Legal & Privacy

AML-KYC Policy

Last updated: December 11, 2018

1. Definitions

    1. Acts: CDSA and CDSA Amendment Act.

    2. AML/CFT Notices: Notices and Guidelines on Prevention of Money Laundering and Countering the Financing of Terrorism issued by the Monetary Authority of Singapore.

    3. Beneficial owner: is a natural person who exercises control over a transaction, operation or another person and in whose interests or favor or on whose account a transaction or operation is performed taking advantage of his influence, makes a transaction, act, action, operation or step or otherwise exercises control over a transaction, act, action, operation or step or over another person and in whose interests or favor or on whose account a transaction or act, action, operation or step is made; ultimately owns or controls a legal person through direct or indirect ownership of a sufficient percentage of the shares or voting rights or ownership interest in that person, including through bearer shareholdings, or through control via other means. Direct ownership is a manner of exercising control whereby a natural person holds a shareholding of 25 percent plus one share or an ownership interest of more than 25 percent in a company. Indirect ownership is a manner of exercising control whereby a company which is under the control of a natural person holds or multiple companies which are under the control of the same natural person hold a shareholding of 25 percent plus one share or an ownership interest of more than 25 percent in a company; in the case of a trust, civil law partnership, community or legal arrangement, the beneficial owner is the natural person who ultimately controls the association via direct or indirect ownership or otherwise and is such associations’: settlor or person who has handed over property to the asset pool, trustee or manager or possessor of the property, person ensuring and controlling the preservation of property, where such person has been appointed, or the beneficiary, or where the beneficiary or beneficiaries have yet to be determined, the class of persons in whose main interest such association is set up or operates.

    4. CDSA: Corruption, Drug Trafficking, and other Serious Crimes (Confiscation of Benefits) Act 1999.

    5. CDSA Amendment Act: Corruption, Drug Trafficking, and other Serious Crimes (Confiscation of Benefits) (Amendment) Act 2007.

    6. Cryptology: CYPHER PTE. LTD. a Private Company Limited by Shares, duly registered in the Republic of Singapore under registration number 201723575K.

    7. Money Laundering: is the processing of proceeds or property from criminal acts to disguise their illegal origin through the conceal or disguise of the true nature, source, location, disposition, movement, right of ownership or other rights related to such proceeds, including, the action to convert, transfer, acquire, possess or use of such proceeds for the purpose of concealing or disguising the illicit origin of property or assisting (aiding, abetting, facilitating and counseling) a person who is involved in criminal activity (including tax crimes) to evade legal consequences. Criminal acts are considered, but not limited to, illegal arms sales, smuggling, and the activities of organized crime, including drug trafficking and prostitution rings, embezzlement, insider trading, bribery, and fraud schemes.

    8. MAS: Monetary Authority of Singapore.

    9. MLRO: Money Laundering Reporting Officer.

    10. Regulations: The Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) regulations applicable in Singapore.

    11. Relevant Employee: An employee is a relevant employee if, at any time in the course of his/ her duties, he/she may have access to any information that may be relevant in determining whether a person is engaged in money laundering.

    12. Politically Exposed Person: is a natural person who is or who has been entrusted with prominent public functions including a head of state, head of government, minister and deputy or assistant minister; a member of parliament or of a similar legislative body, a member of a governing body of a political party, a member of a supreme court, constitutional court, and other high-level judicial bodies, a member of a court of auditors or of the board of a central bank; an ambassador, a chargé d'affaires and a high-ranking officer in the armed forces; a member of an administrative, management or supervisory body of a state-owned enterprise; a director, deputy director and member of the board or equivalent function of an international organization, except middle-ranking or more junior officials, including a family member and/or close associate. A family member (of a person performing prominent public functions) is the spouse, or a person considered to be equivalent to a spouse, of a politically exposed person; a child and their spouse, or a person considered to be equivalent to a spouse, of a politically exposed person and/or a parent of a politically exposed person; and a close associate of a person performing prominent public functions is a natural person who is known to be the beneficial owner or to have joint beneficial ownership of a legal person or a legal arrangement, or any other close business relations, with a politically exposed person; and a natural person who has sole beneficial ownership of a legal entity or legal arrangement which is known to have been set up for the de facto benefit of a politically exposed person.

2. Policy Statement

    1. This Anti-Money Laundering (“AML”) and Know Your Customer (“KYC”) Policy (“AML- KYC Policy”) has been designed, approved and implemented by Cryptology (“Cryptology”, “We”, or “Us”) as owner and operator of the Virtual Currency Exchange Platform available via mobile application and website (the “Platform”). Cryptology is committed to the protection of its users and the products and services it offers. Therefore, Cryptology is constantly working to improve its policies and practices to offer security and reliability to its users – as well as – comply with regulations related to AML, KYC and Counter Financing of Terrorism (“CFT”) measures and requirements.

    2. Furthermore, Cryptology is committed to complying with international standards and practices regarding Anti-Money Laundering (“AML”), Countering the Financing of Terrorism (“CFT”) and Proliferation Financing Risks (“PF”), and the current regulatory framework in Singapore. Moreover, Cryptology has taken as reference provisions from the European Union regulatory framework, mainly the Directive (EU) 2015/849 (“4AMLD”) as amended by Directive (EU) 2018/843 Art. 1 (2)(d) (“5AMLD”).

    3. It is important for us that you understand these rules and policies to the maximum extent possible. Please read this AML-KYC Policy carefully as it will influence your use of the Platform and the provision of our services. Cryptology identifies and assesses money laundering and financing of terrorism risks based on an overall group-wide understanding of our products and services, transaction types, countries and geographic areas, and user attributes (“Risk-Based Approach”) to implement mitigation measures proportionate with such risks. Further to Cryptology’s compliance commitment, Cryptology conducts constant training regarding its internal policies and relevant regulations throughout the entire organization.

    4. We may amend, update, replace this AML-KYC Policy from time-to-time, it is your responsibility to review the Legal and Privacy section on our website from time-to-time in order to keep apprised with the latest information, practices, and procedures.

    5. Cryptology’s principle is not to enter into business relationships with any criminals and/or terrorists, not to process transactions with result from criminal and/or terrorist activity and not to facilitate any transactions involving criminal and/or terrorist activity including the financing of terrorism. Cryptology undertakes to implement all policies and procedures necessary to prevent the money laundering and to comply with all applicable legislation in this regard.

    6. Where any issue or matter is not addressed by this AML-KYC Policy, guidance is to be sought from the anti-money laundering legislation referred above.

3. User confidentiality

    1. It is important to stress out that the reporting of your suspicion of money laundering does not constitute a breach of user confidentiality.

4. Specific money laundering provisions

    1. In order to facilitate recognition of suspicions of money laundering and reporting of the foregoing to the authorities and so that Cryptology may produce its part of the audit trail to assist in official investigation. In particular, Cryptology has:
      • procedures to verify the identity of new users;
      • procedures for employees to report any suspicious transactions; and,
      • record keeping procedures relating to the identity of users and transactions effected for them.

5. Compliance

    1. Compliance with Cryptology’s AML-KYC Policy is of the utmost importance. Not only is it important to maintain Cryptology’s integrity, but failure to comply may constitute a criminal offense and call into question whether or not Cryptology and the employee concerned is fit and proper to conduct the business. Failures by individuals to comply with the money laundering procedures set forth in this manual can therefore result in serious negative consequences.

6. Duty on establishing business relationships

    1. Cryptology may or may not — at its own discretion and risk assessment — carry out a one- off transaction or form a business relationship in the course of relevant financial business unless obtains the full name, including any aliases; unique identification number, such as an identity card number, birth certificate number or passport number, or where the user is not a natural person, incorporation number or business registration number; the user’s residential address (or registered address or business address when the user is not a natural person); date of birth (or establishment, incorporation or registration when the user is not a natural person); and nationality (or place of incorporation or place of registration (as may be appropriate). For legal persons, Cryptology identifies the natural persons who ultimately own the legal person; ultimately control the legal person; or have ultimate effective control of the legal person. Furthermore, when a user is a legal person, Cryptology identifies the legal form; constitution; powers that regulate and bind the legal person; and the connected parties.

    2. In order to maintain appropriate standards of AML compliance, Global Wire Accounts will only accept fiat funds deposits (currently only Euro wires or bank card deposits) and will allow this Global Wire Account holders to withdraw virtual currencies and fiat funds. Fiat funds will only be able to be withdrawn to the same wire account from where the funds where initially deposited, fiat withdrawals to bank cards are not supported.

    3. Trading Accounts, will allow deposits of virtual currencies and fiat funds (currently only Euro wires or bank card deposits) and will allow Trading Account holders to withdraw virtual currencies, however, it will not allow withdrawals in fiat funds.

7. Identification procedures

    1. Cryptology as soon as reasonably practical after the first contact has been made, and in any event before transferring or paying any money out to a third party, that satisfactory evidence is produced or such other measures are taken as will produce satisfactory evidence of the identity of any user. If a user appears to be acting on behalf of another person, identification obligations extend to obtaining sufficient evidence of that third party’s identity.

    2. Where satisfactory evidence is not supplied, Cryptology will not proceed with any further business and bring to an end any understanding it has reached with the user. If there is knowledge or a suspicion of money laundering, it will be reported without delay as provided under these procedures and internal AML Policy.

    3. Cryptology will make sure that it is dealing with a real person or legal entity, and obtain sufficient evidence to establish that the user is that person or organization. When reliance is being placed on any third party to identify or confirm the identity of any user, the overall legal responsibility to ensure that the procedures and evidence obtained are satisfactory rests with the third party.

    4. You may only submit your information and your own payment details and mediums of payment. Cryptology reserves the right to reject your application to open an account or start a trading activity when your name is not on the credit or debit card that you present as part of the identification process. Cryptology reserves the right to reject your application to open an account or start a trading activity when your name is not on the documentation that you have provided and/or it deems that it has not accurately identified you as a user.

    5. As no single form of identification can be fully guaranteed as genuine, or representing correct identity, the identification process will need to be cumulative, and no single document or source of data (except for a database constructed from a number of other reliable data sources) must therefore be used to verify both name and permanent address.

    6. Cryptology will take all required measures, according to applicable law and regulations issued by regulatory authorities, to establish the identity of its users and, where applicable, their respective beneficial owners

    7. If Cryptology deems necessary, in addition to identify the user, Cryptology may request information regarding the source of wealth; estimated net worth; source of funds to be invested; references or other documentation to corroborate the information; independent background checks through a reputable screening system.

    8. For individual users the identity will be established to Cryptology’s satisfaction by reference to official identity papers or such other evidence as may be appropriate under certain circumstances. Information on identity will include, without limitation: full name; date of birth; nationality; complete residential address. Identification documents must be current at the time of the submission. Documents used for user identification purposes will typically include: a passport, a national identity card or an equivalent in the relevant jurisdiction; A separate document confirming the residential address (utility bill, bank statement, acknowledgement of address issued by a relevant official).

    9. For corporate users, where the user’s company is listed on a recognized or approved stock exchange or where there is independent evidence to show that the applicant is a wholly owned subsidiary or subsidiary under the control of such a company, no further steps to verify identity over and above the usual commercial checks and due diligence will normally be required.

    10. Where the applicant is an unquoted company, it will be subject to a procedure aimed to identify it, confirm its existence, good standing and authority of persons acting on its behalf. Documentation required for such purposes may change depending on each particular jurisdiction and will typically include: Certificate of incorporation/certificate of trade or the equivalent, evidencing the company is indeed incorporated in a particular jurisdiction under the respective legislation; Certificate of Incumbency or an equivalent document, listing current directors of the company; Statutes, Memorandum and Articles of Association or equivalent documents confirming the authority of the respective officers of the company to legally bind it and the manner in which this may be done; Extract from the Commercial Register of the country of incorporation may also be used to confirm the aforementioned information, if such information is provided in the extract; Share certificates and other supplementary documents that will ascertain beneficial ownership.

    11. Due diligence must be done on all principal owners identified in accordance with the following principles:

      • Natural persons: where a user is an individual, Cryptology shall clearly establish, based on information and documentation provided by the user, whether the user is acting on his/her own behalf.
      • Legal entities: where the user is a company, such as a private investment company, Cryptology shall understand the structure of the company, based on information and documentation provided by the user, sufficiently to determine the provider of funds, principal owner(s) of the shares and those who have control over the funds, e.g. the directors and those with the power to give direction to the directors of the company. With regard to other shareholders Cryptology will make a reasonable judgment as to the need for further due diligence. This principal applies regardless of whether the share capital is in registered or bearer form.
      • While use of clear scanned versions of documents will be accepted and in case any further clarification is needed, attested scanned copies or original attested copies may be sought for.
      • The certifiers may be: - a notary public or another authority with equivalent power to certify copies of documents in the relevant jurisdiction; or - a relevant state official (judge, police officer, consular official, etc); or - an authorized financial institution. - If any document regarding the corporate entity (such as extract from the Commerce Register) is available online through an official website of the relevant state authority, Cryptology may refer to such online version of the document, provided that a printout is made by a staff member of Cryptology and stored in the respective user file.
    12. The users may also be asked to provide relevant contact details, such as phone number and e-mail address.

8. High-risk countries

    1. In order to maintain the highest standards possible, Cryptology has determined to comply with Singapore’s list of high-risk countries determined through MAS’ Regulations; United Nations Sanctions List, for enhanced CDD and Monitoring; and, additionally, Cryptology is applying enhanced CDD and Monitoring to the countries in the lists presented by the European Commission issued through Commission Delegated Regulation (EU) 2016/1675, Commission Delegated Regulation (EU) 2018/105, and Commission Delegated Regulation (EU) 2018/212.
      • Afghanistan (EU)
      • Bosnia and Herzegovina (EU)
      • Democratic People’s Republic of Korea (SG) (EU)
      • Democratic Republic of the Congo (SG)
      • Eritrea (SG)
      • Ethiopia (EU)
      • Guyana (EU)
      • Iran (SG) (EU)
      • Iraq (EU)
      • Lao PDR (EU)
      • Libya (SG)
      • Somalia (SG)
      • South Sudan (SG)
      • Sri Lanka (EU)
      • Sudan (SG)
      • Syria (EU)
      • Trinidad and Tobago (EU)
      • Tunisia (EU)
      • Uganda (EU)
      • Vanuatu (EU)
      • Yemen (SG) (EU)

9. Record keeping procedures

    1. Cryptology will also keep all records for not less than 5 years from the date of completion of the transaction. These should include records verifying the identity of user and a record of transactions with or for that user.

10. Duty to report

    1. There is a statutory and regulatory obligation on all staff to report information which comes to their attention, which gives rise to knowledge or suspicion or reasonable grounds for knowledge or suspicion of money laundering. Knowing its users is Cryptology’s most important line of defense in preventing or detecting money laundering activities. It is important that Cryptology verifies the identity of new users and ensures that they are involved in bona fide business activities and that they share Cryptology’s high standards of integrity and business practice.

11. Suspicious transactions

    1. A suspicious transaction will often be one which is inconsistent with a user’s known legitimate business or actions. Emphasis will therefore be placed on knowing the user’s business and his/her requirements and usual transactions. It is the responsibility of all staff to report knowledge or suspicion of money laundering.

    2. The following questions may help to determine whether a transaction is suspicious:

      • Is it inconsistent with the user’s known activities?
      • Is the size of the transaction inconsistent with the normal activities of the user, or the user’s net worth, as determined at the initial identification stage?
      • Are there any other transactions linked to the transaction in question of which Cryptology is aware and which could be designed to disguise money and divert it into other forms or other destinations or beneficiaries?
      • Is the transaction rational for the user?
      • Has the user’s pattern of transactions changed?
      • Is the user’s proposed method of payment unusual?
    3. Steps should also be taken to monitor accounts held on behalf of users that hold positions of public trust such as government officials, politicians and any known connected accounts.

    4. When a suspicious transaction takes place, Cryptology may hold the transaction until is able to verify the identity of the user, and the purpose and legality of the transaction.

    5. Deposits from a specific wallet and withdrawal to another wallet without any trading activity will require further review and request of additional information before the order can be executed.

12. Confidentiality

    1. Reporting a suspicion is a defense to a claim for breach of confidence. Confidentiality whilst an investigation is ongoing is of the utmost importance and employees are reminded of the offense of “tipping-off”. Tipping-off, (i.e. inform) a person suspected of money laundering that (a) he or someone else has made a lawful disclosure (i.e. a SAR) or (b) there is a money laundering investigation taking place, where the tipping off is likely either to prejudice any investigation arising from the disclosure or to prejudice the investigation disclosed to the person suspected of money laundering.