BTCBoss AML/KYC Regulations
The Know Your Customer verification process (hereinafter referred to as the AML/KYC Regulations) contains rules that prevent and reduce the risk of the Service related to illegal money laundering. It contains incomplete information related to internal regulations. The client security service of the Service provides a full package of documents upon request.
The regulations of the Service regarding internal regulations and international governance include procedures and mechanisms that best prevent the legalization of funds, illegal activities, bribery, drug propaganda, the distribution of weapons of mass destruction, the sale of people, and also allow the implementation of the necessary measures in case of suspicious transactions of Users.
The AML/KYC procedure provides for the following actions:
- Appointment of employees responsible for anti-money laundering (AMLCO) compliance, as well as determining their obligations to record suspicious transactions conducted by users.
- Establishing the responsibilities of the administration and periodically providing data on the existing dangers of money laundering.
- Training of employees on mechanisms that prevent the legalization of finances.
- Documenting and updating the policy, all applicable measures that prevent the legalization of money.
- Creation of conditions for continuous consideration of the dangers associated with the legalization of money in the process of entrepreneurial activity.
- Notifying law enforcement of all suspicions.
- Instant response to law enforcement response.
Basic Principles of the AML/KYC Regulations
When a new User appears, before performing any kind of operations, it is necessary to perform several important actions:
- identify the client (KYC);
- record and monitor suspicious transactions;
- notify all personnel of their responsibilities and of all procedures implemented by the company;
- provide qualification training of personnel;
- incoming external requests to be addressed to AMLCO.
Client identification procedure
After receipt of documents containing data about a new User (individual or organization), they are carefully checked. Services of the Service are responsible for the correctness of the verification, despite the fact that the information comes from different places. The identification procedure is given special attention.
The data that verifies the User is collected, stored, transferred and protected in accordance with the Data Non-Disclosure Principles, consistent with the provisions of the GDPR.
An employee authorized to ensure the implementation of measures to prevent money laundering
AMLCO is responsible for complying with all regulations regarding KYC, specializes in the execution of specific tasks and has the ability to obtain the data necessary for work. AMLCO has people empowered to oversee compliance with the regulations.
AMLCO department email: [email protected] .
Process control system
Good governance is implemented by continuously checking for the existence of hazards related to money laundering and crime sponsorship.
AMLCO is responsible for maintaining and implementing ongoing controls on all transactions conducted by the Service.
Assessment of potential hazards
The service has the right to prescribe specific measures, use mechanisms that allow to correctly assess potential dangers, focus on areas that are most prone to money laundering and the spread of terrorism.
The main purpose of AMLCO is to continuously monitor and evaluate the results of the processes being implemented and the measures established by the Regulations.
Here, the following mechanism is used to identify the hazards described in the Regulations:
- Recognition that the dangers associated with the likelihood of money laundering procedures may differ depending on the types of services and monetary instruments, the state in which this occurs, the Users interacting with the Service.
- Allowing members of the Board of Directors to categorize Users by type of business and related hazards.
- Allowing the members of the Board of Directors to apply their mechanisms used to develop activities and management methods, based on the specific circumstances and features of the Service.
- Assistance in the formation of a more economical system.
- Assistance in the prioritization of certain procedures and responses to suspicious transactions when using the company"s services. They may be associated with the risk of money laundering and terrorist propaganda.
The mechanism, based on the assessment of the risks described in the Regulations, includes the most effective methods that identify potential risks associated with money laundering and the spread of crime.
In the event of sanctions being imposed on specific individuals or organizations, as well as on states on an intergovernmental scale, the Service ceases to cooperate.
States subject to restrictions
In the event that citizens live in states that are on the black list due to criminal activity or due to the provision of illegal services, the Service is prohibited from cooperating.
The general version of the Regulations prohibiting the legalization of money includes the entire list of such states. By making a request to BTCBoss, you can get acquainted with it. At the discretion of AMLCO, this list is updated periodically.
Policy of AML – virtual currency exchange platform btcboss.cc
The service provides an Internet service for the exchange of cryptocurrency btcboss.cc.
User - a person or organization to which the Service provides a certain list of services.
Legalization of money is the concealment of the real purpose of finances, the parties who receive them, their location, transfers and other rights when illegally receiving money or in the process of illegal activities in another state.
Sponsorship of illegal groups is carried out to order illegal operations subject to Criminal Liability.
Prohibitions of an interstate scale are penalties and sanctions implemented by the European Union, the UN, other companies or a state to maintain peace and prevent conflicts.
A person designated as politically vulnerable (PEP) is an individual who performs special functions in the state apparatus. For example, this is the president, prime minister, his deputy and other persons.
Local PEP - a person from the previous paragraph who has ever taken part in significant operations with the state apparatus in the state.
PEP family - husband / wife, children, parents of a person.
A PEP"s inner circle is a human partner or resident of a city who has a close official relationship with another native.
The AML provision is a characteristic of additional measures upon presentation and the desire to recognize an illegal income declaration.
This act was created taking into account the Regulations on AML and interstate bans for use within the country.
An act to ensure reliability within the Service in the process of checking cases related to the legalization of money in the implementation of non-standard operations.
It is necessary to instruct all personnel of the company on the basis of the law applicable in the detection of illegal transactions.
All applications of legal acts must be studied separately.
The Directorate is obliged to provide the rules to all employees of the Service.
All personnel are required to sign on familiarization with the rules.
Members of the Service must be personally responsible for all legal compliance.
User interaction and identification process
Members of the Service are required to apply the rules when cooperating with users.
The service does not cooperate with representatives of a private person.
User identification is carried out taking into account the following sections:
In order to carry out identification, you need a document and its copy with a photograph and information. For persons of the state in whose territory the service is provided, and non-residents, a civil passport, a foreign passport, a residence permit (residence permit), a driver"s license, a passport allowing entry into the country are required.
You must also provide information such as:
- FULL NAME;
- tax number, year, day, month and place of birth;
- document number, date of receipt, number of the local authority that issued it;
- address of the place of registration and residence;
- all contact information;
- the presence of PEP functions in a person;
- information about whether you are a family member or partner of a person with PEP functions.
Additional documentary data is required for identification:
- For persons residing in the country where the service is located - a civil passport, a foreign passport, a driver"s license, a residence permit. For non-residents - a foreign passport allowing entry into the territory of the state.
- Documents informing about the address of residence: utility bills, an extract from a banking institution, other documents containing the address. Their term should not exceed one quarter from the date of the request.
For legal entities, identification goes like this.
An extract from the Commercial Register is presented, the term of which is no more than three months from the date of the request. An apostille is placed on it.
Additionally, the following information is required:
- Registration number, date.
- Actual and legal addresses.
- Information about the authorized person, founders or beneficiary.
- All contact details.
All individuals related to the organization present passport data or documents from clause 3.3.
Hazards and level of controls
When establishing a relationship with a user of the Service, it is necessary to take into account the dangers of possible money laundering and the likelihood of financing illegal activities.
When checking, you need to consider:
- Location on a geographical map.
- Danger from the user himself.
- Expected user action.
The danger associated with geographical location is high when the user cooperates with such territorial areas in which:
- UN or EU sanctions imposed;
- no measures are taken to counteract the legalization of money;
- states are caught sponsoring terrorism with a high level of bribery.
Detailed data on high risk areas: http://www.fatf-gafi.org/countries/#high-risk .
The danger from the user is considered significant if:
- The citizen is a PEP, a member of his family or belongs to the immediate environment (this must be determined before the start of the interaction).
- The citizen is included in the list of the UN and the EU as unreliable and subject to sanctions. This information must be followed.
- The citizen is involved in operations related to the legalization of money.
The danger from procedures is considered high:
- If the settlement under the contract is carried out by a third party.
- The contract is drawn up without market or other justification.
- The list of real participants is not publicly available.
- Foreign exchange earnings come from various accounts.
- The amounts received by the user are not typical for him.
- Each transfer is accompanied by a cryptocurrency of various denominations.
User unreliability hazards score high when one of the causes is present.
The service does not provide services if:
- The person belongs to a high risk country http://www.fatf-gafi.org/countries/#high-risk .
- Financial sanctions are imposed on the person.
- A citizen is a PEP, a member of his family or belongs to the immediate environment.
- A person is suspected of money laundering, sponsoring illegal activities (or has had such cases in the past).
If a case from paragraph 4.7 is identified, appropriate measures are taken.
Identification of digital risks
Hazards directly related to technology and the IT industry:
- Providing valuable data.
- Submission of initially incorrect information.
- Introduction of viruses and carrying out cyberattacks.
- Dangers in the operation of systems associated with information.
To reduce the dangers, the Service personnel must:
- Use only internal servers.
- Use software with legal and approved content.
- Use the methodology approved by the Service.
To reduce the risk of receiving incorrect information:
- Personal information is confirmed at a personal meeting, online or in the manner selected by the Service.
- If the user is suspicious, a request for supporting documents is made.
To reduce the risk of hacker attacks:
- It is necessary to continuously check the system for risky operations.
- Conduct an assessment of the level of reliability.
- Use software with continuous updates and antivirus programs.
Reducing risks while working with information is possible if:
- Use protective network programs.
- The main computer will be separate.
- Pass PCI/DSS certification.
- Annually train personnel in the field of information security.
Using due diligence
It is important to pay attention to users who are suspected of carrying out operations related to money laundering and sponsoring illegal activities. These are transactions that are unusual in nature, have complex mechanisms and do not have a financial purpose.
For this use:
- User identification, having all documents available, by personal presence or online communication.
- Beneficiary control.
- Analysis of official activity.
- Continuous tracking of transactions and relationships, conducting periodic reviews of all information, requesting confirmation of the source of income.
Due diligence reveals documented facts. If it is impossible to obtain the original, a copy of the documents is taken, certified by a notary"s seal, confirming its authenticity. In case of doubt, the original document must be checked and analyzed.
The data for verification is taken from the registry. In the case of identification in another state, it is obliged to take all measures to ensure security and compliance with AML / KYC.
Checks are carried out before the start of interaction.
The user is identified at the initial stage of interaction. If there is suspicion, prompt action is taken before the transaction.
All agreements are confirmed by signatures certifying the truth of data and documents.
Conducting a full due diligence
The full version is used in such situations:
- If the information came from a place where the user cannot be.
- The verification turned out to be doubtful, there is no way to identify the user or the beneficiary.
- The risk of money laundering or sponsoring illegal activities is too high.
Employees can use one of the following activities to check:
- Verification of information using the registry of a bank operating in a country where AML rules apply, if the user"s identity is associated with this company.
- The use of electronic receipt of information to verify its truth. It must be notarized and authenticated.
- Transfer of the amount to the account of the participant of the agreement through the bank, of which he is a client, in a country where the provisions of AML / KYC are in force.
Conducting a PEP check
Before the start of official interaction, the user is required to fill out a form with the required fields in order to verify the data.
The user must enter information about whether he is a PEP or a person connected in any way with him.
In the case of PEP involvement in the user, data about him are indicated.
Information about PEP is checked against public sources, for example: https://namescan.io/FreePEPCheck.aspx .
Verification of the person who is sanctioned at the intergovernmental level
Entering the official interaction, the user enters into certain forms all the information that will be used for verification.
Based on this information, the employee checks for interstate sanctions.
Check in case of suspicion of money laundering
Situations in which suspicion may arise, as well as reasons for paying special attention to the user.
Signs of suspicion:
- Inconsistency in the appearance, behavior and nature of the transaction.
- A person without the help of a third party cannot sign a document.
- The man was suspected of fraud.
- A person is not able to justify the need for operations.
- Non-standard cash transactions.
- There are many small or large transactions that are not related to human activities.
- Cryptocurrency is transferred to another account or to another country.
- The person does not provide explanatory information on the operation.
- A large number of cryptocurrencies are exchanged, if this is not characteristic of the characteristics of the activity.
- The person is not identified, does not provide any information.
- There were attempts to carry out an invalid operation.
- When concluding long-term contracts, a person requires only cash payments.
- There are suspicions of activities carried out in the interests of an outsider.
- A person is trying to conduct settlement transactions with cash in amounts exceeding 10,000 euros or equivalent to this value.
- Multiple payments in excess of EUR 10,000 or its equivalent.
- The bank, located in a country where there is no taxation, assisted in the settlement.
Refusal to sign the contract and carry out the operation
The Service does not conclude a contract if:
- The person has not reached adulthood.
- A person is a representative of a private person.
- The person refuses to submit the documents from paragraph 3 or provides less information than required.
- The man was suspected of provocative actions.
- The man filed documents confirming the company"s suspicion that he was engaged in illegal activities.
- Sanctions of an interstate character have been imposed on the person.
- The person belongs to or is a PEP.
- Person refers to a person who is suspected or caught in illegal operations.
- A person is associated with a citizen of a country that is characterized by certain risks for the Service: http://www.fatf-gafi.org/countries/#high-risk .
Collection, protection and security of information
Having started the operation, the Service employee is obliged to register for the following positions:
- Personal data from point 3.
- The date and period for which the transaction is concluded.
- Deciphering the essence of the operation.
- Information about the refusal to register a relationship or agreement on the part of the company.
- Information about the refusal to cooperate or conduct an operation on the part of the user.
- Information about the termination of cooperation along with the inability to conduct a legal check.
- A transaction for the exchange of cryptocurrency for currency, the final amount in cash and the amount received according to the exchange rate.
- Cryptocurrency exchange rate to another kind of digital currency, value and exchange rate.
If you open an account in digital currency, you must specify its type.
For five years, the Service must keep the following documents after the completion of cooperation:
- Verification and identification information.
- Exchange of written messages with the user.
- Data on transactions in the process of monitoring activities.
- Data on the presence of unusual and suspicious transactions.
- All documents on operations and procedures.
The Service staff is obliged to use the data protection rules when collecting and storing them. You can process them only if you suspect the presence of fraudulent activities.
Money Management Alert
In case of detection of fraudulent activities or suspicion of them, it is necessary to transfer information to the MLRO (Money Laundering Reporting Officer).
The user is not informed of the fact of information transfer to MLRO.
The MLRO employee is obliged to provide copies of the documents on the basis of which the conclusion was made, and documents reflecting the essence of the transaction.
Conducting internal monitoring and staff training
Compliance with the AML rules is controlled and managed by the Directorate of the Service.
Hazard assessment and user testing is carried out only by trained personnel.
Work and processes are carried out by employees under the control of the directorate.
The Directorate is responsible for organizing staff training.
The staff is obliged to independently monitor the amendments to the regulations and study them.
Training must be carried out at least once a year.