KYC Policy

Global Money Shift s.r.o. – Anti-Money Laundering & Knowing Your Customer Procedures

Introduction

 

In reply to today’s every growing money-laundering and online fraudulent behavior, firm and tight policies are employed by our operation to guard against damage caused by such activity. The software used to operate our financial operation has a robust anti-fraud engine designed to filter out suspected and fraudulent users. Once detected the mechanism generates alerts and performs different actions according to predefined rules.

Enhanced search parameters can be set to single-out different aspects of fraud and to prevent such users from repeat attempts.

For example:

  • Money laundering.
  • Fraudulent behavior deriving from country of origin.
  • Stolen identity and stolen credit cards.

The software management is continuously updated with requirements and rules as determined by the National Bank of Czech Republic. As a result procedures may be updated accordingly to reflect these guidelines, if and when required.

To provide high-level security at our operation the Fraud, Customer Support and Relationship Management departments work as a team.

Knowing our client

 

One of the main tasks at our Company is developing a strong and trustworthy relationship between our users and our staff. All of user’s staff is made aware of the fraud and money laundering problems and are trained to handle such issues and provide necessary assistance including directing suspected transactions to the right authority and enforcement forces specialised in assisting such issues, were necessary.

Our highly trained representatives using manual checks and advanced software tools to contribute to increase and perpetuate this relationship and the security of both our users and ourselves. Throughout the user’s lifecycle, our staff uses these tools and procedures to find, be alerted and take action against fraudulent activities. The following user actions are screened:

•          Account registration.

•          Payment method registration.

•          Deposits.

•          Currency Exchange above 10,000 EUR or equivalent.

•          Withdrawals.

Note: As a preventative tool, our system does not transfer requested withdrawals for a user before their identity is verified.

Fraud search stages

 

There are two stages in this process; registering an account and registering a deposit or withdrawal method.

Registering an Account

When opening an account, the user is required to enter mandatory information into the registration form. If this information is not supplied the user cannot complete the registration process. Inaccurate information, such as an incorrect username, is detected by the system as the user continues the registration process. Once found the user is asked to supply documentation to authenticate their identity. The following mandatory information is required:

•         Full name.

•         Full address.

•         Full phone number.

•         Nationality.

•         Valid email address.

•         Full date of birth.

Underage Users

Our system does not enable a user to continue registration if their date of birth indicates that they are under 18 years of age. In line with our legal obligations, we only accept users who are 18 years old or over. All newly registered users are subject to our KYC procedures and must provide us with the necessary documentation and identity verifications we require in order to verify the user’s identity. We believe we have imposed all the necessary controls in this area.

Deposit & Withdrawal registration

 

A Fraud alert is generated if there are mismatches between a user’s details and the information appearing on their deposit or withdrawal method. Although the user can continue registration they will not be able to deposit money using the such method.

Generally, when deposits are made or withdrawals requested, user may ask the user to provide different types of documentation. This includes:

•         Copies of the user’s valid picture ID.

•         Utility bills, as proof of address.

•         Bank references, as proof of the source of money.

•         Bank statements when required. For example, amount and method used for withdrawal.

•         Country of origin – there are countries that are blocked from our services in accordance with FATF recommendation.

•         There may be circumstances when a user is required to send notarized identification to validate their authenticity.

Throughout these stages the following chain of actions occurs:

1.  Event check.

2.  Alert validation.

3.  Action.

4.  Compliance decides to verify or not.

Automated rules

 

User activity is automatically checked according to rules and policies which are based on the following criteria:

  • Bad data.
  • User’s location.
  • Payment method.
  • Deposit patterns.
  • Exchange patterns.
  • Withdrawal patterns.

User requests are initially answered by our Relationship Management department which is built of highly trained representatives working according to strong guidelines.

The following table discusses different criteria which are checked:

Personal Info
If the user is fraudulent their personal details may not be true. As such, the Company validates information through third parties. This include PEP checks with external sources

 

IP Address
Does the IP address of the user’s computer match the location of the specified residential address? If not, then why? (this check will be available once the core banking system is fully deployed)

 

Signup Date
The signup date indicates the seniority of the user at our operation. Users who have been at our platform for a long time are least likely to be fraudulent.

 

eMail Address
Freemail is commonly used and can often be accessed from anywhere. However if the address starts with a name followed by numbers, for example xxx12@hotmail.com this could indicate that the user has more than one email address and may also have other accounts. The email address is checked if there are other similar accounts listed with other users.

 

Has the user deposited amount exceeding his profile?
Large deposits within the first 24 hours from when an account is created, and is not in accordance with the client’s profiling made on registration stage, may indicate that the user is trying to use our services for fraudulent or money laundering purposes.

Are there suspicious deposit and withdrawal patterns?

Check if the user have patching amounts on deposit and withdrawal orders, indicating he is using the system to “funnel” funds through our services and create a placement opportunity.

 

Currency mismatch

If the currency defined for the account does not match the currency used by the defined country this could be suspicious. For example; why use Euro in the United States?

 

Fraudulent duplicate and related accounts

While the software has a tool for detecting duplicate accounts, fraudulent users who open several accounts will know how to enter false information. Therefore, we always check the following:

•       Signup date, a fraudulent user or fraud ring will create multiple accounts within a relatively short period.

•       IP address, although many internet connections are through a dynamic IP, several user accounts using the same or similar IP addresses may indicate a connection between them.

•       Address, while the address itself will probably vary in the different accounts, format of the address and usage of uppercase and lowercase letters may indicate that they were created by the same person.  For example, 53 Hancock st and 12 Dover st.

•       Phone, as for email, the format of the phone number and usage of dashes between the numbers may indicate a pattern.

•       Passwords, a fraudulent user may use the same or similar passwords in more than one account.

•       In related accounts there is an automatic check for the account’s fraud history which can also be done manually.

 

Deposit limits

Strict deposit limits and withdrawals policies are enforced, especially with new account holders.

 

Prior to hiring staff:

•       Perform extensive background checks.

•       Limit access to information. Senior employees only have access to user documentation.

•       Cross check summary reports.

•       Screen calls and emails.

•       Perform on-the-spot inspections.

•       Block access to ex-employees.

 

Documents

Set parameters have been made for requesting documents.

 

Unsupported countries

•       Afghanistan
•       Bosnia and Herzegovina
•       Democratic People’s Republic of Korea (DPRK)
•       Ethiopia
•       Guyana
•       Iran
•       Iraq
•       Laos
•       Serbia
•       Sri Lanka
•       Sudan
•       Syria
•       Trinidad and Tobago
•       Tunisia
•       Uganda
•       USA
•       Vanuatu
•       Yemen

Requested user documentation

 

We are fully aware of the higher risks involved in remote onboarding, since users when registering are not physically present. We might therefore require additional documents from users for verification purposes during the registration stage as well as prior to processing a user’s request for withdrawal of funds. User documentation is essential for complying with AML and CTF regulations and for reducing fraudulent activity during the registration process. There are also criteria for requesting user documentation which have been defined according to fraud risk assessment and regulations applicable to our operation.

The most frequently requested documents for most user requests are for valid copies of the user’s picture ID which display their residency address. However, if the user’s current address is not listed, other documents such as utility bills or bank statements displaying the correct address are also accepted.

Other documents include a notarized copy of a picture ID for high withdrawals, or a bank letter reference acting as a letter of good standing for the user.

For corporate clients we request the following documents:

Certified Copies of company documents or if any of the directors or shareholder are a Company:

  • Certificate of Incorporation
  • Memorandum and Articles of Association
  • Register of Directors
  • Register of Members
  • Incumbency letter
  • Good standing certificate (if company is more than 6 months old)
  • Bank statement of the last 6 months (if user has an account)
  • Audited Account (if user exists more than 18 months).

Certified Documents for each Director and Shareholder:

  • Passport
  • Utility bill for address verification for each of the directors/shareholders
  • Bank Reference letter.(in some cases)

Anti-money laundering compliance & combating terrorist enforcement program

 

User shall follow the guidance issued by the National Bank of Czech Republic with regards to combating financing of terrorism and money laundering in line with the Money Laundering Regulations.

Behavioral patterns of a user are checked by our Compliance team. During the check the following are examined on the following triggers:

  • Sign up.
  • Registration of deposit and withdrawal methods.
  • Quick and multiple high deposits.
  • Quick and multiple high withdrawal requests.
  • Deposited amount in comparison to the amount requested for withdrawal.
  • Payment method used by the user.
  • Country of origin.

If fraudulent behavior is suspected we contact the user and ask for documents which verify their identity and supporting documents for the requested transaction (invoice, agreement, bill instruction). We may decide to withhold the withdrawal. However, once fraud is actually detected, we cancel the transaction, block the account until further investigative steps can be completed by the relevant authorities, including the Financial Intelligence Unit.

Audit procedures

 

All withdrawal requests first follow our audit check procedure.

During an audit check the following checklist is used:

 

Signup date
Check – The date that the user opened the account. Fraudulent users tend to act fast from the signup date, therefore new users are considered more likely to be fraudulent.

Action – New users depositing are asked for supporting documents.

 

First name, last name, zip code, email, and phone
Check – A search is made for conspicuous names such as, John Doe, or numbers such as, 0000000000.

Action – When located, the information is forwarded to the Fraud department for further investigation.

 

Billing address
Check – A search for suspicious addresses or the address is verified by any available means. The billing address is checked that it is not a POB address.

Action – When suspicious the information is forwarded to the Fraud department for further investigation. The user is asked to supply additional proof of address document.

 

Total deposits
Check – Total amount of money deposited by the user since signup. This will help to assess the caliber of the user withdrawing.

 

Total withdrawals
Check – What is the total amount of money withdrawn by the user since account opening
Action – If a user has made a previous successful withdrawal it is added to the user’s credibility.

 

Total returns and total return reverses
Check – Is the amount zero or does the amount in Total returns equals the amount in Total return reverses.
Action – If the amount is not zero or does not equal zero notify the Fraud department.

 

Payment method
Check – Payment method/s the user is using.
Action – The total amount deposited should be taken into consideration when requesting documentation from the user. The different methods are also checked to ascertain the alternative payment methods available for the user.

 

Deposits (count)
Check – Total amount (count of transactions) a user has deposited since account opened.
Action – The total amount and number of transactions deposited are taken into consideration when requesting documentation from the user.

Large payment procedures

 

To ensure full efficiency of AML procedures, we have set additional procedures for issuing large payments. These procedures may include additional documentation, approvals, checks and balances.

1.  The following documents are requested:

  • Supporting evidence for the amount issued (such as invoice or commercial agreement)
  • Bank statement to prove receiving account ownership if funds are transferred to own accounts of the client.

2.  Approval from the various internal parties, such as the relationship management is received.

3.  A check on the software is made for blacklisted parties.

4.  Check that the Fraud department has performed a fraud check on the account of the user requesting to withdraw the large sum.

Retention of user documents

 

We shall retain all documents provided by the users as part of our KYC procedure including supporting documents in respect of business relationships or occasional transactions for the maximum period established by law, which is for a total duration of five years from the end of the business relationship. Documents will not be retained for more than five years unless we have a specific purpose for doing so.

Reasons for longer retention period, which shall be determined on a case by case basis, may include:

  • if there is actual or potential litigation or dispute, documents likely to be affected should not be amended or disposed of until the threat has been removed or until a court judgement has been delivered, whichever the case may be.
  • for the purpose of retrospective comparison

Retention of other Records

In addition, we shall also retain the documents listed below:-

  • details of how compliance has been monitored by the nominated officer;
  • delegation of AML/CTF tasks by the nominated officer;
  • nominated officer reports to senior management;
  • information not acted upon by the nominated officer, with reasoning why no further action was taken;
  • employee training records;
  • internal and external suspicious activity reports (SARs); and
  • contact between the nominated officer and law enforcement or SOCA*, including records connected to appropriate consent.

Duty to report

 

Our employees are fully trained to identify situations which do or which potentially might lead to money laundering or terrorist financing. If in the course of their business:-

  • they know;
  • they suspect; or
  • they have reasonable grounds for knowing or suspecting,

that a user is engaged in money laundering or terrorist financing, they will immediately and without undue delay file a report with our Anti-Money Laundering Compliance Officer

If, following that report, the Anti-Money Laundering Compliance Officer determines that there are sufficient grounds for knowledge or suspicion, s/he shall escalate further and report the matter in accordance with the applicable law.

Training

 

It shall be the responsibility of the Anti-Money Laundering Compliance Officer to ensure that all employees are:-

  • fully trained on anti-money laundering and counter terrorism financing laws and regulations and company policies on the same as well as any risks associated thereto;
  • fully aware of their responsibility to report suspicious transactions or activities;
  • fully aware that tipping-off is strictly prohibited and that any breach of the above rules may result in legal action, including criminal action, being taken against them.
  • fully aware of the identity, role and responsibilities of the Anti-Money Laundering Compliance Officer, and what should be done in his/her absence;
  • fully aware of the potential effect of a breach on the Company and upon its employees and the implications associated thereto;

The Anti-Money Laundering Compliance Officer shall ensure that regular refresher training is given to existing employees on an annual basis and that this training will form part of the induction training for new employees. In addition, the Anti-Money Laundering Compliance Officer may impose a competence test on the employees following the training. Records of attendance as well as the results of any competence tests shall be retained by the Anti-Money Laundering Compliance.