KYC/AML Policy
1. Introduction
This Know Your Customer (KYC) and Anti-Money Laundering (AML) policy outlines the procedures and controls implemented by Moneywheel Research Zrt to prevent, detect, and report money laundering activities and the financing of terrorism in accordance with relevant laws and regulations. This policy also integrates compliance with the General Data Protection Regulation (GDPR) to ensure that customer data is handled securely.
2. Purpose
The purpose of this policy is to:
•Prevent Moneywheel Research Zrt (including it’s UltraFX hosting service), from being used to facilitate money laundering or terrorism financing.
•Ensure compliance with applicable KYC, AML, and Counter-Terrorism Financing (CTF) regulations.
•Ensure that Moneywheel Research Zrt. adheres to GDPR data protection regulations.
•Establish clear internal procedures for identifying and verifying customers using ARGOS Identity’s solutions.
•Detect suspicious activities and report them in a timely manner to the relevant authorities.
3. Scope
This policy applies to all customers (individuals, entities, and businesses) engaging with Moneywheel Research Zrt to conduct payments or financial transactions. It covers both new customer onboarding (KYC) and ongoing monitoring of customer transactions to ensure compliance with AML regulations and protection of personal data under GDPR.
4. Customer Identification and Verification (KYC)
A. Customer Due Diligence (CDD)
• Identification: Customers must provide valid identification documents (e.g., passport, national ID, or driver’s license) as part of the onboarding process.
• Verification: All information provided by the customer, including their identity and address, must be verified through reliable, independent sources, which include ARGOS Identity’s advanced facial recognition and database matching technology.
B. Enhanced Due Diligence (EDD)
• For higher-risk customers, additional verification procedures must be implemented, including but not limited to:
o Obtaining additional documentation for proof of source of funds.
o A more thorough investigation of the customer’s business and financial activities.
o Periodic review and updates of the customer’s risk profile.
C. Beneficial Ownership
• For corporate customers, the identity of the beneficial owners (individuals owning or controlling 25% or more of the entity) must be identified and verified.
D. Politically Exposed Persons (PEPs)
• Customers who are classified as PEPs (i.e., individuals who hold or have held prominent public functions) or their close family members and associates are subject to enhanced scrutiny and monitoring.
5. Ongoing Monitoring and Reporting
A. Transaction Monitoring
• Real-time Monitoring: All transactions must be monitored for suspicious activity, including large or complex transactions, unusual patterns, or transactions inconsistent with the customer’s profile.
• Threshold Monitoring: Set thresholds for certain types of transactions that trigger alerts for further review (e.g., international transfers, high-value deposits/withdrawals).
B. Suspicious Activity Reporting (SAR)
• If any suspicious transaction or activity is detected, a Suspicious Activity Report (SAR) must be filed with the appropriate regulatory authority (e.g., Financial Intelligence Unit).
•Transactions linked to terrorism financing, fraudulent activity, or money laundering should be reported immediately.
C. Recordkeeping
•All customer identification documents and transaction records must be maintained for a minimum of five years from the date of the last transaction or customer relationship.
6. GDPR Compliance
A. Data Protection Principles Billingo is committed to adhering to the General Data Protection Regulation (GDPR). All personal data will be processed in a transparent, lawful, and secure manner. Data will only be collected for legitimate purposes, and its use will be limited to KYC/AML compliance and operational needs.
B. Data Subject Rights
•Right to Access: Customers have the right to request access to their personal data and receive information about how it is processed.
•Right to Rectification: Customers have the right to request corrections to their personal data if it is inaccurate or incomplete.
•Right to Erasure: Customers may request deletion of their personal data, subject to the retention requirements outlined in this policy.
• Right to Restriction of Processing: Customers can request that processing be limited in certain circumstances.
•Right to Object: Customers can object to the processing of their data in specific situations, particularly for marketing purposes.
C. Data Security
•All personal data will be stored securely, using encryption and other appropriate technical and organizational measures to protect data against unauthorized access, alteration, or destruction.
• Regular security audits will be conducted to ensure compliance with GDPR requirements.
D. Data Transfers
• If customer data is transferred outside the UK or European Economic Area (EEA), appropriate safeguards such as standard contractual clauses will be implemented to ensure adequate protection of the data.
7. AML Risk Assessment
A. Risk-Based Approach
•Billingo will assess the risks associated with customers based on factors such as:
oCustomer location (high-risk jurisdictions).
oType of transactions (cross-border, high-value, etc.).
oBusiness activity and industry sector (e.g., gaming, high-risk industries).
•Based on this risk assessment, customers will be classified into risk categories (low, medium, high), and enhanced due diligence will be applied to higher-risk customers.
B. Ongoing Risk Assessment
•Risk assessments will be reviewed periodically and whenever there are significant changes to a customer’s profile, business activities, or transaction behavior.
8. Training and Awareness
A. Employee Training
•All employees, particularly those involved in customer onboarding, transaction monitoring, and compliance, must undergo regular training on KYC/AML procedures, GDPR, and the specific tools provided by ARGOS Identity.
•Training should cover identifying red flags for suspicious activity, understanding regulatory requirements, and handling customer data securely.
B. Compliance Officer
• A designated Compliance Officer is responsible for overseeing KYC/AML procedures, ensuring compliance with regulatory requirements, including GDPR, and reporting suspicious activities to the appropriate authorities.
9. Reporting and Cooperation with Authorities
A. Cooperation with Law Enforcement
• Moneywheel Research Zrt will cooperate with law enforcement agencies and regulatory bodies in investigations related to money laundering, fraud, and terrorism financing.
• Moneywheel Research Zrt will provide requested information and reports in accordance with local and international regulations.
B. Periodic Audits
•
Internal audits of KYC/AML practices will be conducted regularly to ensure adherence to this policy, identify any weaknesses in the system, and recommend improvements.
10. Conclusion
By adhering to this KYC/AML policy, Moneywheel Research Zrt is committed to preventing financial crime, ensuring compliance with global regulations, and maintaining the integrity of its payment ecosystem. This policy will be reviewed and updated regularly to ensure continued compliance with evolving regulatory standards, including GDPR. ARGOS Identity provides the necessary solutions to maintain compliance and secure customer data, ensuring a trustworthy environment for all stakeholders.
About ARGOS Identity’s solutions: https://www.argosidentity.com/
Policy enforced from 2025 February 19th .