Join waitlist
This form collects your name, email and optionally phone number. Check out our Privacy Policy for the full story on how we protect and manage your submitted data!
FU Capital Ltd
AML/CTF and Sanctions Policy
APPROVED BY
FU Capital Ltd board
on August 29th, 2024.
Document in force from: August 29th, 2024.
Table of contents
1. Definitions
2. General provision
3. Structure of the entire ICS
4. Customers
5. Relevant employees and their responsibilities
6. Entity Wide Risk assessment
7. Jurisdiction risk assessment
8. Customer scoring (risk group determination)
9. Customer onboarding
10. Customer repeated due diligence
11. Politically Exposed Persons
12. Ongoing monitoring
13. Suspicious activity reporting and communication with authorities
14. Sanctions compliance
15. Training
16. Record keeping and information retention
17. Whistleblowing
18. Control, improvements, efficiency, and audit of ICS
1. Definitions
AML/CTF – Anti-money laundering and counter terrorist financing;
Beneficial owner – a natural person either owning or controlling more than 25% of body corporate;
Board – Management board of FU CAPITAL LTD;
CDD – Customer due diligence
Crypto – digital de-centralized currency which is an alternative form of payment created using encryption algorithms;
Customer – referred to as existing or potential customers legal persons or natural persons of FU Capital to whom services are or will be provided;
EDD – Enhanced due diligence;
EU – European Union;
FU CAPITAL – FU Capital Ltd.;
ICS – Internal control system that represents the whole processes, documentation, policy and procedures of FU Capital to combat money laundering, terrorist financing and International Sanctions breaches in order to comply with AML/CTF and Sanctions regulations of European Union, standards and directives in accordance with relevant FU Capital business processes;
International Sanctions (Sanctions) – political and economic decisions that are part of diplomatic efforts by (as in FU Capital ICS), European Union, United States of America OFAC, United Nations against states, organizations or persons either to protect national security interests, or to protect international law, and defend against threats to international peace and security;
KYC – Know Your Customer
ML/TF and Sanctions risks – Money laundering, terrorist financing and Sanction breaches risks;
MLRO – Money laundering reporting officer;
OFAC – Office of Foreign Asset Control, a governmental organization of USA that is responsible for imposing and regulating Sanctions
Partner – Any partner company of FU CAPITAL that provides FU CAPITAL with services or cooperates in any other way related to transaction processing, customer acquisition, technology provision, etc. (for example banks, payment institutions, other type of financial institutions, agents;
PEP (Politically Exposed Person) – an individual who is entrusted with Prominent public functions, other that as middle-ranking or more junior official; a family member of a direct PEP such as spouse or civil partner, children and the spouses or civil partners of the PEPs children, parents and siblings; known close associate of a PEP such as individual known to have joint beneficial ownership of a legal entity or legal arrangement or any other close business relations with a PEP, or an individual who has sole beneficial ownership of a legal entity or a legal arrangement which is known to have been set up for the benefit of a PEP. For the purpose of FU CAPITAL ICS, PEP is referred to as Customer that is applied with a PEP status itself or due to having beneficial owner or other owner (natural person) with a PEP status;
Policy – AML/CTF and Sanctions Policy of FU CAPITAL;
Prominent public functions – referred to as individuals entrusted with prominent public functions including:
Risks – In Policy always referred to as ML/TF and Sanction risks;
Risk appetite – defined limits of accepting set risks for a particular risk factor;
Relevant employees – those employees of FU CAPITAL that are directly related to AML/CTF processes and perform tasks as per any part of the ICS;
Customer service manager – employee of FU CAPITAL that is responsible for communication and direct work with Customers;
Sanctions –Political and economic decisions that are part of diplomatic efforts by (as in FU CAPITAL ICS), European Union, United States of America OFAC, United nations against states, organizations or persons either to protect national security interests, or to protect international law, and defend against threats to international peace and security;
Token – a representation of an asset or interest that has been tokenized on an existing Crypto blockchain;
UN – United Nations.
2. General provision
2.1. The aim of the Policy:
2.1.1. Set general statements and structure of ICS to maximize prevention of ML, TF, Sanctions regulations circumvention and other financial or non-financial crime and bribery using FU CAPITAL offered services.
2.1.2. To serve as the main all the ICS binding document that regulates all the FU CAPITAL AML/CTF and Sanctions compliance processes, ICS structure and main objectives and stance.
2.1.3. Defining the full list and structure of the ICS procedures, their roles, and general requirements.
2.1.4. Defining fundamental AML/CTF and Sanctions compliance Risk appetite, tolerance levels, unacceptable Customer types and forbidden actions.
2.1.5. Defining FU CAPITAL employee responsibilities, rights, and qualification levels.
2.1.6. Defining FU CAPITAL commitment towards prevention of money laundering, terrorist financing and Sanctions breach and circumvention.
2.1.7. Defining requirements towards ICS control, audit, quality assurance and reporting to highest management.
2.1.8. Defining requirements towards Entity Wide Risk Assessment.
2.2. Policy is based on:
2.2.1. FATF recommendations
2.2.2. EU AML/CTF regulations and directives
2.2.3. EU level AML/CTF best practices and standards for regulated entities
2.2.4. EU sanction regulations.
2.2.5. USA OFAC sanctions regulations.
2.2.6. UN sanctions regulations.
2.2.7. Other best practices and guidelines by internationally acknowledged organizations.
2.3. Although FU CAPITAL is not obliged to implement any AML/CTF and Sanctions compliance (except basic requirements that apply to any individual or entity on Sanctions compliance) internal control system, as FU CAPITAL is not a regulated entity nor is a licensed business with requirements to oblige to particular AML/CTF laws, FU CAPITAL has developed an ICS voluntary as FU CAPITAL understands the inherent risks of the business and need for such ICS in order to cooperate with different Partners and protect its Customers.
2.4. As FU CAPITAL is not a direct subject to a particular AML/CTF law, when building its ICS, general EU regulations, directives and guidelines were applied that are of same “strengths” level as any best AML/CTF regulations within EU.
2.5. To prevent FU CAPITAL provided services to be used for money laundering, terrorist financing and Sanctions circumvention, appropriate, based on defined inherent and residual risks of FU CAPITAL as well as business specifics, Internal Control System is developed and updated according to newest best practices, guidelines and trends in the inherent risks or added new services.
2.6. ICS and Policy itself is built based on identified inherent and residual risks, as well as Risk appetite, in the performed Entity wide risk assessment (EWRA).
2.7. FU CAPITAL main business activity is issuance and sale of Tokens. Tokens are sold in non-public direct sales to Customers through signing contract between FU CAPITAL and Customer, as well as in public offerings through dedicated Crypto exchange platform. As public sales through Crypto exchange are not controlled by FU Capital and FU CAPITAL do not onboard or choose Customers to whom Tokens will be sold to, FU CAPITAL can and is applying ICS processes only to non-public sales where FU CAPITAL signs direct contract of Token sales with Customers.
2.8. FU CAPITAL, as it is not regulated and is not obliged to build any ICS, in order to maximize the practical results of investigations and uncovering ML/TF and Sanctions circumvention schemes, apply only those EU level measures and standards that are relevant to and practically effective in the business specifics of FU CAPITAL.
2.9. FU CAPITAL understands the importance and stakes that are involved in the fight against financial crime, tax evasion, money laundering, terrorist financing, Sanctions evasion and, as far as it is possible to detect, other illicit activity, therefore, in the everyday work, all FU CAPITAL employees apply highest ethical standards and zero tolerance towards these destructive for the society actions that facilitate poverty, destabilization, economic growth slowdown, human rights violations and creates other unacceptable issues. FU CAPITAL ICS is developed, updated and applied in order to prevent, as far as it is possible, these destructive actions of criminals.
2.10. FU CAPITAL apply principles of full and transparent cooperation, that prevail over business interests, with all the relevant regulatory and law enforcement institutions, local and international, to combat ML/TF and Sanctions circumventions.
2.11. In building ICS mechanisms, FU CAPITAL apply not only minimum EU level regulatory requirements, but uses the best practices and guidelines of the respectable international organizations, accumulated internal knowledge and use outsourced expertise in order to build effective and properly performing ICS.
2.12. In building the ICS and during everyday work, FU CAPITAL apply Risk based approach to maximize the use of available resources and enhance supervision where the greatest risks lay.
2.13. If a situation requires it, to prevent or detect criminal activity, FU CAPITAL is prepared to act outside, but in lawful manner, of set procedures to maximize, as far as it is possible, the results of FU CAPITAL fight against crime and not limit itself to the processes set in the procedures.
2.14. FU CAPITAL is assigning all the necessary resources to achieve the set goals of the Policy and ICS in general and regularly assess the adequacy of the available resources based on set Risk appetite.
2.15. This Policy is setting main principles, processes and topics that are built in the respective procedures of each part of the entire ICS. Detailed processes and requirements of each ICS part is described and set in the procedures themselves. If any of the procedures is being changed, it must take into account the requirements of the Policy.
2.16. Any documentation under the ICS (Policy and procedures) is confidential and highly sensitive to the safety and integrity of the ICS workflow, therefore, is developed for internal use only. In case there is a legal or business need (requested by partners facilitating transactions) to share any of the documentation with third parties, it must be coordinated with the MLRO.
2.17. FU CAPITAL is reassessing the efficiency and quality of the ICS and reviews the Policy at least once a year.
2.18. Any changed to the Policy must be approved by the Board.
3. Structure of the ICS
3.1. ICS of FU CAPITAL consists of the Policy and procedures together with the supporting additional documentation, IT systems and registries.
3.2. Policy is the main document that regulates the overall ICS process, its structure and the general contents of procedures.
3.3. FU CAPITAL ICS is built based on the following base procedures:
3.3.1. Jurisdiction risk assessment procedure
3.3.2. Customer scoring procedure
3.3.3. Customer due diligence and monitoring procedure for legal persons
3.3.4. Customer due diligence and monitoring procedure for natural persons
3.3.5. Training procedure
3.3.6. Suspicious activity reporting and communication with authorities procedure
4. Customers
4.1. FU CAPITAL is working directly with legal persons and natural persons, where necessary, setting required ICS processes separately for natural and legal persons in order to fully comply with the AML/CTF and Sanctions requirement approach for each of this group.
4.2. FU CAPITAL is applying KYC (Know Your Customer) principles in the work with its Customers, cooperating only with those Customers who are identified, verified and are not working for the benefit of third parties, and there are no suspicions that ML/TF or Sanctions breach or circumvention is being, is planned or was committed by these Customers.
4.3. FU CAPITAL performs risk assessment (scoring) on all Customers to understand potential risks that particular Customer could use FU CAPITAL services in order to perform ML, TF, Sanctions circumventions or breach or commit other crimes. Based on the results of the performed risk assessment, Customers are applied with appropriate risk levels and risk mitigation measures to control risks and timely determine possible suspicious or unusual activities.
4.4. All Customers are identified and verified distantly, using various automated and manual tools and legally obliged requirements. Used automated tools are acquired from trusted and well-known providers and are integrated into the workflow and core system of FU CAPITAL with appropriate to FU CAPITAL information flow and Customer specific configurations.
4.5. All Customers, with no exceptions, undergo due diligence processes where depth of performed due diligence is determined based on Customer type (natural or legal), risk level of particular Customer and additional unique risk factors and situations.
4.6. FU CAPITAL do not establish relationships or continue relationships with Customers that:
4.6.1. Are not willing to cooperate in providing necessary information for due diligence performance, provides suspicious or untrue information, or Customers themselves or their related natural persons (beneficial owners, directors, etc.) cannot be identified.
4.6.2. Are shell companies without real business activities.
4.6.3. Are shell banks.
4.6.4. Have bearer shares in the ownership structure.
4.6.5. Are unlicensed financial institutions, intermediaries, including unlicensed currency (FIAT or Crypto) exchange houses and money transmitters.
4.6.6. Are working in following or similar high-risk industries:
4.6.6.1. Any kind of weapon and military technology production, sale, or delivery
4.6.6.2. Prostitution
4.6.6.3. Adult entertainment
4.6.6.4. Human trafficking and sale of human organs
4.6.6.5. Professional money laundering
4.6.6.6. Charity and donations
4.6.6.7. Sale of, production of or related activities and sale of accessories to narcotics
4.6.6.8. Hacking or other type of cyber crime
4.6.6.9. Filesharing
4.6.6.10. Sharing, glorifying or distribution of goods related to propaganda of violence, international conflicts or terrorism
4.6.6.11. Pharmacy and drug production and sale
4.6.6.12. Alcohol production or sale
4.6.6.13. Dept collection
4.6.6.14. Distribution or production of tobacco products and electronic tobacco and alternative devices, substances, and accessories
4.6.6.15. Sale of jewelry, precious stones and metals
4.6.6.16. Churches or other any type of religious organizations
4.6.6.17. Modification of electronic chips or re-programming original of software
4.6.6.18. Products breaching intellectual property rights
4.6.6.19. Providing financial services without required licensing
4.6.6.20. Sale of counterfeit products
4.6.6.21. Products of historical and cultural value (paintings, sculptures, medals, etc.)
4.6.6.22. Sale of governmental document forms, prepared other documentation
4.6.6.23. Sale of prohibited electronic devices
4.6.6.24. Binary options services
4.6.6.25. Darknet sales
4.6.6.26. Crypto mixing and tumbling
4.6.6.27. Any other illegal or Sanctions breaching activity
4.6.7. Are known to be involved with or there are strong suspicions of involvement in direct or indirect money laundering, terrorist financing and Sanctions circumventions or breach schemes or other type of criminal financial or non-financial activities and fraud.
4.6.8. Are included in the Sanction lists or there is close relation to such persons with suspicion of assisting them in breach of Sanctions.
4.6.9. Are citizens of, residing in (or have any other relation to), registered in or have other connections with countries that are forbidden for cooperation in accordance with FU CAPITAL internal list.
4.6.10. Are not disclosing or it is not possible to determine the true beneficial owners of the Customer.
4.6.11. Have calculated risk group, based on “Customer scoring procedure”, as “unacceptable”.
4.6.12. Are, as far as FU CAPITAL can determine, avoiding tax payment.
4.6.13. Are having business models with the aim to fraud their customers.
4.6.14. Are asking to establish anonymous accounts or asking about or showing interest in facilitating ML/TF or Sanctions breach or circumvention activities.
4.7. All Customers, during onboarding and as an ongoing process, undergo risk scoring based on pre-set scoring model in order to divide Customers in risk groups: “low”, “medium”, “high” and “unacceptable”. Different assigned risk groups require different level of due diligence depth.
4.8. Additionally, for unique Customers and cases that pose certain risks that cannot be defined by standardized Customer scoring factors, Customers are applied with manual additional risk points in the Customer risk scoring process.
4.9. Minimum requirements towards Customers natural persons:
4.9.1. Customers must be identified and verified.
4.9.2. Customer’s identification document copy must be acquired.
4.9.3. There must be clear understanding in which jurisdiction Customer is residing, is having citizenship and has principal income stream.
4.9.4. Customers are expected to be cooperative and submit any relevant documentation or information that is asked for the purpose of AML/CTF and Sanction compliance duties of FU CAPITAL.
4.9.5. Customer must have decent reputation and no serious negative public information related to ML, TF or Sanction breaches.
4.9.6. Customer income model and transaction schemes must be fairly understandable and logical.
4.9.7. Customer and its income industry must have acceptable risk levels in accordance to defined risk appetite.
4.9.8. FU CAPITAL must understand the economic purpose and logic for Customer to cooperate with FU CAPITAL.
4.10. Minimum requirements towards Customers legal persons:
4.10.1. Customer and its beneficial owners, official representatives acting based on the power of attorney, as well as, as far as it is possible to determine, other owners, must be identified and verified.
4.10.2. Basic identifying legal documentation on the Customer like articles of incorporation, shareholder registry, incorporation certificate and similar documentation must be obtained.
4.10.3. There must be clear understanding in which jurisdiction Customer is registered (precise address), where its principal place of business is and what target markets are reached.
4.10.4. Customers are expected to be cooperative and submit any relevant documentation or information that is asked for the purpose of AML/CTF and Sanction compliance duties of FU CAPITAL.
4.10.5. Customer must have decent reputation and no serious negative public information related to ML, TF or Sanction breaches.
4.10.6. Customer business model and transaction schemes must be fairly understandable and logical.
4.10.7. Customer and its operational industry must have acceptable risk levels in accordance to defined risk appetite.
4.10.8. FU CAPITAL must understand the business purpose and logic for Customer to cooperate with FU CAPITAL.
4.10.9. Customer business activities must be fully legal and fairly ethical.
5. Relevant employees and their responsibilities
5.1. Relevant employees are divided into following categories and with the following core purpose:
5.1.1. Money Laundering Reporting Officer (MLRO): employee with personal responsibility for AML/CTF and Sanctions compliance and has overall responsibility over ICS and its efficiency as well as is responsible for leading the AML department and everyday processes of the AML department.
5.1.2. AML analyst: responsible for performing Customer due diligence and ongoing monitoring, as well as other analytical and information gathering tasks.
5.2. Following are the core responsibilities on the MLRO:
5.2.1. Hold personal responsibility over all ICS.
5.2.2. Measures and improves effectiveness and relevance of the ICS procedures and policies.
5.2.3. Performs Entity Wide Risk Assessment.
5.2.4. Performs reporting to the highest management about the operations and effectiveness of the ICS at least annually.
5.2.5. Approves certain higher risk Customers.
5.2.6. Manages the process of Policy and procedures improvement and development.
5.2.7. Controls jurisdiction risk assessment and list update.
5.2.8. Sets risk levels and risk tolerance levels in the Policy, procedures, and risk assessments. Applicable risk factor defining.
5.2.9. Defines Policy statements towards risks, Customers and ICS.
5.2.10. Communicates with the relevant authorities, performs SARs and reports on Sanction breaches.
5.2.11. Performs internal audits and quality assurance of the ICS.
5.2.12. Performs writing of new procedures.
5.2.13. Performs updating of existing procedures.
5.2.14. Training and guiding employees on AML/CTF and Sanctions compliance topics, issues and changes in regulations and laws.
5.2.15. Developing new and updating existing Customer monitoring and screening scenarios.
5.2.16. Performing tests of internal relevant to ICS processes IT systems, their configuration and workflow.
5.2.17. Leading and planning the work and tasks of AML department.
5.2.18. Supervising and quality checking the work of AML analysts.
5.2.19. Performs external SARs.
5.3. Following are the core responsibilities of AML analyst:
1.1.1. Performing due diligence on new Customers;
1.1.2. Performing due diligence on existing Customers;
5.3.1. Gathering additional information and documentation on Customers;
5.3.2. Performing Customer risk assessment;
5.3.3. Making decisions about cooperation with Customers, or initiating decisions about cooperation with higher risk Customers (where additional approval from MLRO is required);
5.3.4. Monitoring of Customer activity and transactions;
1.1.3. Preparing, documenting and registering all the information, documentation and performed due diligences in the appropriate internal data storage systems;
1.1.4. Performing internal SARs to MLRO;
1.1.5. Informing MLRO on existing due diligence cases, progress of the tasks, identified issues and other AML/CTF statistics;
5.3.5. Perform other tasks related to AML/CTF and Sanctions compliance that are given by the MLRO.
5.4. AML/CTF and Sanctions compliance function is independent in the decision making from other FU CAPITAL functions. Decisions made by the AML department or MLRO regarding cooperation with Customers, needed documentation or information, risk levels, and other by the ICS assigned decisions are final and must be followed by all the other FU CAPITAL employees.
5.5. If there are disagreements regarding made decisions, a special AML committee must make a final joint decision by a simple majority in voting. Decisions made by the AML committee are final and cannot be overridden by any other internal entity besides AML committee itself.
5.6. AML committee is a special decision-making structure that makes a collective decision (by a simple vote majority) on issues and cases related to AML/CTF and Sanctions when common consensus cannot be reached. AML committee meetings and decisions are documented in the meeting minutes. If voting does not give a definitive result, MLRO has the right to enforce the final decision. For AML committee to take place, a quorum of 50% + 1 vote must be reached. AML committee consists of the following FU CAPITAL employees:
5.6.1. MLRO
5.6.2. Head of Customer service
5.6.3. CEO of FU CAPITAL
5.6.4. One beneficial owner of FU CAPITAL
6. Entity Wide Risk Assessment
6.1. Entity wide risk assessment (EWRA) is a specialized process during which money laundering, terrorist financing and Sanction risks within FU CAPITAL itself are evaluated based on unique to FU CAPITAL risk factors.
6.2. All the processes and procedures in the ICS are based on the EWRA results to mitigate determined risks and control the risk appetite.
6.3. EWRA is the document that based on objective and subjective methodological evaluation sets risk tolerance and risk appetite. As risk tolerance and risk appetite are dynamic characteristics that depends on current business model, turnovers, Customer amounts and overall trends and activities in the industry, precise current risk appetite and tolerance levels are set in current developed EWRA and are not embedded in the Policy.
6.4. EWRA is updated at least once per year or more often if significant changes to the risk exposure, applicable regulations or business model have occurred. It is mandatory to perform EWRA before launch of a new service.
6.5. EWRA performance is led by the MLRO but involving other Relevant employees if needed.
6.6. EWRA methodology before its performance is developed by the MLRO, but following criteria are mandatory to be included:
6.6.1. EWRA is performed in a specialized MS “Excel” format file with standardized risk calculation for all used risk factors.
6.6.2. EWRA must contain at least the following risk pillars: Company size and structure; Customers; Provided services; Geography; Transactions and funds flow; Service delivery channels; Partners and technology.
6.6.3. Risk pillars are divided into risk elements and risk elements are divided into risk factors.
6.6.4. ML/TF and Sanction risks are evaluated separately from each other but based on the same methodology.
6.6.5. Four general steps in the risk assessment process for each risk factor must be taken:
6.6.5.1. Inherent risk assessment – evaluation of inherent risks of FU CAPITAL before risk mitigation measures application.
6.6.5.2. Implemented risk mitigation and control mechanism evaluation – after inherent risks are determined, appropriate risk mitigation measures are implemented and the risk mitigation effect on each risk factor is evaluated.
6.6.5.3. Residual risk – residual risk levels for each risk factor after risk mitigation measures were applied, are determined.
6.6.5.4. Risk appetite – after residual risk levels are determined, risk appetite towards those risks is set. Risk appetite defines the capability and effectiveness limits of existing ICS, reaching which existing risk mitigation measures must be reviewed and risk decreased, or appropriate resources added.
6.7. After EWRA calculations are performed, a special report on the analysis of the results, used methodology, core facts, risk appetite levels, vulnerabilities and higher risk areas of ICS and applied risk mitigation measures to control those risks must be prepared by the MLRO and submitted to the Board for evaluation and approval.
6.8. After EWRA is performed, MLRO is responsible of risk appetite parameters control and immediately take action if any of the risk appetite parameters are exceeded by applying an appropriate one or several of possible solutions:
6.8.1. Implementing additional risk mitigation measures;
6.8.2. Providing additional resources to the risk appetite breaching area;
6.8.3. Perform de-risking of Customer base;
6.8.4. Suggest changes in the business model;
6.8.5. Offer other solutions that would normalize the risk appetite levels for issue factors.
7. Jurisdiction risk and lists
7.1. Jurisdiction risk assessment is a part of ICS that regulates and mitigates the geographical risk of the services provided by FU CAPITAL.
7.2. Jurisdiction risk is assessed in accordance with “Jurisdiction risk assessment procedure” where precise actions to be taken with different risk jurisdictions are set.
7.3. Jurisdiction risk assessment procedure” defines clear rules, methodology and calculation formulas based on which jurisdiction risk is assessed.
7.4. A specialized Risk Table (MS Excel format file) is used to perform risk calculations based on set parameters and rules.
7.5. In jurisdiction risk calculations a combination of different internationally reputable and recognized country rankings and lists are used in order to get as precise and updated risk overview as possible.
7.6. Calculations performed in the Risk Table derive 3 jurisdiction risk groups (from the top highest point jurisdictions) – 1st group (jurisdictions with highest risk, no cooperation is allowed), 2nd group (cooperation with particular rules is allowed), 3rd group (cooperation is allowed, but some rules apply). MLRO is responsible for assigning jurisdictions to particular groups. Other jurisdictions are perceived as lower risk and no special rules are applied if these jurisdictions are not assigned to other additional lists.
7.7. Additionally, Internal offshore list is developed – those are jurisdictions that FU CAPITAL perceives as low or no tax jurisdictions with weaker legislations or purposefully more attractive legislations that can facilitate shell company registration and be used for illicit purposes.
7.8. Sanctioned jurisdictions is a special list of those jurisdictions that are included in the applicable Sanctions lists with more requirements than just particular person designation and more robust Sanction monitoring is required. This list of jurisdictions is defined by the MLRO.
7.9. Separate requirements based on jurisdictions characteristics is defined for Customers natural persons and Customers legal persons.
7.10. FU CAPITAL do not cooperate in any way with jurisdictions that are included in the FATF list of non-cooperative jurisdictions.
7.11. A risk-based approach model is applied to determine which jurisdictions FU CAPITAL will not work with, will work with, but under particular conditions and will work with no additional conditions, by combining different risk factors rather than relying solely on one negative or positive aspect.
7.12. FU CAPITAL business model is not limited to particular location, although there is a stronger direction towards EU countries. To not harm and slow down business interests of FU CAPITAL, this factor is taken into account when assigning particular jurisdiction to a particular risk group.
7.13. When defining cooperation risks with a Customer, FU CAPITAL take into account not only registration jurisdiction or residency of a Customer, but also jurisdiction of actual place of business, residency and nationality of beneficial owners and other owners, citizenship, transactions, etc.
8. Customer scoring (risk group determination)
8.1. All of the FU CAPITAL Customers (potential and existing) are assigned with a risk group (low, medium, high, unacceptable) in order to deploy a risk-based approach towards Customer due diligence requirements and effective existing resource use.
8.2. Customer scoring (risk level determination) is performed according to the set rules, risk factors and methodology in the Customer scoring procedure.
8.3. Customer scoring is performed in a specialized MS “Excel” file with built in risk factors and calculation formulas so that Customer scoring performance for employees would be easy, fast and methodological.
8.4. Separate Customer scoring models are used for natural persons and legal persons as both groups have core differences in the applicable risk factor characteristics.
8.5. Risk factors are defined by the MLRO based on the EWRA results and overall FU CAPITAL business model, but Customer scoring table must include at least the following risk types (particular risk factors are listed under these risk types):
8.5.1. For legal persons:
8.5.1.1. Geography
8.5.1.2. Mismatches
8.5.1.3. Structure
8.5.1.4. Beneficiaries
8.5.1.5. Directors
8.5.1.6. Economic activity
8.5.1.7. Funds flow and source of funds
8.5.1.8. Used services
8.5.1.9. Licensed activity
8.5.1.10. Communication and behavior
8.5.1.11. Adverse media and reputation
8.5.1.12. PEP
8.5.2. For natural persons:
8.5.2.1. Geography
8.5.2.2. Customer profile
8.5.2.3. Mismatches
8.5.2.4. Transactions, activity and source of funds
8.5.2.5. Used services
8.5.2.6. Communication and behavior
8.5.2.7. Adverse media and reputation
8.5.2.8. PEP
8.6. Additionally, as not all possible risk factors, due to the uniqueness of different cases, can be standardized, but these unique factors are crucial for risk assessment, Customer scoring model has a special manual point section, where additional points to increase Customer risk can be added or points can be subtracted, if standard risk factors assigned unreasonably for particular Customer high risk group.
8.7. Customers are scored in numerical point system, where total end result points depend on the matched risk factors (each risk factor is applied with particular point amount). MLRO is responsible for setting each risk factor with points and balancing total point threshold that will determine acquired risk group. Risk groups are based on acquired total risk point ranges where MLRO sets thresholds of point ranges for low, medium, high and unacceptable risk.
8.8. If Customer is assigned with “unacceptable” risk group, cooperation with such Customer is not started or existing relationship is terminated.
8.9. Customer scoring results (applicable risk levels) primarily are used to determine depth of due diligence to apply on the Customer, the regularity of the due diligence (how often due diligence is re-done) and necessary additional everyday supervision requirements to be applied.
8.10. Detailed action and due diligence processes applicable to particular risk group Customers are described in other ICS procedures where these results are used.
9. Customer onboarding
9.1. All of the Customers, before entering in business relationship with FU CAPITAL, undergo specialized onboarding process which include identification and verification, Customer scoring and, appropriate to the Customer risk and type, due diligence process.
9.2. Customer onboarding process is stipulated in, depending on if Customer is a legal person or natural person, “Customer due diligence and monitoring procedure for legal persons” or “Customer due diligence and monitoring procedure for natural persons”.
9.3. Customer onboarding is on risk based approach built process that allows FU CAPITAL to enter into the business relationship only with those Customers that comply with FU CAPITAL internal requirements towards Customers and, as far as it is possible to determine, are not involved in money laundering, terrorist financing, Sanctions circumvention, corruption, or any other financial or non-financial crime, as well as divides Customers into risk groups to determine the level of due diligence that is applicable to particular Customer.
9.4. FU CAPITAL is not entering into business relationship with Customers (Customers natural persons, Customers legal persons, their beneficial owners or companies in legal structure) that cannot be identified and verified.
9.5. FU CAPITAL expects all of the potential Customers to fully cooperate during the onboarding process when asked questions and documentation in order to fulfill the duties stipulated in the relevant AML/CTF and Sanctions regulations.
9.6. Customer due diligence procedures regulates the minimum amount of information and documentation that must be gathered and analyzed about each Customer, depending on the type of the Customer, industry, its risk group and other unique factors.
9.7. Customer due diligence procedures regulates the precise onboarding process and decision-making levels and responsibilities of different employees as well as describes full necessary onboarding due diligence performance.
9.8. Customers can be assigned for particular level of due diligence not only based on Customer scoring results, but also Customer due diligence procedures lists pre-defines factors that would automatically assign Customer to enhanced due diligence.
9.9. Due diligence procedures defines following general investigation and decision making process:
9.9.1. As non-public Token sales that fall under ICS requirements typically involves larger amounts of funds, all Customers must undergo manual due diligence investigation process.
9.9.2. During first investigation, AML analyst requests Customer service manager to acquire from Customer needed initial information and documentation before performing full due diligence.
9.9.3. Based on acquired information, AML analyst performs Customer scoring in order to determine final applicable risk group and determine the type of due diligence that must be performed.
9.9.4. AML analyst performs onboarding due diligence and makes the decision to onboard Customer or refuse the cooperation.
9.9.5. For particular cases, MLRO is making double decision on AML analyst’s decisions.
9.9.6. In cases, when there is strong disagreement between MLRO, Customer service department, Board or other departments, AML Committee is making final joint decisions.
10. Customer repeated due diligence
10.1. Customer repeated due diligence is a process of scrutinized Customer investigation with a risk-based approach towards the depth and amount of investigation performed that allows FU CAPITAL to detect potential suspicious or unusual activity during the cooperation with existing Customers and determine if a particular Customer still fits within risk appetite profile of a FU CAPITAL Customer.
10.2. Customer repeated due diligence of FU CAPITAL differs from standard approach of the financial institutions as FU CAPITAL do not provide any transactional services and ICS is built only for the non-public Token sale process, therefore main due diligence can be done during onboarding and re-initiated if any discrepancies are found during monitoring or close of business relationship stage.
10.3. Customer repeated due diligence is performed in separate processes with separate procedures for legal persons and natural persons.
10.4. Detailed Customer repeated due diligence processes, requirements, decision making structure and result documentation is described in “Customer due diligence and monitoring procedure for legal persons” and “Customer due diligence and monitoring procedure for natural persons”.
10.5. Customer repeated due diligence process consists of the following main elements:
10.5.1. Initiation of repeated due diligence
10.5.2. Previous performed due diligence and transaction history investigation
10.5.3. Reviewing of Customer risk group
10.5.4. New public information search
10.5.5. Review of existing documentation and information, requesting additionally required
10.5.6. Performing repeated due diligence type based on risk group and other factors in specialized form
10.5.7. Additional requirements towards PEPs
10.5.8. Decision making and action after due diligence completion
10.5.9. Ending business relationship with Customers
10.6. The type of Customer due diligence (regular, enhanced, etc.) depends on Customer’s risk group or based on special separate cases when particular in the Customer due diligence and monitoring procedure requirements are fulfilled.
10.7. Customer repeated due diligence is performed in specialized due diligence form with pre-set investigation topics, analysis that must be done and decisions that must be made.
10.8. Following is the standard default division of due diligence types between risk groups if no unique risk factors are determined:
10.8.1. Low risk group – regular due diligence
10.8.2. Medium risk group – regular due diligence with additional requirements
10.8.3. High risk group – Enhanced due diligence
10.8.4. PEPs – Enhanced due diligence with additional requirements
10.9. Due diligence process must be repeated at least in the following events:
10.9.1. Risk group increase;
10.9.2. Significant new public negative information appears;
10.9.3. Possible, but almost certain list match detection;
10.9.4. Significant issues or risk detected during monitoring process;
10.9.5. Before ending of the relationship or paying out profits.
10.10. MLRO, at any points, based on suspicions or on Customer’s unusual activity, can initiate performance of a new repeated due diligence.
11. Politically Exposed Persons
11.1. Customer of FU CAPITAL is assigned as being a PEP if the Customer itself (natural person), at least one of the beneficial owners of the Customer is a PEP, family member of a PEP or a known close associate of the PEP in any jurisdiction. PEP status can be assigned by FU CAPITAL also in cases when by legal definition particular person is not a PEP, but in FU CAPITAL opinion this person has significant political influence and therefore it is appropriate to assign such status to have more robust due diligence procedures on such Customer.
11.2. In special cases when owner of the Customer with less shares then by the definition of beneficial owner has a PEP status, FU CAPITAL is making a special separate decision whether to apply this Customer with a PEP status.
11.3. Customers with PEP status are assigned with additional due diligence requirements that are regulated in the Customer onboarding and repeated due diligence procedures for legal persons and natural persons.
11.4. All decisions regarding a Customer with a PEP status must be confirmed by the MLRO.
11.5. To determine the PEP status, FU CAPITAL is not relying only on the information disclosed by the Customer itself or automated solution screening results, but also must perform manual searches in the public information channels to confirm information provided by the Customer or automated solutions.
11.6. Customers with PEP status must always have at least “high” risk group.
11.7. After PEP ceased to be entrusted with a prominent public function that determined the PEP status, FU CAPITAL apply PEP status to the Customer (if the same person is still in the ownership structure) for at least additional 12 months or longer if FU CAPITAL considers this person as still having enough political influence and risks related to corruption and laundering of corrupt funds.
12. Ongoing monitoring
12.1. Ongoing Customer, their transaction and behavior monitoring is a crucial part of overall ICS processes as certain changes in Customers’ parameters, behavior and actions, as well as details of their transductions might indicate on potential or certain ML/TF or Sanctions circumvention schemes.
12.2. As FU CAPITAL do not provide any transactional services and ICS is built only for the non-public Token sale process, monitoring differs from standard financial institution monitoring processes and is limited to the following actions:
12.2.1. Ongoing screening of Customers against Sanctions and other lists;
12.2.2. Ongoing monitoring of the public negative information;
12.2.3. Manual monitoring of any incoming or outgoing transactions with Customers and Partners resulting from Token sale or profit distribution;
12.2.4. Customer’s core information change monitoring;
12.2.5. Customer’s behavioral monitoring and analysis;
12.2.6. Monitoring of involved Crypto wallets.
12.3. Detailed process and requirements of the monitoring, applied indicators, risk factors and monitoring process steps are described in Customer due diligence and monitoring procedures in the relevant sections.
12.4. Procedures are setting only exemplary and most obvious suspicious activity examples that must be examined, but such lists are not full and employees must apply risk based approach and logic when performing investigations to determine unique situations that could indicate on possible ML, TF or Sanctions circumvention and other illicit activity schemes.
12.5. Certain type of activity is defined in the procedures that require to immediately perform full Customer due diligence, other investigation of particular transaction or case without necessary full due diligence.
12.6. The aim of transaction on ongoing monitoring is to timely determine, possibly prevent and report to the authorities about possible or determined ML, TF, Sanctions circumvention and other illicit activity schemes as far as it is possible to determine.
13. Suspicious activity reporting and communication with authorities
13.1. Suspicious activity reporting (internal and external) and communication with authorities process is set in a specialized “Suspicious activity reporting and communication with authorities procedure”.
13.2. Procedure sets mandatory reporting requirements and suspicious activity types that are to be reported, but do not compile a complete list of such activities.
13.3. This process sets procedure of reporting to the appropriate authorities about potential or determined suspicious activity related to ML, TF and other financial or non-financial criminal activities, bribery, etc.
13.4. Although FU Capital is not a regulated entity and is not obliged to report suspicious or unusual activity, FU Capital is willingly taken upon obligation to perform reporting of suspicious or unusual activity to the relevant authorities.
13.5. Procedure contains two types of reporting:
13.5.1. Internal reporting – employee responsibility to report about suspicious or unusual activities, potential or determined crime, internal or external bribery to the MLRO.
13.5.2. External reporting – Reporting the suspicious activities to the authorities by the MLRO.
13.6. Additionally, procedure determines standards and procedure on other type of communication with relevant authorities.
13.7. All FU CAPITAL employees are responsible to report about suspicious or unusual activities to the MLRO based on the processes set in the procedure.
13.8. Employees are given opportunity to report also anonymously to encourage the reporting in cases when an employee is afraid of repercussions.
13.9. MLRO has the rights to perform reporting to the authorities autonomously without receiving any approvals from any management body of FU CAPITAL and without responsibility to inform any management body about performed reporting.
13.10. Information about performed reporting is treated as confidential and is not disclosed to the Customers (except when it is required to be done according to the regulations) or other third parties outside FU CAPITAL (except when required to disclose according to regulations) and other employees not involved in the investigation and reporting process.
13.11. When reporting to the authorities and performing restrictive actions against possible illicit funds, FU CAPITAL must, as far as it is possible, act in a manner that will not “tip off” involved Customer about the reporting.
13.12. FU CAPITAL can proceed with transferring suspected or known illicit funds or providing services to suspected or known illicit Customers if not doing so would “tip off” potential criminals, hinder or intervene into effective investigation by the relevant authorities or due to other reasonable excuses that could bring harm to effective investigation, but such action must be immediately reported to the relevant authorities.
14. Sanctions compliance
14.1. FU CAPITAL is a direct subject to the UN Sanctions. Additionally, as FU CAPITAL has a global business reach and it is important for cooperation with financial institutions in other countries, FU CAPITAL willingly follow EU Sanctions and USA OFAC Sanctions as far as it is not intervening with local regulations.
14.2. FU CAPITAL perceives Sanctions as crucial tool for supporting global security objectives, as well as maintain international peace, security, and preventing terrorism, therefore places Sanction compliance as one of top priorities in everyday business conduct and fulfills its duties with utmost scrutiny and responsibility.
14.3. FU CAPITAL will not cooperate with other financial institutions that do not follow the same or at least EU and UN imposed Sanctions, except cases when Sanctions are imposed on countries where these financial institutions are residing and cooperation with these institutions is crucial for FU CAPITAL business.
14.4. FU CAPITAL apply zero tolerance towards Sanctions circumventions and breaches, and, to the best knowledge, will not cooperate in any way with sanctioned persons or persons supporting sanctioned persons and provide services where it can or is supporting Sanctions circumvention or breach.
14.5. There are two type of Sanctions reports:
14.5.1. Internal – any employee can report (including anonymously) about suspected or determined Sanctions breaches or circumventions to the MLRO for final decision making and external reporting.
14.5.2. External reporting – reporting about suspected or determined Sanctions circumventions or breaches to the relevant authorities by the MLRO.
14.6. On all the suspected or determined Sanction breaches or circumventions MLRO is responsible for scrutinized investigations and performing final reports to the authorities and, if necessary and possible, issuing orders of internal asset freeze until further notice from the authorities.
14.7. FU CAPITAL internal Sanctions compliance process contains following main elements:
14.7.1. Screening of all new and regularly (defined in the procedure) existing Customers and all known related natural persons against Sanctions lists (designated persons).
14.7.2. Evaluation against Sanctions regime requirements towards services provided and products sold by the Customers of FU CAPITAL during onboarding and during performance of repeated due diligences.
14.7.3. Performance of FU CAPITAL Partners due diligence based on Sanctions regime requirements and, if applicable and possible, their own Sanctions policies and procedures.
14.7.4. Monitoring transactions and Customer activity against Sanctions regulations requirements and relation to sanctioned persons.
14.8. Due diligence process contain a special section dedicated to Sanctions to ensure each Customer is appropriately evaluated and checked against Sanctions requirements.
14.9. MLRO is determined as the main responsible person in FU CAPITAL for Sanctions regulations compliance.
15. Training
15.1. To ensure all the Relevant employees of FU CAPITAL have adequate to their responsibility levels knowledge about AML/CTF and Sanctions compliance, a special training procedure is implemented in the FU CAPITAL ICS.
15.2. As AML/CTF and Sanctions compliance industry is very dynamic and progress every year and to ensure existing knowledge preservation, all the Relevant employees must receive training in AML/CTF and Sanctions at least once a year, but with different depth of training for each type of Relevant employee.
15.3. The precise type, depth and periodicity of training that must be received by each type of Relevant person is set in the Training procedure but must include at least latest updates and existing requirements of the relevant laws and training in how to recognize and take measures against possible ML, TF and Sanctions breaches or circumvention situations.
15.4. If a new Relevant employee without relevant experience or relevant previous training is accepted to work for FU CAPITAL, MLRO must perform general internal training for this employee about AML/CTF and Sanctions compliance within first month of employment. Topics to be covered in such training are determined in the “Training procedure”.
15.5. MLRO is responsible for following training schedules and organizing or assigning organization of necessary training for Relevant and other employees.
15.6. Before each calendar year, MLRO is responsible for developing a training plan for the next calendar year.
16. Record keeping and information retention
16.1. FU CAPITAL develops ICS documentation and keeps records of performed transactions, due diligences, Customer forms, reports, screenings and other related information in a secure and appropriate way in internal storage systems.
16.2. All the information, records and documentation are kept in an audit-trailable manner for ease of access, understandable sorting and effective auditing.
16.3. All of the information retained about Customer during due diligence processes, information on transactions and other related information that is acquired in accordance with ICS requirements, is kept at least 5 (five) years after the relationship with particular Customer has ended, but no longer than 10 years after which all the information is destroyed.
16.4. Information is not destroyed in cases when it is:
16.4.1. Required to retain records by or under any enactment, or for the purposes of any court proceedings;
16.4.2. FU CAPITAL has reasonable grounds for believing that records need to be retained for the purpose of
legal proceedings.
16.5. Any personal data acquired by FU CAPITAL in accordance with ICS requirements is used solely for the purpose of detecting and preventing ML, TF and Sanctions breaches or circumventions as required per applicable legislation.
16.6. Key information that is retained:
16.6.1. Any registration and other legal documentation on Customer legal entity
16.6.2. Personal data, copies of identification documentation and other highly personal information on
Customers natural persons or related to a Customer legal person natural persons
16.6.3. Documentation related to business dealings and transactions of a Customer
16.6.4. Filled Customer questionnaires
16.6.5. Results of due diligence analysis
16.6.6. Risk assessment results of a Customer
16.6.7. Records of performed transactions
16.6.8. Internal and external suspicious transaction reports
16.6.9. Audit results and prepared reports on ICS effectiveness by the MLRO
16.6.10. Results of performed trainings including presentations, attendance logbooks and test results
16.6.11. Results of Customer activity and transaction monitoring
16.6.12. Communication history with authorities and Customers
16.6.13. History of changes to the ICS documentation.
17. Whistleblowing
17.1. FU CAPITAL employees have the right and are encouraged to disclose any wrongdoing within FU CAPITAL and may do it internally or externally.
17.2. Disclosures are done and whistleblowers are protected from any retaliation if employee discloses information on:
17.2.1. Criminal offence that has been, is being or is likely to be committed;
17.2.2. A person that has failed, is failing or is likely to fail to comply with any legal obligations to which he is a subject;
17.2.3. A miscarriage of justice has occurred, is occurring or is likely to occur;
17.2.4. The health or safety of any individual has been, is being or is likely to be endangered;
17.2.5. The environment has been, is being or is likely to be damaged;
17.2.6. Information which would tend to show any matter falling into any of the above has been, is being or is likely to be concealed.
17.3. For internal reporting employees can report to the MLRO or to other highest management body, that feels the safest, in writing, orally or anonymously in any convenient way and respective management body receiving report has the highest obligation to take the report seriously and act on it.
17.4. If disclosure cannot be done internally (employee suspects that particular individual is involved in the wrongdoing or would not act on the information) external whistleblowing report can be done to any relevant governmental bodies through their communication channels, contacts or specialized whistleblowing channels.
18. Control, improvements, efficiency, and audit of ICS
18.1. Regular and ongoing monitoring, control and auditing of the ICS documentation and processes are crucial part of making sure FU CAPITAL is compliant to applicable AML/CTF and Sanctions compliance legislations, have an effective and properly functioning ICS in accordance with latest tendencies, developments and standards.
18.2. A specialized procedure, ICS effectiveness monitoring and audit procedure, regulates this process and sets requirements, standards and procedure in the following key areas and actions:
18.2.1. Requirements towards external audit of the FU CAPITAL ICS or its separate parts;
18.2.2. Requirements towards internal audit of the FU CAPITAL ICS or its separate parts;
18.2.3. Internal regular evaluation of the effectiveness of FU CAPITAL ICS or its separate parts;
18.2.4. Employee performed work quality assurance mechanisms;
18.2.5. Reporting to the management of FU CAPITAL by the MLRO on the effectiveness, results, needed improvements, resource sufficiency and overall state of the ICS.
18.3. Internal evaluation and audit of the ICS effectiveness must be performed at least annually.
18.4. External evaluation and audit of the ICS effectiveness and compliance to the regulations must be performed at least every 2 (two) years.
18.5. Quality assurance of selected processes or employees must be performed at least once a year.
AML/CTF and Sanctions Policy
APPROVED BY
FU Capital Ltd board
on August 29th, 2024.
Document in force from: August 29th, 2024.
Table of contents
1. Definitions
2. General provision
3. Structure of the entire ICS
4. Customers
5. Relevant employees and their responsibilities
6. Entity Wide Risk assessment
7. Jurisdiction risk assessment
8. Customer scoring (risk group determination)
9. Customer onboarding
10. Customer repeated due diligence
11. Politically Exposed Persons
12. Ongoing monitoring
13. Suspicious activity reporting and communication with authorities
14. Sanctions compliance
15. Training
16. Record keeping and information retention
17. Whistleblowing
18. Control, improvements, efficiency, and audit of ICS
1. Definitions
AML/CTF – Anti-money laundering and counter terrorist financing;
Beneficial owner – a natural person either owning or controlling more than 25% of body corporate;
Board – Management board of FU CAPITAL LTD;
CDD – Customer due diligence
Crypto – digital de-centralized currency which is an alternative form of payment created using encryption algorithms;
Customer – referred to as existing or potential customers legal persons or natural persons of FU Capital to whom services are or will be provided;
EDD – Enhanced due diligence;
EU – European Union;
FU CAPITAL – FU Capital Ltd.;
ICS – Internal control system that represents the whole processes, documentation, policy and procedures of FU Capital to combat money laundering, terrorist financing and International Sanctions breaches in order to comply with AML/CTF and Sanctions regulations of European Union, standards and directives in accordance with relevant FU Capital business processes;
International Sanctions (Sanctions) – political and economic decisions that are part of diplomatic efforts by (as in FU Capital ICS), European Union, United States of America OFAC, United Nations against states, organizations or persons either to protect national security interests, or to protect international law, and defend against threats to international peace and security;
KYC – Know Your Customer
ML/TF and Sanctions risks – Money laundering, terrorist financing and Sanction breaches risks;
MLRO – Money laundering reporting officer;
OFAC – Office of Foreign Asset Control, a governmental organization of USA that is responsible for imposing and regulating Sanctions
Partner – Any partner company of FU CAPITAL that provides FU CAPITAL with services or cooperates in any other way related to transaction processing, customer acquisition, technology provision, etc. (for example banks, payment institutions, other type of financial institutions, agents;
PEP (Politically Exposed Person) – an individual who is entrusted with Prominent public functions, other that as middle-ranking or more junior official; a family member of a direct PEP such as spouse or civil partner, children and the spouses or civil partners of the PEPs children, parents and siblings; known close associate of a PEP such as individual known to have joint beneficial ownership of a legal entity or legal arrangement or any other close business relations with a PEP, or an individual who has sole beneficial ownership of a legal entity or a legal arrangement which is known to have been set up for the benefit of a PEP. For the purpose of FU CAPITAL ICS, PEP is referred to as Customer that is applied with a PEP status itself or due to having beneficial owner or other owner (natural person) with a PEP status;
Policy – AML/CTF and Sanctions Policy of FU CAPITAL;
Prominent public functions – referred to as individuals entrusted with prominent public functions including:
- Heads of state, heads of government, ministers and deputy or assistant ministers;
- Members of parliament or of similar legislative bodies;
- Members of the governing bodies of political parties;
- Members of supreme courts, of constitutional courts or of any judicial body the decisions of which are not subject to further appeal except in exceptional circumstances;
- Members of courts of auditors or of the boards of central banks;
- Ambassadors, charges d'affaires and high-ranking officers in the armed forces;
- Members of the administrative, management or supervisory bodies of State-owned enterprises;
- Directors, deputy directors and members of the board or equivalent function of an international organization.
Risks – In Policy always referred to as ML/TF and Sanction risks;
Risk appetite – defined limits of accepting set risks for a particular risk factor;
Relevant employees – those employees of FU CAPITAL that are directly related to AML/CTF processes and perform tasks as per any part of the ICS;
Customer service manager – employee of FU CAPITAL that is responsible for communication and direct work with Customers;
Sanctions –Political and economic decisions that are part of diplomatic efforts by (as in FU CAPITAL ICS), European Union, United States of America OFAC, United nations against states, organizations or persons either to protect national security interests, or to protect international law, and defend against threats to international peace and security;
Token – a representation of an asset or interest that has been tokenized on an existing Crypto blockchain;
UN – United Nations.
2. General provision
2.1. The aim of the Policy:
2.1.1. Set general statements and structure of ICS to maximize prevention of ML, TF, Sanctions regulations circumvention and other financial or non-financial crime and bribery using FU CAPITAL offered services.
2.1.2. To serve as the main all the ICS binding document that regulates all the FU CAPITAL AML/CTF and Sanctions compliance processes, ICS structure and main objectives and stance.
2.1.3. Defining the full list and structure of the ICS procedures, their roles, and general requirements.
2.1.4. Defining fundamental AML/CTF and Sanctions compliance Risk appetite, tolerance levels, unacceptable Customer types and forbidden actions.
2.1.5. Defining FU CAPITAL employee responsibilities, rights, and qualification levels.
2.1.6. Defining FU CAPITAL commitment towards prevention of money laundering, terrorist financing and Sanctions breach and circumvention.
2.1.7. Defining requirements towards ICS control, audit, quality assurance and reporting to highest management.
2.1.8. Defining requirements towards Entity Wide Risk Assessment.
2.2. Policy is based on:
2.2.1. FATF recommendations
2.2.2. EU AML/CTF regulations and directives
2.2.3. EU level AML/CTF best practices and standards for regulated entities
2.2.4. EU sanction regulations.
2.2.5. USA OFAC sanctions regulations.
2.2.6. UN sanctions regulations.
2.2.7. Other best practices and guidelines by internationally acknowledged organizations.
2.3. Although FU CAPITAL is not obliged to implement any AML/CTF and Sanctions compliance (except basic requirements that apply to any individual or entity on Sanctions compliance) internal control system, as FU CAPITAL is not a regulated entity nor is a licensed business with requirements to oblige to particular AML/CTF laws, FU CAPITAL has developed an ICS voluntary as FU CAPITAL understands the inherent risks of the business and need for such ICS in order to cooperate with different Partners and protect its Customers.
2.4. As FU CAPITAL is not a direct subject to a particular AML/CTF law, when building its ICS, general EU regulations, directives and guidelines were applied that are of same “strengths” level as any best AML/CTF regulations within EU.
2.5. To prevent FU CAPITAL provided services to be used for money laundering, terrorist financing and Sanctions circumvention, appropriate, based on defined inherent and residual risks of FU CAPITAL as well as business specifics, Internal Control System is developed and updated according to newest best practices, guidelines and trends in the inherent risks or added new services.
2.6. ICS and Policy itself is built based on identified inherent and residual risks, as well as Risk appetite, in the performed Entity wide risk assessment (EWRA).
2.7. FU CAPITAL main business activity is issuance and sale of Tokens. Tokens are sold in non-public direct sales to Customers through signing contract between FU CAPITAL and Customer, as well as in public offerings through dedicated Crypto exchange platform. As public sales through Crypto exchange are not controlled by FU Capital and FU CAPITAL do not onboard or choose Customers to whom Tokens will be sold to, FU CAPITAL can and is applying ICS processes only to non-public sales where FU CAPITAL signs direct contract of Token sales with Customers.
2.8. FU CAPITAL, as it is not regulated and is not obliged to build any ICS, in order to maximize the practical results of investigations and uncovering ML/TF and Sanctions circumvention schemes, apply only those EU level measures and standards that are relevant to and practically effective in the business specifics of FU CAPITAL.
2.9. FU CAPITAL understands the importance and stakes that are involved in the fight against financial crime, tax evasion, money laundering, terrorist financing, Sanctions evasion and, as far as it is possible to detect, other illicit activity, therefore, in the everyday work, all FU CAPITAL employees apply highest ethical standards and zero tolerance towards these destructive for the society actions that facilitate poverty, destabilization, economic growth slowdown, human rights violations and creates other unacceptable issues. FU CAPITAL ICS is developed, updated and applied in order to prevent, as far as it is possible, these destructive actions of criminals.
2.10. FU CAPITAL apply principles of full and transparent cooperation, that prevail over business interests, with all the relevant regulatory and law enforcement institutions, local and international, to combat ML/TF and Sanctions circumventions.
2.11. In building ICS mechanisms, FU CAPITAL apply not only minimum EU level regulatory requirements, but uses the best practices and guidelines of the respectable international organizations, accumulated internal knowledge and use outsourced expertise in order to build effective and properly performing ICS.
2.12. In building the ICS and during everyday work, FU CAPITAL apply Risk based approach to maximize the use of available resources and enhance supervision where the greatest risks lay.
2.13. If a situation requires it, to prevent or detect criminal activity, FU CAPITAL is prepared to act outside, but in lawful manner, of set procedures to maximize, as far as it is possible, the results of FU CAPITAL fight against crime and not limit itself to the processes set in the procedures.
2.14. FU CAPITAL is assigning all the necessary resources to achieve the set goals of the Policy and ICS in general and regularly assess the adequacy of the available resources based on set Risk appetite.
2.15. This Policy is setting main principles, processes and topics that are built in the respective procedures of each part of the entire ICS. Detailed processes and requirements of each ICS part is described and set in the procedures themselves. If any of the procedures is being changed, it must take into account the requirements of the Policy.
2.16. Any documentation under the ICS (Policy and procedures) is confidential and highly sensitive to the safety and integrity of the ICS workflow, therefore, is developed for internal use only. In case there is a legal or business need (requested by partners facilitating transactions) to share any of the documentation with third parties, it must be coordinated with the MLRO.
2.17. FU CAPITAL is reassessing the efficiency and quality of the ICS and reviews the Policy at least once a year.
2.18. Any changed to the Policy must be approved by the Board.
3. Structure of the ICS
3.1. ICS of FU CAPITAL consists of the Policy and procedures together with the supporting additional documentation, IT systems and registries.
3.2. Policy is the main document that regulates the overall ICS process, its structure and the general contents of procedures.
3.3. FU CAPITAL ICS is built based on the following base procedures:
3.3.1. Jurisdiction risk assessment procedure
3.3.2. Customer scoring procedure
3.3.3. Customer due diligence and monitoring procedure for legal persons
3.3.4. Customer due diligence and monitoring procedure for natural persons
3.3.5. Training procedure
3.3.6. Suspicious activity reporting and communication with authorities procedure
4. Customers
4.1. FU CAPITAL is working directly with legal persons and natural persons, where necessary, setting required ICS processes separately for natural and legal persons in order to fully comply with the AML/CTF and Sanctions requirement approach for each of this group.
4.2. FU CAPITAL is applying KYC (Know Your Customer) principles in the work with its Customers, cooperating only with those Customers who are identified, verified and are not working for the benefit of third parties, and there are no suspicions that ML/TF or Sanctions breach or circumvention is being, is planned or was committed by these Customers.
4.3. FU CAPITAL performs risk assessment (scoring) on all Customers to understand potential risks that particular Customer could use FU CAPITAL services in order to perform ML, TF, Sanctions circumventions or breach or commit other crimes. Based on the results of the performed risk assessment, Customers are applied with appropriate risk levels and risk mitigation measures to control risks and timely determine possible suspicious or unusual activities.
4.4. All Customers are identified and verified distantly, using various automated and manual tools and legally obliged requirements. Used automated tools are acquired from trusted and well-known providers and are integrated into the workflow and core system of FU CAPITAL with appropriate to FU CAPITAL information flow and Customer specific configurations.
4.5. All Customers, with no exceptions, undergo due diligence processes where depth of performed due diligence is determined based on Customer type (natural or legal), risk level of particular Customer and additional unique risk factors and situations.
4.6. FU CAPITAL do not establish relationships or continue relationships with Customers that:
4.6.1. Are not willing to cooperate in providing necessary information for due diligence performance, provides suspicious or untrue information, or Customers themselves or their related natural persons (beneficial owners, directors, etc.) cannot be identified.
4.6.2. Are shell companies without real business activities.
4.6.3. Are shell banks.
4.6.4. Have bearer shares in the ownership structure.
4.6.5. Are unlicensed financial institutions, intermediaries, including unlicensed currency (FIAT or Crypto) exchange houses and money transmitters.
4.6.6. Are working in following or similar high-risk industries:
4.6.6.1. Any kind of weapon and military technology production, sale, or delivery
4.6.6.2. Prostitution
4.6.6.3. Adult entertainment
4.6.6.4. Human trafficking and sale of human organs
4.6.6.5. Professional money laundering
4.6.6.6. Charity and donations
4.6.6.7. Sale of, production of or related activities and sale of accessories to narcotics
4.6.6.8. Hacking or other type of cyber crime
4.6.6.9. Filesharing
4.6.6.10. Sharing, glorifying or distribution of goods related to propaganda of violence, international conflicts or terrorism
4.6.6.11. Pharmacy and drug production and sale
4.6.6.12. Alcohol production or sale
4.6.6.13. Dept collection
4.6.6.14. Distribution or production of tobacco products and electronic tobacco and alternative devices, substances, and accessories
4.6.6.15. Sale of jewelry, precious stones and metals
4.6.6.16. Churches or other any type of religious organizations
4.6.6.17. Modification of electronic chips or re-programming original of software
4.6.6.18. Products breaching intellectual property rights
4.6.6.19. Providing financial services without required licensing
4.6.6.20. Sale of counterfeit products
4.6.6.21. Products of historical and cultural value (paintings, sculptures, medals, etc.)
4.6.6.22. Sale of governmental document forms, prepared other documentation
4.6.6.23. Sale of prohibited electronic devices
4.6.6.24. Binary options services
4.6.6.25. Darknet sales
4.6.6.26. Crypto mixing and tumbling
4.6.6.27. Any other illegal or Sanctions breaching activity
4.6.7. Are known to be involved with or there are strong suspicions of involvement in direct or indirect money laundering, terrorist financing and Sanctions circumventions or breach schemes or other type of criminal financial or non-financial activities and fraud.
4.6.8. Are included in the Sanction lists or there is close relation to such persons with suspicion of assisting them in breach of Sanctions.
4.6.9. Are citizens of, residing in (or have any other relation to), registered in or have other connections with countries that are forbidden for cooperation in accordance with FU CAPITAL internal list.
4.6.10. Are not disclosing or it is not possible to determine the true beneficial owners of the Customer.
4.6.11. Have calculated risk group, based on “Customer scoring procedure”, as “unacceptable”.
4.6.12. Are, as far as FU CAPITAL can determine, avoiding tax payment.
4.6.13. Are having business models with the aim to fraud their customers.
4.6.14. Are asking to establish anonymous accounts or asking about or showing interest in facilitating ML/TF or Sanctions breach or circumvention activities.
4.7. All Customers, during onboarding and as an ongoing process, undergo risk scoring based on pre-set scoring model in order to divide Customers in risk groups: “low”, “medium”, “high” and “unacceptable”. Different assigned risk groups require different level of due diligence depth.
4.8. Additionally, for unique Customers and cases that pose certain risks that cannot be defined by standardized Customer scoring factors, Customers are applied with manual additional risk points in the Customer risk scoring process.
4.9. Minimum requirements towards Customers natural persons:
4.9.1. Customers must be identified and verified.
4.9.2. Customer’s identification document copy must be acquired.
4.9.3. There must be clear understanding in which jurisdiction Customer is residing, is having citizenship and has principal income stream.
4.9.4. Customers are expected to be cooperative and submit any relevant documentation or information that is asked for the purpose of AML/CTF and Sanction compliance duties of FU CAPITAL.
4.9.5. Customer must have decent reputation and no serious negative public information related to ML, TF or Sanction breaches.
4.9.6. Customer income model and transaction schemes must be fairly understandable and logical.
4.9.7. Customer and its income industry must have acceptable risk levels in accordance to defined risk appetite.
4.9.8. FU CAPITAL must understand the economic purpose and logic for Customer to cooperate with FU CAPITAL.
4.10. Minimum requirements towards Customers legal persons:
4.10.1. Customer and its beneficial owners, official representatives acting based on the power of attorney, as well as, as far as it is possible to determine, other owners, must be identified and verified.
4.10.2. Basic identifying legal documentation on the Customer like articles of incorporation, shareholder registry, incorporation certificate and similar documentation must be obtained.
4.10.3. There must be clear understanding in which jurisdiction Customer is registered (precise address), where its principal place of business is and what target markets are reached.
4.10.4. Customers are expected to be cooperative and submit any relevant documentation or information that is asked for the purpose of AML/CTF and Sanction compliance duties of FU CAPITAL.
4.10.5. Customer must have decent reputation and no serious negative public information related to ML, TF or Sanction breaches.
4.10.6. Customer business model and transaction schemes must be fairly understandable and logical.
4.10.7. Customer and its operational industry must have acceptable risk levels in accordance to defined risk appetite.
4.10.8. FU CAPITAL must understand the business purpose and logic for Customer to cooperate with FU CAPITAL.
4.10.9. Customer business activities must be fully legal and fairly ethical.
5. Relevant employees and their responsibilities
5.1. Relevant employees are divided into following categories and with the following core purpose:
5.1.1. Money Laundering Reporting Officer (MLRO): employee with personal responsibility for AML/CTF and Sanctions compliance and has overall responsibility over ICS and its efficiency as well as is responsible for leading the AML department and everyday processes of the AML department.
5.1.2. AML analyst: responsible for performing Customer due diligence and ongoing monitoring, as well as other analytical and information gathering tasks.
5.2. Following are the core responsibilities on the MLRO:
5.2.1. Hold personal responsibility over all ICS.
5.2.2. Measures and improves effectiveness and relevance of the ICS procedures and policies.
5.2.3. Performs Entity Wide Risk Assessment.
5.2.4. Performs reporting to the highest management about the operations and effectiveness of the ICS at least annually.
5.2.5. Approves certain higher risk Customers.
5.2.6. Manages the process of Policy and procedures improvement and development.
5.2.7. Controls jurisdiction risk assessment and list update.
5.2.8. Sets risk levels and risk tolerance levels in the Policy, procedures, and risk assessments. Applicable risk factor defining.
5.2.9. Defines Policy statements towards risks, Customers and ICS.
5.2.10. Communicates with the relevant authorities, performs SARs and reports on Sanction breaches.
5.2.11. Performs internal audits and quality assurance of the ICS.
5.2.12. Performs writing of new procedures.
5.2.13. Performs updating of existing procedures.
5.2.14. Training and guiding employees on AML/CTF and Sanctions compliance topics, issues and changes in regulations and laws.
5.2.15. Developing new and updating existing Customer monitoring and screening scenarios.
5.2.16. Performing tests of internal relevant to ICS processes IT systems, their configuration and workflow.
5.2.17. Leading and planning the work and tasks of AML department.
5.2.18. Supervising and quality checking the work of AML analysts.
5.2.19. Performs external SARs.
5.3. Following are the core responsibilities of AML analyst:
1.1.1. Performing due diligence on new Customers;
1.1.2. Performing due diligence on existing Customers;
5.3.1. Gathering additional information and documentation on Customers;
5.3.2. Performing Customer risk assessment;
5.3.3. Making decisions about cooperation with Customers, or initiating decisions about cooperation with higher risk Customers (where additional approval from MLRO is required);
5.3.4. Monitoring of Customer activity and transactions;
1.1.3. Preparing, documenting and registering all the information, documentation and performed due diligences in the appropriate internal data storage systems;
1.1.4. Performing internal SARs to MLRO;
1.1.5. Informing MLRO on existing due diligence cases, progress of the tasks, identified issues and other AML/CTF statistics;
5.3.5. Perform other tasks related to AML/CTF and Sanctions compliance that are given by the MLRO.
5.4. AML/CTF and Sanctions compliance function is independent in the decision making from other FU CAPITAL functions. Decisions made by the AML department or MLRO regarding cooperation with Customers, needed documentation or information, risk levels, and other by the ICS assigned decisions are final and must be followed by all the other FU CAPITAL employees.
5.5. If there are disagreements regarding made decisions, a special AML committee must make a final joint decision by a simple majority in voting. Decisions made by the AML committee are final and cannot be overridden by any other internal entity besides AML committee itself.
5.6. AML committee is a special decision-making structure that makes a collective decision (by a simple vote majority) on issues and cases related to AML/CTF and Sanctions when common consensus cannot be reached. AML committee meetings and decisions are documented in the meeting minutes. If voting does not give a definitive result, MLRO has the right to enforce the final decision. For AML committee to take place, a quorum of 50% + 1 vote must be reached. AML committee consists of the following FU CAPITAL employees:
5.6.1. MLRO
5.6.2. Head of Customer service
5.6.3. CEO of FU CAPITAL
5.6.4. One beneficial owner of FU CAPITAL
6. Entity Wide Risk Assessment
6.1. Entity wide risk assessment (EWRA) is a specialized process during which money laundering, terrorist financing and Sanction risks within FU CAPITAL itself are evaluated based on unique to FU CAPITAL risk factors.
6.2. All the processes and procedures in the ICS are based on the EWRA results to mitigate determined risks and control the risk appetite.
6.3. EWRA is the document that based on objective and subjective methodological evaluation sets risk tolerance and risk appetite. As risk tolerance and risk appetite are dynamic characteristics that depends on current business model, turnovers, Customer amounts and overall trends and activities in the industry, precise current risk appetite and tolerance levels are set in current developed EWRA and are not embedded in the Policy.
6.4. EWRA is updated at least once per year or more often if significant changes to the risk exposure, applicable regulations or business model have occurred. It is mandatory to perform EWRA before launch of a new service.
6.5. EWRA performance is led by the MLRO but involving other Relevant employees if needed.
6.6. EWRA methodology before its performance is developed by the MLRO, but following criteria are mandatory to be included:
6.6.1. EWRA is performed in a specialized MS “Excel” format file with standardized risk calculation for all used risk factors.
6.6.2. EWRA must contain at least the following risk pillars: Company size and structure; Customers; Provided services; Geography; Transactions and funds flow; Service delivery channels; Partners and technology.
6.6.3. Risk pillars are divided into risk elements and risk elements are divided into risk factors.
6.6.4. ML/TF and Sanction risks are evaluated separately from each other but based on the same methodology.
6.6.5. Four general steps in the risk assessment process for each risk factor must be taken:
6.6.5.1. Inherent risk assessment – evaluation of inherent risks of FU CAPITAL before risk mitigation measures application.
6.6.5.2. Implemented risk mitigation and control mechanism evaluation – after inherent risks are determined, appropriate risk mitigation measures are implemented and the risk mitigation effect on each risk factor is evaluated.
6.6.5.3. Residual risk – residual risk levels for each risk factor after risk mitigation measures were applied, are determined.
6.6.5.4. Risk appetite – after residual risk levels are determined, risk appetite towards those risks is set. Risk appetite defines the capability and effectiveness limits of existing ICS, reaching which existing risk mitigation measures must be reviewed and risk decreased, or appropriate resources added.
6.7. After EWRA calculations are performed, a special report on the analysis of the results, used methodology, core facts, risk appetite levels, vulnerabilities and higher risk areas of ICS and applied risk mitigation measures to control those risks must be prepared by the MLRO and submitted to the Board for evaluation and approval.
6.8. After EWRA is performed, MLRO is responsible of risk appetite parameters control and immediately take action if any of the risk appetite parameters are exceeded by applying an appropriate one or several of possible solutions:
6.8.1. Implementing additional risk mitigation measures;
6.8.2. Providing additional resources to the risk appetite breaching area;
6.8.3. Perform de-risking of Customer base;
6.8.4. Suggest changes in the business model;
6.8.5. Offer other solutions that would normalize the risk appetite levels for issue factors.
7. Jurisdiction risk and lists
7.1. Jurisdiction risk assessment is a part of ICS that regulates and mitigates the geographical risk of the services provided by FU CAPITAL.
7.2. Jurisdiction risk is assessed in accordance with “Jurisdiction risk assessment procedure” where precise actions to be taken with different risk jurisdictions are set.
7.3. Jurisdiction risk assessment procedure” defines clear rules, methodology and calculation formulas based on which jurisdiction risk is assessed.
7.4. A specialized Risk Table (MS Excel format file) is used to perform risk calculations based on set parameters and rules.
7.5. In jurisdiction risk calculations a combination of different internationally reputable and recognized country rankings and lists are used in order to get as precise and updated risk overview as possible.
7.6. Calculations performed in the Risk Table derive 3 jurisdiction risk groups (from the top highest point jurisdictions) – 1st group (jurisdictions with highest risk, no cooperation is allowed), 2nd group (cooperation with particular rules is allowed), 3rd group (cooperation is allowed, but some rules apply). MLRO is responsible for assigning jurisdictions to particular groups. Other jurisdictions are perceived as lower risk and no special rules are applied if these jurisdictions are not assigned to other additional lists.
7.7. Additionally, Internal offshore list is developed – those are jurisdictions that FU CAPITAL perceives as low or no tax jurisdictions with weaker legislations or purposefully more attractive legislations that can facilitate shell company registration and be used for illicit purposes.
7.8. Sanctioned jurisdictions is a special list of those jurisdictions that are included in the applicable Sanctions lists with more requirements than just particular person designation and more robust Sanction monitoring is required. This list of jurisdictions is defined by the MLRO.
7.9. Separate requirements based on jurisdictions characteristics is defined for Customers natural persons and Customers legal persons.
7.10. FU CAPITAL do not cooperate in any way with jurisdictions that are included in the FATF list of non-cooperative jurisdictions.
7.11. A risk-based approach model is applied to determine which jurisdictions FU CAPITAL will not work with, will work with, but under particular conditions and will work with no additional conditions, by combining different risk factors rather than relying solely on one negative or positive aspect.
7.12. FU CAPITAL business model is not limited to particular location, although there is a stronger direction towards EU countries. To not harm and slow down business interests of FU CAPITAL, this factor is taken into account when assigning particular jurisdiction to a particular risk group.
7.13. When defining cooperation risks with a Customer, FU CAPITAL take into account not only registration jurisdiction or residency of a Customer, but also jurisdiction of actual place of business, residency and nationality of beneficial owners and other owners, citizenship, transactions, etc.
8. Customer scoring (risk group determination)
8.1. All of the FU CAPITAL Customers (potential and existing) are assigned with a risk group (low, medium, high, unacceptable) in order to deploy a risk-based approach towards Customer due diligence requirements and effective existing resource use.
8.2. Customer scoring (risk level determination) is performed according to the set rules, risk factors and methodology in the Customer scoring procedure.
8.3. Customer scoring is performed in a specialized MS “Excel” file with built in risk factors and calculation formulas so that Customer scoring performance for employees would be easy, fast and methodological.
8.4. Separate Customer scoring models are used for natural persons and legal persons as both groups have core differences in the applicable risk factor characteristics.
8.5. Risk factors are defined by the MLRO based on the EWRA results and overall FU CAPITAL business model, but Customer scoring table must include at least the following risk types (particular risk factors are listed under these risk types):
8.5.1. For legal persons:
8.5.1.1. Geography
8.5.1.2. Mismatches
8.5.1.3. Structure
8.5.1.4. Beneficiaries
8.5.1.5. Directors
8.5.1.6. Economic activity
8.5.1.7. Funds flow and source of funds
8.5.1.8. Used services
8.5.1.9. Licensed activity
8.5.1.10. Communication and behavior
8.5.1.11. Adverse media and reputation
8.5.1.12. PEP
8.5.2. For natural persons:
8.5.2.1. Geography
8.5.2.2. Customer profile
8.5.2.3. Mismatches
8.5.2.4. Transactions, activity and source of funds
8.5.2.5. Used services
8.5.2.6. Communication and behavior
8.5.2.7. Adverse media and reputation
8.5.2.8. PEP
8.6. Additionally, as not all possible risk factors, due to the uniqueness of different cases, can be standardized, but these unique factors are crucial for risk assessment, Customer scoring model has a special manual point section, where additional points to increase Customer risk can be added or points can be subtracted, if standard risk factors assigned unreasonably for particular Customer high risk group.
8.7. Customers are scored in numerical point system, where total end result points depend on the matched risk factors (each risk factor is applied with particular point amount). MLRO is responsible for setting each risk factor with points and balancing total point threshold that will determine acquired risk group. Risk groups are based on acquired total risk point ranges where MLRO sets thresholds of point ranges for low, medium, high and unacceptable risk.
8.8. If Customer is assigned with “unacceptable” risk group, cooperation with such Customer is not started or existing relationship is terminated.
8.9. Customer scoring results (applicable risk levels) primarily are used to determine depth of due diligence to apply on the Customer, the regularity of the due diligence (how often due diligence is re-done) and necessary additional everyday supervision requirements to be applied.
8.10. Detailed action and due diligence processes applicable to particular risk group Customers are described in other ICS procedures where these results are used.
9. Customer onboarding
9.1. All of the Customers, before entering in business relationship with FU CAPITAL, undergo specialized onboarding process which include identification and verification, Customer scoring and, appropriate to the Customer risk and type, due diligence process.
9.2. Customer onboarding process is stipulated in, depending on if Customer is a legal person or natural person, “Customer due diligence and monitoring procedure for legal persons” or “Customer due diligence and monitoring procedure for natural persons”.
9.3. Customer onboarding is on risk based approach built process that allows FU CAPITAL to enter into the business relationship only with those Customers that comply with FU CAPITAL internal requirements towards Customers and, as far as it is possible to determine, are not involved in money laundering, terrorist financing, Sanctions circumvention, corruption, or any other financial or non-financial crime, as well as divides Customers into risk groups to determine the level of due diligence that is applicable to particular Customer.
9.4. FU CAPITAL is not entering into business relationship with Customers (Customers natural persons, Customers legal persons, their beneficial owners or companies in legal structure) that cannot be identified and verified.
9.5. FU CAPITAL expects all of the potential Customers to fully cooperate during the onboarding process when asked questions and documentation in order to fulfill the duties stipulated in the relevant AML/CTF and Sanctions regulations.
9.6. Customer due diligence procedures regulates the minimum amount of information and documentation that must be gathered and analyzed about each Customer, depending on the type of the Customer, industry, its risk group and other unique factors.
9.7. Customer due diligence procedures regulates the precise onboarding process and decision-making levels and responsibilities of different employees as well as describes full necessary onboarding due diligence performance.
9.8. Customers can be assigned for particular level of due diligence not only based on Customer scoring results, but also Customer due diligence procedures lists pre-defines factors that would automatically assign Customer to enhanced due diligence.
9.9. Due diligence procedures defines following general investigation and decision making process:
9.9.1. As non-public Token sales that fall under ICS requirements typically involves larger amounts of funds, all Customers must undergo manual due diligence investigation process.
9.9.2. During first investigation, AML analyst requests Customer service manager to acquire from Customer needed initial information and documentation before performing full due diligence.
9.9.3. Based on acquired information, AML analyst performs Customer scoring in order to determine final applicable risk group and determine the type of due diligence that must be performed.
9.9.4. AML analyst performs onboarding due diligence and makes the decision to onboard Customer or refuse the cooperation.
9.9.5. For particular cases, MLRO is making double decision on AML analyst’s decisions.
9.9.6. In cases, when there is strong disagreement between MLRO, Customer service department, Board or other departments, AML Committee is making final joint decisions.
10. Customer repeated due diligence
10.1. Customer repeated due diligence is a process of scrutinized Customer investigation with a risk-based approach towards the depth and amount of investigation performed that allows FU CAPITAL to detect potential suspicious or unusual activity during the cooperation with existing Customers and determine if a particular Customer still fits within risk appetite profile of a FU CAPITAL Customer.
10.2. Customer repeated due diligence of FU CAPITAL differs from standard approach of the financial institutions as FU CAPITAL do not provide any transactional services and ICS is built only for the non-public Token sale process, therefore main due diligence can be done during onboarding and re-initiated if any discrepancies are found during monitoring or close of business relationship stage.
10.3. Customer repeated due diligence is performed in separate processes with separate procedures for legal persons and natural persons.
10.4. Detailed Customer repeated due diligence processes, requirements, decision making structure and result documentation is described in “Customer due diligence and monitoring procedure for legal persons” and “Customer due diligence and monitoring procedure for natural persons”.
10.5. Customer repeated due diligence process consists of the following main elements:
10.5.1. Initiation of repeated due diligence
10.5.2. Previous performed due diligence and transaction history investigation
10.5.3. Reviewing of Customer risk group
10.5.4. New public information search
10.5.5. Review of existing documentation and information, requesting additionally required
10.5.6. Performing repeated due diligence type based on risk group and other factors in specialized form
10.5.7. Additional requirements towards PEPs
10.5.8. Decision making and action after due diligence completion
10.5.9. Ending business relationship with Customers
10.6. The type of Customer due diligence (regular, enhanced, etc.) depends on Customer’s risk group or based on special separate cases when particular in the Customer due diligence and monitoring procedure requirements are fulfilled.
10.7. Customer repeated due diligence is performed in specialized due diligence form with pre-set investigation topics, analysis that must be done and decisions that must be made.
10.8. Following is the standard default division of due diligence types between risk groups if no unique risk factors are determined:
10.8.1. Low risk group – regular due diligence
10.8.2. Medium risk group – regular due diligence with additional requirements
10.8.3. High risk group – Enhanced due diligence
10.8.4. PEPs – Enhanced due diligence with additional requirements
10.9. Due diligence process must be repeated at least in the following events:
10.9.1. Risk group increase;
10.9.2. Significant new public negative information appears;
10.9.3. Possible, but almost certain list match detection;
10.9.4. Significant issues or risk detected during monitoring process;
10.9.5. Before ending of the relationship or paying out profits.
10.10. MLRO, at any points, based on suspicions or on Customer’s unusual activity, can initiate performance of a new repeated due diligence.
11. Politically Exposed Persons
11.1. Customer of FU CAPITAL is assigned as being a PEP if the Customer itself (natural person), at least one of the beneficial owners of the Customer is a PEP, family member of a PEP or a known close associate of the PEP in any jurisdiction. PEP status can be assigned by FU CAPITAL also in cases when by legal definition particular person is not a PEP, but in FU CAPITAL opinion this person has significant political influence and therefore it is appropriate to assign such status to have more robust due diligence procedures on such Customer.
11.2. In special cases when owner of the Customer with less shares then by the definition of beneficial owner has a PEP status, FU CAPITAL is making a special separate decision whether to apply this Customer with a PEP status.
11.3. Customers with PEP status are assigned with additional due diligence requirements that are regulated in the Customer onboarding and repeated due diligence procedures for legal persons and natural persons.
11.4. All decisions regarding a Customer with a PEP status must be confirmed by the MLRO.
11.5. To determine the PEP status, FU CAPITAL is not relying only on the information disclosed by the Customer itself or automated solution screening results, but also must perform manual searches in the public information channels to confirm information provided by the Customer or automated solutions.
11.6. Customers with PEP status must always have at least “high” risk group.
11.7. After PEP ceased to be entrusted with a prominent public function that determined the PEP status, FU CAPITAL apply PEP status to the Customer (if the same person is still in the ownership structure) for at least additional 12 months or longer if FU CAPITAL considers this person as still having enough political influence and risks related to corruption and laundering of corrupt funds.
12. Ongoing monitoring
12.1. Ongoing Customer, their transaction and behavior monitoring is a crucial part of overall ICS processes as certain changes in Customers’ parameters, behavior and actions, as well as details of their transductions might indicate on potential or certain ML/TF or Sanctions circumvention schemes.
12.2. As FU CAPITAL do not provide any transactional services and ICS is built only for the non-public Token sale process, monitoring differs from standard financial institution monitoring processes and is limited to the following actions:
12.2.1. Ongoing screening of Customers against Sanctions and other lists;
12.2.2. Ongoing monitoring of the public negative information;
12.2.3. Manual monitoring of any incoming or outgoing transactions with Customers and Partners resulting from Token sale or profit distribution;
12.2.4. Customer’s core information change monitoring;
12.2.5. Customer’s behavioral monitoring and analysis;
12.2.6. Monitoring of involved Crypto wallets.
12.3. Detailed process and requirements of the monitoring, applied indicators, risk factors and monitoring process steps are described in Customer due diligence and monitoring procedures in the relevant sections.
12.4. Procedures are setting only exemplary and most obvious suspicious activity examples that must be examined, but such lists are not full and employees must apply risk based approach and logic when performing investigations to determine unique situations that could indicate on possible ML, TF or Sanctions circumvention and other illicit activity schemes.
12.5. Certain type of activity is defined in the procedures that require to immediately perform full Customer due diligence, other investigation of particular transaction or case without necessary full due diligence.
12.6. The aim of transaction on ongoing monitoring is to timely determine, possibly prevent and report to the authorities about possible or determined ML, TF, Sanctions circumvention and other illicit activity schemes as far as it is possible to determine.
13. Suspicious activity reporting and communication with authorities
13.1. Suspicious activity reporting (internal and external) and communication with authorities process is set in a specialized “Suspicious activity reporting and communication with authorities procedure”.
13.2. Procedure sets mandatory reporting requirements and suspicious activity types that are to be reported, but do not compile a complete list of such activities.
13.3. This process sets procedure of reporting to the appropriate authorities about potential or determined suspicious activity related to ML, TF and other financial or non-financial criminal activities, bribery, etc.
13.4. Although FU Capital is not a regulated entity and is not obliged to report suspicious or unusual activity, FU Capital is willingly taken upon obligation to perform reporting of suspicious or unusual activity to the relevant authorities.
13.5. Procedure contains two types of reporting:
13.5.1. Internal reporting – employee responsibility to report about suspicious or unusual activities, potential or determined crime, internal or external bribery to the MLRO.
13.5.2. External reporting – Reporting the suspicious activities to the authorities by the MLRO.
13.6. Additionally, procedure determines standards and procedure on other type of communication with relevant authorities.
13.7. All FU CAPITAL employees are responsible to report about suspicious or unusual activities to the MLRO based on the processes set in the procedure.
13.8. Employees are given opportunity to report also anonymously to encourage the reporting in cases when an employee is afraid of repercussions.
13.9. MLRO has the rights to perform reporting to the authorities autonomously without receiving any approvals from any management body of FU CAPITAL and without responsibility to inform any management body about performed reporting.
13.10. Information about performed reporting is treated as confidential and is not disclosed to the Customers (except when it is required to be done according to the regulations) or other third parties outside FU CAPITAL (except when required to disclose according to regulations) and other employees not involved in the investigation and reporting process.
13.11. When reporting to the authorities and performing restrictive actions against possible illicit funds, FU CAPITAL must, as far as it is possible, act in a manner that will not “tip off” involved Customer about the reporting.
13.12. FU CAPITAL can proceed with transferring suspected or known illicit funds or providing services to suspected or known illicit Customers if not doing so would “tip off” potential criminals, hinder or intervene into effective investigation by the relevant authorities or due to other reasonable excuses that could bring harm to effective investigation, but such action must be immediately reported to the relevant authorities.
14. Sanctions compliance
14.1. FU CAPITAL is a direct subject to the UN Sanctions. Additionally, as FU CAPITAL has a global business reach and it is important for cooperation with financial institutions in other countries, FU CAPITAL willingly follow EU Sanctions and USA OFAC Sanctions as far as it is not intervening with local regulations.
14.2. FU CAPITAL perceives Sanctions as crucial tool for supporting global security objectives, as well as maintain international peace, security, and preventing terrorism, therefore places Sanction compliance as one of top priorities in everyday business conduct and fulfills its duties with utmost scrutiny and responsibility.
14.3. FU CAPITAL will not cooperate with other financial institutions that do not follow the same or at least EU and UN imposed Sanctions, except cases when Sanctions are imposed on countries where these financial institutions are residing and cooperation with these institutions is crucial for FU CAPITAL business.
14.4. FU CAPITAL apply zero tolerance towards Sanctions circumventions and breaches, and, to the best knowledge, will not cooperate in any way with sanctioned persons or persons supporting sanctioned persons and provide services where it can or is supporting Sanctions circumvention or breach.
14.5. There are two type of Sanctions reports:
14.5.1. Internal – any employee can report (including anonymously) about suspected or determined Sanctions breaches or circumventions to the MLRO for final decision making and external reporting.
14.5.2. External reporting – reporting about suspected or determined Sanctions circumventions or breaches to the relevant authorities by the MLRO.
14.6. On all the suspected or determined Sanction breaches or circumventions MLRO is responsible for scrutinized investigations and performing final reports to the authorities and, if necessary and possible, issuing orders of internal asset freeze until further notice from the authorities.
14.7. FU CAPITAL internal Sanctions compliance process contains following main elements:
14.7.1. Screening of all new and regularly (defined in the procedure) existing Customers and all known related natural persons against Sanctions lists (designated persons).
14.7.2. Evaluation against Sanctions regime requirements towards services provided and products sold by the Customers of FU CAPITAL during onboarding and during performance of repeated due diligences.
14.7.3. Performance of FU CAPITAL Partners due diligence based on Sanctions regime requirements and, if applicable and possible, their own Sanctions policies and procedures.
14.7.4. Monitoring transactions and Customer activity against Sanctions regulations requirements and relation to sanctioned persons.
14.8. Due diligence process contain a special section dedicated to Sanctions to ensure each Customer is appropriately evaluated and checked against Sanctions requirements.
14.9. MLRO is determined as the main responsible person in FU CAPITAL for Sanctions regulations compliance.
15. Training
15.1. To ensure all the Relevant employees of FU CAPITAL have adequate to their responsibility levels knowledge about AML/CTF and Sanctions compliance, a special training procedure is implemented in the FU CAPITAL ICS.
15.2. As AML/CTF and Sanctions compliance industry is very dynamic and progress every year and to ensure existing knowledge preservation, all the Relevant employees must receive training in AML/CTF and Sanctions at least once a year, but with different depth of training for each type of Relevant employee.
15.3. The precise type, depth and periodicity of training that must be received by each type of Relevant person is set in the Training procedure but must include at least latest updates and existing requirements of the relevant laws and training in how to recognize and take measures against possible ML, TF and Sanctions breaches or circumvention situations.
15.4. If a new Relevant employee without relevant experience or relevant previous training is accepted to work for FU CAPITAL, MLRO must perform general internal training for this employee about AML/CTF and Sanctions compliance within first month of employment. Topics to be covered in such training are determined in the “Training procedure”.
15.5. MLRO is responsible for following training schedules and organizing or assigning organization of necessary training for Relevant and other employees.
15.6. Before each calendar year, MLRO is responsible for developing a training plan for the next calendar year.
16. Record keeping and information retention
16.1. FU CAPITAL develops ICS documentation and keeps records of performed transactions, due diligences, Customer forms, reports, screenings and other related information in a secure and appropriate way in internal storage systems.
16.2. All the information, records and documentation are kept in an audit-trailable manner for ease of access, understandable sorting and effective auditing.
16.3. All of the information retained about Customer during due diligence processes, information on transactions and other related information that is acquired in accordance with ICS requirements, is kept at least 5 (five) years after the relationship with particular Customer has ended, but no longer than 10 years after which all the information is destroyed.
16.4. Information is not destroyed in cases when it is:
16.4.1. Required to retain records by or under any enactment, or for the purposes of any court proceedings;
16.4.2. FU CAPITAL has reasonable grounds for believing that records need to be retained for the purpose of
legal proceedings.
16.5. Any personal data acquired by FU CAPITAL in accordance with ICS requirements is used solely for the purpose of detecting and preventing ML, TF and Sanctions breaches or circumventions as required per applicable legislation.
16.6. Key information that is retained:
16.6.1. Any registration and other legal documentation on Customer legal entity
16.6.2. Personal data, copies of identification documentation and other highly personal information on
Customers natural persons or related to a Customer legal person natural persons
16.6.3. Documentation related to business dealings and transactions of a Customer
16.6.4. Filled Customer questionnaires
16.6.5. Results of due diligence analysis
16.6.6. Risk assessment results of a Customer
16.6.7. Records of performed transactions
16.6.8. Internal and external suspicious transaction reports
16.6.9. Audit results and prepared reports on ICS effectiveness by the MLRO
16.6.10. Results of performed trainings including presentations, attendance logbooks and test results
16.6.11. Results of Customer activity and transaction monitoring
16.6.12. Communication history with authorities and Customers
16.6.13. History of changes to the ICS documentation.
17. Whistleblowing
17.1. FU CAPITAL employees have the right and are encouraged to disclose any wrongdoing within FU CAPITAL and may do it internally or externally.
17.2. Disclosures are done and whistleblowers are protected from any retaliation if employee discloses information on:
17.2.1. Criminal offence that has been, is being or is likely to be committed;
17.2.2. A person that has failed, is failing or is likely to fail to comply with any legal obligations to which he is a subject;
17.2.3. A miscarriage of justice has occurred, is occurring or is likely to occur;
17.2.4. The health or safety of any individual has been, is being or is likely to be endangered;
17.2.5. The environment has been, is being or is likely to be damaged;
17.2.6. Information which would tend to show any matter falling into any of the above has been, is being or is likely to be concealed.
17.3. For internal reporting employees can report to the MLRO or to other highest management body, that feels the safest, in writing, orally or anonymously in any convenient way and respective management body receiving report has the highest obligation to take the report seriously and act on it.
17.4. If disclosure cannot be done internally (employee suspects that particular individual is involved in the wrongdoing or would not act on the information) external whistleblowing report can be done to any relevant governmental bodies through their communication channels, contacts or specialized whistleblowing channels.
18. Control, improvements, efficiency, and audit of ICS
18.1. Regular and ongoing monitoring, control and auditing of the ICS documentation and processes are crucial part of making sure FU CAPITAL is compliant to applicable AML/CTF and Sanctions compliance legislations, have an effective and properly functioning ICS in accordance with latest tendencies, developments and standards.
18.2. A specialized procedure, ICS effectiveness monitoring and audit procedure, regulates this process and sets requirements, standards and procedure in the following key areas and actions:
18.2.1. Requirements towards external audit of the FU CAPITAL ICS or its separate parts;
18.2.2. Requirements towards internal audit of the FU CAPITAL ICS or its separate parts;
18.2.3. Internal regular evaluation of the effectiveness of FU CAPITAL ICS or its separate parts;
18.2.4. Employee performed work quality assurance mechanisms;
18.2.5. Reporting to the management of FU CAPITAL by the MLRO on the effectiveness, results, needed improvements, resource sufficiency and overall state of the ICS.
18.3. Internal evaluation and audit of the ICS effectiveness must be performed at least annually.
18.4. External evaluation and audit of the ICS effectiveness and compliance to the regulations must be performed at least every 2 (two) years.
18.5. Quality assurance of selected processes or employees must be performed at least once a year.