The purpose of the Policy is to define the Company’s internal practice, measures, procedures and controls relevant to the prevention of Money Laundering and Terrorist Financing.
• “Beneficial Owner” means the natural person or natural persons, who ultimately owns or controls the Client and/or the natural person on whose behalf a transaction or activity is being conducted. The Beneficial Owner shall at least include:
(a) In the case of corporate entities:
i. The natural person or natural persons, who ultimately own or control a legal entity through direct or indirect ownership or control of a sufficient percentage of the shares or voting rights or ownership interest in that entity, including through bearer shareholdings, or through control via other means, other than a company listed on a regulated market that is subject to disclosure requirements consistent with Union law or subject to equivalent international standards which ensure adequate transparency of ownership information. A shareholding of 10 % plus one share or an ownership interest of more than 10 % in the customer held by a natural person or by multiple corporate entities, which are under the control of the same natural person, shall be an indication of direct ownership.
ii. If, after having exhausted all possible means and provided there are no grounds for suspicion, no person under point (i) is identified, or if there is any doubt that the person identified are the beneficial owner, the natural person who hold the position of senior managing official, the obliged entities shall keep records of the actions taken in order to identify the beneficial ownership under point (i) and this point;
(b) In the case of trusts or in the case of legal entities such as foundations, and legal arrangements similar to trusts:
i. The settlor;
ii. The trustee(s);
iii. The protector, if any;
The beneficiaries, or where the individuals benefiting from the legal arrangement or entity have yet to be determined, the class of persons in whose main interest the legal arrangement or entity is set up or operates; v. Any other natural person exercising ultimate control over the trust by means of direct or indirect ownership or by other means;
• “Law” means the Prevention and Suppression of Money Laundering Activities Law; Law N. 188(I)/2007.
• “Money Laundering and Terrorist Financing” means the money laundering offences defined in Section 3,4 and 5 of the Law.
• “Occasional Transaction” means any transaction other than a transaction carried out in the course of an established Business Relationship formed by a person acting in the course of financial or other business as defined under ‘other activities’ par.2 of Law.
• “Politically Exposed Persons (PEPs)” means the natural persons who have their place of residence in any European Union Member State or in third counties and who are or have been entrusted with prominent public functions and their immediate family members or persons known to be close associates of such persons.
3. Main Objectives
• Combating and preventing money laundering and terrorist financing and taking all the necessary preventive measures.
• Preventing the misuse of the Company by anyone or anybody in illegitimate operations.
• Determining the legal and administrative responsibilities of the Company and of all its employees related to anti-money laundering.
• Reporting the suspicious operations which include the probable activities of the operations of money laundering and terrorist financing to the competent authorities.
• Training all employees on the rules and internal procedures which have to be observed, the risks that they and the Company face and how they can encounter the risks of money laundering and terrorist financing through their operations from their positions.
4. Scope of Application: This policy is applied to all activities, services, products, work places of the Company.
5. Company Commitment
The Company is committed to:
• Accept only those Clients whose identity can be established and verified and whose source of funds can be reasonably established to be legitimate.
• Not establish a business relationship, open accounts or maintain accounts for anonymous persons or those with fictitious names including anonymous accounts.
• Make every possible effort to know the identity of the customer and the real beneficiary (Beneficiary Owner) of the account (i.e. the full name, the place and date of birth and verifying the identity by using valid, official and accredited documents “identification data” issued by the official bodies), in addition to the data and information available from trusted independent sources.
• Apply a risk-based approach, and enhanced customer due diligence where required.
• Monitor and identify suspicious transactions and activities, and ensure that reportable ones get reported.
• Provide periodic and appropriate AML/CTF training and information to all employees to increase their awareness using various methods.
• Maintain records, which are appropriate to the nature and complexity of the customer’s business.
6. Client Acceptance Policy
6.1. The Client Acceptance Policy (hereinafter the “CAP”), following the principles and guidelines described in the Company’s AML-CFT Manual (hereinafter: “Manual”), defines the criteria for accepting new Clients and defines the Client categorisation criteria, which shall be followed by the Company and especially by the employees who shall be involved in the Client Account Opening process.
6.2. The (Money Laundering Compliance Officer (hereinafter: “MLCO”) shall be responsible for applying all the provisions of the CAP. In this respect, the Head of the Administration/Back Office Department shall also be assisting the MLCO with the implementation of the CAP, as applicable.
6.3. The Internal Auditor shall review and evaluate the adequate implementation of the CAP and its relevant provisions, at least annually, as per Section 5 of the Manual.
6.4. The General Principles of the CAP are the following:
a. The Company shall classify Clients into various risk categories and based on the risk perception decide on the acceptance criteria for each category of Client
b. Where the Client is a prospective Client, an account must be opened only after the relevant pre-account opening due diligence and identification measures and procedures have been conducted, according to the principles and procedures set in the Manual.
c. All documents and data described in the Manual must be collected before accepting a new Client
d. No account shall be opened in anonymous or fictitious names(s)
e. No account shall be opened unless the prospective Client is approved at least by one of the following:
• The General Manager
• The MLCO / Assistant MCLO
• The Operations Manager
7. Client due diligence and identification procedures
7.1. The Company shall duly apply Client identification procedures and Client due diligence measures in the following cases:
(a) when establishing a business relationship;
(b) when there is a suspicion of money laundering or terrorist financing, regardless of the amount of the transaction in the provision of the relevant Investment and Ancillary Services;
(c) when there are doubts about the veracity or adequacy of previously Client identification data;
(d) in the case of persons trading in goods, when carrying out occasional transactions in cash amounting to EUR 10.000 or more, whether the transaction is carried out in a single operation or in several operations which appear to be linked;
(e) for providers of gambling services, upon the collection of winnings, the wagering of a stake, or both, when carrying out transactions amounting to EUR 2.000 or more, whether the transaction is carried out in a single operation or in several operations which appear to be linked;
(f) when there are doubts about the veracity or adequacy of previously Client identification data.
7.2. Client Identification and Due Diligence procedures include the following:
i. The identification of the Client and the verification of the identity of the Client on the basis of documents, data or information issued or obtained from a reliable and independent source:
• Creation of an economic profile for the Client/beneficial owner;
• Carrying out a suitability test for the Client/beneficial owner in accordance to article 26(2)(a) of the Investment Services and Activities and Regulated Markets Law of 2017 (the ‘L. 87(Ι)/2017’) and Paragraph 14 of CySEC Directive 144-2007-02 for the Professional Competence of Investment Firms and the Natural Persons employed by them (the ΄Directive 2΄);
• Carrying out an appropriateness test in accordance to article 26(3)(2) of L.87(Ι)/2017, as amended, and paragraph 15 of Directive 2.
ii. The identification of the Beneficial Owners’ identity and taking reasonable steps to verify his/her identity in order to ensure that the Company is satisfied that it knows the beneficial owner. With regards to legal persons, trusts, companies, foundations and similar legal arrangements, reasonable steps should be taken to understand the structure of the ownership and Client control.
iii. The assessment and, where appropriate, the collection of information on the purpose and intended nature of the business relationship
iv. Continuous supervision of the business relationship by scrutinizing the transactions carried out during that relationship in order to ensure that the transactions carried out are consistent with the data and information held by the Company in relation to the Client, the business and the Client’s risk profile, and, where necessary, with regards to the origin of the funds and ensuring that updated documents, data or information are kept.
Provided that when applying the measures of paragraphs (i) and (ii) above, the Company should verify that any third person who intends to act on behalf of the Client is duly authorized by the Client for that purpose and identifies and verifies the identity of the third party.
7.3. The Company being an Obliged Entity shall apply each of the Client due diligence measures and identification procedures as these have been set out above but may determine the extent of such measures depending on the degree of risk taking into consideration at least the provisions of Annex I of the Law.
7.4. The Company must be able to demonstrate to the competent Supervisory Authorities that the extent of the measures is proportionate to the risks of Money Laundering and Terrorist Financing that is exposed to.
7.5. In this respect, it is the duty of the Back Office & Account Opening Support Department to apply all the relevant Client Due Diligence Identification Procedures described in the Law for the cases mentioned above, prepared by the MLCO. Furthermore, the Back Office & Account Opening Support Department shall also be responsible to collect and file the relevant Client identification documents, according to the recording keeping procedures described in the Law and any other due diligence related procedures.
7.6. The Company applies each of the Client due diligence measures and identification procedures set out above but may determine the extent of such measures on a risk sensitive basis depending on the type of Client, business relationship, product or transaction.
8. Time of Application of the Due Diligence and Client Identification Procedures
8.1. With respect to the extent that the Company shall apply Client due diligence measures, the MLCO shall be responsible for the consideration of the following, non-exhaustive list, of risk variables:
(i) the purpose of an account or relationship;
(ii) the level of assets to be deposited by a Client or the size of transactions undertaken;
(iii) the regularity or duration of the business relationship.
8.2. With respect to the timing of the application of the Due Diligence and Client Identification Procedures, the following provisions should be applied by the Company:
(i) The verification of the identity of the Client and the Beneficial Owner shall be usually be performed before the establishment of a business relationship or the carrying out of a transaction.
(ii) By way of derogation from point (i) above, the verification of the identity of the Client and the Beneficial Owner may be completed during the establishment of a business relationship if this is necessary not to interrupt the normal conduct of business and where the risk of money laundering or terrorist financing occurring is low in such situations, the process of verifying the procedure is completed as soon as possible after the initial contact.
(iii) Without prejudice of what is stated in point (ii) above by way of derogation from point (i) above, for cases that fall under the supervision of CySEC the verification of the identity of the Client and the Beneficial Owner may be completed during the establishment of a business relationship if this is necessary not to interrupt the normal conduct of business and where there is little risk of money laundering or terrorist financing occurring and the process of verification is completed as soon as practicable after the initial contact.
(iv) By way of derogation from point (i) above, the Company may allow the opening of an account with a credit institution or financial institution, including accounts that permit transactions in transferable securities, provided that these are adequate safeguards in place to ensure that transactions are not carried out by the Client or on its behalf until full compliance with the Client due diligence requirements laid down in Section 8 above.
(v) In cases where the Company is unable to comply with Subsections (a), (b) and (c) of Section 61 of the Law, it shall not carry out a transaction through a bank account, establish a business relationship or carry out the transaction, and shall terminate the business relationship and consider making a suspicious transaction report to the Unit, in relation to the Client.
(vi) Identification procedures and Client due diligence requirements shall be applied not only to all new Clients but also to existing Clients at appropriate times, depending on the level of risk of being involved in money laundering or terrorist financing including at times when the relevant circumstances of a Client change.
9. Verification of Client’s identity during the establishment of a business relationship (Cases when the risk is assessed as low)
9.1. The Company, when commencing the establishment of a business relationship with a Client whose identity has not yet been verified, the risk may be assessed as low when, at a minimum, the following, among others, are taken into consideration:
(a) In cases where the verification of the identity of the Client/beneficial owner has not yet been completed, the cumulative amount of deposited funds of a Client should not exceed EUR 2.000, irrespective of the number of accounts the Client holds with the Company. The amount of EUR 2.000 shall not automatically categorise the Client as low risk.
(b) The Company shall accept deposits only from a bank account (or through other means that are linked to a bank account (e.g. credit card), that is in the name of the Client with whom establishes a business relationship.
(c) The cumulative amount of time in which the verification of the identity of the Client is completed, must not exceed fifteen (15) days from the initial contact.
(d) It is noted that the initial contact takes place the moment that the Client either accepts the terms and conditions or makes his first deposit, whichever comes first.
(e) Further to the above, within the timeframe of fifteen (15) days from the initial contact, the Company shall take all reasonable measures to ensure that the percentage of Clients that have not complied with the request to submit verification documents is considerably low. Such measures may include, inter alia, the sending of reminders and/or requests to Clients informing them of their obligation to submit the requested documents for the completion of the verification of their identity.
(f) Where the verification of the Client’s identity has not been completed during the designated timeframe of fifteen (15) days, the commencement of the business relationship must be terminated on the date of the deadline’s expiry and all deposited funds must be returned automatically to the Client, and in the same bank account from which they originated, with such return to be done immediately, regardless of whether the Client has requested the return of their funds or not.
(g) No funds are withheld, and no accounts are frozen, save for those cases of suspicion of money laundering, where the regulated entity is under obligation to immediately report their suspicion to MOKAS and notify CySEC (through the Monthly Prevention Statement) of the suspicious transaction incident in the designated procedure.
(h) Within the timeframe of fifteen (15) days from the initial contact, the Client should undergo at least one (1) Enhanced Due Diligence measure in accordance with the Law.
9.2. Further to the above and excluding the cases of suspicion of money laundering, where the Company is under an obligation to immediately report their suspicion to the Unit and notify CySEC of the suspicious transaction incident, no funds will be held, and no accounts will be frozen by the Company.
9.3. Important note: Clients’ account that have been closed due to lack of information and/or documentation as described above, can be re-activated when and if the Clients will provide the missing documents and/or information for enabling the Company to verify their identity.
9.4. The Company will not accept clients, where the following information has not been provided:
(a) the full identification; and
(b) the creation of their economic profile; and
(c) the completion of their appropriateness test.
9.5. Identification procedures and Client due diligence requirements shall be applied not only to all new Clients but also to existing Clients at appropriate times.
10. Construction of an Economic Profile and General Client Identification and Due Diligence Principles
10.1. The minimum data of information that are collected before the establishment of the business relationship, with the aim of constructing the Client’s economic profile should include the following:
a) the Company shall be satisfied that it’s dealing with a real person and, for this reason, the Company shall obtain sufficient evidence of identity to verify that the person is who he claims to be. Furthermore, the Company shall verify the identity of the Beneficial Owner(s) of the Clients’ accounts. In the cases of legal persons, the Company shall obtain adequate data and information so as to understand the ownership and control structure of the Client. Irrespective of the Client type (e.g. natural or legal person, sole trader or partnership), the Company shall request and obtain sufficient data and information regarding the Client business activities and the expected pattern and level of transactions. However, it is noted that no single form of identification can be fully guaranteed as genuine or representing correct identity and, consequently, the identification process will generally need to be cumulative;
b) the verification of the Clients’ identification shall be based on reliable data and information issued or obtained from independent and reliable sources, meaning those data, and information that are the most difficult to be amended or obtained illicitly;
c) a person’s residential and business address will be an essential part of his identity;
d) the Company will never use the same verification data or information for verifying the Client’s identity and verifying its home address;
e) the data and information that are collected before or during the establishment of the business relationship, with the aim of constructing the Client’s economic profile and, as a minimum, shall include the following:
• the purpose and the reason for requesting the establishment of a Business Relationship;
• the anticipated account turnover, the nature of the transactions, the expected origin of incoming funds to be credited in the account and the expected destination of outgoing transfers/payments;
• the Client’s size of wealth and annual income and the clear description of the main business/professional activities/operations;
f) the data and information that are used for the construction of the Client-legal person’s economic profile shall include, inter alia, the following:
• the name of the company;
• the country of its incorporation;
• the head offices address;
• the names and the identification information of the Beneficial Owners;
• the names and the identification information of the directors;
• the names and the identification information of the authorised signatories;
• financial information;
• the ownership structure of the group that the Client-legal person may be a part of (country of incorporation of the parent company, subsidiary companies and associate companies, main activities and financial information).
The said data and information are recorded in a separate form designed for this purpose which is retained in the Client’s file along with all other documents as well as all internal records of meetings with the respective Client. The said form is updated regularly or whenever new information emerges that needs to be added to the economic profile of the Client or alters existing information that makes up the economic profile of the Client.
g) identical data and information with the abovementioned shall be obtained in the case of a Client-natural person, and in general, the same procedures with the abovementioned shall be followed
h) Client transactions transmitted for execution, shall be compared and evaluated against the anticipated account’s turnover, the usual turnover of the activities/operations of the Client and the data and information kept for the Client’s economic profile. Significant deviations are investigated, and the findings are recorded in the respective Client’s file. Transactions that are not justified by the available information on the Client, are thoroughly examined so as to determine whether suspicions over money laundering or terrorist financing arise for the purposes of submitting an internal report to the MLCO, , and then by the latter to the Unit, .
10.2. The Company shall apply each of the Client due diligence measures and identification procedures set out in point (10.1) above but may determine the extent of such measures on a risk-sensitive basis depending on the type of Client, Business Relationship, product or transaction. The Company shall be able to demonstrate to CySEC that the extent of the measures is appropriate in view of the risks of the use of the Investment and Ancillary Services for the purposes of Money Laundering and Terrorist Financing.
10.3. For the purposes of the provisions relating to identification procedures and Client due diligence requirements, proof of identity is satisfactory if:
(a) it is reasonable possible to establish that the Client is the person he claims to be, and,
(b) the person who examines the evidence is satisfied, in accordance with the procedures followed under this Law, that the Client is actually the person he claims to be.
10.4. The construction of the Client’s economic profile according to the provisions above shall be undertaken through the online registration questionnaire and verified one by one by the Back-Office Department as part of the due diligence applied in accordance with the policies and procedures prepared by the MLCO. In this respect, the data and information collected for the construction of the economic profile shall also be fully documented and filed, as applicable, by the Back Office & Account Opening Support Department and shall be made available to the MLCO unlimited for performing its duties and monitoring obligations.
11. Further Obligations for Client Identifications and Due Diligence Procedures
11.1. In addition to the principles described above, the Company, and specifically the MLCO shall:
(a) Aim to ensure that the Client identification records remain completely updated with all relevant identification data and information throughout the business relationship;
(b) examine and check through monitoring procedures, on a regular basis, the validity and adequacy of the Client identification data and information that he maintains, especially those concerning high risk Clients.
11.2. The procedures and controls also determine implicit the timeframe during which the regular review, examination and update of the Client identification is conducted. The outcome of the said review shall be recorded in a separate note/form which shall be kept in the respective Client file.
11.3. Despite the obligation described in point above and while taking into consideration the level of risk, if at any time during the Business Relationship, the Company becomes aware that reliable or adequate data and information are missing from the identity and the economic profile of the Client, then the Company takes all necessary action, by applying the Client identification and due diligence procedures according to the Manual, to collect the missing data and information, the soonest possible, so as to identify the Client and update and complete the Client’s economic profile.
11.4. If, during the business relationship, a Client fails or refuses to submit, within a reasonable timeframe the required verification data and information, the Company shall terminate the business relationship and close all the accounts of the Client while at the same time shall examine whether it is justified under the circumstances to submit a report to the Unit.
11.5. In addition to the obligation of points above, the Company shall check the adequacy of the data and information of the Client’s identity and economic profile, whenever one of the following events or incidents occurs:
(a) an important transaction takes place which appears to be unusual and/or significant compared to the normal pattern of transactions and the economic profile of the Client
(b) a material change in the Client’s legal status and situation, such as:
• change of directors/secretary;
• change of registered shareholders and/or Beneficial Owners;
• change of registered office;
• change of trustees;
• change of corporate name and/or trading name;
• change of the principal trading partners and/or undertaking of major new business activities;
(c) a material change in the way and the rules the Client’s account operates, such as:
• change in the persons that are authorised to operate the account;
• application for the opening of a new account for the provision of new investment services and/or financial instruments.
11.6. In addition to the above, the Company, when making transfers of money between Clients’ accounts, shall apply the following procedures in accordance to Circular CI144-2012-09, as applicable:
(a) Ask, from both Clients directly involved (originator of the transfer and recipient of the transfer), to complete a form of order and acceptance of the money transfer between the Clients’ accounts.
(b) Before performing the money transfer, the responsible, for this purpose, person (e.g. Head of the Accounting Department) shall confirm the order and acceptance of the money transfer by telephone or by other equivalent method. If the confirmation is made by telephone, the telephone communication shall be recorded.
(c) The Back Office & Account Opening Support Department and/or the MLCO shall:
• verify the authenticity of the signatures on the aforementioned form;
• record (e.g. on the form) the reasons and confirm the legality of the purpose for which the transfer of money is made;
• keep/file all records and information related to this purpose in the involved Clients’ files.
12. Employees’ Obligations
12.1. The Company’s employees shall be personally liable for failure to report information or suspicion, regarding money laundering or terrorist financing.
12.2. The employees must cooperate and report, without delay, anything that comes to their attention in relation to transactions for which there is a slight suspicion that are related to money laundering or terrorist financing.
12.3. According to the Law, the Company’s employees shall fulfil their legal obligation to report their suspicions regarding Money Laundering and Terrorist Financing.
For further information, please contact the Compliance Department at [email protected] .