Please make sure you read RoboForex's Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) Policy carefully.
RoboForex's AML/CFT Policy and Procedures
This document outlines RoboForex's Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) policy and procedure. This document is for general informational purposes only and has no legal effect on RoboForex and/or any person (natural or otherwise).
A. Principles and methods of RoboForex's AML/CFT measures
RoboForex is committed to supporting AML/CFT efforts. In principle, we undertake to:
● Conduct due diligence when working with our clients and individuals designated to act on behalf of our clients.
● Conduct business in accordance with high ethical standards and, to the greatest extent possible, prevent the establishment of any business relationships that are involved or may contribute to money laundering or terrorist financing.
● Assist and cooperate with competent legal authorities, to the greatest extent possible, in preventing the threat of money laundering and terrorist financing.
B. RoboForex Risk Assessment and Risk Mitigation Methods
Risk Assessment
We anticipate that the majority of our clients will be retail clients. We operate primarily in Asian countries such as Vietnam, Thailand, Korea, Japan and Malaysia.
In this context, we will:
a. Record and/or collect information about the following:
1. The identity of our customers.
2. The country or region in which our customers are located.
b. Ensure, to the best of our ability, that our clients, their related individuals, designated individuals acting on behalf of our clients, and the actual owners of our clients are assessed and screened with the aid of a list of designated individuals and entities for (but not limited to):
● Democratic People's Republic of Korea
● Democratic Republic of the Congo
● Iran
● Libya
● Somalia
● South Sudan
● Sudan
● Yemen
● UN Al Qaida Sanctions List (1267/1989)
● UN Taliban Sanctions List (1988)
● Individuals identified in Schedule 1 of the Terrorism (Suppression of Financing) Act chapter 325.
Risk Mitigation
Once identified, we will not transact with anyone on the list of designated individuals and entities.
C. New Products, Practices and Technical Methods
We will provide appropriate notice of the identification and assessment of risks related to money laundering and terrorist financing that may arise in the following areas:
● Development of new products and business practices, including new delivery mechanisms.
● Use of new or emerging technologies for new and existing products.
We will pay particular attention to any new products and new business practices that facilitate anonymity, including new delivery mechanisms and new or emerging technologies, such as digital tokens that facilitate anonymity (whether securities, payment and/or utility tokens).
D. Approach to Customer Due Diligence (CDD)
We do not open, maintain or accept anonymous or pseudonymous accounts.
We will not establish a business relationship or conduct transactions for customers where we have reasonable grounds to suspect that their assets or funds are proceeds of drug trafficking or other criminal activity. We will file a suspicious transaction report (STR) for such transactions and provide a copy to the relevant Financial Intelligence Unit (FIU).
We will conduct customer due diligence in the following situations:
● When we establish a business relationship with any customer.
● When we make a transaction for any customer with whom we do not have an established business relationship.
● When we receive a transfer of electronic money for a customer with whom we do not have a business relationship.
● When we suspect money laundering or terrorist financing.
● When we doubt the authenticity or completeness of any information.
When we suspect that two or more transactions are related or connected or that one transaction If a single transaction has been reorganized into smaller transactions to avoid Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) measures, we will treat it as a single transaction and aggregate its value to comply with AML/CFT principles.
Customer Verification
We will verify the identity of all our customers.
To verify our customers, we need to know at least:
● Full name, including any aliases.
p>● Their unique identification number (e.g. identity card number, birth certificate number, passport number or, if the customer is not an individual, their business registration number); or
● Their registered address, or their business registration address (if applicable), or their main address if the registered address and business address are different; and
● Their date of birth, date of incorporation or date of registration; and
● Their nationality or place of registration.
If the customer is a legal entity, in addition to collecting the relevant information set out above, we will determine their legal entity type, their charter and the powers that regulate and bind them as a legal entity. We will also identify their related parties (e.g., directors, partners, and/or individuals with executive authority) by collecting, at a minimum, the following information for each person:
● Their full name, including any aliases.
● Their unique identifier, such as their national identity card number, birth certificate number, or passport number.
Verifying Customer Identity
We will use reliable and independent data, documents, or information to verify the identity of our customers. If our client is a legal entity or legal structure, we will use reliable and independent data, documents or information to verify their legal entity type, demonstrate their existence, charter, and the power to govern and bind them.
Verify the identity of the client representative
a. Customer Representative
If a customer designates one or more individuals to represent them in their business relationship with us, or if the customer is not an individual, we will:
● Identify each individual acting on behalf of the customer or designated to act on behalf of the customer by collecting the following information:
● Their full name.
● Their unique identification number.
● Their residential address.
● Their date of birth.
● Their nationality.
● Data and documents from reliable and independent sources may be used to verify the identity of such individuals.
We will also verify the legal authority of each individual designated to act on their behalf for the customer by collecting the following information:
● Valid written evidence authorizing the designation of such individuals as our customer's representatives.
● Specimen signatures of each individual.
If the customer claims to be a government agency, we will only collect information necessary to confirm the identity the customer has claimed.
Identifying and verifying the real owners
We will investigate the existence of any real owners in relation to the customer.
If the customer has one or more real owners, we will identify the real owners and take reasonable steps to verify the identity of the real owners using relevant information or data obtained from reliable and independent sources.
If the customer is a legal entity, we will:
● Identify the individuals (whether acting alone or in concert) who have ultimate ownership of the entity.
● If there is any doubt as to whether the individuals who have ultimate ownership of the entity are the true owners, or if no individual has ultimate ownership of the entity, identify the individuals who have ultimate ownership of the entity; and
● If no such individual can be identified, identify an individual with enforcement authority over the entity.
If the client is a legal structure, we will:
● In the case of a trust, identify the trust's founder, trustee, protector (if any), beneficiary, any individual exercising ultimate ownership, ultimate control, or ultimate effective control over the trust; and
● For other types of legal structures, identify persons in equivalent positions.
If the client is not an individual, we will determine the nature, ownership, and control structure of the client's business.
We are required to verify the identity of the effective owners of the following clients:
● Entities listed on a stock exchange.
● Entities listed on a stock exchange are subject to regulatory disclosure requirements and full transparency requirements regarding their effective owners.
● Financial institutions.
● Financial institutions monitored for compliance with AML/CFT requirements set out by the FATF; or
● Investment vehicles where the manager is a financial institution or is subject to AML/CFT requirements set out by the FATF.
The above shall apply unless we have doubts about the authenticity of the CDD information or suspect that our client has engaged in business relationships or transactions involving money laundering orterrorist financing.
We will also document the basis for our determination.
Information about the Intended Purpose and Nature of the Relationship and Business Transactions Conducted without Opening an Account*
When processing applications to establish a business relationship or conduct a non-public transaction, we need to be aware of and, where appropriate, obtain information from the customer about the intended purpose and nature of the relationship or business transaction.
Review of Transactions Conducted without Opening an Account*
If we conduct one or more transactions for a customer without opening an account (a “current transaction”), we will review previous transactions that the customer has conducted to ensure that the current transaction is consistent with our understanding of the customer, their business and risk profile, and the source of their funds. them.
When we establish a business relationship with a customer, the payment service provider will review all transactions prior to establishing the business relationship to ensure that the business relationship is consistent with our understanding of the customer, their business and risk profile, and the source of their funds.
We will pay particular attention to all complex, large unusual transactions, or unusual patterns of transactions made without an account being opened and without a clear economic purpose. We will investigate, to the best of our ability, the context and purpose of such transactions and record our findings with a view to providing such information to the relevant authorities as necessary.
To investigate transactions conducted without an account, we will establish and implement systems and procedures appropriate to the size and complexity of the payment service provider to:
● Monitor transactions conducted without an account.
● Detect and report patterns of suspicious, complex, unusually large, or unusual transactions conducted without an account.
Where there is reasonable cause to suspect that a transaction conducted without an account is related to money laundering or terrorist financing, and where we consider it appropriate to conduct the transaction, the payment service provider will demonstrate and record the reasons for conducting the transaction that transaction.
Continuous Monitoring
We will monitor our business relationships with our customers on an ongoing basis. We will monitor customer account activity and review their transactions throughout the course of the business relationship to ensure that they are consistent with our understanding of the customer, their business and risk profile, and the source of their funds.
We will take our own risk precautions if the transaction involves the transfer or receipt of cryptocurrency from the following entities:
● Financial institutions.
● Financial institutions monitored for compliance with AML/CFT requirements outlined by the FATF.
During the course of our business relationship, we will pay particular attention to any complex, large, unusual transactions, or unusual patterns of transactions with no apparent economic purpose. We will investigate, to the best of our ability, the context and purpose of such transactions and document our findings with a view to providing such information to the relevant authorities as necessary.
For ongoing monitoring purposes, we will establish and implement systems and procedures appropriate to the size and complexity of the payment service provider to:
● Monitor the business relationship with our customers.
● Detect and report suspicious, complex, unusually large, or unusual patterns of transactions conducted during the course of the business relationship.
We will ensure that the data, documentation, and CDD information obtained relating to our customers, the individuals designated to act on behalf of our customers, and the relevant parties and beneficial owners of the customers are relevant and up to date by reviewing existing CDD data, documentation and information, particularly for high-risk customers.
If there is reasonable cause to suspect that an existing business relationship with a customer is involved in money laundering or terrorist financing and we believe it is appropriate to retain the customer:
● We will demonstrate and document the reasons for retaining the customer.
● We will apply appropriate risk mitigation measures to the customer's business relationship with us, including enhanced ongoing monitoring.
Where we assess that the risk of a customer or our business relationship with that customer is high, payment service providers are expected to implement enhanced CDD measures, includingapproved by our senior management to retain the customer.
CDD Measures for Non-Direct Business Relationships or Non-Direct Transactions*
We will have policies and procedures in place to address any specific risks associated with non-direct business relationships with customers or non-direct transactions (non-direct business contacts) conducted without opening an account for the customer.
We will implement these policies and procedures when establishing a business relationship with a customer and when conducting ongoing due diligence.
In the absence of direct contact, payment service providers will implement CDD measures that are at least as stringent as those required for direct contact.
When a payment service provider makes its first non-direct business contact, the payment service provider will, at its sole discretion, at our own expense, engage an external auditor or an independent qualified consultant to evaluate the effectiveness of our policies and procedures, including the effectiveness of any technical solutions used to manage the risk of fraud.
We will appoint an external auditor or an independent qualified consultant to conduct an evaluation of the new policies and procedures; and shall submit the assessment report to the Competent Authority no later than one year after the change is made.
Reliance on Measures Implemented in the Acquisition of a Payment Service Provider
When we (the receiving payment service provider) acquire, in whole or in part, the business of another payment service provider, we shall implement measures in respect of the customers that were acquired together with the business at the time of acquisition, unless the receiving payment service provider has:
● Received all relevant customer records (including CDD information) at the same time and has no doubts or concerns about the accuracy or completeness of the information collected.
● Undertake due diligence that results in no question as to the adequacy of the AML/CFT measures implemented by the receiving payment service provider in respect of the business or part of the business the receiving payment service provider is currently purchasing and has accurately recorded those measures.
Non-Account Measures*
If we make any transaction for any customer who does not have a business relationship with us, we will:
● Implement CDD measures as if the customer had just applied to the payment service provider to establish a business relationship.
● Record sufficient details of the relevant transaction to enable the transaction to be reproduced, including the nature and date of the transaction, the type and amount of the currency involved, the value date, and the details of the beneficiary or recipient.
Verification Timeline
We will verify the identity of the customer, the individuals designated to act on the customer's behalf, and the actual owners of the customer before either of the following: following:
● The payment service provider establishes a business relationship with the customer.
● The payment service provider executes any transaction for the customer without having established a business relationship with the customer.
● The payment service provider facilitates or receives digital assets by transferring value to the customer without having established a business relationship with the customer.
We may establish a business relationship with a customer before verifying the identity of the customer, the individuals designated to act on behalf of the customer, and the real owners of the customer if the following circumstances apply:
● The delay in verification is necessary so as not to disrupt normal business operations.
● Money laundering and terrorist financing risks can be effectively managed by the payment service payment.
Where we establish a business relationship with a customer before verifying the identity of the customer, the individuals designated to act on behalf of the customer, and the actual owners of the customer, we will take the following actions:
● Develop and implement internal risk management policies and procedures regarding the conditions under which such a business relationship may be established before verification.
● Complete such verification as soon as reasonably practicable.
Where Measures Are Not Completed
Where we are unable to complete the required measures, we will not commence or continue a business relationship with any customer or effect any transaction for any customer.
Where we are unable to complete the measures, the payment service provider will consider whether the circumstances warrant whether to request an STR application or not.p>
Completion of measures refers to a situation where the payment service provider has collected, screened and verified (including late verification as set out in paragraphs 6.43 and 6.44) all required CDD information pursuant to paragraphs 6, 7 and 8 and where the payment service provider has received satisfactory responses to all questions relating to that required CDD information.
Joint Accounts
For joint accounts, we will implement CDD measures for all joint account holders as if each of them were a separate customer of the payment service provider.
Screening
We will screen the customer, the individuals designated to act on the customer's behalf, the customer's related parties, and the customer's real owners against relevant information sources. relating to money laundering and terrorist financing, as well as lists and information provided by the Authority to determine whether there is any risk of money laundering or terrorist financing to the customer.
We will screen for the following situations and individuals:
● When (or as soon as practicable) we establish a business relationship with a customer.
● Before we conduct any transactions for any customer who does not already have a business relationship with the payment service provider.
● Before we facilitate or receive digital assets by transferring value for a customer who does not already have a business relationship with us.
● Periodically, after we establish a business relationship with our customer; and
● When there are any changes or updates to:
● The list and information provided by the Authority to the payment service provider; or
● Individuals designated to act on behalf of customers, their related parties, or real owners.
We will screen all value transferors and value transfer beneficiaries against the list and information provided by the Authority to determine whether there are any risks related to money laundering or terrorist financing.
We will record the results of all screenings.
E. Our Approach to Enhanced Customer Screening
Politically Exposed Persons
We will use all reasonable measures to determine whether a customer, any individual designated to act on the customer’s behalf, any related party of the customer, or any of the customer’s effective owners is a politically exposed person (PEP) or a family member or close friend of a PEP.
Where a customer or any of the customer’s effective owners is identified by us as a PEP, or a family member or close friend of a PEP, we will perform at least the following enhanced checks in addition to our normal CDD measures:
● Obtain approval from senior management to establish and continue a business relationship with the customer.
● By reasonable method, determine the source of assets and funds of customers as well as any of their real owners.
● During the course of business relationships with customers, conduct enhanced monitoring of our business relationships with them. We will increase the level and nature of monitoring for any transactions that appear unusual.
Higher Risk Categories
We recognise that situations where a customer may be at higher risk of money laundering or terrorist financing include, but are not limited to, the following:
● Where the customer or any of the customer's physical owners is from or is located in a country or territory to which the FATF has called for countermeasures, the payment service provider will treat any business relationship or transaction with such a customer as being at higher risk of money laundering or terrorist financing.
● Where the customer or any of the customer's physical owners is from or is located in a country or territory known to have inadequate AML/CFT measures as assessed by the payment service provider or otherwise notified to the payment service provider payment services by the Authority or other foreign regulators, the payment service provider will assess whether any such customer may pose a higher risk of money laundering or terrorist financing.
We will implement enhanced CDD measures for customers who pose a higher risk of money laundering or terrorist financing or any customer who the Authority informs us of a higher risk of money laundering or terrorist financing.
F. Approach to Negotiable Instruments and Limits on Cash Payments
We will not make any payments in cash in the form of negotiable instruments.
We will not pay any cash in any amount in the course of conducting our business.
*G. Approach to Value Transfers (to be implemented as necessary)
If we are the ordering entity, before executing a value transfer, we will:
● Identify the sender and take reasonable steps to verify their identity (if we have not already done so).
● Record sufficient details of the value transfer, including but not limited to the date of the value transfer, the type and value of the digital asset transferred, and the value date.
If we are the ordering entity, we will include in the notes or payment instructions accompanying or relating to the value transfer:
● The sender's name.
● The sender's account number (or unique transaction reference number if applicable).
● The beneficiary's name.
● The beneficiary's account number (or unique transaction reference number if applicable).
Transfers of Value Over a Specific Threshold
For value transfers over a specific threshold where we are the ordering entity, we will identify the sender and verify their identity, including any notes or payment instructions accompanying or relating to the value transfer and any of the following information:
● The sender's residential address; or
● The sender's registered or business address (together with their primary address if these are different).
● The sender's unique identification number; or
● The sender's date and place of birth, together with the establishment or registration of the value transfer.
We will promptly and securely send to the beneficiary organization all information about the sender of the value transfer and information about the beneficiary organization of the value transfer and will record all such information. Where we, as the ordering entity, are unable to comply with the requirements, we will not execute a value transfer.
If we are the beneficiary, we will take reasonable steps to identify value transfers that lack the required remitter or beneficiary information.
For value transfers where we, as the beneficiary, pay a transfer of digital assets in the form of cash or cash equivalents to a value transfer beneficiary, we will identify and verify the identity of the value transfer beneficiary (if their identity has not been previously verified).
We will always conduct a review before executing a value transfer that lacks the required remitter or beneficiary information and document our monitoring measures. *
If we are an intermediary, we will retain all information relating to value transfers.
When we, as an intermediary, make a value transfer to another intermediary or a beneficiary, we will promptly and securely provide the information accompanying the value transfer to that other intermediary or beneficiary.
If we are a receiving intermediary, we will retain records of all information received from an ordering entity or other intermediary for at least five years.
We will take reasonable steps to identify value transfers that lack the necessary sender or beneficiary information during direct processing.
H. Record Retention
We will retain appropriate records as required for a period of at least 5 years.
I. Personal Data*
We will protect our customers' personal data in a manner consistent with the law.
J. Suspicious Transaction Reports (STRs)
We will notify the relevant authorities and file STRs as required by law. We will also maintain all records and transactions relating to all such transactions and STRs.
K. Our Compliance, Auditing and Training Policy
Among other measures, we will appoint an AML/CFT compliance officer at the management level, maintain an independent audit capability, and take proactive measures to regularly train our employees on AML/CFT-related issues.
Enterprise-Wide Money Laundering/Terrorist Financing Risk Assessment
We will conduct an enterprise-wide money laundering/terrorist financing risk assessment in three phases:
Phase 1: Substantive Risk Assessment
We will assess the substantive risks associated with:
● Customer or entity: We will assess the customer and/or entity with whom we transact.
● Product or service: We will pay attention to the provision of cryptocurrency OTC services for whom.
● Regional scale: We will not transact with customers on the list of designated individuals and entities.
Phase 2: Mitigation Assessment
WeWe will evaluate our mitigation measures in relation to the above. We will monitor and conduct enhanced monitoring of any customers we consider suspicious.
Stage 3: Remaining Risk Assessment
We will assess our remaining risks following our assessment of our mitigation measures.