1. Risk Assessment covering all aspects of the business activity in accordance with regulation 18 of the MLRs.
Bitcoin4Card shall take a high risk-based approach in monitoring the financial activities of its clients. This will be carried out whilst preparing the accounts, tax returns, or conducting any other business with the client.
The business will actively not accept high-risk clients that are identified as the following:
• Clients with businesses that handle large amount of cash (i.e. involving €15,000 euros or more, or the sterling equivalent) or complex unusually large transactions.
• Clients with larger one-off transactions, or a number of transactions carried out by the same customer within a short space of time.
• Clients with complex business ownership structures with the potential to conceal underlying beneficiaries.
• Clients based in, or conducting business in, or through a high-risk jurisdiction, or a jurisdiction with known higher levels of corruption, organised crime, and drug production/distribution.
• Situations where the source of funds cannot be easily verified.
• Unusual patterns of transactions that have no apparent economic or visible lawful purpose.
• Money sent to, or received from areas known to have high levels of criminality or terrorist activity.
The business will conduct ongoing monitoring of business relationships with customers, to ensure that the documents provided, and the date or information held evidencing the customer’s identity are kept up to date.
The following are examples of changes in a client’s situation that may be considered suspicious or high risk:
• A sudden increase in business from an existing customer;
• Uncharacteristic transactions which are not in keeping with the customer’s known activities;
• Peaks of activity at particular locations, or at particular times;
• Unfamiliar, or untypical types of customer, or transaction.
Whenever there is cause for suspicion, the client will be asked to identify and verify the source or destination of the transactions, whether they are individuals or company beneficial owners.
No action will need to be taken, if there is no cause for suspicion.
2. Policies and Procedures.
Policy, rules and guidance for every aspect of the businesses activities including KYC/AML policy in accordance with the regulation 19 of the MLRs.
This is the Anti-Money Laundering (AML) Policy and Procedures adopted by Bitcoin4Card in compliance with The Money Laundering, Terrorist Financing, and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR). As used in this AML Policy, “Bitcoin4Card”, “we”, “us” or “our” refers to B4C LTD, registered within the England and Wales Companies Registrar under the number 11978690, with its registered address at 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ. B4C LTD is a data controller under this AML Policy, which sets out the manner in which the company, as a data controller, may use your Personal Data. The business will actively prevent and take measures to guard against being used as a medium for money laundering activities, terrorism financing activities, and any other activity that facilitates money laundering or the funding of terrorist or criminal activities.
To these ends:
• The identities of all new and existing clients will be verified to a reasonable level of certainty
• A risk-based approach will be taken to the monitoring of client Buying & Selling Crypto Currency affairs
• Any suspicious activity will be reported, and all AML activities recorded
• (email@example.com) will act as the Money Laundering Reporting Officer (MLRO) to coordinate the AML policies and procedures of the business.
• All staff that meet or contact clients and potential clients of this firm, are required to acknowledge that the policy and procedures have been read and understood before meeting or contacting clients.
3. Due Diligence.
Due diligence procedures.
The business has established a Know-Your-Customer (KYC) and Know-Your-Business (KYB) policy to ensure that the identities of all new, and existing clients are verified to a reasonable level of certainty. This will include all individual clients, all directors and shareholders with a stake holding of 25% or more of client companies, all partners of client partnerships, and every board member of client charities.
Proof of Identity showing First & last name, Date of Birth, Date of issue & Expiry, and Document number.
List of acceptable documents:
• Current Valid Passport (Top and Bottom page)
• Current Valid UK/EU Driving License (Front and Back side)
• Current valid government issued identity card such as British Resident Permit (Front and Back side)
Electoral ID cards are not accepted.
Proof of Address showing First & last name, Address, and Date of issue
List of acceptable documents:
• Bank, credit card or mortgage statement dated within the previous three calendar months (either hard copy or electronic PDF statements are acceptable)
Statement may be in the joint name of the buyer and his/her partner.
• Utility (water, gas or electricity), telephone landline, broadband or TV license bill dated within the previous three calendar months (either hard copy or electronic PDF statements are acceptable)
• Council Tax bill dated within the previous six calendar months (either hard copy or electronic PDF statements are acceptable)
• HMRC Documentation dated within the previous three calendar months (PAYE Coding Notice / Tax Notification / Self-Assessment / Statement of Accounts / NI contributions bill)
Bank Account Verification
List of acceptable documents:
• For A Personal Bank Account
I. Bank statement showing Name, Account Number and Sort Code (either hard copy or electronic PDF statements are acceptable)
• For A Limited/LTD Business Bank Account
I. Company Name & Number that can be verified with the company house
II. Director or Owner listed with the company house
III. Bank statement showing Name, Account Number and Sort Code (either hard copy or electronic PDF statements are acceptable)
• For A Sole Trader Business Bank Account
I. Business Bank statement dated within the previous three calendar months showing the Business Name they are “Trading as” (either hard copy or electronic PDF statements are acceptable)
HMRC Documentation under the Business name dated within the previous three calendar months
4. Enhanced Due Diligence.
The MLRs (Regulation 33(1)) require firms to apply enhanced due diligence (EDD) and enhanced ongoing monitoring in a number of specified areas where a customer is identified as presenting a higher risk of money laundering or terrorist financing. This is in addition to the customer due diligence measures required under Regulation 28.
The business has established an Enhanced Due Diligence Know-Your-Customer (KYC) and Know-Your-Business (KYB) policy to ensure that the identities, and source of funds of all new, and existing clients are verified to an enhanced level when reaching certain levels of transactions. This will include all individual clients, all directors and shareholders with a stake holding of 25% or more of client companies, all partners of client partnerships, and every board member of client charities.
TIER 1: Individual EDD Transactions Above £8,000 Per Transaction, £15,000 Per Month, £80,000 Per Annum Compliance Review And Documention Required:
1. Valid (certified where not electronically verifiable) passport
2. Valid utility bill 3. Risk assessment, determine low, medium, high category
4. Risk assessment country
5. Proof of Source of Funds
TIER 2: High Networth Individual Above £40,000 Per Month, £300,000 Per Annum Compliance Review And Documention Required::
1. Valid (certified where not electronically verifiable) passport
2. Valid utility bill
3. Where the client is classified as high risk, three months’ bank statements
4. Risk assessment, determine low, medium, high category
5. Risk assessment country
6. Background searches (PEPs, Sanctions & Adverse Media)
7. Regular 6 month review
8. Proof of Source of Funds
9. Credit Checks
10. Occupation or business
TIER 3: Corporate Above £100,000 Per Month, £1,000,000 Per Annum Compliance Review And Documention Required::
1. Articles of incorporation
2. Memorandum of association
3. Copies of all directors passport (certified where not electronically verifiable) and utility bills
4. Copy of responsible Manager/appointed trader(s’) passport (certified if not EU) and utility bills
5. Last three month of company bank statement
6. Country of incorporation
7. Registered address
8. Business address
9. Name(s) and authorised signatories
10. Name(s) of beneficial owners 25% share holders
11. Pep and sanction checks for the director and corporate
12. Risk assessment, determine low, medium, high category
13. Risk assessment country
14. Transaction details inwards and outwards
15. Regular Transaction monitoring
16. Background searches (PEPs, Sanctions & Adverse Media)
17. Regular 6 month review
18. Audited accounts (where company meets audit requirement in their own country of registration)
Additonal checks may also be used, with some examples below,
When a user is Buying Cryptocurrency:
• Recorded Video Verification Using Skype or WhatsApp etc
When a user is Selling Cryptocurrency:
• Documents/Screenshots proving the source of their Crypto Currency.
PEPS (Politically exposed persons)
“Politically exposed persons” means natural persons who are, or has at any time in the preceding year, been entrusted with a prominent public function by a state other than the United Kingdom, a community institution or an international body, or a family member or known close associate of such a person. Individuals who have, or have had a high political profile, or hold, or have held public office, can pose as a higher money laundering risk to Bitcoin4Card, as their position makes them vulnerable to corruption. This risk also extends to members of their immediate families, and to known close associates. PEP status itself does not of course, in anyway incriminate individuals or entities. It may however, put a customer into a higher risk category. An individual is not considered to be a PEP, after he has left office for one year.
Enhanced Due Diligence Checks have been specifically designed for dealing with Politically Exposed Persons, high-risk or high-net worth individuals, and large transactions in general.
They take into consideration all relevant adverse information. Whether an official document, or something posted publicly on the Internet, any information that pertains to money laundering is thoroughly considered.
5. Transaction monitoring.
Policies and controls, in accordance with MLR Regulation 19(4) and 28(11), to identify and scrutinise complex transactions and ensure they are not facilitation money laundering, terrorist funding or other illegal activity.
The MLRO will regularly monitor the following procedures, to ensure they are being carried out in accordance with the AML policies and procedures of the business:
• Client identity verification;
• Reporting suspicious transactions;
• Record keeping.
The MLRO will also monitor any developments with the MLR, and the requirements of the MLR supervisory body.
Changes will be made to the AML policies and procedures of the business when appropriate, to ensure compliance is up to date.
A Suspicious Activity Report (SAR) will be made to the National Crime Agency (NCA) as soon as knowledge or suspicion arises, that criminal proceeds exist.
The MLRO will be responsible for deciding whether or not the suspicion of illegal activity is great enough to justify the submission of a SAR.
Further details on NCA and SARS can be found at http://www.nationalcrimeagency.gov.uk
Regulation 24 states that management is required to ensure all relevant members of staff have sufficient training in AML and CTF.
The training of staff is not applicable as the business only has one employee involved in ML compliance who is also the MLRO. All affected employees are provided with training that explains The Money Laundering, Terrorist Financing, and Transfer of Funds (Information on the Payer) Regulations 2017, The Proceeds of Crime Act 2002 and section 18 and 21A Terrorism Act 2000, and these affect the firm, its clients and its employees. All affected employees are trained on their responsibilities in relation to money laundering legislation, and are aware of how to identify and deal with transactions that may involve money laundering.
7. The Nominated Officer.
Cryptoasset firms are required to appoint a person to be responsible for MLRs compliance to monitor and manage compliance with policies, procedures and controls relating to AML and CTF (Regulation 21), and to act as the Nominated Officer under the Proceeds of Crime Act 2002 (Part 7). We expect them to have: i) the knowledge, experience and training, ii) level of authority and independence, and iii) sufficient access to resources and information to enable them to carry out this function.