AML Policy

Introduction

The AML policy of the Kassio is testimony to its commitment to prohibit all financial illegal activities, money laundering, terrorism fundings, etc. The policy describes the terms binding on our users and the procedures of the company to ensure that our services are not utilised by any person who engages in criminal offences or funds criminal activities that include but are not limited to Drug Trafficking, Terrorism, Corruption and other serious crimes.

The terms “We”, “Our”, “Company” and “Us” refer to the “Kassio” whereas the terms “You”, “Your”, and “User” refer to the users of our online platform.

Policy Statement

The company has a zero-tolerance policy for money laundering. Kassio, its employees, customers, all the associated third parties and clients are highly committed to anti-money laundering and counter-terror financing measures in order to contribute their bit to mitigate financial crimes. We are compliant with all the applicable regulatory laws and regulations. We strictly adhere to the FATF & Prevention of Money-laundering Act, 2002 (India) and rules included by necessary amendments in the existing Money Laundering regulations. Our organisation stands firm against illegal financial activities and we promote AML(Anti Money Laundering) and CFT (Combating Financing of Terrorism) both in letter and spirit.

Objective of Policy

To prohibit illegal financial activities that include but are not strictly limited to money laundering, terrorism financing, drug trafficking, and other serious criminal offences.

Definitions :

Applicable Regulatory Laws: It includes but is not restricted to the Prevention of Money Laundering Act 2002 & rules included by amendments thereafter, the Reserve Bank of India’s Master Direction on KYC rules, as amended from time to time and all the laws in force from the time being within the jurisdiction of the government of India.
Money Laundering: It is the process of converting high incomes obtained from illegal activities such as drug trafficking, Arms Trafficking, Domestic or International Terrorism, etc to legitimate income.
Terror Financing: It involves providing financial support to terrorist organisations/ Individual terrorist or Non- State actors. These funds are utilised to fund certain activities organised by terrorists.
Sanction Lists: This refers to the list of banned individuals included under any list published and circulated by any country’s government or international authority.
Data Security: To mitigate the risk associated with Money Laundering & Terror financing, the measures will be designed in such a way that provides the citizens to access freedom & rights associated with their personal data.
Suspicious Transactions: It refers to activities that involve attempts or execution of terror financing, Malafide purposes, or unusual complexity.

Risk Mitigation

With the help of Know Your Transaction (KYT) analysis the company may group the users/ Businesses into low, medium or high financial risk categories. The risk assessment procedure takes into account the following factors:

Adequacy of information provided by the user for the purpose of verification
Financial or social status of users
Nature of source of income/ Business/ or any Vocational activity

The company keeps the categorization information of users confidential. No user will be entitled to get access to such information. Though the company can disclose the risk categorization data to the competent enforcement authorities whenever there is suspicion about that particular user to involve in any suspicious activity.

Customer Identification

The company has made KYC submission mandatory for all users. With the help of the Know Your Customer (KYC) policy, we aim to prevent illegal financial activities. In the onboarding process, the customers are required to provide information as per the KYC norms. If any user fails to provide adequate information then the company can either ask for re-submission or terminate their registration depending on the circumstances.

For onboarding new customers on our platform we conduct two-step identification:

Identification & Address Verification
For the customer identification and address verification users are required to produce documents as their identity proof and address proof. Following are the acceptable documents for verification.
- For Businesses: Company Registration Number, Bank Statements, Registered Office, Utility Bills, Details of any beneficial owners or directors of the company, etc.
- For Individuals: PAN Card, Aadhar Card, Driving License, Utility Bill, Bank Statement, Passport.
Selfie Verification: In selfie verification, users are required to position their face in the designated oval on the screen approximately 12 inches away and record a short video.

Additional Verification Step:

Based on KYT (Know Your Transaction) analysis, the company may ask for additional information along with the video KYC submission as considered necessary in the following cases:

For Businesses / Individuals with transactions worth more than $10 M
For any user or transaction with a high negative score from our third-party compliance tools.
For Individuals/ Businesses who conduct suspicious transactions as per the company’s rules and regulations or the laws of the land.
For Users with an extraordinarily large volume of outward transactions which may raise concerns

Due Diligence & Monitoring:

In order to adhere to the AML regulations, we conduct due diligence as per the regulatory requirements before onboarding our new customers. We conduct background checks and compile the details of our due diligence as the record for AML checks. We retain the transaction data & other obtained information associated with the user/business for 5 years starting from the date of the transaction or the end of the customer relationship with our platform.

Money laundering Reporting Officer: The MLRO officer is appointed by the company to ensure that due diligence checks and AML measures are conducted in accordance with the regulatory requirements and guidelines. MLRO ensures that regular due diligence and checks are carried out to mitigate the risks.
High-Risk Due Diligence Measures: With our KYT (Know Your Transactions) compliance we segregate high-risk individuals/ businesses. If any user is categorized as high risk then enhanced due diligence measures are used. In high risk due diligence senior management of the company take care of the case. They review the transactions, volume and patterns and as per the assessment, they may discontinue the new business deals with the users if required.
No Business with Sanctioned users: As per our policy, Kassio doesn’t entertain or do business with any of the sanctioned entities, individuals, or corporations. With the help of our third-party industry experts, we trace the flow of funds and ensure to do business exclusively with validated users.

Record Maintenance:

The company will preserve and maintain the data as follows:

All the online transactions on the platform will be recorded and maintained up to 10 years from the date of transaction.
All the high worth transactions and cross border transactions will be recorded and maintained up to 12 years
User Identification and Address verification data collected through KYC submission will be recorded and maintained up to 10 years from the date of user account termination.

Third-Party Verification:

To conduct customer identity and transaction verification the company has partnered with licensed industry experts to authenticate the user identities and transaction details. These third-party service providers conduct KYC and KYT verifications to authenticate user identity as well as to prevent unauthorised transactions.

Policy Review:

This policy will be subject to changes depending on the changing crypto industry regulations globally and domestically, market demands, business requirements and other factors.

Support/ To Raise Concerns:

If you have any questions or concerns regarding our AML policy. We would like to have a constructive discussion with you. To raise any concern or ask any query please write to us at support@kassio.com.

Introduction

These Internal AML Procedures (these “Procedures”) have been prepared for Kassio ApS (“Kassio”) and approved by the MLRO and the management of Kassio (the “Management”).

These Procedures set out Kassio’s internal AML policies, rules, procedures and guidelines in order to ensure that Kassio and its employees, at all times, limits the risk of being exploited fraudulently for the purpose of money-laundering or financing of terrorism. Pursuant to these Procedures Kassio shall identify and monitor its customers and report to the State Prosecutor for Serious Economic and International Crime (in Danish: Statsadvokaten for Særlig Økonomisk Kriminalitet) ("SØIK") if it is known, suspected or there are reasonable grounds to assume that a transaction is or has been related to money laundering or financing of terrorism.

These Procedures shall apply to all of Kassio’s activities. In addition, these Procedures shall, at all times, be observed and complied with by all employees of Kassio.

Purpose

The purpose of these Procedures is to ensure that all employees understand the obligations and the responsibility, which follows with the anti-money regulation, and to understand Kassio’s guidelines and procedures in these matters.

Further, the purpose is to reduce Kassio’s risks of being exploited for ML/TF.

Business description

Kassio operates out of Copenhagen, Denmark and provides a will provide a value-generating platform for cryptocurrency users by offering a unified solution for their customers. The customers will be able to:

fund their multicurrency fiat account,
buy and sell cryptocurrency,
store their cryptocurrency in a wallet,
obtain cryptocurrency-backed micro loans,
get a fixed deposits and savings rate and
receive a payment card.

Kassio will provide such services and activities through an application to a global customer base.

2.2 Obligations and scope of the rules

Kassio is located in Denmark and is considered to be subject to Danish law. As per the Danish Act on Measures to Prevent Money Laundering and Financing of Terrorism (the "Danish AML Act") Kassio must register with the Danish FSA (in Danish: Finanstilsynet), and ensure proper policies and procedures are placed to reduce the risk of being exploited for ML/TF.

Kassio has taken a proactive stance and implemented procedures in its current operations, which give certainty to all stakeholders that Kassio strives to prevent its services being used for money laundering, terrorist financing and other illicit activities.

Kassio does so by having know-your-customer (“KYC”) processes and risk-based procedures to conduct business in full compliance with the Danish AML Act. These processes are described further below.

As a legal entity subject to the AML Act, Kassio must know their customers’ identity and the purposes of the business relationships. To ensure that Kassio knows its customers, Kassio must perform certain customer due diligence measures. Such measures include requesting their customers to produce various kinds of proof of identity and pay attention to their customers' activities. If Kassio has a suspicion of being misused for money laundering or terrorist financing by a customer, Kassio must immediately scrutinise the matter more closely. If Kassio is unable to disprove its suspicion, the State Prosecutor for Serious Economic and International Crime (SØIK) must be notified immediately for the matter to be scrutinised more closely. It is a requirement under the Danish AML Act that Kassio registers with the Danish FSA and have adequate written policies, procedures and controls covering (i) an overall risk assessment in respect of the company itself, based on the company's business model; (ii) customer due diligence measures; (iii) investigation; (iv) recording and notification obligations; (v) training programs for both employees and management with respect to anti-money laundering; and (vi) internal monitoring measures.

Money Laundering Process

"Money Laundering" as defined in Article 3 (1) in the Danish AML Act (in Danish: “Hvidvaskloven”):

Unauthorized to receive or obtain other parts of financial dividends or funds obtained by a criminal offense.
Unauthorized to conceal, store, transport, assist in disposal or otherwise subsequently act to secure the financial gain of a criminal offense.
Attempts or complicity in such dispositions.

The process of money laundering typically involves 3 steps named 1) placement, 2) layering and 3) integration.

Placement is the process of putting the illegitimate money into the financial system. Layering hides the source of the illegitimate money through a series of transactions and/or bookkeeping tricks. Finally, Integration is where the laundered money is withdrawn from an account and is used further as a legitimate funds.

Placement

The initial stage of the process involves placement of illegally derived funds into the financial system, usually through a financial institution. This can be accomplished by depositing cash into a bank account. Large amounts of cash are broken into smaller, less conspicuous amounts and deposited over time in different offices of a single financial institution or in multiple financial institutions. The exchange of one currency into another, as well as the conversion of smaller notes into larger denominations, may occur at this stage.

Furthermore, illegal funds may be converted into financial instruments, such as money orders or checks, and commingled with legitimate funds to divert suspicion. Furthermore, placement may be accomplished by the cash purchase of a security or a form of an insurance contract.

Layering

After placement comes the layering stage (sometimes referred to as structuring). The layering stage is the most complex and often entails the international movement of the funds. The primary purpose of this stage is to separate the illicit money from its source. This is done by the sophisticated layering of financial transactions that obscure the audit trail and sever the link with the original crime.

During this stage, for example, the money launderers may begin by moving funds electronically from one country to another, then divide them into investments placed in advanced financial options or overseas markets; constantly moving them to elude detection; each time, exploiting loopholes or discrepancies in legislation and taking advantage of delays in judicial or police cooperation.

In the case of virtual currencies, there are different ways in which layering can occur, and which we take into consideration under the performance of our KYC/KYB procedure. For instance, this could be the case when one is transferring virtual currencies to wallets that have been recognized as wallets connected to criminal and illicit activities or when one is transferring virtual currencies to countries that are recognized as high-risk countries.

Integration

The third stage involves the integration of funds into the legitimate economy. This is accomplished through the purchase of assets, such as real estate, securities or other financial assets, or luxury goods. The three stages are also seen in terrorist financing schemes, except that stage three integration involves the distribution of funds to terrorists and their supporting organizations, while money laundering, as discussed previously, goes in the opposite direction—integrating criminal funds into the legitimate economy.

There are many different ways in which the laundered money can be integrated back with the criminal; however, the major objective at this stage is to reunite the money with the criminal in a manner that does not draw attention and appears to result from a legitimate source. For example, purchases of property, artwork, jewellery, or high-end automobiles are common ways for the launderer to enjoy their illegal profits without necessarily drawing attention to themselves.

Terrorist Financing

Terrorist financing is defined in art. 4 of the AML Act according to art. 114 in the Danish Criminal Act (in Danish: “Straffeloven”). The Danish Criminal Act defines terrorist financing as:

Directly or indirectly provides financial support to,
Directly or indirectly procure or collect funds to or
Directly or indirectly provide funds, other assets or financial or similar services to a person, a group or an association, who commits or intends to commit action covered by art. 114 or art.114 a.

Terrorist financing may not involve the proceeds of criminal conduct, but rather an attempt to conceal either the origin of the funds or their intended use, which could be for criminal purposes. Legitimate sources of funds are a key difference between terrorist financiers and traditional criminal organizations. In addition to charitable donations, legitimate sources include foreign government sponsors, business ownership and personal employment. Although the motivation differs between traditional money launderers and terrorist financiers, the actual methods used to fund terrorist operations can be the same as or similar to methods used by other criminals to launder funds. Funding for terrorist attacks does not always require large sums of money and the associated transactions may not be complex.

In order to facilitate activities, terrorist financiers could try to take advantage of the freedom of capital movements and the freedom to supply financial services which the integrated financial area entails, if certain coordinating measures are not adopted at an international, European Union, and national level. Also, every financial institution, and every company which is somehow involved in the financial sector must adopt and follow strict internal and external anti-money laundering guidelines.

AML Officer

Kassio must appoint a Money Laundering Reporting Officer who is authorised to make decisions on behalf of Kassio in accordance with policies, controls and procedures, enhanced customer due diligence procedures, verifying source of funds and assets of potential high-risk customers and UBOs and gathering sufficient information about cross-border activities.

Kassio employee Nikolai Søndergaard will be the MLRO moving forward. He has been responsible for creating the AML/CTF program and is thus well suited to take on the role.

3.1 Core obligations of MLRO

Responsible for developing and updating the AML/CTF policies to match existing regulations
Ensures that there are mechanisms to facilitate the reporting of any suspicious activities that may indicate money laundering or terrorist financing may be taking place.
Investigates the reports and if necessary, takes the communication with SØIK and Hvidvasksekretariatet (FIU Danmark)
Deals with SØIK and Hvidvasksekretariatet (FIU Danmark) directly on any money laundering and terrorist financing issues.
Reports to the senior management on the effectiveness of the AML Program and significant AML/CTF matters.
Has regular communication with senior management and has access to the necessary resources to execute upon the role.

Standing of the MLRO

An employee with the power of attorney to take decision on behalf of the company for approving the following:

Policies, procedures and controls.
Establishing a business relationship with a customer from a high-risk country.
Establishing a relationship with a customer who is connected to a PEP.

An employee with significant knowledge and insights into Kassio’s risk regarding ML/TF, thus being able to make decision benefitting Kassio’s when combating ML/TF and affecting Kassio’s risk exposure.
The MLRO has the authority to act independently in carrying out responsibilities

AML Procedures

KYC procedures have to be implemented, whenever a customer signs up with Kassio. All processes are based on a know-your-customer principle (“KYC”), which means that it must be certain that the customer is who they state they are.

Generally, there is a medium risk of ML/TF, but in cases where the risk is assessed higher the information and documentation required must be stricter to ensure proper identification of the customer. The risk assessment of a customer is completed on a case-by-case principle. The process can be summarized by the following illustration:

Obtain and control identity information on the customer
Obtain and control identity information on the customers UBOs
Draw up the customers ownership and control structure
Understand the purpose of the business relationship and origin of cryptocurrency

Name, personal identification number (CPR/CVR), annual report, passport/driver's license and proof of address.
Verify the documentation
Name and personal identification number Passport, driver's license etc.
Verify the documentation
Obtain names of directors, control structure and power to bind
Obtain documentation if required

Documents and information about the customer is continously updated based on a risk assessment.
Monitor the business relationship.
Monitor and investigate suspicious activities.