jeu de cartes à collectionner en ligne
HomePriority PassZoop CelebrityWhitepaperBlogAboutFeatures

AML Policy

1. Executive Management Statement

ii USA Corporation (d/b/a Zoopcards), wholly owned by ii Corporation Ltd. (d/b/a influencer index), (collectively, the “Company”) intends to enable and facilitate the sale and purchase of certain non-fungible tokens (“NFTs”) linked to celebrities (“Influencer Tokens”) to US and foreign-located users (the “Customers”) through its web-based platform (the “Platform”). Although not subject to the Bank Secrecy Act (“BSA”) as a Money Service Business (“MSB”), Company wishes to implement and maintain an effective risk based anti-money laundering (“AML”) compliance program consistent with the AML requirements imposed on MSBs under the BSA. This AML program is also intended to address the Global Anti-Money Laundering / Counter Terrorist Financing and Sanctions Policy) (the “KYC Policy”) provided to the Company by Circle Internet Financial LLC (“Circle”), a third-party payment service provider that will be the payment processor for all Secondary Transactions (as defined below).  

An effective risk-based AML program is one that is reasonably designed to prevent the Company from being used to facilitate money laundering and the financing of terrorist activities, commensurate with the risks posed by the location and size of, and the nature and volume of, the financial services provided by the Company.  The AML program will include the following four (4) pillars:

  • Policies, procedures, and internal controls
  • BSA compliance officer 
  • BSA training of personnel
  • Independent review of compliance program

The Board of Directors of the Company (the “Board”) acknowledges that the drafting and implementation of this AML Policy (“Policy”) is key to achieving the above outcomes.  

Money laundering is the process by which criminals conceal the existence, nature or source of their illegal funds and disguise them to make them appear legitimate.  Financers of terrorism and other organized illicit activities follow similar processes. The compliance goal of the Company is to protect its business from being used to facilitate money laundering, terrorist financing and related crime to the extent reasonably possible. The Company has assessed the risks posed by money launderers, terrorist financing, and other persons in connection with the Platform.  In consideration of the risks posed, and the size and nature of the Company business associated with the Platform, the Company has implemented this AML program. This Policy is limited to activity conducted on the Platform as described below.  If the activity conducted through the Platform changes, this Policy will be reevaluated. Similarly, if the Company engages in any MSB activity, this Policy will be reevaluated.   

It is the responsibility of every Company employee associated with the Platform to understand and comply with this Policy. Questions about this Policy should be directed to the Company’s Chief Compliance Officer, Deanna Visperas. Failure to comply with the specific provisions of the BSA, federal money laundering statutes, counter-terrorism laws and related criminal statutes can result in substantial civil and criminal penalties to the Company and to individual employees.  Failure to comply with any legal requirements by an employee will also subject the employee to disciplinary action, which may include termination of employment.

The Board has approved this Policy and its implementation effective October 28th 2022. The Board will review and approve this Policy on an annual basis, and in the event of the Company commencing MSB activities or any material modification to the activity engaged in on the Platform.

All material changes to this statement must be approved by the Board as well.  

While in some limited instances the Company plans to enable Customers to make purchases of Influencer Tokens on the Platform using cryptocurrency, in such cases the acceptance of cryptocurrency from the Customer, and the conversion to fiat currency for settlement to the Company, will be facilitated by a third-party processor.  Additionally, the Company will not engage in the following activity on the Platform:

  • Any money order or traveller check services
  • Settlement of transactions that are not connected to the purchase and/or sale of Influencer Tokens on the Platform
  • Any receipt or disbursement of currency (i.e., paper money and coins)

2. Company Risk Assessment

This section outlines the assessment Company has made of the likelihood the Platform could be used for financial crime and the steps the Company will take to seek to mitigate such risks. Our assessment of the risk takes into consideration the following risk categories:

  • The type of Customer on the Platform;
  • The activity engaged in relating to the Customer; and
  • The delivery channel.

Nature of Platform and Customer

The Platform enables and facilitates settlement of funds in connection with the purchase and sale of Influencer Tokens by and between Customers, including Customers based in the United States.  Company will receive transaction fees and/or a spread in connection with transactions on the Platform. Customers may access and pre-fund a virtual account (also known as a digital wallet) on the Platform that can be used to purchase, and receive settlement proceeds from the sale of, Influencer Tokens. The Customer’s virtual account is provided by Circle. Financial institution partners of Circle receive and hold the underlying funds credited to Customers’ virtual accounts in bank accounts for the benefit of Customers (i.e., not for the benefit of Company). Customers who establish a virtual account with Circle and engage in certain activity on the Platform (as described in greater detail below) will need to complete a Know Your Customer (KYC) identify verification process performed by a third-party service provider, currently Onfido, on behalf of Company (the “KYC Provider”).

Customers will be able to purchase Influencer Tokens sold directly by the Company (“Primary Transactions”).  Customers will also be able to sell Influencer Tokens to, and buy Influencer Tokens from, other Customers (“Secondary Transactions”).  When a Customer purchases an Influencer Token from the Company (i.e., a Primary Transaction), the purchase can be funded via a credit or debit card or the user’s pre-funded virtual account.  The Company will utilize both Circle and PayPal as payment processors for Primary Transactions. The payment processors will receive funds from Customers and settle those funds into a Company account.

For Secondary Transactions, when a buyer initiates a payment using its virtual account, funds will be transferred from the buyer’s account to the digital wallet of the seller. As applicable, transactions between US-based virtual accounts will be settled as ACH payments. We understand that the Company will not receive or transmit funds or Influencer Tokens through a digital wallet or bank account that it owns or directly controls in connection with Secondary Transactions. Additionally, for credit or debit card Secondary Transactions, the Company currently intends to use Circle as its payment processor. Circle will receive settlement funds from the credit or debit card purchase and then settle the funds to the virtual account.  Accordingly, the Company does not directly receive funds in connection with the credit or debit card Secondary Transactions. Users will also be required to establish a sub-account with Circle in order to make any credit or debit card purchase transactions. 

In addition, the Company plans to enable Customers to make purchases of Influencer Tokens on the Platform using Bitcoin. For Bitcoin Primary Transactions, the Company currently intends to use OpenNode, Inc. (“OpenNode”) and then settle in fiat currency. OpenNode will accept cryptocurrency from Customers and settle in fiat currency to the Company through its exchange partners. In other words, while the Company will enable Customers to purchase Influencer Tokens using Bitcoin, the Company will not actually itself directly receive, nor hold or transmit, cryptocurrency.   Sellers of Influencer Tokens cannot receive settlement in cryptocurrency at this time, and Customers generally will not have the ability to custody cryptocurrency in their virtual accounts on the Platform.  

Customers cannot use Bitcoin to purchase Tokens in Secondary Transactions.

High Risk Business and Unacceptable Risk

The Platform will be used solely to facilitate the purchase and sale of NFTs. While NFT transactions can be seen as not inherently high risk on the basis that an NFT is a digital good, NFTs are still a new technology and asset class subject to regulatory uncertainty.  Additionally, NFTs are also often purchased and sold for significant dollar amounts and there may not necessarily be a traditional market basis for pricing. Further, NFTs are often purchased with, or sold for, cryptocurrency, which entails higher risks of money laundering and other illicit activity. The Company must therefore consider evolving risks relating to NFT transactions and cryptocurrency generally.  In addition, the Company must monitor and comply with any new regulations pertaining to NFTs that could impact how transactions are processed and how Influencer Tokens are treated on the Platform.

As noted, the Company intends to facilitate acceptance of cryptocurrency as payment for Influencer Tokens. Even if facilitated by a third-party processor, cryptocurrency transactions are inherently higher risk due to the anonymity of the blockchain and other features. To minimize such risk, the Company will verify the identity of its Customers (as noted above) and will receive settlement in, and only settle to sellers of Influencer Tokens in, fiat currency. The Company will take appropriate measures to ensure that transactions involving cryptocurrency are facilitated in compliance with applicable cryptocurrency-related regulations by the Company and its third-party processing partners, as applicable.

Services Offered

As described above, Customers will only be able to use the Platform to purchase and sell NFTs. The Company currently believes that higher-risk transactions will be those involving cryptocurrency.  The Company will have in place safeguards designed to subject cryptocurrency transactions to enhanced oversight to mitigate the risk that the Platform will be used to facilitate illicit activity. 

In addition, transactions involving high dollar amounts may also be higher risk of potentially facilitating money laundering. Customers seeking to engage in large transactions or Customers that are otherwise deemed to be high-risk are subject to enhanced due diligence including an additional identity and address verification check by a KYC Provider. The Company will monitor activity on the Platform to determine as appropriate transaction thresholds for such enhanced due diligence.

Delivery Channels

Customers may purchase Influencer Tokens using fiat currency funds accessed through virtual accounts/digital wallets.  When the Customer purchases an Influencer Token, funds will be transferred from the digital wallet of the buyer to the digital wallet of the seller. The Company will not have custody or control of funds associated with fiat currency purchase of Influencer Tokens.  As applicable, transactions between US-based virtual accounts will be settled via the ACH. As noted above, Customers may also fund purchases of Influencer Tokens via credit card. The Company will verify that the cardholder has sufficient funds to purchase the Influencer Token by obtaining an authorization and hold on the Customers funds. 

Customers can also use cryptocurrency to purchase Influencer Tokens. The Company will facilitate acceptance of cryptocurrency payments from buyers of Influencer Tokens. As noted above, a third-party processing partner of the Company will accept cryptocurrency from buyers and settle to the Company in fiat currency only. Accordingly, the Company will not receive, hold, or transmit cryptocurrency through wallets or other accounts that it owns or controls (and will not, in any event, custody or transmit cryptocurrency on behalf of any other party).  Sellers of Influencer Tokens cannot receive settlement in cryptocurrency at this time, and Customers will not have the ability to custody cryptocurrency in their virtual accounts on the Platform.  

Geographic Location

The Company facilitates settlements of funds with respect to US-based and international Customers. Transactions processed on the Platform will involve settlement both within and outside of the United States.  The Company will not send funds to countries covered by sanctions laws administered by the U.S. Office of Foreign Assets Control (OFAC), which generally would prohibit the Company from entering into any business relationship or engaging in any business transaction with a person identified by OFAC as a prohibited person or with any country or representative of a country identified by OFAC. 

3. BSA Compliance Program Requirements

Overview of BSA AML Program Requirement

The BSA requires each MSB to develop, implement and maintain an effective “risk based” AML program.  Such a program is one that is reasonably designed to prevent the MSB from being used to facilitate money laundering and the financing of terrorist activities, commensurate with the risks posed by, the location and size of, and the nature and volume of, the financial services provided by the MSB. Each MSB AML program must include the following elements:

  • Policies, procedures, and internal controls
  • BSA compliance officer 
  • BSA training of personnel
  • Independent review of compliance program

It is the responsibility of each employee of the Company to comply with the BSA, related federal anti-money laundering law, this Policy, and any related implementation of this Policy. The Chief Compliance Officer is responsible for ensuring that there are in place appropriate and effective internal controls and procedures to help prevent the Platform from being used by money launderers, financiers of terrorism and other criminals.

Regulatory Framework

The Bank Secrecy Act (BSA)

The reporting and recordkeeping requirements of the BSA are designed to create a “paper trail” to trace proceeds of crime to their illegal sources and to trace funds that are used for criminal purposes, even where generated from legitimate sources.  The Company would not be considered a money transmitter and therefore a MSB under the BSA regulations as the Company will not be accepting funds from one Customer to transmit to another Customer through the Platform. The transmission and settlement on behalf of Customers for payments for Influencer Tokens sold and traded with other Customers on the Platform will be conducted by Circle acting as the payment processor for the Secondary Transactions. Although not an MSB, the Company aims to establish an AML Policy consistent with applicable requirements of the BSA to minimize the risk the Platform could be used to facilitate money laundering or other unlawful activity.

An MSB, as well as its executives, employees and customers can be prosecuted and subject to civil penalties for structuring, assisting in structuring, or attempting to structure currency and other transactions to evade specific reporting and recordkeeping requirements and for causing or attempting to cause the MSB to fail to comply with these requirements or for including material omissions or misstatements of fact on a report required to be filed or record required to be maintained under the BSA.

The Money Laundering Statutes

Sections 1986 and 1987 of the U.S. Criminal Code

The federal money laundering statutes make it illegal for any person to knowingly engage in any financial or commercial transaction, or international transportation or transmission of funds, with the proceeds of specified unlawful activity, knowing the funds to be criminally derived and with the intent of promoting criminal activity, concealing or disguising its nature or origin, evading taxes or avoiding a currency transaction reporting requirement.  If an MSB is involved and the transaction exceeds $10,000, and the person that conducts the transaction knows that the funds come from some form of criminal activity, liability may exist.

The primary money laundering statutes, which are contained at 18 U.S.C. §§ 1956 and 1957, relate to:

  • A financial transaction offense occurs when a person knowingly conducts or attempts to conduct a financial transaction involving the proceeds of “specified unlawful activity” with either the: (1) intent to promote the specified unlawful activity; (2) knowledge that the transaction is designed to conceal or disguise the nature, location, source, ownership or control of the funds or to avoid a transaction reporting requirement; or (3) intent to commit tax fraud or evasions.
  • An international transportation offense occurs whenever a person transports, transmits or transfers funds or monetary instruments into or out of the U.S. with either:  (1) the intent of promoting ‘specified unlawful activity”; or (2) the knowledge that the funds or monetary instruments represent the proceeds of some form of unlawful activity and that the purpose is (a) to conceal or disguise the nature, the location, the source, the ownership, or the control of the proceeds; or (b) to avoid a transaction reporting requirement.
  • A monetary instrument offense occurs when a person knowingly engages in any banking or commercial transaction of more than $10,000 with a financial institution involving property derived from “specified unlawful activity.”

The “knowledge” element in federal money laundering offense can be established by proof of “willful blindness.”  For example, if an MSB employee suspects the Platform may be being used to launder “dirty money” but deliberately refuses or otherwise fails to ask questions or report the activity to his/her supervisor because he or she does not want to get involved or wants to remain ignorant, the employee and the MSB could be deemed to have acted in willful blindness.  

Criminal violations can result in fines of up to $500,000 or twice the value of the property laundered, whichever is greater and/or imprisonment up to twenty (20) years.  Civil penalties are limited to violations of the financial transaction and international transportation offenses and can be assessed up to the greater of the value of the property, funds or monetary instruments involved or $10,000.  In addition, any property involved in the money laundering violation, including bank accounts that contain funds involved in transactions, computers and computer systems, real estate, personal property and other property, can be forfeited to the U.S. government.

Section 1960 Offenses

  • Transfer or Transport of Funds.  There is no monetary threshold for a § 1960 offense.  Under § 1960, the government need only show that any person transferred or transported funds knowing that the funds were criminally derived (proceeds of any crime), or were intended to “promote or support unlawful activity.”
  • Failure to be Licensed under State Law.  §1960 also makes it a federal crime for any person to engage in a money transmitting business without a state license when the money transmitting business is required to be licensed under relevant state law.
  • Failure to be Registered as a Money Services Business.  §1960 also makes it a federal crime for any MSB, which is required to be registered as a money service business under federal law, to fail to be registered.

BSA Reporting Requirements 

Suspicious Activity Reports (“SAR”)

The BSA requires MSBs to file SARs with FinCEN.  Reporting is required if a transaction is conducted or attempted, at or through the MSB, that involves or aggregates funds or assets of at least $2,000 and the MSB knows, suspects or has reason to suspect that the transaction (or a pattern of transactions of which the transaction is a part) is suspicious.  Each MSB must file a suspicious activity report (SAR) on the MSB SAR form.  The SAR must be filed no later than thirty (30) days after the date of the initial detection of the facts that constitute the basis for filing a SAR.  SARs may be filed electronically. A transaction may be voluntarily reported by an MSB if it meets any of the regulatory criteria for a “suspicious” transaction even if the transaction falls below the mandatory reporting threshold. Transactions designed to evade the BSA, such as by structuring, are also suspicious.  

It is Company’s policy to identify unusual transactions, examine all available facts and conduct further research as necessary to reach one of two conclusions: (1) that the transaction is highly unusual but not suspicious because there is a reasonable explanation for the activity; or (2) that the transaction is suspicious because it is highly “unusual” and Company knows of no reasonable explanation for the transaction after examining all available facts, including the background and possible purpose of the transaction.  In connection with processing transactions on the Platform, the Company will identify “baselines” of expected, normal activity and identify unusual activity such as an increase in the number of transactions involving a particular individual in a given day.  

Because Circle and not the Company is the MSB with respect to the payments services provided through the Platform, responsibility for filing any required SARs under the BSA lies with Circle. Accordingly, Company will report to Circle any “suspicious” activity relating to Secondary Transaction processed by Circle by sending an email to amlreferrals@circle.com. The email will include a summary of the activity, any relevant end user identifiers (i.e., username, email, etc.), date range of the activity, any relevant documentation such as KYC documents, and relevant end-user communication records. Circle will make the final decision whether to file a SAR based on the information it receives.

When reviewing or monitoring transactions and other activity, no single factor is decisive, and no single factor is sufficient to provide a reasonable basis to conclude that money laundering, terrorist financing, structuring or other “suspicious” activity has occurred.  The determination that specific activity is “suspicious” must be based on consideration of all relevant information especially the size, frequency and nature of transactions and the norm for transactions conducted on the Platform or involving a particular Customer. A single factor, however, may signal that a transaction is unusual and possibly “suspicious” and that further inquiry should be made. Examples of activities that may be “suspicious” include, but are by no means limited to, transactions:

  • Involving funds derived from illegal activity or intended or conducted in order to hide or disguise funds or assets derived from illegal activity (including, without limitation, the ownership, nature, source, location or control of such funds or assets) as part of a plan to violate or evade any federal law or regulation or to avoid any transaction reporting requirement under federal law or regulation;
  • Designed to evade the requirements of the BSA, whether through structuring or other means; 
  • That serves no business or apparent lawful purpose, while the reporting business knows of no reasonable explanation for the transaction after examining all available facts, including the background and possible purpose or the transaction; or 
  • Involving the use of the MSB to facilitate criminal activity.

Structuring

A person engages in structuring if that person, acting alone, or in conjunction with, or on behalf of, other persons conducts or attempts to conduct one or more transactions, in any amount, at one or more financial institutions, on one or more days, in any manner, for the purpose of evading a BSA reporting or recordkeeping requirement.

The phrase “in any manner” includes, but is not limited to, the breaking down of a single sum or sums below the recordkeeping or reporting threshold (e.g., more than $10,000 for CTRs, $3,000 or more for the “Wire Transfer Rule” under 31 CFR 1010.410(e)) or conducting a series of transactions below the relevant threshold ($10,000 or $3,000).  The transaction or transactions do not have to exceed the relevant threshold at any single financial institution (or single MSB or MSB location) on any one date to constitute structuring.

There are three components commonly associated with Money Laundering that criminals use to mask their illegal money:

  1. Placement:  Physically placing criminal proceeds into the financial system.  Oftentimes, this is the most difficult aspect of money laundering for criminals. 
  1. Layering:  Separating the proceeds of criminal activity from their origins through “layers” of financial transactions.  
  1. Integration:  Moving the proceeds of crime into a “final” form that provides an apparently legitimate explanation for the illegally obtained funds.

Evasion Other Than Structuring

Persons intent on evading the BSA often use methods other than or in addition to structuring.  A common method is to assume a false identity. To effectively operate under a false identity, legitimate identification may be altered or counterfeit identification used when conducting financial transactions.

No Business or Apparent Lawful Purpose (Unusual Activity)

An unusual transaction is a transaction that does not fit a norm of expected behavior.  A transaction may be unusual because it is inconsistent with what is known about a particular customer or it is inconsistent with a pattern of behavior previously established by a particular customer.  A transaction may be unusual because it varies from the norm of behavior for a particular group of customers or because it varies from transactions conducted in a particular geographic area or region.  It may be unusual because it varies from a normal business practice locally or generally.

Note: Willful Blindness

In the context of detection and reporting of suspicious activity, if an MSB knows that two transactions appear to have been completed in a manner designed to avoid a BSA requirement, yet MSB deliberately refuses to ask questions or inquire further because it wants to remain ignorant, and thus fails to report the transactions as suspicious, the MSB will be deemed to have knowledge of the two or more “suspicious” transactions for purposes for determining that a violation of the SAR requirement has occurred.

Prohibition against SAR Disclosure

If an MSB files a SAR, it is prohibited from disclosing to any person involved in the reported transaction or transactions that a SAR has been filed.  The prohibition extends to every MSB officer and employee, and all employees must be made aware of their regulatory obligations with regard to this prohibition.  If an MSB receives a subpoena or other request to disclose a SAR or the information contained in a SAR, MSB, including any of its officers, employees and agents (if applicable), must decline to produce the SAR or to provide any information contained in a SAR except where such disclosure is requested by the Financial Crimes Enforcement Network (FinCEN) or by an appropriate law enforcement or supervisory agency. MSB will notify FinCEN of any request made for a SAR or information contained in a SAR and of any response provided to such request.

Civil Immunity for Filing SAR

An MSB and its officers and employees are protected from civil liability in connection with filing a SAR for any information reported in the SAR.

SAR Filing – Subjective Evaluation

The decision whether to report any unusual activity to Circle is made by the Chief Compliance Officer, but the decision about whether to file a SAR ultimately lies with and is the responsibility of Circle as the MSB.  If an employee discovers activity that he or she knows or suspects is involved in a possible violation of law, the information immediately must be referred to the Chief Compliance Officer.  In each case, the Chief Compliance Officer will evaluate the matter and take appropriate action.  A log is maintained by the Company of all details and corrections, if any, of the unusual activity.  SAR supporting documentation will be identified as such and maintained by the Company for a period of five (5) years from the date of filing of the SAR by Circle.  Extreme caution must be used when dealing with anybody who might ask questions about the SAR requirement or other BSA reporting or recordkeeping requirements.  If the Company, or some other person, asks questions about SARs or about other BSA reporting or recordkeeping requirements, the person will be referred to the Chief Compliance Officer.

Currency Transaction Reports (“CTRs”)

Because the Company’s services are provided only electronically, the Company does not currently accept or handle currency and therefore will not make any filings under the BSA relating to transactions involving currency in excess of $10,000.  31 CFR § 1010.330.  To the extent that the Company engages in activities involving currency, the Company will reevaluate the requirements relating to currency transaction reporting under the BSA.

BSA Record Keeping Requirements 

Relevant BSA recordkeeping requirements for the Company include: 

  • Funds Transfer Rule Records
  • Miscellaneous Records

All records required by the BSA, including copies of reports filed and registration records, must be maintained for a period of five (5) years.  

The Funds Transfer Rule

Company to consider applicability of wire transfer rule to its activities—if funds in an amount of $3,000 or more can be transmitted from one user to another through the platform, these requirements would likely apply.

The Funds Transfer Rule, 31 CFR 1010.410(e) (also referred to as the “Travel Rule”), requires that an MSB that accepts funds transfer instructions (i.e., a “transmittal order”):  (i) capture certain identifying and other information about the person placing the transmittal order (the “transmitter”), the person to whom the proceeds of the transmittal order are to be paid (the “recipient”), the transfer, and the financial institution(s) processing the transfer; (ii) verify the identity of the transmitter and the recipient; and (iii) send certain information to the next financial institution processing the transfer.  The rule applies to all transfers in the amount of $3,000 or more regardless of the method of payment.  Information required to be obtained and retained includes the Customer’s Social Security number, EIN, or passport number (if the person does not have a Social Security number), in addition to the Customer’s name and address.

Other BSA Record Keeping Requirements

Additional types of records that must be retained under the BSA may include Section 314(a) Requests, Inquiries from Law Enforcement and Other Government Officials and Information Sharing. Company will maintain records for each transaction, including the payment amount as well as the payor and payee digital wallet address, if applicable.

Transaction Monitoring and Ongoing Due Diligence

Suspicious Activity

It is the Company’s policy to promptly report known or suspected criminal activity to the proper government agencies and to cooperate with law enforcement in criminal investigations.  

Company will monitor and investigate transactions that appear to be suspicious or unusual (as further described below).  Company will communicate with the Customer to the extent reasonably practicable to investigate potential criminal activity, in accordance with relevant obligations under the BSA.

Company employees must be alert to activity that might be indicative of possible structuring or other violations of the BSA, money laundering, terrorist financing or other criminal activity, or otherwise appear “suspicious.”  If an employee discovers activity that he or she knows or suspects is involved in a possible violation of law, the information immediately must be referred to the Chief Compliance Officer.  In each case, the Chief Compliance Officer will evaluate the matter and take appropriate action.

Ongoing Customer Due Diligence

Company will take reasonable steps to prevent the use of the Platform to facilitate money laundering and other illicit activity.  It is the Company’s policy to identify and verify the identity of Customers at onboarding and to re-verify or obtain additional information through an on-going risk-based relationship management process. This process includes reviewing Customers’ activity on the Platform and potential level of risk should any information come to light that suggests the current assessment of the risk associated with the Customer is no longer appropriate. 

Company will obtain and verify identifying information regarding Customers through a KYC Provider, assess the risk of Customers based on transaction volume and activity, maintain appropriate documentation regarding Customers, assess whether processing transactions on behalf of Customers creates excessive risk. Company will conduct a manual review of Customers or transactions flagged as requiring as much based on the enhanced due diligence criteria described below.

Compliance with Legal Process

Government personnel may engage in informal communications with Company.  In addition, Company may receive formal written legal communications such as subpoenas, summonses, and warrants. 

Law enforcement and other government personnel may contact Company as a courtesy and sometimes to narrow the scope of a subpoena or summons to be issued.  A government representative may ask that records, documents or other information be produced without the benefit of a subpoena, summons, or other legal process.  To protect Company and Customer, Company requires formal legal process such as a subpoena, prior to production or disclosure of records, documents and other specific information.

If Company is served with a subpoena, summons, search warrant, or other legal process, or if a government agent otherwise requests information or documents involving the BSA, money laundering or terrorist activity, the Chief Compliance Officer must be contacted.  Only the Chief Compliance Officer is authorized to respond to legal process, legal notices, or other inquiries received from law enforcement or other government authorities or otherwise communicate with law enforcement officials or with other government authorities with respect to criminal and other legal matters related to the BSA, the money laundering and anti-terrorism statutes, and related criminal matters.

4. Know Your Customer (KYC)

Customers Requiring KYC 

Customers will need to complete a KYC identity verification process performed by the KYC Provider before engaging in the following activity on the Platform.

  • Withdraw funds (both fiat and crypto) from the virtual account;
  • Deposit the equivalent of $10,000 into the virtual account over the life of the account; or
  • Have a virtual account cumulative balance of the equivalent of $2,000 available during the course of a single calendar day (ex. if a wallet has a value of $1,500, and the customer spends $1,000 and subsequently reloads $600 before the end of the day, this wallet would have a cumulative daily balance of $2,100 and therefore be subject to KYC).

KYC on Behalf of Circle 

Company, through its KYC Provider, will conduct KYC for Customers as required, on behalf of Circle, , and in accordance with Circle’s KYC Policy. Company will enter into an agreement with Circle specifying the contractual requirements and obligations of Company imposed by Circle in connection with conducting KYC on Circle’s behalf. Company will certify annually to Circle that it will perform the specified KYC requirements of the KYC Policy and related procedures.

KYC Requirements and Standards

When conducting KYC, Company (or or KYC Provider on behalf of Company) will collect the following information from the Customer:

  • Full legal name
  • Date of birth
  • Residential address (must be a street address, not a Post Office (PO) box. If the individual does not have such an address, an Army Post Office (APO) or Fleet Post Office (FPO) box  number, the residential or business street address of next of kin or of another contact individual, or a description of the Customer's physical location is acceptable)
  • Social Security Number (SSN) (or

evidence of an application for one), or if the individual does not have an SSN, a taxpayer identification number; a passport number and country of issuance;

an alien identification card number; or a number and country of issuance of any other

unexpired government-issued document evidencing nationality or residence and bearing

a photograph or similar safeguard)

Information collected from individual Customers must be verified such that the Company has a basis to form a reasonable belief that they know the true identity of the Customer. Verification may be documentary or non-documentary.

Documentary verification is performed when the Customer submits an identification document (“ID”), along with a “selfie” to evidence that the Customer is the same individual as listed on the ID. The ID must be:

  • Government issued
  • Unexpired
  • List the holder’s nationality or residence
  • Bear a photograph or similar safeguard
  • Show information in Latin characters

Examples include passport, or driver’s license. IDs will be submitted to KYC Provider for verification. Customers will pass documentary verification only if the ID provided verifies the information provided by the Customer:

  • Name match and DOB match
  • Name match and passport number match

Any user that produces a government issued identification document from Cuba, North Korea, Syria, Iran or Russia will be immediately blocked by the Company and escalated to Circle by emailing sanctions@circle.com. If there are users that provide a government issued identification from any other prohibited jurisdictions (as listed under the ‘Prohibited Jurisdiction’ section in Clause 5 below), the Company will then conduct the Enhanced Due Diligence process on these users and collect the necessary documentation to verify that particular user’s actual residency (please refer to Clause 6 below for the Enhanced Due Diligence process). 

Non-documentary verification includes comparing the information obtained from the Customer with information obtained from a consumer reporting agency, public database, or reliable other source. 

While the identify verification process will be conducted by a KYC Provider on behalf of Company, the ultimate decision as to whether to approve the Customer will be made by the Company and then by Circle.

KYC Notice

Customers will be provided with adequate notice that the Company is requesting information to verify their identities in connection with the payment’s services provided by Circle. The notice will generally describe the identification requirements and be provided in a manner that is reasonably designed to allow a Customer to view it or otherwise receive the notice before they begin the KYC process. 

KYC Testing

Company recognizes that Circle will perform testing of Company for any KYC being conducted by the Company on Circle’s behalf. Testing will be performed in accordance with Circle’s Compliance Testing Standards. Testing will be performed at minimum annually but may occur more frequently. 

Company may also conduct its own testing and assessments of the KYC processes described herein, including as set forth in Section [8], Independent Review.

KYC Recordkeeping

Company must retain the following information about Customers onboarded on behalf of

Circle for a minimum of seven (7) years following the date the account is closed:

  • All identifying information received
  • Descriptions of any steps taken to verify Customers
  • Any additional due diligence information collected

Additionally, Company must retain:

  • Copies of all ID documentation obtained from the Customer for a minimum of seven years following the date the verification is performed
  • Records of all sanctions, Politically Exposed Persons (“PEP”) and negative news screening performed, including any dispositions of alerts, for a minimum of seven years from the date the screening was performed

If Customers request that their data be erased, for example under the EU General Data Protection

Regulation, any such erasure must be conducted after the time periods stated above lapse.

Company recognizes that Circle may request copies of KYC information related to specific Customers to fulfill its regulatory and transaction monitoring obligations, respond to regulatory and examination requests, or to perform testing on Company’s performance of KYC.

5. Prohibited Customers

Prohibited Customer Types 

Customers involved in activities prohibited under Circle’s Acceptable Use Policy may not open virtual accounts on the Platform through Circle. Circle’s Acceptable Use Policy provides additional information on prohibited Customer types.

Prohibited Jurisdictions 

Customers from the following countries will not be permitted to open accounts or execute transactions on the Platform:

  • Afghanistan
  • Belarus
  • Central African Republic (the)
  • Congo (the Democratic Republic of the)
  • Cuba
  • Guinea-Bissau
  • Iran (Islamic Republic of)
  • Iraq
  • Korea (the Democratic People's Republic of)
  • Libya
  • Mali
  • Myanmar
  • Russia
  • Somalia
  • South Sudan
  • Sudan (the)
  • Syrian Arab Republic
  • Ukraine
  • Venezuela (Bolivarian Republic of)
  • Yemen

Company will implement controls to prevent Customers in these jurisdictions from opening accounts or executing transactions. Controls may include, but are not limited to, blocking sign up or manually reviewing accounts based on IP location, apparent VPN usage to evade IP location, telephone country code, email domain, and billing address. The Company will monitor end-users that were initially offboarded and/or closed due to being from a prohibited jurisdiction in order to prevent them from circumventing the Company’s internal controls to access the Platform.

To ensure that users from prohibited jurisdictions are prevented from opening an account on the Platform, the Company has implemented a feature on the Platform to request all users to input their country at the start of the onboarding process itself. Any user attempting to complete the onboarding process from a prohibited jurisdiction will not be granted access to the Platform. The Company will also verify the IP addresses of the users at the beginning of the onboarding process, and any individual attempting to create an account from a prohibited jurisdiction will be rejected and denied access immediately. 

The Company will also implement regular IP checks. Users with an IP address from Cuba, North Korea, Syria, Iran or Russia will be immediately blocked and reported to Circle by emailing sanctions@circle.com. If there are users with IP addresses from any other prohibited jurisdictions (as listed above), the Company will then conduct the Enhanced Due Diligence process on these users and collect the necessary documentation to verify that particular user’s actual residency (Refer to Section 6 below for the Enhanced Due Diligence process). These conditions pertaining to the ongoing IP checks also apply to other data points collected on the Platform such as a telephone country code, users email domain, billing address, all of which can be used to infer a user’s location. 

In addition, Customers subject to KYC under Section 4 of this Policy will be prohibited from opening an account or executing a transaction through Circle in the following US states:

  • Alaska
  • Hawaii
  • Minnesota
  • New York

Company will block funds of all Customers using Circle virtual accounts that are from prohibited jurisdictions and will escalate those Customers to Circle within 24 hours by emailing sanctions@circle.com.

6. Enhanced Due Diligence

In order to protect the Company and the financial system, the Company must have sufficient knowledge of its Customers. Company must be able to form a reasonable belief that it knows the identity of its Customers and anticipate normal business activity to be able to reasonably conclude that Customers do not present unacceptable risks to the Company relating to money laundering, terrorist financing and other illicit activity. When assessing the risk of a Customer, Company shall consider, at a minimum:

  • Customer risk
  • Geography risk
  • Channel risk
  • Transaction risk
  • Other risk factors

Company shall identify all Customers as high-risk and non-high risk based on their Customer risk assessment. High-risk Customers may be subject to enhanced due diligence at onboarding and through the life of the account, including an annual review of Customers flagged as requiring as much. Enhanced due diligence should address the specific risks posed by the Customers and shall include an additional identity and address verification check by a KYC Provider. 

The Enhanced Due Diligence Process will be carried out in the following manner: 

  • We will understand our Customers’ risk profile;
  • We will obtain additional information from the Customer where necessary. An email or notification via the app will be sent and it will include a link to a form that the Customer has to fill out. This form will be embedded in the website/app that is connected to the Company’s CRM.
  • We will conduct extensive background checks and monitor transactions;
  • We will Organize and secure your data in line with compliance standards;
  • We will keep the data available for regulators (7 years of record keeping).

7. Training and Communication

Training for appropriate personnel is a key component of an effective AML compliance program and is required by the BSA.  Company requires employees involved in the Platform to undertake AML training.  In the event that Company modifies or expands the services offered through the Platform or the types of activity conducted on the Platform, Company will reassess its training policy and revise as appropriate.  The Chief Compliance Officer shall assure that relevant training programs are developed.  

The training sessions should address the purpose and nature of the BSA and a functional approach to money laundering and terrorist financing. 

The Chief Compliance Officer shall maintain a schedule for AML training of appropriate personnel.  Upon delivery of general or training sessions, the Chief Compliance Officer, or other person directly responsible for training, shall prepare a list of signatures of the persons who received training, and a notation of the date and title of the training tool, and the place and during of training.  AML training records shall be maintained for a period of five (5) years from the date of delivery of the training.

8. Independent Review

It is Company’s policy to provide for independent testing of its compliance program consistent with the BSA compliance program mandate.  Accordingly, an independent review of this compliance policy and program will be conducted at the direction of Company management approximately once per year.  The audit/review will be conducted by a person who is both independent and has the experience and skill to conduct a thorough and effective independent review.  The reviewer may be a Company employee but in no event may the reviewer be an employee who has specific compliance responsibility, such as the Chief Compliance Officer, nor an employee who reports to the Chief Compliance Officer.

The reviewer shall develop an internal control questionnaire and audit work program which describes in detail the testing to be performed to meet each audit objective.  A written report summarizing results of the independent review and management’s corrective action will be issued to Company management.

Set forth below is a description of the points that will be covered in the annual independent review, focusing on all areas that deal with BSA reporting and recordkeeping and OFAC compliance:

  • The overall integrity and effectiveness of the Policy, including policies, procedures, and processes;
  • BSA/AML risk assessment;
  • BSA reporting and recordkeeping requirements;
  • Personnel adherence to the MSB’s BSA/AML policies, procedures, and processes; and
  • Adequacy of training.

Records of all final reports of the independent review of the Policy shall be retained by the Chief Compliance Officer for a period of five (5) years.

9. Sanctions Screening 

The primary focus of this Policy is BSA/AML compliance. However, Company also takes seriously the sanctions programs administered by the Office of Foreign Asset Control of the United States Department of the Treasury (“OFAC”). Under OFAC guidelines, although a sanctions compliance program is not required, the existence of a risk-based OFAC compliance program is used by that agency in determining whether to seek civil penalties and/or criminal penalties for even inadvertent lapses of the sanctions program—the statutes administered by OFAC generally impose liability on U.S. persons for conducting prohibited transactions even without specific intent to violate the law. A sanctions compliance program is also required under Circle’s KYC Policy. For this reason, and because it is consistent with Company’s policy of full and complete compliance with all laws and regulations designed to ensure that Company is not utilized as a conduit for illicit activity, Company has instituted an OFAC Compliance Program.

Company shall screen all Customers and related parties (e.g., authorized representatives, beneficial owners, directors) against the following sanctions lists:

  • OFAC Specially Designated Nationals (“SDN”) list
  • OFAC non-SDN lists
  • European Union sanctions lists
  • United Nations sanctions lists
  • UK Her Majesty’s Treasury sanctions lists

Company will screen Customers at onboarding and whenever Customer KYC information

changes (e.g., new address, changes to name, etc.). Company shall re-screen all Customers when any of the aforementioned lists change, no later than three (3) business days following the lists changing.

Company shall freeze and block the virtual accounts of all Customers that are a confirmed sanctions match, and to escalate those Customers to Circle within 24 hours by emailing sanctions@circle.com.

In addition to sanctions screening, each Customer against adverse media and PEP lists. All positive PEP hits for Customers with Circle virtual accounts must be escalated to Circle within 24 hours by emailing sanctions@circle.com.