements robust transaction monitoring systems to detect suspicious activities and identify unusual transaction patterns. In cases where enhanced due diligence is deemed necessary, additional verification procedures and information collection from customers are conducted. Periodic reviews of customer accounts and updated due diligence are performed to ensure ongoing compliance with regulations.
Reporting Suspicious Activities:
The Company provides training to its employees to promptly recognize and report any suspicious activities. In adherence to legal obligations, any identified suspicious activity is promptly reported to appropriate regulatory and law enforcement authorities.
Compliance Audit:
Regular internal and external audits are conducted by the Company to assess the effectiveness and compliance of its KYC procedures.
By implementing these measures, the Company strives to establish a comprehensive understanding of its clients, monitor their activities, and fulfill its obligations in combating money laundering and terrorist financing.
4. Excluded Jurisdictions and Business Activities:
The Company's policy regarding jurisdictions and business activities it does not engage with or provide services to can be referred to as "Excluded Jurisdictions and Business Activities." This term reflects the Company's decision to refrain from conducting operations in specific jurisdictions and avoiding certain types of business activities as outlined in the provided list.
To comply with applicable laws and internal guidelines, the Company refrains from providing services or engaging in business activities with individuals or entities based in countries that are listed under various sanctions, including the FATF black and grey lists. Additionally, the Company reserves the right to exclude jurisdictions at its discretion, with the possibility of periodic amendments.
Specifically, the Company does not offer services to clients located in the following jurisdictions: Afghanistan, Albania, Algeria, Angola, Argentina, Bahrain, Bangladesh, Barbados, Belarus, Benin, Bhutan, Bolivia, Bosnia and Herzegovina, Botswana, Brazil, Burkina Faso, Burundi, Cambodia, Cameroon, Cabo Verde, Central African Republic, Chad, China, Colombia, Comoros, Congo DR, Costa Rica, Crimea region, Cuba, Djibouti, Dominican Republic, Ecuador, Egypt, El Salvador, Eritrea, Ethiopia, Fiji, Gabon, Ghana, Guatemala, Guinea, Haiti, Honduras, Iran, Iraq, Jamaica, Jordan, Kenya, Kosovo, Kuwait, Laos, Lebanon, Liberia, Libya, Macedonia FYR, Madagascar, Malawi, Maldives, Mali, Mexico, Morocco, Myanmar, Namibia, Nepal, Niger, Nigeria, North Korea, Northern Cyprus, Oman, Pakistan, Palau, Panama, Paraguay, Peru, Puerto Rico, Qatar, Russia, Rwanda, Somalia, Senegal, South Sudan, Sudan and Darfur, Syria, Tanzania, Togo, Trinidad & Tobago, Tunisia, Tuvalu, USA, Vanuatu, Vatican City, Venezuela, Yemen, Zambia, Zimbabwe.
Please note that the list of excluded jurisdictions and business activities is not exhaustive and is subject to periodic review and changes in regulations. It may be modified based on legal requirements and the discretion of the Company.
5. Customer Identification Procedures
Customer Identification
The Company requires all users to go through a thorough customer identification process when registering for an account.
Enhanced Due Diligence (EDD)
In certain circumstances, the Company may employ enhanced due diligence measures for customers who present a heightened level of risk, including politically exposed persons (PEPs), high-value transactions, or those operating from a high-risk third country. This may entail additional verification procedures, the request for documentation regarding the source of funds, and ongoing monitoring carried out by the Compliance Team.
6. Risk Assessment
The Company considers the following areas of risk for the purpose of assessing business risk:
Client Risk
The risk of money laundering/terrorist financing (ML/FT) may vary depending on the type of client. Assessing the risk posed by an individual generally involves considering their economic activity and/or source of wealth. A client with a single source of consistent income poses a lower risk of ML/FT compared to a client with multiple income sources or irregular income streams.
Product/Service/Transaction Risk
Certain products, services, or transactions inherently carry higher risk and are more attractive to criminals. These include those that are susceptible to criminal exploitation or involve specific funding methods, and they should be treated as high-risk factors.
Interface Risk
The channels through which a business relationship is established and transactions are conducted can impact the risk profile of the relationship or transaction.
Geographical Risk
Geographical risk refers to the risk associated with the location of the business/economic activity and the source of wealth/funds in a business relationship. The nationality, residence, and place of birth of a client should be considered as they may indicate a heightened geographical risk. Countries with weak anti-money laundering/counter-terrorist financing (AML/CFT) systems, high levels of corruption, international sanctions related to terrorism or the proliferation of weapons of mass destruction, or known presence of terrorist organizations are considered high risk. Conversely, countries with stronger AML/CFT systems and a lower risk of ML/FT can be classified as presenting a medium or low risk.
7. Transaction Monitoring
Real-Time Monitoring
The Company utilizes sophisticated transaction monitoring tools to identify and analyze potentially suspicious activities. These tools continuously monitor transactions, account behavior, and patterns that may be indicative of money laundering or terrorist financing.
Transaction Reporting
In the event that suspicious activity is identified, the Company will expeditiously report it to the appropriate authorities in adherence to the laws of the Republic of Estonia and relevant international regulations.
8. Maintenance of Records
The Company keeps detailed records containing customer identification information, transaction data, and communications for a minimum of 5 years, unless longer retention is mandated by applicable law, regulation, or directive. These records are securely stored and easily accessible for the purpose of audits and regulatory requirements.
9. Training of Staff
Regular and comprehensive training on AML and KYC policies and procedures is provided to all employees and relevant personnel within the organization. This training ensures that they are fully aware of their responsibilities and equipped to effectively identify and report any suspicious activities.
10. Appointment of Compliance Officer
A designated Compliance Officer is appointed by the Company to oversee the implementation and adherence to AML and KYC policies. This Compliance Officer ensures that the Company remains updated with regulatory requirements and promptly reports any concerns or suspicions to the appropriate authorities.
11. External Audits
The Company regularly undergoes independent audits of its AML/CFT program to evaluate its efficacy, identify areas for enhancement, and ensure adherence to regulations. The findings from these audits are thoroughly reviewed by management, and appropriate measures are taken to rectify any identified shortcomings.
12. Collaboration with Authorities
The Company maintains full cooperation with pertinent authorities, such as law enforcement agencies and regulatory bodies, during investigations or inquiries pertaining to money laundering, terrorist financing, or other illicit activities. The organization promptly provides requested information and assistance within the confines of applicable laws and regulations.
13. Relationships with Third Parties
When entering into business relationships with third parties, the Company requires these parties to adhere to the same AML and KYC processes as outlined in this Policy and guided by the Compliance Team. Ongoing monitoring and periodic reviews are conducted by the Company to assess the compliance of these third parties with AML and KYC regulations.
14. Periodic Evaluation
This Policy undergoes periodic evaluations to ensure its effectiveness and compliance with evolving regulations and best practices. Updates and amendments will be implemented as necessary. The effective date signifies the commencement of the latest version of this policy. Any changes to the effective date will be clearly indicated at the beginning of this document.