Searching...

Know Your Customer (KYC) and Anti-Money Laundering (AML) Policy

Contents

Last Updated: December 10, 2024

1. INTRODUCTION

This Know Your Customer (KYC) and Anti-Money Laundering (AML) Policy (“Policy”) is established by Aegis Vault Ltd. (“Company,” “we,” “us,” or “our”), a company incorporated under the laws of the British Virgin Islands with registration number 2163500.

2. PURPOSE AND SCOPE

2.1 Purpose

This Policy aims to:

  • Prevent money laundering and terrorist financing
  • Comply with BVI financial regulations
  • Meet international compliance standards
  • Protect platform integrity
  • Maintain secure operations
  • Prevent sanctions violations
  • Mitigate financial crime risks

2.2 Scope

This Policy applies to:

  • All platform users
  • Platform transactions
  • Token-related activities
  • Associated services
  • Third-party service providers
  • Affiliated entities
  • Staff and contractors

3. REGULATORY FRAMEWORK

3.1 Compliance Requirements

We comply with:

  • BVI Financial Services Commission requirements
  • Financial Action Task Force (FATF) recommendations
  • International AML/CTF standards
  • Applicable sanctions regulations
  • FATF Travel Rule requirements
  • Global data protection regulations

3.2 Risk-Based Approach

We implement:

  • Risk assessment methodologies
  • Enhanced due diligence for high-risk customers
  • Continuous monitoring procedures
  • Regular risk reviews
  • Risk mitigation measures

4. CUSTOMER DUE DILIGENCE

4.1 Verification Levels

Level 1 – Basic Verification (Low Risk)

  • Full legal name
  • Date of birth
  • Residential address
  • Email verification
  • Phone verification
  • Transaction limits apply
  • Risk assessment scoring

Level 2 – Enhanced Verification (Medium Risk)

  • Government-issued ID
  • Proof of address
  • Source of funds declaration
  • Tax residence information
  • Employment information
  • Video verification
  • Enhanced transaction limits
  • Politically Exposed Person (PEP) screening

Level 3 – Institutional Verification (High Risk)

  • Corporate documents
  • Ownership structure
  • Ultimate beneficial owners
  • Board resolution
  • Corporate authority verification
  • Enhanced due diligence
  • Business activity verification
  • Relationship assessment

4.2 Required Documentation

Individual Users:

  • Valid government-issued ID (passport, national ID, driver’s license)
  • Recent utility bill or bank statement (less than 3 months old)
  • Selfie with ID documentation
  • Source of funds documentation
  • Tax residency declaration
  • Additional documentation as required

Corporate Users:

  • Certificate of incorporation
  • Register of directors
  • Register of shareholders
  • Constitutional documents
  • Ownership structure chart
  • UBO declarations
  • Corporate bank statements
  • Director and UBO verification documents
  • Business activity documentation

5. VERIFICATION PROCEDURES

5.1 Identity Verification

  • Document authenticity validation using AI technology
  • Biometric verification including liveness detection
  • Address confirmation through official databases
  • Digital footprint analysis
  • PEP and sanctions screening
  • Adverse media screening
  • Identity verification renewal requirements

5.2 Risk Assessment

We assess users based on:

  • Geographic location and jurisdiction
  • Transaction patterns and volumes
  • Source of funds and wealth
  • Business relationships and connections
  • Account activity patterns
  • Product and service usage
  • Delivery channel risks
  • Client business nature

6. ONGOING MONITORING

6.1 Transaction Monitoring

We monitor:

  • Transaction volumes and frequency
  • Pattern anomalies and deviations
  • High-risk indicators and red flags
  • Suspicious activities and behaviors
  • Cross-border transactions
  • Large value transactions
  • Complex transaction patterns
  • Unusual transaction timing

6.2 Periodic Reviews

  • Regular account reviews (risk-based frequency)
  • Risk reassessment and scoring
  • Document updates and renewal
  • Activity validation and analysis
  • Relationship review
  • Transaction pattern analysis
  • Enhanced due diligence reviews
  • Compliance assessment

7. PROHIBITED ACTIVITIES AND JURISDICTIONS

7.1 Prohibited Activities

  • Money laundering
  • Terrorist financing
  • Sanctions evasion
  • Fraudulent activities
  • Market manipulation
  • Tax evasion
  • Criminal activities
  • Unauthorized business activities

7.2 Restricted Jurisdictions

Services are not available to persons/entities in:

Comprehensively Sanctioned Countries:

  • Cuba
  • Iran
  • North Korea
  • Syria
  • Crimea, Donetsk, and Luhansk regions
  • Other sanctioned territories

High-Risk Jurisdictions:

  • FATF non-cooperative countries
  • Countries with inadequate AML/CTF controls
  • Jurisdictions under increased monitoring
  • Regions with significant criminal activity

8. REPORTING AND RECORD KEEPING

8.1 Suspicious Activity Reporting

  • Internal reporting procedures and timelines
  • External reporting obligations
  • Investigation protocols and standards
  • Documentation requirements
  • Confidentiality measures
  • Staff reporting obligations
  • Alert handling procedures
  • Investigation documentation

8.2 Record Retention

We maintain records for:

  • Customer identification (minimum 5 years)
  • Transactions (minimum 7 years)
  • Risk assessments
  • Suspicious activity reports
  • Compliance documentation
  • Training records
  • Audit trails
  • Investigation files

9. COMPLIANCE ORGANIZATION

9.1 Compliance Officer

Responsibilities include:

  • Policy implementation and oversight
  • Staff training and development
  • Monitoring oversight
  • Regulatory reporting
  • Process updates
  • Risk assessment
  • Audit coordination
  • Regulatory liaison

9.2 Training

  • Regular staff training programs
  • Compliance updates and briefings
  • Procedure reviews and updates
  • Best practice implementation
  • Testing and assessment
  • Specialized training for high-risk areas
  • Documentation of training
  • Competency evaluation

10. SANCTIONS COMPLIANCE

10.1 Screening Procedures

  • User screening against multiple sanctions lists
  • Real-time transaction screening
  • Ongoing monitoring and rescreening
  • List updates and implementation
  • Screening technology maintenance
  • False positive resolution
  • Hit investigation procedures
  • Documentation requirements

10.2 Blocked Transactions

We block transactions:

  • Involving sanctioned parties
  • From prohibited jurisdictions
  • With suspicious patterns
  • Without proper documentation
  • Exceeding risk thresholds
  • Failing compliance checks
  • Triggering red flags
  • Requiring enhanced review

11. INFORMATION SHARING

11.1 Internal Information Sharing

  • Between departments and teams
  • With compliance team
  • For risk assessment purposes
  • For investigation purposes
  • Through secure channels
  • With appropriate controls
  • Following need-to-know principles
  • With audit trails

11.2 External Information Sharing

  • With regulators and authorities
  • With law enforcement agencies
  • Between financial institutions
  • As legally required
  • Under information sharing agreements
  • Following privacy requirements
  • With appropriate safeguards
  • Through secure channels

12. POLICY UPDATES

12.1 Review and Updates

We may update this Policy:

  • For regulatory compliance
  • Following risk assessments
  • Based on best practices
  • As operations require
  • Following audit recommendations
  • After incident reviews
  • For technological advances
  • To address new risks

12.2 Communication of Updates

  • Staff notification and training
  • User communication
  • Documentation updates
  • Implementation timeline
  • Effectiveness monitoring
  • Feedback collection
  • Adjustment procedures
  • Review process
Updated on December 10, 2024