AML/KYC POLICY

AML/KYC POLICY

Money Laundering is defined as:

1) The conversion or transfer of property derived from criminal activity or property obtained instead of such property, knowing that such property is derived from criminal activity or from an act of participation in such activity, for the purpose of concealing or disguising the illicit origin of the property or of assisting any person who is involved in the commission of such an activity to evade the legal consequences of that person’s actions;

2) the acquisition, possession or use of property derived from criminal activity or property obtained instead of such property, knowing, at the time of receipt, that such property was derived from criminal activity or from an act of participation therein; and

3) the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect to, or ownership of, property derived from criminal activity or property obtained instead of such property, knowing that such property is derived from criminal activity or from an act of participation in such an activity. Participation in, association to commit, attempts to commit and aiding, abetting, facilitating and counselling the commission of any of the activities referred to above is also considered money laundering. Terrorist Financing is defined as: The financing and supporting of an act of terrorism and commissioning thereof within the meaning of the Penal Code of Estonia.

All firms must adhere to the Money Laundering and Terrorist Financing Prevention Act of Estonia, and be aware of the guidance set down by the AML/CFT Committee, Financial Supervision Authority and Financial Intelligence Unit, and the recommendations from the Financial Action Task Force (FATF), an inter-governmental body whose purpose is the development and promotion of national and international policies to combat money laundering and terrorist financing.

This Policy covers the following areas:

▪ Internal Controls;

▪ Compliance Officer;

▪ Training;

▪ Customer Verification Procedures;

▪ Monitoring of Transactions; and

▪ AML Program Audit. Internal Controls We have designed a structured system of internal controls in order to comply with applicable AML/CFT laws and regulations, some of which are outlined in this Policy including, but not limited to:

▪ establishing customer's identity and verifying the information provided;

▪ establishing special regime for dealing with customers which are politically exposed persons (PEP);

▪ the identification of unusual activity and facilitating the reporting of suspicious activity (SAR); and

▪ record keeping of customer documentation and transactional history. Compliance Officer The Compliance Officer is the person, duly authorised by Payex, whose responsibility is to develop and enforce the effective implementation of the AML/CFT. The Compliance Officer is required to report any violations of the AML/CFT procedures and is responsible for collecting and filing SARs. Training All employees receive a full AML/CFT training, along with a job‐specific guidance. Training is conducted at least once every twelve (12) months to ensure that trainees are informed and act in compliance with all applicable laws and regulations. New employees receive relevant training within thirty (30) days of their start date. Training program is updated regularly to reflect current laws and regulations. Customer Verification Procedures Payex establishes its own customer verification procedures within the standards of AML/CFT frameworks. In order to open an account, customer’s identity and place of residence need to be verified and checked against sanctions and watch lists, including the Office of Foreign Assets Control (OFAC) and PEP list. In order to open an account for an individual customer, the following information needs to be verified:

▪ Email address;

▪ Mobile phone number;

▪ Full name;

▪ Date of birth;

▪ Proof of identity (government identity card, driver’s license, passport);

▪ Citizenship;

▪ Proof of residential address (utility bills, bank statement, official government letter); and

▪ Additional information or documentation, if requested. Monitoring of Transactions Payex uses customer transaction monitoring as a risk‐assessment and suspicious activity detection tool. If a transaction is inconsistent with a customer’s known personal activities or personal habits, this transaction may be considered suspicious. Data and transaction monitoring tools are used to identify uncommon patterns of customer’s activity. After review and investigation, it is Compliance Officer’s decision whether to file a SAR or not. Once a SAR is filed with a relevant agency, a copy of filing documentation is maintained onsite. SAR filing is confidential and only the Payex’s employees involved in the investigation and reporting process will be aware of its existence. All records are retained for no less than (5) years and are available upon official request by an authorized examiner, regulator, or law enforcement agency. AML Program Audit The Compliance Officer is responsible for conducting AML/CFT audit at least annually. In addition, annual independent test of the AML/CFT procedures is done by a third party. In order to achieve segregation of duties, the Compliance Officer is not responsible for such independent test.