Anti-Money Laundering and Counter Terrorism Financing Internal Policy and Procedure
Article 1. Introduction
The following policy (hereinafter – AML Policy) is based on the Law of Georgia ‘’on Facilitating the Suppression of Money Laundering and Terrorism Financing’’ (hereinafter – AML Law), ‘’Regulation on Approval of the Procedure of Identification and Verification of a Customer by Obliged Entity approved by N2 Order of the Head of the Financial Monitoring Service of Georgia dated June 5, 2020. The AML Policy entails rules and procedures on:
- - Customer Due Diligence;
- - Transaction monitoring;
- - Risk assessment and risk-based approach;
- - PEPs and sanctions;
- - Rights, duties and responsibility of Anti-Money Laundering Officer (hereinafter – AML Officer) and other employees involved in the monitoring process;
- - Record keeping;
Article 2. Definitions
The terms used in this document shall have the following meaning:
- a) Customer – a person who has account on the Company’s Website;
- b) Person – legal person;
- c) Identification – obtaining the identification data of a person that permits the Company to trace that person and distinguish from others;
- d) Verification – obtaining information/documentation that permits the Company to verify the accuracy of identification data and determining the identity of the beneficial owner;
- e) Transaction – an unilateral, bilateral or multilateral declaration of intent aimed at creating, changing or terminating legal relations, including distribution of profit, issuance of the property right;
- f) Location – a country or territory where a customer resides and/or is located;
- g) Suspicious Transaction – a transaction in relation to which there is a reasonable ground for doubt that it has been prepared, concluded or carried out based on proceeds of an illegal activity or for the purpose of money laundering, or that a transaction is connected to terrorism financing;
- h) Politically exposed Person – a natural Person set out in the Article 4 of this policy;
- i) List of sanctioned persons – the list of natural and legal persons subject to sanctions under UNSCR;
- j) UNSCR – a resolution of the United Nations Security Council concerning the prevention, detection, and suppression of financing of terrorism and proliferation of weapons of mass destruction adopted under Chapter VII of the Charter of United Nations;
- k) Money Laundering - is the illegal process of making large amounts of money generated by criminal activity. giving legal form to illegal income (purchase, use, transfer, or other action), and/or attempt to commit such action;
- l) Terrorism Financing - Collection or delivery of financial funds or other property with prior knowledge that they will be used or may be used in whole or in part by a terrorist or a terrorist organization and/or for carrying out terrorist activities and/or providing services to a terrorist or a terrorist organization with prior knowledge, harboring a terrorist or harboring and/or providing resources or other material support to a terrorist or terrorist organization
Article 3. Customer Due Diligence (CDD)
Customer due diligence (CDD) measures includes:
- - Standard Due Diligence, which comprises of Identification and Verification;
- - Enhanced Due Diligence, where applicable;
- - When establishing a business relationship with the Customer upon registration of the account;
- - When there are doubts about the veracity or adequacy of previously obtained Customer identification data;
- - To obtain and use the information to decide whether to keep engagement with a new Customer;
- - To actively use the information to facilitate the effective monitoring of Customer relationships for unusual and potentially suspicious activity;
3.1 Identification and Verification
Citypay LLC conducts Customer identification at the time of registration. In order to register Customer as a legal entity and open account on the Website, Customer (Legal entity) shall submit registration application online via Website, which include following information:
- - Extract from registry of Entrepreneurs and Non- Entrepreneurial legal entities;
- - Legal entity registration certificate (If any);
- - Certified Charter of a legal entity (If any);
- - Copy of the license document of the legal entity (If any);
- - Partner agreement and other related documentation (If any);
- - Document of redistribution of shares of a legal entity (If any);
- - In case of Georgian citizen – a passport, an ID card, a certificate of a compatriot residing abroad;
- - In case of foreign citizen – a residence card or a temporary identity card issued by Public Service Development Agency, International passport, other document permitted for crossing the customs border of Georgia according to Georgian legislation and/or based on an international agreement or a certificate of a compatriot residing abroad;
- - Name of the legal entity; - Date of registration of legal entity; - Legal address; - Identification number (If any); - Registration number (If any); - Legal form (If any); - Registration and foundation documentation of legal entity;
- - The identity of the directors and beneficial owners of the company;
- - Address of actual location;
- - Name and Surname;
- - Personal Number (If applicable);
- - Date of Birth;
- - Place of Birth;
- - Gender;
- - Country of Residency;
- - Legal and Physical Address;
- - Type of an identification document;
- - Number of an identification document;
- - Issuing date of an identification document;
- - Validity date of an identification document;
- - Issuing Country of an identification document;
- - Issuing authority of an identification document;
- - Full name of the employee who is responsible for the client;
- - Date of certification of copies;
- - Signature of the responsible employee;
- - The text "verified"
- - Field of activity of a legal entity;
- - The purpose and intended nature of establishing a business relationship with Citypay LLC;
- - Expected monthly turnover;
- - Whether the company`s beneficial owner/controlling head person/related person is a politically active person, a family member of a politically active person or a person in business relationship with a politically active person (PEP);
- - Full name of the employee who is responsible for the client;
- - Date of certification of copies;
- - Signature of the responsible employee;
- - The text "verified"
- - In order to verify the address, electoral lists, checking the place of registration on the website of the Public Service Development Agency;
- - Verification of legal entity status based on reliable sources;
- - Obtaining information on the property owned by the client from the real estate registry;
- - Verification of a person in the business register and, if necessary, requesting additional information;
- - Public Service Development Agency;
- - Real Estate Registry;
- - Electoral Lists;
- - Portal of entrepreneurs/ legal entities/individuals;
- - Business register databases of Georgia;
3.2 Ongoing Monitoring of activities
The company carries out monitoring of the Transactions and the business relationships to enable the detection of unusual or suspicious Transactions. For that purpose, company conducts on-going monitoring of activities on the transactions of the customers. Ongoing monitoring includes:
- - Studying the transactions carried out by the client and determining their compliance with the knowledge about the client;
- - keeping up-to-date information and records about the client, the purpose and intended nature of the business relationship;
- - Capturing information, when there is necessity of obtaining the information on source of funds and source of wealth;
- - Ensuring that documents, data or information held are kept up-to-date;
- - Reviewing customer information involves checking data against politically active and sanctioned person databases;
- - setting business limits / parameters regarding accounts or transactions that will trigger early warning signals and generate alerts for mandatory review;
3.3 Risk Assessment and Risk-based Approach
Citypay LLC uses a risk-based approach to each client, which involves assigning high and medium risk levels to clients. According to the risk, the company has standard and enhanced identification rules. The category of high-risk clients includes clients who meet one of the listed criteria:
- - Beneficial owner/controlling head person/related person of the company is a politically active person;
- - Beneficial owner/controlling head person/related person is a citizen of a high-risk country;
- - The company's field of activity is one of the activities specified in Annex N2;
- - The beneficial owner/controlling head person/related person is a citizen of Georgia and a person with a permanent or temporary residence permit of Georgia;
- - Access to the e-wallet of Citypay LLC is restricted from IP addresses of suspicious jurisdictions;
- - Legal entities registered in suspicious jurisdictions do not have the opportunity to establish business relations with Citypay LLC;
- - The daily withdrawal limit is set at 50,000 GEL
Article 4. Politically Exposed Persons (PEPs)
Politically Exposed Person shall mean a natural person who has been entrusted with prominent public or political functions (except for middle or low-ranking officials) and shall include:
- - Heads of State, heads of government, members of government (ministers) and deputies, heads of government institutions;
- - Members of legislative bodies (parliament);
- - Heads and members of governing bodies of political parties;
- - Members of supreme courts, constitutional courts and other high-level judicial bodies, the decisions of which are not subject to further appeal, save in exceptional circumstances;
- - General auditors and deputies, members of courts of auditors;
- - Members of boards of central (national) banks;
- - Ambassadors;
- - High-ranking officers in defense (armed) forces;
- - Heads and members of governing bodies of state-owned enterprises;
- - Heads, deputies and members of governing bodies of international organizations;
- - Products intended to be used;
- - Field of activity;
- - Source of customer’s income;
- - Customer’s monthly income;
- - Understanding and documenting the nature and intended purpose of the business relationship;
- - Understanding and documenting the customer’s source of funds and source of wealth (e.g. salary and compensation from official duties and wealth derived from other sources);
- - Obtaining additional information on the customer, which is available through public databases;
- - Customer Media check;
- - Checking customer’s transactions (if any) – types of products, series of transactions, amounts of transactionsAs part of high-risk customer ongoing monitoring, AML officer takes below measures on an annual basis:
- - Completing initial risk assessment form;
- - Checking that identification document is up-to-date;
- - Analyzing information about customer, which is available through public databases;
- - Sending collected information/form/report to the CEO;
Article 5. Sanctions
In order to verify the status of users, Citypay LLC uses the United Nations Security Council's list of terrorists and persons supporting terrorism. The mentioned list is downloaded from the following website: United Nations Security Council Consolidated List | United Nations Security Council The company verifies the user's status in the lists of terrorists and supporters of terrorism during the registration process. If the client is found in the mentioned lists, the AML officer verifies the accuracy of the match based on reliable sources. If the user correctly matches the record, the registration process stops. In case the Customer has been false matched with the sanctioned list, the user can complete the registration process.
Article 6. Instruction on the Suspension of Implementation of the Transaction
There are the following criteria for determining a suspicious operation in Citypay LLC:
- - The customer expresses curiosity about the company's internal systems, control mechanisms and procedures;
- - The documentation presented by the client during the identification process causes suspicion;
- - The client offers different types of benefits to the employee of Citypay LLC in exchange for the financial operation;
- - authenticity of the presented identification data causes suspicion, verification is impossible;
- - authenticity of the submitted documentation causes suspicion, verification is impossible;
- - the behavior of the client, the purpose and intended character of the business relationship do not correspond to the information available to the company;
- - The amount of transactions performed by the client exceeds the daily limit determined by the policy, namely 50,000 GEL;
- - The withdrawal operation by the client is initiated by 10 or more transactions in 24 hours;
- - The field of activity declared by the client in the KYC form is high risk;
- - Beneficial owner is a politically exposed person;
- - In case the compny becomes aware of any suspicious transactions;
- - In situations where there is a suspicion of FT or that funds are proceeds of crime.
Article 7. Functions, Authority and Responsibility of AML Officer
On the basis of the order of the Director of Citypay LLC, AML Officer is assigned the following functions, obligations and responsibilities:
- - Develop Company’s AML/KYC/CTF regulation policies and procedures;
- - Develop the technical requirements for and implement AML software;
- - Participate in a new products/service implementation process at the company (study the new products/services from AML perspective);
- - Provide consultations to the company employees on AML matters;
- - Review and update AML policies and procedures to ensure the compliance with regulatory changes;
- - Conduct training for the staff involved in the AML process (once a year);
- - Manage AML compliance process;
- - Prepare periodic reports for the Company Management;
Article 8. Functions, Authority and Responsibility of Other Employees
All Citypay employees are obliged to get acquainted with this policy and comply with the requirements thereof. Monitoring process shall be conducted in a way that Customers do not become aware that their activities are subject to monitoring (by being considered as suspicious or otherwise). The employees do not have the right to disclose to Customers and to any other third parties the information on the undertakings described in this Policy, they are also prohibited to hide information on suspicious Transactions from AML Officer.
Article 9. Record Keeping
Upon performing CDD the Company should collect, analyze and store Customer data.Collection and processing of data for AML/CTF purposes should be limited to what is necessary for the purpose of complying with the applicable legislation and this Policy.Citypay LLC stores the following types of documentation electronically for a period of at least five (5) years:
- - Copies of documents and information required for the compliance with the CDD requirements as determined in the policy – from the termination of the business relationship with the Customer;
- - Information about operations (documents) for at least 5 years from the date of the operation or execution, unless another competent body requires storage for a longer period, additional period not exceeding five (5) years;
Anti-Money Laundering and Counter Terrorism Financing Internal Policy
Approved by Head of AML Department