Skip to main content

CoinVEX's AML/CFT Policy

CoinVEX
Updated

Dear Global CoinVEX Users,
Please carefully read CoinVEX's AML (Anti-Money Laundering) and KYC (Identity Verification) Policy.

CoinVEX's AML/KYC Policy and Procedures
This policy covers CoinVEX's Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) policies and procedures. This policy is for general information purposes only and is not legally binding on CoinVEX and/or any other person (natural or otherwise).

A. Principles and Methods of CoinVEX's AML/CFT Operations
CoinVEX is committed to supporting AML/CFT operations. In principle, we are committed to:

  • Conducting due diligence when dealing with our clients and natural persons appointed to act on behalf of our clients;
  • Developing business in accordance with high ethical standards and preventing, as far as possible, the establishment of any business relationships that are related to or could facilitate money laundering or terrorist financing;
  • We will assist and cooperate with relevant legal authorities to the greatest extent possible to prevent the threats of money laundering and terrorist financing.

B. CoinVEX's Risk Assessment and Risk Mitigation Approach
Risk Assessment
We anticipate that most of our clients will be retail clients, and as of the date of this policy issuance, we will primarily operate in the Republic of Seychelles.
In this regard, we will:
a. Document and/or collect documents concerning:

  1. The identity of our clients;
  2. The country or jurisdiction from which our clients originate or are located; and
    b. Ensure, based on our knowledge, skills, and capabilities, that our clients, their related persons, natural persons appointed to act on their behalf, and beneficial owners are assessed and screened with the assistance of designated individual and entity lists, which include (but are not limited to) the following categories:
  • Democratic People's Republic of Korea;
  • Democratic Republic of the Congo;
  • Iran;
  • Libya;
  • Somalia;
  • South Sudan;
  • Sudan;
  • Yemen;
  • UN1267/1989 Al-Qaida Sanctions List;
  • UN1988 Taliban Sanctions List;
  • Persons designated in Schedule 1 of the Terrorism (Suppression of Financing) Act (Chapter 325).

Risk Mitigation
If identified, we will not deal with anyone on the designated individual and entity lists.

C. Our Approach to New Products, Practices, and Technology
We shall provide appropriate advice regarding the identification and assessment of potential money laundering and terrorist financing risks arising from:

  • The development of new products and new business practices, including new delivery mechanisms;
  • The use of new or developing technologies for new and existing products.
    We will pay particular attention to any new products and new business practices, including new delivery mechanisms, as well as new or developing technologies that facilitate anonymity, such as: digital tokens that facilitate anonymity (whether they are security, payment, and/or utility tokens).

D. Our Customer Due Diligence (CDD) Approach
We will not open, maintain, or accept anonymous accounts or pseudonymous accounts.
If we have any reasonable grounds to suspect that a client's assets or funds are proceeds from drug trafficking or criminal conduct, we will not establish a business relationship with the client or conduct transactions for the client. We will file a Suspicious Transaction Report for such transactions and provide a copy to the relevant Financial Intelligence Unit.
We will perform Customer Due Diligence in the following situations:

  • When we establish a business relationship with any client;
  • When we conduct any transaction for a client with whom we have not established a business relationship;
  • When we facilitate or receive cryptocurrency via a transfer for a client with whom we have not established a business relationship;
  • When we suspect money laundering or terrorist financing;
  • When we doubt the veracity or adequacy of any information.
    When we suspect that two or more transactions are or may be related, linked, or are intentionally structured as smaller transactions to evade AML/CFT measures from a single larger transaction, we shall treat the transactions as a single transaction and aggregate their value to comply with AML/CFT principles.

Certification of Our Clients
We will certify each of our clients.
To certify our clients, we need to know at least:

  • Their full name, including aliases;
  • Their unique identification number (e.g., identification card number, birth certificate number or passport number, or in the case of a client that is not a natural person, their business registration number); or
  • Their registered address, or their registered business address (if applicable); if the registered address and business address are different, then their principal place of business; and
  • Their date of birth, incorporation, or registration; and
  • Their nationality or place of registration.
    If the client is a legal person, in addition to obtaining the relevant information mentioned above, we shall also ascertain its legal form, constitution, and the powers that regulate and bind the legal person; we will also identify its related parties (e.g., directors, partners, and/or persons with executive authority) by obtaining at least the following information for each related party:
  • Full name, including aliases; and
  • Unique identification number, e.g., the related party's identification card number, birth certificate number, or passport number.

Verification of Client Identity
We will use reliable, independent source data, documents, or information to verify the identity of our clients. If our client is a legal person or legal arrangement, we will use reliable, independent source data, documents, or information to verify the legal form, proof of existence, constitution, and the powers that regulate and bind the client.

Identification and Verification of the Identity of Natural Persons Appointed to Act
a. Client Representatives
If a client appoints one or more natural persons to represent them in establishing a business relationship with us, or if the client is not a natural person, we will:

  • Identify each natural person acting on behalf of the client or appointed to act on behalf of the client by obtaining the following information:
    • Their full name;
    • Their unique identification number;
    • Residential address;
    • Date of birth;
    • Nationality; and
  • Verify the identity of the aforementioned natural persons using reliable, independent source data or documents.
    We shall also verify the appropriate authority of each natural person appointed to act on behalf of our client by obtaining the following information:
  • Appropriate written evidence authorizing our client to appoint such natural persons;
  • A signature specimen for each natural person.
    If the client is a government entity, we will only obtain such information as may be necessary to confirm that the client is the government entity it claims to be.

Identification and Verification of Beneficial Owners
We will inquire whether there are beneficial owners related to the client.
If a client has one or more beneficial owners, we will identify the beneficial owner(s) and take reasonable measures to verify the identity of the beneficial owner(s) using relevant information or data obtained from reliable, independent sources. We should:
If the client is a legal person —

  • Identify the natural person(s) who ultimately own(s) the legal person (whether acting alone or jointly);
  • If there is doubt as to whether the natural person(s) who ultimately own(s) the legal person is the beneficial owner, or if no natural person ultimately owns the legal person, then identify the natural person(s) who ultimately control(s) the legal person or who exercise(s) ultimate effective control over the legal person (as applicable); and
  • If no natural person(s) is identified, then identify the natural person(s) holding the position of senior managing official(s) in such a legal person;
    If the client is a legal arrangement —
  • For a trust, specify the settlor, trustee, protector (if any), beneficiary, and any natural person exercising ultimate ownership, ultimate control, or ultimate effective control over the trust; and
  • For other types of legal arrangements, identify persons in equivalent positions.
    If our client is not a natural person, we will ascertain the nature of the client's business and its ownership and control structure.
    We would be required to confirm the identity of a client's beneficial owner if the beneficial owner is:
  • An entity listed on a stock exchange;
  • An entity listed on a stock exchange that is subject to regulatory disclosure requirements and adequate transparency requirements regarding its beneficial owners;
  • A financial institution;
  • A financial institution that complies with and is supervised for compliance with AML/CFT requirements consistent with FATF standards; or
  • An investment vehicle where the manager is a financial institution or is subject to AML/CFT requirements consistent with standards set by FATF;
    Unless we suspect the veracity of the CDD information, or suspect that our client, the business relationship with the client, or transactions conducted for the client may be related to money laundering or terrorist financing.
    We will also record the basis for our determination.

Information on the Purpose and Intended Nature of Business Relationships without Account Opening and Transactions*
When processing applications to establish a business relationship or conduct occasional transactions, we shall understand and, where appropriate, obtain information from the client concerning the purpose and intended nature of the business relationship or transaction.

Review of Transactions Conducted without Account Opening*
If we conduct one or more transactions (current transaction) for a client without opening an account, we will review transactions previously conducted by that client to ensure that the current transaction is consistent with our knowledge of the client, their business and risk profile, and source of funds.
When we establish a business relationship with a client, the payment service provider should review all transactions prior to establishing the business relationship to ensure that the business relationship is consistent with our knowledge of the client, their business and risk profile, and source of funds.
We will pay special attention to all complex, unusually large, or unusual patterns of transactions that are conducted without an account opening and have no apparent economic purpose. We will, to the extent possible, investigate the background and purpose of such transactions and document the findings so as to be able to provide such information to the competent authorities when needed.
To review transactions conducted without account opening, we will establish and implement appropriate systems and processes commensurate with the size and complexity of the payment service provider, to:

  • Monitor its transactions conducted without opening an account for a client; and
  • Detect and report suspicious, complex, unusually large, or unusual patterns of transactions conducted without an account.
    If there are reasonable grounds to suspect that a transaction conducted without opening an account for a client is related to money laundering or terrorist financing, and we consider it appropriate to proceed with the transaction, the payment service provider should verify and document the reasons for proceeding with the transaction.

Ongoing Monitoring
We will conduct ongoing monitoring of business relationships with clients. During the course of the business relationship with a client, we will scrutinize the operation of the client's account and review transactions throughout the course of the business relationship to ensure that the transactions are consistent with our knowledge of the client, their business and risk profile, and where appropriate, source of funds.
We will perform our risk mitigation measures if a transaction involves transferring cryptocurrency to or receiving cryptocurrency from the following entities:

  • A financial institution; or
  • A financial institution that complies with and is supervised for compliance with AML/CFT requirements consistent with FATF standards.
    We will pay special attention to all complex, unusually large, or unusual patterns of transactions conducted throughout the course of the business relationship that have no apparent economic or lawful purpose. We will, to the extent possible, investigate the background and purpose of such transactions and document the findings so as to be able to provide such information to the competent authorities when needed.
    For the purpose of ongoing monitoring, we will establish and implement appropriate systems and processes commensurate with the size and complexity of the payment service provider, to:
  • Monitor its business relationships with clients; and
  • Detect and report suspicious, complex, unusually large, or unusual patterns of transactions conducted throughout the course of the business relationship.
    We will ensure that the CDD data, documents, and information obtained regarding the client, natural persons appointed to act on behalf of the client, the client's related parties, and the client's beneficial owners remain relevant and up-to-date by reviewing existing CDD data, documents, and information, particularly for higher-risk categories of clients.
    If there are any reasonable grounds to suspect that an existing business relationship with a client is related to money laundering or terrorist financing, and we consider it appropriate to retain the client:
  • We will verify and document the reasons for retaining the client; and
  • The client's business relationship with us should be subject to corresponding risk mitigation measures, including enhanced ongoing monitoring.
    When we assess that a client or business relationship with a client is of higher risk, the payment service provider should apply enhanced CDD measures, including obtaining approval from our senior management to retain the client.

CDD Measures for Non-Face-to-Face Business Relationships or Non-Face-to-Face Transactions*
We will establish policies and procedures to address any specific risks associated with non-face-to-face business relationships with clients or non-face-to-face transactions conducted without opening an account for a client (non-face-to-face business contact).
We will implement the policies and procedures when establishing a business relationship with a client and when conducting ongoing due diligence.
Where there is no face-to-face contact, the payment service provider should perform CDD measures that are at least as rigorous as those required for face-to-face contact.
When a payment service provider initiates its first non-face-to-face business contact, the payment service provider should, at its own expense, engage an external auditor or an independent qualified consultant to assess the effectiveness of the policies and procedures, including the effectiveness of any technology solutions used to manage the risk of impersonation.
We will appoint an external auditor or an independent qualified consultant to assess the new policies and procedures and submit an assessment report to the Authority within one year of the implementation of the policy and procedure changes.

Reliance on Measures Performed by an Acquired Payment Service Provider
When we (the acquiring payment service provider) acquire the business, in whole or in part, of another payment service provider, we will perform measures on clients obtained through that business at the time of acquisition, unless the acquiring payment service provider:

  • Simultaneously acquires all corresponding customer records (including CDD information) and has no questions or doubts about the accuracy or adequacy of the information acquired; and
  • Has conducted due diligence and raised no questions concerning the adequacy of the AML/CFT measures taken by the acquired payment service provider in relation to the business or part of the business that the acquiring payment service provider is now acquiring, and documented this process.

Measures for Non-Account Holders*
If we conduct a transaction for any client with whom we have no other business relationship, we will:

  • Perform CDD measures as if the client had applied to the payment service provider to establish a business relationship; and
  • Record sufficient details of the relevant transaction to reconstruct it, including the nature and date of the transaction, the type and amount of currency involved, the value date, and details of the payee or beneficiary.

Timing of Verification
We will complete the verification of the identity of the client, natural persons appointed to act on behalf of the client, and the client's beneficial owners before:

  • The payment service provider establishes a business relationship with the client;
  • The payment service provider conducts any transaction for a client with whom a business relationship has not been established; or
  • The payment service provider facilitates or receives a digital payment token via a value transfer for a client with whom a business relationship has not been established.
    Our provider may establish a business relationship with a client before completing the verification of the identity of the client, natural persons appointed to act on behalf of the client, and the client's beneficial owners in the following circumstances:
  • It is essential not to interrupt the normal conduct of business operations to defer completion of the verification; and
  • The money laundering and terrorist financing risks can be effectively managed by the payment service.
    If we establish a business relationship with a client before verifying the identity of the client, natural persons appointed to act on behalf of the client, and the client's beneficial owners, we shall take the following measures:
  • Develop and implement internal risk management policies and procedures specifying the conditions for establishing such business relationships before verification of identity.
  • Complete the verification of identity as soon as reasonably practicable.

If Measures are Not Completed
If we are unable to complete the measures as required, we will not commence or continue a business relationship with any client, or carry out any transaction for any client.
If we are unable to complete these measures, the payment service provider should consider whether the circumstances are suspicious and whether it is necessary to file a Suspicious Transaction Report.
Completion of measures means that the payment service provider has obtained, screened, and verified (including delayed verification as described in paragraphs 6.43 and 6.44) all necessary customer identification information prescribed in paragraphs 6, 7, and 8, and the payment service provider has received satisfactory responses to all queries related to this necessary customer identification information.

Joint Accounts
For joint accounts, we will treat each and every one of the joint account holders as an individual client of the payment service provider and perform customer due diligence measures on them.

Screening
We shall screen clients, natural persons appointed to act on behalf of the client, the client's related parties, and the client's beneficial owners against sources of information relating to money laundering and terrorist financing and the lists and information provided by the Authority for the purpose of determining if there is any money laundering or terrorist financing risk concerning the client.
We will perform screening in the following situations and for the following persons:

  • When we establish a business relationship with a client (or as soon as reasonably practicable after establishing the business relationship).
  • Before we carry out any transaction for a client with whom a business relationship has not been established with the payment service provider.
  • Before we facilitate or receive digital assets via a value transfer for a client with whom we have no other established business relationship.
  • Periodically after we establish a business relationship with a client; and
  • When there is any change or update to:
    • The lists and information provided by the Authority to the payment service provider; or
    • Natural persons appointed to act on behalf of the client, its related parties, or beneficial owners.
      We will screen all value transfer originators and value transfer beneficiaries against the lists and information provided by the Authority for the purpose of determining if there is any money laundering or terrorist financing risk and record the results of all screenings.

E. Our Enhanced Customer Due Diligence Approach
Politically Exposed Persons (PEPs)
We shall use all reasonable means to determine whether a client, any natural person appointed to act on behalf of the client, any related party of the client, or any beneficial owner of the client or their family members or close associates is a Politically Exposed Person (PEP).
If a client or any beneficial owner of the client or their family members or close associates is determined by us to be a PEP, we shall, in addition to performing regular customer due diligence measures, perform at least the following enhanced due diligence measures:

  • Obtain approval from senior management to establish and continue the business relationship with the client.
  • Determine, through reasonable means, the wealth and source of funds of the client and any of their beneficial owners.
  • Enhance the monitoring of our business relationship with the client during the course of the business relationship. We will increase the level and nature of monitoring of any transactions that appear unusual.

High-Risk Categories
We recognize that circumstances where a client has or may have a higher risk of money laundering or terrorist financing include, but are not limited to, the following:

  • If a client or any beneficial owner of the client is from or located in a country or jurisdiction for which the FATF has called for countermeasures, the payment service provider should treat any business relationship or transaction with any such client as having a higher risk of money laundering or terrorist financing.
  • If a client or any beneficial owner of the client is from or located in a country or jurisdiction known to have inadequate AML/CFT measures as determined by the payment service provider itself or as notified to the payment service provider by the Authority or other foreign regulatory authorities, the payment service provider should assess whether any such client poses a higher money laundering or terrorist financing risk.
    We shall apply enhanced customer due diligence measures for clients that present a higher risk of money laundering or terrorist financing, or for any client that the Authority notifies us poses a higher risk of money laundering and terrorist financing.

F. Treatment of Bearer Negotiable Instruments and Cash Payment Limitations
We will not make any payment in the form of bearer negotiable instruments.
We will not make any payment in cash in the course of our business.

G. Value Transfer Approach (to be implemented when required)*
If we are an originator institution, we shall, before executing a value transfer:

  • Identify the originator and take reasonable measures to verify their identity (if such measures have not been taken previously).
  • Record full details of the value transfer adequately, including but not limited to the date of the value transfer, the type and value of the digital asset transferred, and the value date.
    If we are an originator institution, we shall include in the memorandum or payment instructions accompanying or related to the value transfer:
  • The originator's name.
  • The originator's account number (or a unique transaction reference number, where applicable).
  • The beneficiary's name.
  • The beneficiary's account number (or a unique transaction reference number, where applicable).

Value Transfers Exceeding a Specific Threshold
If we are an originator institution, for value transfers exceeding a specific threshold, we shall identify and verify the originator's identity, including in the memorandum or payment instructions accompanying or related to the value transfer and the following:

  • The originator's residential address; or
  • The originator's registered address or business address (if the addresses differ, also the principal place of business).
  • The originator's unique identification number; or
  • The originator's date and place of birth, and the registration or incorporation of the value transfer.
    We shall submit all information on the value transfer originator and value transfer beneficiary to the beneficiary institution immediately and in a secure manner, and record all such information. If we, as an originator institution, are unable to meet the requirement, we will not execute the value transfer.
    If we are a beneficiary institution, we shall take reasonable measures to identify value transfers lacking the necessary value transfer originator or value transfer beneficiary information.
    If we, as a beneficiary institution, pay the value of the transferred digital asset to the value transfer beneficiary in cash or cash equivalents, we shall identify and verify the identity of the value transfer beneficiary (if their identity has not been verified previously).
    We shall always review instances of missing value transfer originator or value transfer beneficiary information before executing a value transfer and document our follow-up measures.*
    If we are an intermediary institution, we will retain all information related to the value transfer.
    If we, as an intermediary institution, execute a value transfer to another intermediary institution or beneficiary institution, we shall provide the information accompanying that value transfer to that other intermediary institution or beneficiary institution immediately and in a secure manner.
    If we are an intermediary institution receiving a value transfer, we shall retain all information received from the originator institution or other intermediary institution for at least five years.
    We shall take reasonable measures to identify value transfers lacking necessary originator or beneficiary information during straight-through processing.

H. Record Keeping
We will retain appropriate records as required for at least 5 years.

I. Personal Data*
We will protect customers' personal data in the prescribed manner.

J. Suspicious Transaction Report (STR)
We will notify the relevant authorities and submit Suspicious Transaction Reports in accordance with the law. We will also maintain all records and transactions related to all such transactions and Suspicious Transaction Reports.

K. Our Compliance, Audit, and Training Policies
Among other measures, we will appoint an AML/CFT Compliance Officer at the management level, maintain independent audit capability, and take proactive measures to train our staff regularly on AML/CFT matters.

Enterprise-Wide Money Laundering/Terrorist Financing Risk Assessment
We will conduct an enterprise-wide money laundering/terrorist financing risk assessment in three phases:
Phase 1: Inherent Risk Assessment
We will assess the inherent risks relating to:

  • Customers or Entities: We should assess the customers and/or entities we deal with.
  • Products or Services: We should be mindful of who we provide over-the-counter cryptocurrency services to.
  • Geographic Scale: We shall not deal with customers on the designated individual and entity lists.

Phase 2: Assessment of Risk Control Measures
We will assess the risk control measures relating to the above. We will monitor and conduct enhanced due diligence on any and/or all customers that we deem suspicious.

Phase 3: Residual Risk Assessment
We will assess the residual risk after evaluating the risk control measures.

Related articles

Powered by Zendesk