Last Update: [Insert Current Date]
KRYPTO KNIGHT LTD (“KRYPTO KNIGHT” or “Company“) is a registered Crypto Asset Service Provider (“CASP“) in Cyprus under registration number XXX. The Company is committed to the highest standards of Anti-Money Laundering (“AML“) and Countering the Financing of Terrorism (“CFT“) compliance. All employees, directors, officers, contractors, and consultants of the Company are required to adhere to these standards to prevent the misuse of its services for illicit activities.
Purpose
This document provides an overview of the Company’s AML/CFT compliance policies, procedures, and controls. It serves as a guide for partners, clients, vendors, contractors, employees, regulators, law enforcement, and other stakeholders. This policy is not exhaustive and should be read in conjunction with the Company’s detailed internal procedures.
This policy aligns with the provisions, requirements, and recommendations of:
- The Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007 (Law 188(I)/2007), as amended (“Law”)
- The Implementation of the Provisions of United Nations Security Council Resolutions (Sanctions) and of Decisions and Regulations of the Council of the European Union (Restrictive Measures) Law of 2016
- Guidance issued by the Financial Action Task Force (“FATF”) for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers
- Directives and Circulars issued by the Cyprus Securities and Exchange Commission (“CySEC”) relating to AML/CFT and CASPs
Regulatory Framework
KRYPTO KNIGHT operates under the laws of the Republic of Cyprus, a member of the European Union. Cyprus has implemented comprehensive AML/CFT legislation in line with EU Directives and international standards. As a registered CASP, KRYPTO KNIGHT is supervised by CySEC and is required to comply with all relevant laws and regulations.
The Company’s registration and authorization can be validated on the official website of CySEC.
Definitions
- Money Laundering involves:
- Conversion or Transfer: Converting or transferring property known to be derived from criminal activity, to conceal or disguise its illicit origin or to assist others in evading legal consequences.
- Concealment or Disguise: Hiding the true nature, source, location, disposition, movement, or ownership of property derived from criminal activity.
- Acquisition, Possession, or Use: Acquiring, possessing, or using property known to be derived from criminal activity.
- Participation and Assistance: Participating in or assisting the commission of any of the above actions.
Terrorist Financing is the provision or collection of funds with the intention or knowledge that they will be used to carry out terrorist activities as defined in national and international laws.
Risk-Based Approach and Risk Assessment
KRYPTO KNIGHT adopts a risk-based approach to AML/CFT compliance, which involves:
- Customer Risk Assessment: Evaluating the customer’s background, occupation, and transaction patterns.
- Geographical Risk Assessment: Considering the customer’s country of residence or operation, especially if it is a high-risk jurisdiction.
- Product/Service Risk Assessment: Assessing the risks associated with the Company’s products and services.
- Delivery Channel Risk Assessment: Evaluating the methods through which services are delivered, such as online platforms or intermediaries.
- Transaction Risk Assessment: Monitoring the size, frequency, and nature of transactions for unusual activity.
Risk assessments are periodically reviewed and updated based on ongoing monitoring and any new information obtained.
Compliance Officer
The Board of Directors appoints a dedicated Compliance Officer, responsible for:
- Implementing and overseeing AML/CFT policies and procedures.
- Acting as the liaison with CySEC and the Unit for Combating Money Laundering (“MOKAS”).
- Reporting directly to senior management and the Board of Directors.
- Having the authority, resources, and access to all necessary information to perform their duties effectively.
The Compliance Officer’s key duties include:
- Collecting and analyzing information related to unusual or suspicious transactions.
- Reporting any suspicions of money laundering or terrorist financing to MOKAS.
- Providing regular reports on compliance effectiveness to the Board.
- Ensuring all staff receive adequate AML/CFT training.
Policies, Procedures, and Controls
KRYPTO KNIGHT has established robust policies, procedures, and controls to mitigate AML/CFT risks, including:
- Customer Due Diligence (“CDD”): Procedures for identifying and verifying customers and beneficial owners.
- Enhanced Due Diligence (“EDD”): Additional measures for high-risk customers or transactions.
- Simplified Due Diligence (“SDD”): Reduced measures for low-risk scenarios, as permitted by law.
- Ongoing Monitoring: Continuous assessment of customer transactions and activities.
- Record-Keeping: Maintaining detailed records in compliance with legal requirements.
- Reporting Procedures: Clear processes for reporting suspicious activities to MOKAS.
- Employee Training: Regular training programs to ensure staff are aware of AML/CFT obligations.
- Internal Audit: Periodic reviews to assess the effectiveness of AML/CFT measures.
Customer Due Diligence (CDD)
Identification and Verification
The Company collects and verifies the following information before establishing a business relationship:
Individuals:
- Full name
- Date and place of birth
- Nationality
- Residential address
- Identification document (e.g., passport, national ID)
Legal Entities:
- Legal name
- Registered address
- Registration number
- Directors and shareholders
- Beneficial owners
Verification is conducted using reliable, independent sources, including government-issued documents and reputable databases.
Beneficial Ownership
KRYPTO KNIGHT identifies and verifies the beneficial owners of corporate clients to understand the ownership and control structure.
Purpose and Nature of Business Relationship
The Company gathers information on the intended purpose and nature of the business relationship to establish a customer profile.
Ongoing Monitoring
Transactions are monitored to ensure they are consistent with the customer’s profile and to detect any unusual or suspicious activity.
Simplified Due Diligence (SDD)
SDD measures may be applied when the risk of money laundering or terrorist financing is low, and is permitted by law. SDD may involve:
- Reduced frequency of customer updates.
- Simplified verification procedures.
- Less intensive ongoing monitoring.
- SDD is not permitted when there is a suspicion of money laundering or terrorist financing.
Enhanced Due Diligence (EDD)
- EDD measures are applied in high-risk situations, including:
- Customers from high-risk third countries identified by the EU.
- Politically Exposed Persons (PEPs) and their associates.
- Complex or unusually large transactions.
EDD measures include:
- Obtaining additional customer information.
- Enhanced scrutiny of transactions.
- Senior management approval for establishing or continuing the business relationship.
Politically Exposed Persons (PEPs)
Definition
A PEP is an individual entrusted with prominent public functions, including:
- Heads of state or government.
- Senior politicians.
- Senior government, judicial, or military officials.
- Senior executives of state-owned corporations.
- Important political party officials.
Identification and Measures
The Company takes reasonable measures to determine if a customer or beneficial owner is a PEP, a family member, or a close associate. EDD measures are applied, including:
- Senior management approval before establishing a relationship.
- Establishing the source of wealth and funds.
- Enhanced ongoing monitoring.
Sanctions Screening
KRYPTO KNIGHT screens customers and transactions against relevant sanctions lists, including:
- United Nations Security Council Sanctions List
- European Union Consolidated Sanctions List
- Office of Foreign Assets Control (OFAC) Sanctions List
- UK HM Treasury Sanctions List
- Business relationships with sanctioned individuals or entities are prohibited.
Suspicious Activity Reporting
Internal Reporting
Employees must report any knowledge or suspicion of money laundering or terrorist financing to the Compliance Officer immediately.
External Reporting
The Compliance Officer evaluates internal reports and, if necessary, submits a Suspicious Transaction Report (STR) to MOKAS without delay.
Confidentiality and Tipping Off
It is illegal to inform (“tip off”) any person that:
- A suspicion has been reported internally or to MOKAS.
- An investigation is being or may be conducted.
Record-Keeping
The Company maintains records for at least five years from the end of the business relationship or the date of the occasional transaction, including:
- Customer identification documents.
- Transaction records.
- Correspondence and communication records.
Records are kept securely and are accessible only to authorized personnel.
Data Protection
KRYPTO KNIGHT processes personal data in compliance with the General Data Protection Regulation (GDPR) and national data protection laws. Personal data collected for AML/CFT purposes is used solely for that purpose and is not further processed in a way incompatible with those purposes.
Employee Training
The Company provides regular training to ensure employees:
- Understand their legal obligations under AML/CFT laws.
- Recognize signs of money laundering and terrorist financing.
- Know the internal reporting procedures.
Training is updated to reflect changes in legislation, regulations, and industry best practices.
Internal Audit and Compliance Monitoring
An independent audit function assesses the effectiveness of the Company’s AML/CFT policies and procedures. Findings are reported to senior management, and corrective actions are implemented as necessary.
Cooperation with Authorities
KRYPTO KNIGHT cooperates fully with CySEC, MOKAS, and other relevant authorities. This includes:
- Responding promptly to requests for information.
- Allowing inspections and audits.
- Notifying authorities of any significant compliance issues.
For official requests, please contact the Compliance Officer at [insert contact information]. Note that international requests may require formal procedures, such as a Mutual Legal Assistance Treaty (MLAT).
Policy Review
This policy is reviewed at least annually or when significant changes occur in relevant laws, regulations, or business operations. Updates are approved by the Board of Directors of the Company.