AML Policy





Reliance on Third Parties


Legal Person

Politically Exposed Persons


  • 6.1 For all legal and natural persons that the company has established a business relationship with, systems and controls are implemented to complete ongoing due diligence of the business.
  • 6.2 For this reason, it is essential that the company maintain sufficient information about the circumstances and the activities of persons wanting to enter into a business relationship for two reasons.
  • 6.3 Firstly, it is to ensure that the risk assessment of the person is accurate and thus mitigate the risk of money laundering or terrorist financing.
  • 6.4 Secondly, to ensure that the level of ongoing due diligence of each person is relative to the risk it poses.
  • 6.5 As the company has adopted a risk based approach to its policy on AML and CTF, there is no requirement, in practice, to hold the same level of information on every legal or natural person. The information held will be based on the risk level that they pose to the business.
  • 6.6 The company will perform rigorous ongoing monitoring and screening of all relevant transactions, ensuring they fall within the anticipated business activity as established during the CDD process.
  • 6.7 In addition to the screening of all natural and legal persons against international sanction and PEP lists as described in points 3.11 to 3.14, the company will continue to screen its existing customer database on a periodic basis – the purpose of which is twofold.
  • 6.8 Firstly, it is to ensure that no natural or legal persons who initially completed the CDD process should be reclassified as posing a higher risk and therefore complete enhanced due diligence and all of the extra measures that this entails.
  • 6.9 Secondly, it is to ensure that no natural or legal persons who were approved during the initial screening process have been subsequently added to one of the international sanctions lists that the company screens its applicants against.
  • 6.10 As part of the screening process, both at initial stage of entering into a relationship and as part of the ongoing due diligence the business performs, all legal and natural people will be screened against the lists mentioned in point 3.14.
  • 6.11 As a result of the percentile threshold that will be set to establish whether there has been a match against one of these lists, alerts will be generated to be reviewed and then categorized for our ongoing records and to assess what level of due diligence must be completed.
  • 6.12 Such pertinent information will be shared with the Executive Management Team, before they make a decision and/or to the Board of Directors should the match instigate their approval as referred to in point 6.13.
  • 6.13 Each match must be categorized for our ongoing records. To ensure that each match is dealt with according to the level of risk, the company utilises both a ‘match status’ and ‘match risk’ categorization system.
  • 6.14 The ‘match status’ category will define how exact a match is with the natural or legal person we are establishing a relationship with.
  • 6.15 The ‘match risk’ category will define exactly what level of risk that natural or legal person poses to the company and what measures should be affected as a result of this categorization
  • 6.16 Additionally, a review of all natural and legal persons and their identity will be completed on a risk based approach.
  • 6.17 For those legal persons deemed to be of low risk, this review will take place once every two years.
  • 6.18 For those legal persons that have been deemed to be of high risk, this review will take place at least once a year.
  • 6.19 The standard template for this ongoing review of the legal person has been attached to this document as Appendix C.
  • 6.20 For natural persons, this process will be completed from time to time when the customer establishes some form of contact with the company.
  • 6.21 At such time, questions will be asked to determine whether the data held on file for the natural person is up to date and accurate.

  • 7.1 Money laundering and terrorist financing typically are characterized by significant complexity and continuous development.
  • 7.2 It is the company’s opinion that due to the nature of such transactions, and the size and complexity of the business, a manual solution to transaction monitoring would not sufficiently protect the business from the threat of money laundering or terrorist financing.
  • 7.3 Recognising areas that the business would consider to be of a higher risk, as the result of the risk assessment carried out by the business, the company has implemented certain restrictions on the functionality of the business’ products to reduce the attractiveness of the system to those trying to commit money laundering or terrorism financing.
  • 7.4 Such restrictions include, but are not limited to: • Limiting access to the system by restricting applications from certain countries, for example those listed on the FATF non-cooperation list.
  • 7.5 This electronic system will contain a standard set of transaction monitoring rules to detect any suspicious activity.
  • 7.6 These rules and parameters will take into account a number of factors to ensure the business continues to implement its risk based approach.
  • 7.7 In each instance where a rule generates an alert that a transaction, or series of transactions, either to be processed, or processed, is suspicious this alert will be manually reviewed for further investigation.
  • 7.8 In any instance where the review leads to genuine suspicion of money laundering or terrorist financing, the measures detailed below in ‘Reporting Requirements’ will come into effect.
  • 7.9 As part of the ongoing risk assessment, the company continually reviews these rules to ensure their effectiveness in mitigating the risk of the company’s system being used to launder money or finance terrorism.
  • 7.10 Data mining will be continually performed on the data generated by the alert system to monitor the false positive ratios created and whether the rules could be implemented more effectively to further reduce the risk of money laundering and terrorist financing.
  • 7.11 Furthermore, the company continues to actively seek the information regarding new trends, patterns and methods which may be used for money laundering or the financing of particularly serious crimes.
  • 7.12 The company utilizes information from a variety of international government bodies, regulatory or legal authorities, as well as more commercially orientated working groups and discussion forums where a wealth of information on current trends and methods are shared between businesses operating in similar markets.
  • 7.13 As stipulated in points 6.2 to 6.4, it is only with the relevant level of CDD completed before entering into the relationship with the natural or legal person, that the company can implement effective ongoing monitoring of its transactions.
  • 7.14 The company recognises that there are certain transaction types that are inherently suspicious when scrutinising transactions for money laundering or terrorist financing, such as:
  • 7.15 Should the instance arise where it is found that the system has failed to detect suspicious activity, the compliance officer, will submit a report to the Board of Directors detailing the failings within the system as well as what measures have been taken to prevent such a transaction remaining undetected in the future.
  • 7.16 These measures will then be closely monitored to ensure that they have been deployed into the system accurately and effectively.


  • 9.1 It is integral to the successful implementation and the effectiveness of the company AML and CTF programme that those members of staff completing duties in a related function have adequate training before being allowed to start their role.
  • 9.2 Just as importantly, the company will maintain an ongoing training programme to ensure that relevant members of staff are always aware of changes in laws and regulations, as well as trends and new strategies perpetrated by those who wish to commit acts of money laundering or terrorist financing.
  • 9.3 What is at the core of this policy is that there is ‘buy in’ from the top. By this the business means that the Board of Directors see AML and CTF as one of the key risks and therefore as a top priority.
  • 9.4 To achieve a top down approach to such risks, the Board of Directors demonstrate their commitment to preventing money laundering and terrorist financing by taking part in the training programme themselves.
  • 9.5 This behaviour encourages other, less senior, members of staff to treat the topic with the importance that it deserves.
  • 9.6 It will be the responsibility of the compliance officer to instigate an exhaustive training programme for all new members of staff who will be working in an environment where they may be able to detect money laundering or terrorist financing.
  • 9.7 A copy of the training programme has been attached to this presentation as Appendix D.
  • 9.8 It is obligatory for all relevant members of staff to complete the training before being given access to the company’s systems.
  • 9.9 The company will obligate all employees administering customer matters to complete the training programme detailed in this section of the policy.
  • 9.10 This will include, but not be exclusive to:
  • 9.11 Further to the initial training, the compliance officer will also be responsible for the company’s ongoing AML and CTF training programme, although some of the duties may be delegated to his or her subordinates.
  • 9.12 This ongoing training programme obligates all relevant members of staff to complete subsequent training sessions at least once a year.
  • 9.13 For those members of staff in critical roles relating to transaction monitoring and ongoing due diligence of natural or legal persons with whom the company has a business relationship, the company will set aside a budget for those employees to take part in external workshops and conferences on the subject in order to share industry best practices and also learn about new trends and patterns and regulations and laws as they are introduced.
  • 9.14 The company will keep accurate records of all members of staff who have completed their training in order to demonstrate its commitment to prevent money laundering and terrorist financing and how critical staff knowledge and awareness is to the success of this policy.
  • 9.15 In any situation where the business chooses to outsource certain functions pertaining to the prevention of money laundering and terrorist financing, the company will insist that its third party vendors who are in a role where they come into contact with customer transactions and business, have completed the same training and accreditation or are able to demonstrate that they have internal procedures to do the same at an equivalent standard.

  • 10.1 The company takes the protection of its staff very seriously when putting them in positions that require them to report legal or natural persons as a result of investigating suspicious activity.
  • 10.2 This section of the policy details the various steps that the company has introduced to mitigate the risk of employees being exposed to hostile behaviour, threats and external pressures.
  • 10.3 To minimise the exposure of our employees to hostile actions taken by those outside of the business, the company actively vets its staff to ensure that those employed are less likely to be susceptible to pressure from those who seek to exploit their position within the business.
  • 10.4 To this end, the company will where permissible by local law complete criminal record checks on staff to ensure that new employees have not been foul of the law previously.
  • 10.5 It is the company’s belief that by not employing people with previous convictions, the risk of employees capitulating to external pressure or threats is significantly reduced.
  • 10.6 Furthermore, the company will where permissible by local law complete credit rating checks on staff before offering them employment.
  • 10.7 As above, the business believes that members of staff who have a poor credit rating will be more vulnerable to natural or legal persons, with or without a business relationship with the company, who try to exert pressure on them.
  • 10.8 Therefore, by performing these checks, the business has taken pro-active measures to reduce the risk of such hostile behaviour actually affecting our employees.
  • 10.9 On top of this, the company has implemented a number of system features that ensure that members of staff whose duties include the monitoring of transactions for money laundering or terrorist financing remain anonymous.
  • 10.10 The company has also introduced a clear segregation of duties between those who perform monitoring duties and those that have customer contact.
  • 10.11 The segregation of duties will protect those employees who suspect a customer of money laundering or terrorism financing. Through this measure, the employees who perform monitoring duties will not be in a situation whereby they have direct contact with the customers and hence, will not be put in a position where they could be threatened.
  • 10.12 All those agents who do manage contact with customers will receive specific training on how to handle calls with persons under suspicion so as not to raise their awareness that they are under investigation.
  • 10.13 As per the money laundering training attached to this document as Appendix D, it is made clear to all staff that it is a serious threat to ‘tip off’ customers that their transactions are being investigated.
  • 10.14 If the situation should arise that an employee is threatened or subject to hostile behaviour from a customer, the company has clear procedures in place for handling such a situation.
  • 10.15 Where there is no implication to an ongoing investigation or potential investigation, it is the company’s policy to terminate any relationship with a natural or legal person who threatens a member of staff. This should limit that individual’s ability to continue to intimidate employees.
  • 10.16 The company will also take whatever steps it can, either with the authorities or through legal action, to protect any member of staff that has been subjected to such behaviour.
  • 10.17 All of these policies and procedures will be reviewed as the result of an investigation into any such incident and the company will adopt any further measures it feels necessary to prevent such an occurrence happening again.
  • All rights reserved. 2017 BitMoney

    crypto limited

    Level 2, Regional Business Centre University Heights Msida, MSD 1751, Malta
    0031 20 225 37 72