It is the policy of PAYEER to prohibit and actively prevent money laundering and any activity that facilitates money laundering or the funding of terrorist or criminal activities by complying with all applicable requirements under the Money Laundering and Terrorism (Prevention) Act, Money Laundering and Terrorism (Prevention) Act Guidelines, Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) Guidelines , FATF recommendations and its implementing regulations.
Generally speaking, the money laundering process consists of three “stages”:
Placement: The introduction of illegally obtained monies or other valuables into financial or nonfinancial institutions.
Layering: Separating the proceeds of criminal activity from their source through the use of layers of complex financial transactions. These layers are designed to hamper the audit trail, disguise the origin of funds and provide anonymity.
Integration: Placing the laundered proceeds back into the economy in such a way that they reenter the financial system as apparently legitimate funds.
These “stages” are not static and overlap broadly. Financial institutions may be misused at any point in the money laundering process.
PAYEER is committed to the highest standards of anti-money laundering (AML) compliance and requires management and employees to adhere to these standards to prevent use of our products and services for money laundering purposes. PAYEER will examine its Anti Money Laundering strategies, goals and objectives on an ongoing basis and maintain an effective Anti-Money Laundering program for the Company’s business that reflects the best practices for a diversified, global financial company. Adherence to the PAYEER Anti-Money Laundering Program is the responsibility of all employees. The program includes client screening and monitoring requirements, “know your customer” policies (including the requirement to establish the identity of beneficial owners), Embargo policies, record keeping requirements, the reporting of suspicious circumstances in accordance with relevant laws, and training.
PAYEER Limited has designated its Compliance Officer (CO) as its Anti-Money Laundering Program Compliance Person (AML Compliance Person), with full responsibility for the firm’s AML program. CO has a working knowledge of compliance requirements and its implementing regulations and is qualified by experience, knowledge and training. The duties of the AML Compliance Person will include monitoring the firm’s compliance with AML obligations, overseeing communication and training for employees. The AML Compliance Person will also ensure that the firm keeps and maintains all of the required AML records and will ensure that Suspicious transaction reports (STR) are filed with the Financial Intelligence Unit (FIU) when appropriate. The AML Compliance Person is vested with full responsibility and authority to enforce the firm’s AML program.
The firm will provide the Authorities with contact information for the AML Compliance Person, including: (1) name; (2) title; (3) mailing address; (4) email address; (5) telephone number; and (6) facsimile number. The firm will promptly notify the Authority of any change in this information and will review, and if necessary update, this information within 14 business days after the end of each calendar year. The annual review of FCS information will be conducted by CO and will be completed with all necessary updates being provided no later than 17 business days following the end of each calendar year. In addition, if there is any change to the information, CO will update the information promptly, but in any event not later than 30 days following the change.
This section underlines that “Countries should ensure that Money Laundering and Terrorism (Prevention) Act do not inhibit implementation of the FATF Recommendations.
Financial institutions should be prohibited from keeping anonymous accounts or accounts in obviously fictitious names.
Financial institutions should be required to undertake customer due diligence (CDD) measures when:
(i) establishing business relations;
(ii) carrying out occasional transactions (i) above the applicable designated threshold (USD/EUR 15,000);
or (ii) that are wire transfers in the circumstances covered by the Interpretive Note to Recommendation 16;
(iii) there is a suspicion of money laundering or terrorist financing;
or (iv) the financial institution has doubts about the veracity or adequacy of previously obtained customer identification data. The principle that financial institutions should conduct CDD should be set out in law. Each country may determine how it imposes specific CDD obligations, either through law or enforceable means. The CDD measures to be taken are as follows:
(a) Identifying the customer and verifying that customer’s identity using reliable, independent source documents, data or information.
(b) Identifying the beneficial owner, and taking reasonable measures to verify the identity of the beneficial owner, such that the financial institution is satisfied that it knows who the beneficial owner is. For legal persons and arrangements this should include financial institutions understanding the ownership and control structure of the customer.
(c) Understanding and, as appropriate, obtaining information on the purpose and intended nature of the business relationship.
(d) Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution’s knowledge of the customer, their business and risk profile, including, where necessary, the source of funds.
(i) Above the applicable designated threshold (USD/EUR 15,000); or (ii) that are wire transfers in the circumstances covered by the Interpretive Note to Recommendation 16;
(iii) There is a suspicion of money laundering or terrorist financing; or (iv) the financial institution has doubts about the veracity or adequacy of previously obtained customer identification data. The principle that financial institutions should conduct CDD should be set out in law. Each country may determine how it imposes specific CDD obligations, either through law or enforceable means.
The CDD measures to be taken are as follows:
(a) Identifying the customer and verifying that customer’s identity using reliable, independent source documents, data or information.
(b) Identifying the beneficial owner, and taking reasonable measures to verify the identity of the beneficial owner, such that the financial institution is satisfied that it knows who the beneficial owner is. For legal persons and arrangements this should include financial institutions understanding the ownership Financial institutions should be required to apply each of the CDD measures under (a) to (d) above, but should determine the extent of such measures using a risk-based approach (RBA) in accordance with the Interpretive Notes to this Recommendation and to Recommendation 1. Financial institutions should be required to verify the identity of the customer and beneficial owner before or during the course of establishing a business relationship or conducting transactions for occasional customers. Countries may permit financial institutions to complete the verification as soon as reasonably practicable following the establishment of the relationship, where the money laundering and terrorist financing risks are effectively managed and where this is essential not to interrupt the normal conduct of business.
Where the financial institution is unable to comply with the applicable requirements under paragraphs (a) to (d) above (subject to appropriate modification of the extent of the measures on a risk-based approach), it should be required not to open the account, commence business relations or perform the transaction; or should be required to terminate the business relationship; and should consider making a suspicious transactions report in relation to the customer. These requirements should apply to all new customers, although financial institutions should also apply this recommendation to existing customers on the basis of materiality and risk, and should conduct due diligence on such existing relationships at appropriate times.
Financial institutions should be required to maintain, for at least seven years, all necessary records on transactions, both domestic and international, to enable them to comply swiftly with information requests from the competent authorities. Such records must be sufficient to permit reconstruction of individual transactions (including the amounts and types of currency involved, if any) so as to provide, if necessary, evidence for prosecution of criminal activity. Financial institutions should be required to keep all records obtained through CDD measures (e.g. copies or records of official identification documents like passports, identity cards, driving licences or similar documents), account files and business correspondence, including the results of any analysis undertaken (e.g. inquiries to establish the background and purpose of complex, unusual large transactions), for at least seven years after the business relationship is ended, or after the date of the occasional transaction. Financial institutions should be required by law to maintain records on transactions and information obtained through the CDD measures. The CDD information and the transaction records should be available to domestic competent authorities upon appropriate authority.
Financial institutions should be required to apply enhanced due diligence measures to business relationships and transactions with natural and legal persons, and financial institutions, from countries for which this is called for by the FATF. The type of enhanced due diligence measures applied should be effective and proportionate to the risks. Countries should be able to apply appropriate countermeasures when called upon to do so by the FATF. Countries should also be able to apply counter measures independently of any call by the FATF to do so. Such countermeasures should be effective and proportionate to the risks. The above mentioned measures can also be applied to our industry as per the section 22 of INTERNATIONAL STANDARDS ON COMBATING MONEY LAUNDERING AND THE FINANCING OF TERRORISM & PROLIFERATION, the FATF Recommendations (February 2012)
Before final approval of a client, and on an ongoing basis, CO will check to ensure that a customer does not appear on the SDN list or is not engaging in transactions that are prohibited by the economic sanctions and embargoes administered and enforced by OFAC. (See the OFAC Web site for the SDN list and listings of current sanctions and embargoes). Because the SDN list and listings of economic sanctions and embargoes are updated frequently, we will consult them on a regular basis and subscribe to receive any available updates when they occur. With respect to the SDN list, we may also access that list through various software programs to ensure speed and accuracy including FINRA’s OFAC Search Tool that screens names against the SDN list. CO will also review existing accounts against the SDN list and listings of current sanctions and embargoes when they are updated and [he or she] will document the review.
If we determine that a customer is on the SDN list or is engaging in transactions that are prohibited by the economic sanctions and embargoes administered and enforced by OFAC, we will reject the transaction and/or block the customer's assets and file a blocked assets and/or rejected transaction form with OFAC within 10 days. We will also call the OFAC Hotline at (800) 540-6322 immediately. Our review will include customer corporate documents,accounts, transactions involving customers (including activity that passes through the firm such as wires).
In addition to the information we must collect under Anti-Money Laundering And Counter- Terrorism Financing Act No. 13 of 2014, Ministry of Finance; FINRA Rule 2010 (Standards of Commercial Honor and Principles of Trade) and Books and Records, we have established, documented and maintained a written Customer Identification Program (CIP). We will collect certain customer identification information from each customer who give us assets for management, utilize risk-based measures to verify the identity of each customer who opens an account; record customer identification information and the verification methods and results; provide the required adequate CIP notice to customers that we will seek identification information to verify their identities; and compare customer identification information with government-provided lists of suspected terrorists, once such lists have been issued by the government.
Prior to approving our services, CO will collect the following information for all customers, if applicable, for any person, entity or organization:
(1) the name;
(2) an address, which will be a residential or business street address (for an individual), an Army Post Office (APO) or Fleet Post Office (FPO) box number, or residential or business street address of next of kin or another contact individual (for an individual who does not have a residential or business street address), or a principal place of business, local office, or other physical location (for a person other than an individual);
If a potential or existing customer either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, our firm will not offer our services and, after considering the risks involved, consider closing any business with the client. In either case, our AML Compliance Person will be notified so that we can determine whether we should report the situation to FIU on a STR.
Based on the risk, and to the extent reasonable and practicable, we will ensure that we have a reasonable belief that we know the true identity of our customers by using risk- based procedures to verify and document the accuracy of the information we get about our customers. CO will analyze the information we obtain to determine whether the information is sufficient to form a reasonable belief that we know the true identity of the customer (e.g., whether the information is logical or contains inconsistencies).
We will verify customer identity through documentary means collected by us. We will use documents to verify customer identity when appropriate documents are available. In light of the increased instances of identity fraud, we will supplement the use of documentary evidence by using the non-documentary means described below whenever necessary. We may also use non-documentary means, if we are still uncertain about whether we know the true identity of the customer. In verifying the information, we will consider whether the identifying information that we receive, such as the customer’s name, street address, zip code, telephone number (if provided), date of birth and Social Security number, allow us to determine that we have a reasonable belief that we know the true identity of the customer (e.g., whether the information is logical or contains inconsistencies).
Appropriate documents for verifying the identity of customers include the following:
- For an individual, an unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard, such as a driver’s license or passport;
- For a person other than an individual, documents showing the existence of the entity, such as certified articles of incorporation, a government-issued business license, a partnership agreement or a trust instrument.
We understand that we are not required to take steps to determine whether the document that the customer has provided to us for identity verification has been validly issued and that we may rely on a government-issued identification as verification of a customer’s identity. If, however, we note that the document shows some obvious form of fraud, we must consider that factor in determining whether we can form a reasonable belief that we know the customer’s true identity.
We will use the following non-documentary methods of verifying identity:
- Independently verifying the customer’s identity through the comparison of information provided by the customer with information obtained from a consumer reporting agency, public database or other;
- Checking references with other financial institutions; or
- Obtaining a financial statement.
We will use non-documentary methods of verification when:
(1) the customer is unable to present an unexpired government-issued identification document with a photograph or other similar safeguard;
(2) the firm is unfamiliar with the documents the customer presents for identification verification;
(3) the customer and firm do not have face-to-face contact; and
(4) there are other circumstances that increase the risk that the firm will be unable to verify the true identity of the customer through documentary means.
PAYEER follows established bookkeeping and documentation standards.
We will document our verification, including all identifying information provided by a customer, the methods used and results of verification, and the resolution of any discrepancies identified in the verification process. We will keep records containing a description of any document that we relied on to verify a customer’s identity, noting the type of document, any identification number contained in the document, the place of issuance, and if any, the date of issuance and expiration date. With respect to non- documentary verification, we will retain documents that describe the methods and the results of any measures we took to verify the identity of a customer. We will also keep records containing a description of the resolution of each substantive discrepancy discovered when verifying the identifying information obtained. We will retain records made about verification of the customer's identity for seven years after the record is made.
At such time as we receive notice that a federal government agency has issued a list of known or suspected terrorists and identified the list as a list for CIP purposes, we will, within a reasonable period of time after entering into an agreement (or earlier, if required by another federal law or regulation or federal directive issued in connection with an applicable list), determine whether a customer appears on any such list of known or suspected terrorists or terrorist organizations issued by any federal government agency and designated as such by Treasury in consultation with the federal functional regulators. We will follow all directives issued in connection with such lists.
We will continue to comply separately with OFAC rules prohibiting transactions with certain foreign countries or their nationals.
We will provide notice to customers that the firm is requesting information from them to verify their identities, as required by law. We will use the following method to provide notice to customers: Email, Phone call or certified mail.
We may, under the following circumstances, rely on the performance by another financial
institution (including an affiliate) of some or all of the elements of our CIP with respect to
any customer that is entering into an agreement or similar business relationship with the
other financial institution to provide or engage in services, dealings or other financial
- when such reliance is reasonable under the circumstances;
- when the other financial institution is subject to a rule implementing the anti-money laundering compliance program requirements, and is regulated by a federal functional regulator; and
- when the other financial institution has entered into a contract with our firm requiring it to certify annually to us that it has implemented its anti-money laundering program and that it will perform (or its agent will perform) specified requirements of the customer identification program.
For customers that we have deemed to be higher risk, we will obtain the following
- the source of fund;
- the beneficial owners information;
- the customer’s (or beneficial owner’s) occupation or type of business; financial statements;
- banking references;
- domicile (where the customer’s business is organized);
- description of customer’s primary trade area and whether international transactions are expected to be routine;
- description of the business operations and anticipated volume of trading.
We will also ensure that the customer information remains accurate by following the established procedures of PAYEER.
Funds should only be accepted if they arrive by bank.
The amount of funds received should match exactly the amount invoiced to client;
The funds should come from a reputable bank;
The following issues should be given special attention and clarification obtained:
- Receipt of unexpected funds;
- Receipts of funds from a country on the non-compliant list;
- Receipts of funds which exceed the amount invoiced to the client;
- Receipt of funds from unknown sources;
We will monitor account activity for unusual size, volume, pattern or type of transactions, taking into account risk factors and red flags that are appropriate to our business. Monitoring will be conducted through the following methods: CO will be responsible for this monitoring, will review any activity that our monitoring system detects, will determine whether any additional steps are required, will document when and how this monitoring is carried out, and will report suspicious activities to the appropriate authorities.
We will conduct the following reviews of activity that our monitoring system detects: Complete Account Review. We will document our monitoring and reviews as follows: according to AML Compliance. The AML Compliance Person or his or her designee will conduct an appropriate investigation and review relevant information from internal or third- party sources before a STR is filed.
In situations involving violations that require immediate attention, such as terrorist financing or ongoing money laundering schemes, we will immediately call an appropriate law enforcement authority. If we notify the appropriate law enforcement authority of any such activity, we must still file a timely STR.
Although we are not required to, in cases where we have filed a STR that may require immediate attention by the FIU, we may contact the FIU.
Red flags that signal possible money laundering or terrorist financing include, but are not limited to:
• Provides unusual or suspicious identification documents that cannot be readily verified.
• Reluctant to provide complete information about nature and purpose of business, prior banking relationships, anticipated account activity, officers and directors or business location.
• Refuses to identify a legitimate source for funds or information is false, misleading or substantially incorrect.
• Background is questionable or differs from expectations based on business activities.
• Customer with no discernable reason for using the firm’s service.
• Reluctant to provide information needed to file reports or fails to proceed with
• Tries to persuade an employee not to file required reports or not to maintain required records.
• “Structures” deposits, withdrawals or purchase of monetary instruments below a certain amount to avoid reporting or recordkeeping requirements.
• Unusual concern with the firm’s compliance with government reporting requirements and firm’s AML policies.
• Wire transfers to/from financial secrecy havens or high-risk geographic location without
an apparent business reason.
• Many small, incoming wire transfers or deposits made using checks and money orders. Almost immediately withdrawn or wired out in manner inconsistent with customer’s business or history. May indicate a Ponzi scheme.
• Wire activity that is unexplained, repetitive, unusually large or shows unusual patterns or with no apparent business purpose.
• Physical certificate is titled differently than the account.
• Physical certificate does not bear a restrictive legend, but based on history of the stock and/or volume of shares trading, it should have such a legend.
• Customer’s explanation of how he or she acquired the certificate does not make sense or changes.
• Customer deposits the certificate with a request to journal the shares to multiple accounts, or to sell or otherwise transfer ownership of the shares.
• Transactions patterns show a sudden change inconsistent with normal activities.
• Unusual transfers of funds or journal entries among accounts without any apparent business purpose.
• Maintains multiple accounts, or maintains accounts in the names of family members or corporate entities with no apparent business or other purpose.
• Appears to be acting as an agent for an undisclosed principal, but is reluctant to provide information.
• Unexplained high level of account activity with very low levels of securities transactions.
• Funds deposits for purchase of a long-term investment followed shortly by a request to liquidate the position and transfer the proceeds out of the account.
• Law enforcement subpoenas.
• Large numbers of securities transactions across a number of jurisdictions.
• Buying and selling securities with no purpose or in unusual circumstances (e.g., churning at customer’s request).
• Payment by third-party check or money transfer without an apparent connection to the customer.
• Payments to third-party without apparent connection to customer.
• No concern regarding the cost of transactions or fees (i.e., surrender fees, higher than necessary commissions, etc.).
When an employee of the firm detects any red flag, or other activity that may be suspicious, he or she will notify. Under the direction of the AML Compliance Person, the firm will determine whether or not and how to further investigate the matter. This may include gathering additional information internally or from third-party sources, contacting the government, freezing the account and/or filing a STR.
TEXT EXAMPLE: We will file STR with FIU for any transactions (including deposits and transfers) conducted or attempted by, at or through our firm involving $15,000 or more of funds or assets (either individually or in the aggregate) where we know, suspect or have reason to suspect:
(1) the transaction involves funds derived from illegal activity or is intended or conducted in order to hide or disguise funds or assets derived from illegal activity as part of a plan to violate or evade federal law or regulation or to avoid any transaction reporting requirement under federal law or regulation;
(2) the transaction is designed, whether through structuring or otherwise, to evade any requirements of the IFSC regulations;
(3) the transaction has no business or apparent lawful purpose or is not the sort in which the customer would normally be expected to engage, and after examining the background, possible purpose of the transaction and other facts, we know of no reasonable explanation for the transaction; or
(4) the transaction involves the use of the firm to facilitate criminal activity.
We will also file a STR and notify the appropriate law enforcement authority in situations involving violations that require immediate attention, such as terrorist financing or ongoing money laundering schemes.
We will report suspicious transactions by completing a STR, and we will collect and maintain supporting documentation as required by the IFSC and FIU regulations. We will file a STR no later than 30 calendar days after the date of the initial detection of the facts that constitute a basis for filing a STR. If no suspect is identified on the date of initial detection, we may delay filing the STR for an additional 30 calendar days pending identification of a suspect, but in no case will the reporting be delayed more than 60 calendar days after the date of initial detection. The phrase “initial detection” does not mean the moment a transaction is highlighted for review. A review must be initiated promptly upon identification of unusual activity that warrants investigation.
We will retain copies of any STR filed and the original or business record equivalent of any supporting documentation for five years from the date of filing the STR. We will identify and maintain supporting documentation and make such information available to FIU, any other appropriate law enforcement agencies, federal or state securities regulators.
We will not notify any person involved in the transaction that the transaction has been reported, except as permitted by the IFSC and FIU regulations. We understand that anyone who is subpoenaed or required to disclose a STR or the information contained in the STR will, except where disclosure is requested by FIU, or another appropriate law enforcement or regulatory agency, or to provide any information that would disclose that a STR was prepared or filed. We will notify IFSC or FIU, or of any such request and our response.
Our firm prohibits transactions involving currency and has the following procedures to prevent such transactions: Paying from other peoples bank accounts or credit cards. If we discover such transactions have occurred, we will file with FIU for currency transactions that exceed $10,000. Also, we will treat multiple transactions involving currency as a single transaction for purposes of determining whether to file a STR if they total more than $10,000 and are made by or on behalf of the same person during any one business day.
Our AML Compliance Person and his or her designee will be responsible for ensuring that AML records are maintained properly and that STR is filed as required.
In addition, as part of our AML program, our firm will create and maintain FIU, IFSC and relevant documentation on customer identity and verification and funds transmittals. We will maintain FIU and their accompanying documentation for at least seven years. We will keep other documents according to existing laws and other recordkeeping requirements.
We will hold STR and any supporting documentation confidential. We will not inform anyone outside of FIU, or other appropriate law enforcement or regulatory agency about a STR. We will refuse any subpoena requests for FIU or for information that would disclose that a STR has been prepared or filed and immediately notify FIU, FinCEN of any such subpoena requests that we receive. We will segregate STR filings and copies of supporting documentation from other firm books and records to avoid disclosing STR filings. Our AML Compliance Person will handle all subpoenas or other requests for FIU. We may share information with another financial institution about suspicious transactions.
We shall retain either the original or a microfilm or other copy or reproduction of each of the following:
- A record of each extension of credit in an amount in excess of $10,000, except an extension of credit secured by an interest in real property. The record shall contain the name and address of the person to whom the extension of credit is made, the amount thereof, the nature or purpose thereof and the date thereof;
- A record of each advice, request or instruction received or given regarding any transaction resulting (or intended to result and later canceled if such a record is normally made) in the transfer of currency or other monetary instruments, funds, checks, investment securities or credit, of more than $10,000 to or from any person, account or place:
- A record of each advice, request or instruction given to another financial institution (which includes broker-dealers) or other person. Each document granting signature or trading authority over each customer's account;
- A record of each remittance or transfer of funds, or of currency, checks, other monetary instruments, investment securities or credit, of more than $10,000.
- A record of each receipt of currency, other monetary instruments, checks or investment securities and of each transfer of funds or credit, of more than $10,000 received on any one occasion directly and not through a domestic financial institution.
We will develop ongoing employee training under the leadership of the AML Compliance Person and senior management. Our training will occur on at least an annual basis. It will be based on our firm’s size, its customer base, and its resources and be updated as necessary to reflect any new developments in the law.
Our training will include, at a minimum: (1) how to identify red flags and signs of money laundering that arise during the course of the employees’ duties; (2) what to do once the risk is identified (including how, when and to whom to escalate unusual customer activity or other red flags for analysis and, where appropriate, the filing of FIU; (3) what employees' roles are in the firm's compliance efforts and how to perform them; (4) the firm's record retention policy; and (5) the disciplinary consequences (including civil and criminal penalties) for non-compliance with the FISC.
We will develop training in our firm, or contract for it. Delivery of the training may include educational pamphlets, videos, intranet systems, in-person lectures and explanatory memos. We will maintain records to show the persons trained, the dates of training and the subject matter of their training.
We will review our operations to see if certain employees, such as those in compliance, margin and corporate security, require specialized additional training. Our written procedures will be updated to reflect any such changes.
Employees will promptly report any potential violations of the firm’s AML compliance program to the AML Compliance Person, unless the violations implicate the AML Compliance Person, in which case the employee shall report to CO. Such reports will be confidential, and the employee will suffer no retaliation for making them.
The firm has reviewed all areas of its business to identify potential money laundering risks that may not be covered in the procedures described above.
Senior management has approved this AML compliance program in writing as reasonably designed to achieve and monitor our firm’s ongoing compliance with the requirements of the BSA and the implementing regulations under it.
NB This Compliance Manual is to be strictly adhered to by all Employees. Non- compliance with this Compliance Manual by any Employee shall result in disciplinary actions. There are no exceptions to this Compliance Manual without the prior written approval of the Compliance Officer. Any questions, comments or concerns regarding the Firm’s anti-money laundering policies, procedures and controls should be directed to the Compliance Officer.