1.phpDewber Pte Ltd
Anti-Money Laundering (AML) Program:
Compliance and Supervisory Procedures
It is the policy of the firm to prohibit and actively prevent money laundering and any activity that facilitates money laundering or the funding of terrorist or criminal activities by complying with all applicable requirements under the Singapore Rules and Regulations and its implementing regulations.
Money laundering is generally defined as engaging in acts designed to conceal or disguise the true origins of criminally derived proceeds so that the proceeds appear to have derived from legitimate origins or constitute legitimate assets. Generally, money laundering occurs in three stages. Cash first enters the financial system at the "placement" stage, where the cash generated from criminal activities is converted into monetary instruments, such as money orders or traveler's checks, or deposited into accounts at financial institutions. At the "layering" stage, the funds are transferred or moved into other accounts or other financial institutions to further separate the money from its criminal origin. At the "integration" stage, the funds are reintroduced into the economy and used to purchase legitimate assets or to fund other criminal activities or legitimate businesses.
Although cash is rarely deposited into securities accounts, the securities industry is unique in that it can be used to launder funds obtained elsewhere, and to generate illicit funds within the industry itself through fraudulent activities. Examples of types of fraudulent activities include insider trading, market manipulation, ponzi schemes, cybercrime and other investment-related fraudulent activity.
Terrorist financing may not involve the proceeds of criminal conduct, but rather an attempt to conceal either the origin of the funds or their intended use, which could be for criminal purposes. Legitimate sources of funds are a key difference between terrorist financiers and traditional criminal organizations. In addition to charitable donations, legitimate sources include foreign government sponsors, business ownership and personal employment. Although the motivation differs between traditional money launderers and terrorist financiers, the actual methods used to fund terrorist operations can be the same as or similar to methods used by other criminals to launder funds. Funding for terrorist attacks does not always require large sums of money and the associated transactions may not be complex.
Our AML policies, procedures and internal controls are designed to ensure compliance with all applicable BSA regulations and FINRA rules and will be reviewed and updated on a regular basis to ensure appropriate policies, procedures and internal controls are in place to account for both changes in regulations and changes in our business.
The firm has designated Raj Agrawal as its Anti-Money Laundering Program Compliance Person (AML Compliance Person), with full responsibility for the firm’s AML program. Raj Agrawal has past experience and knowledge. The duties of the AML Compliance Person will include monitoring the firm’s compliance with AML obligations, overseeing communication and training for employees. The AML Compliance Person will also ensure that the firm keeps and maintains all of the required AML records and will ensure that Suspicious Activity Reports are filed with the Financial Crimes Enforcement Authorities when appropriate. The AML Compliance Person is vested with full responsibility and authority to enforce the firm’s AML program.
The firm will provide the authorities of jurisdiction with contact information for the AML Compliance Person, including: (1) name; (2) title; (3) mailing address; (4) email address; (5) telephone number; and (6) facsimile (if any). The firm will promptly notify the authorities of jurisdiction of any change in this information and will review, and if necessary update, this information within 17 business days after the end of each calendar year. The annual review of information will be conducted by Raj Agrawal and will be completed with all necessary updates being provided no later than 17 business days following the end of each calendar year. In addition, if there is any change to the information, Raj Agrawal will update the information promptly, but in any event not later than 30 days following the change.
We will respond to a Financial Crimes Enforcement Authorities of Jurisdiction request concerning accounts and transactions by immediately searching our records to determine whether we maintain or have maintained any user registration/account for, or have engaged in any transaction with, each individual, entity or organization named in the Request. We understand that we have a certain time frame from the transmission date of the request to respond to a Request. We will designate one or more persons to be the point of contact for Requests and will promptly update the POC information following any change in such information. (See also Section 2 above regarding updating of contact information for the AML Compliance Person.) If we find a match, Raj Agrawal will report it to the requestor within 14 days or within the time requested by requestor in the request. If the search parameters differ from those mentioned above, Raj Agrawal will structure our search accordingly.
If Raj Agrawal searches our records and does not find a matching account or transaction, then Raj Agrawal will not reply to the Request. We will maintain documentation that we have performed the required search by maintaining a log showing the date of the request, the number of accounts searched, the name of the individual conducting the search and a notation of whether or not a match was found.
We will not disclose the fact that any Authority of Jurisdiction has requested or obtained information from us, except to the extent necessary to comply with the information request. Raj Agrawal will review, maintain and implement procedures to protect the security and confidentiality of requests from any Authority of Jurisdiction similar to those procedures established to satisfy the requirements of the EU Directive with regard to the protection of customers’ nonpublic information.
We will direct any questions we have about the Request to the requesting law enforcement agency as designated in the request.
Unless otherwise stated in the Request, we will not be required to treat the information request as continuing in nature, and we will not be required to treat the eventual periodic Requests as a government provided list of suspected terrorists for purposes of the customer identification and verification requirements.
We understand that the receipt of a Request is highly confidential. We understand that none of our officers, employees or agents may directly or indirectly disclose to any person that the Authority of Jurisdiction and/or any government authority has sought or obtained access to any of our records. To maintain the confidentiality of any request we receive, we will process and maintain the Request by storing it in a safe environment and encrypted.
We understand that the receipt of a subpoena concerning a customer does not in itself require that we file a Suspicious Activity Report (SAR-SF). When we receive a subpoena, we will conduct a risk assessment of the customer subject to the subpoena as well as review the customer’s user registration/account activity. If we uncover suspicious activity during our risk assessment and review, we will elevate that customer’s risk assessment and file a SAR in accordance with the SAR filing requirements. We understand that none of our officers, employees or agents may directly or indirectly disclose to the person who is the subject of the subpoena its existence, its contents or the information we used to respond to it. To maintain the confidentiality of any subpoena we receive, we will process and maintain the subpoena by a safe environment and encrypted. If we file a SAR after receiving a subpoena, the SAR will not contain any reference to the receipt or existence of the subpoena. The SAR will only contain detailed information about the facts and circumstances of the detected suspicious activity.
We will share information with other financial institutions regarding individuals, entities, organizations and countries for purposes of identifying and, where appropriate, reporting activities that we suspect may involve possible terrorist activity or money laundering. Raj Agrawal will ensure that the firm files with the competent Authority of Jurisdiction an initial notice before any sharing occurs and annual notices thereafter. Before we share information with another financial institution, we will take reasonable steps to verify that the other financial institution has submitted the requisite notice to the Authority of Jurisdiction by obtaining confirmation from the financial institution. We understand that this requirement applies even to financial institutions with which we are affiliated, and that we will obtain the requisite notices from affiliates and follow all required procedures.
We will employ strict procedures both to ensure that only relevant information is shared and to protect the security and confidentiality of this information, for example, by segregating it from the firm’s other books and records and stored in a safe environment and encrypted.
We also will employ procedures to ensure that any information received from another financial institution shall not be used for any purpose other than:
We will share information about a particular suspicious transaction with any broker-dealer, as appropriate, involved in that particular transaction for purposes of determining whether we will file a SAR.
We will share information about particular suspicious transactions with our clearing broker, if any, for purposes of determining whether we and our clearing broker will file jointly a SAR. In cases in which we file a joint SAR for a transaction that has been handled both by us and by the clearing broker, we may share with the clearing broker a copy of the filed SAR.
If we determine it is appropriate to jointly file a SAR, we understand that we cannot disclose that we have filed a SAR to any financial institution except the financial institution that is filing jointly. If we determine it is not appropriate to file jointly (e.g., because the SAR concerns the other broker-dealer or one of its employees), we understand that we cannot disclose that we have filed a SAR to any other financial institution or insurance company.
In addition to the information we must collect under Know Your Customer we have established, documented and maintained a written Customer Identification Program (CIP). We will collect certain minimum customer identification information from each customer who opens an account; utilize risk-based measures to verify the identity of each customer who opens an account; record customer identification information and the verification methods and results; provide the required adequate CIP notice to customers that we will seek identification information to verify their identities; and compare customer identification information with government-provided lists of suspected terrorists, once such lists have been issued by the government.
Prior to or after accepting investment over USD100, we will collect the following information for all accounts, if applicable, for any person, entity or organization that is opening a new account and whose name is on the account:
(1) the name; gender
(2) date of birth (for an individual);
(3) an address, which will be a residential or business street address, or residential or business street address of next of kin or another contact individual (for an individual who does not have a residential or business street address), or a principal place of business, local office, or other physical location (for a person other than an individual); and
(4) a proof of identification, which will be a passport, driving licence and country of issuance, alien identification card country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or other similar safeguard.
(5) a proof of address, which will be utility (water, gas, electricity or telephone) bill, bank or credit card statement, official government letter or council tax bill
When opening an account for a foreign business or enterprise that does not have an identification number, we will request alternative government-issued documentation certifying the existence of the business or enterprise.
If a potential or existing customer either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, our firm will not open a new account and, after considering the risks involved, consider closing any existing account. In either case, our AML Compliance Person will be notified so that we can determine whether we should report the situation to the Authority of Jurisdiction on a SAR.
Based on the risk, and to the extent reasonable and practicable, we will ensure that we have a reasonable belief that we know the true identity of our customers by using risk-based procedures to verify and document the accuracy of the information we get about our customers. Raj Agrawal or associated team member will analyze the information we obtain to determine whether the information is sufficient to form a reasonable belief that we know the true identity of the customer (e.g., whether the information is logical or contains inconsistencies).
We will verify customer identity through documentary means, non-documentary means or both. We will use documents to verify customer identity when appropriate documents are available. In light of the increased instances of identity fraud, we will supplement the use of documentary evidence by using the non-documentary means described below whenever necessary. We may also use non-documentary means, if we are still uncertain about whether we know the true identity of the customer. In verifying the information, we will consider whether the identifying information that we receive, such as the customer’s name, street address, zip code, telephone number (if provided), date of birth, allow us to determine that we have a reasonable belief that we know the true identity of the customer (e.g., whether the information is logical or contains inconsistencies).
Appropriate documents for verifying the identity of customers include the following:
We understand that we are not required to take steps to determine whether the document that the customer has provided to us for identity verification has been validly issued and that we may rely on a government-issued identification as verification of a customer’s identity. If, however, we note that the document shows some obvious form of fraud, we must consider that factor in determining whether we can form a reasonable belief that we know the customer’s true identity.
We will use the following non-documentary methods of verifying identity:
- Obtaining a financial statement.
- Online third party service provider to satisfy requirement of KYC procedure
We will use non-documentary methods of verification when:
(1) the customer is unable to present an unexpired government-issued identification document with a photograph or other similar safeguard;
(2) the firm is unfamiliar with the documents the customer presents for identification verification;
(3) the customer and firm do not have face-to-face contact; and
(4) there are other circumstances that increase the risk that the firm will be unable to verify the true identity of the customer through documentary means.
We will verify the information within a reasonable time before or after the account is opened. Depending on the nature of the account and requested transactions, we may refuse to complete a transaction before we have verified the information, or in some instances when we need more time, we may, pending verification, restrict the types of transactions or dollar amount of transactions. If we find suspicious information that indicates possible money laundering, terrorist financing activity, or other suspicious activity, we will, after internal consultation with the firm's AML Compliance Person, file a SAR in accordance with applicable laws and regulations.
We recognize that the risk that we may not know the customer’s true identity may be heightened for certain types of accounts, such as an account opened in the name of a corporation, partnership or trust that is created or conducts substantial business in a jurisdiction that has been designated by the U.S. as a primary money laundering jurisdiction, a terrorist concern, or has been designated as a non-cooperative country or territory. We will identify customers that pose a heightened risk of not being properly identified. We will also take the additional measures that may be used to obtain information about the identity of the individuals associated with the customer when standard documentary methods prove to be insufficient.
d. Lack of Verification
When we cannot form a reasonable belief that we know the true identity of a customer, we will do the following: (1) not open an account; (2) impose terms under which a customer may conduct transactions while we attempt to verify the customer’s identity; (3) close an account after attempts to verify a customer’s identity fail; and (4) determine whether it is necessary to file a SAR in accordance with applicable laws and regulations.
We will document our verification, including all identifying information provided by a customer, the methods used and results of verification, and the resolution of any discrepancies identified in the verification process. We will keep records containing a description of any document that we relied on to verify a customer’s identity, noting the type of document, any identification number contained in the document, the place of issuance, and if any, the date of issuance and expiration date. With respect to non-documentary verification, we will retain documents that describe the methods and the results of any measures we took to verify the identity of a customer. We will also keep records containing a description of the resolution of each substantive discrepancy discovered when verifying the identifying information obtained. We will retain records of all identification information for five years after the account has been closed; we will retain records made about verification of the customer's identity for five years after the record is made.
At such time as we receive notice that a government agency has issued a list of known or suspected terrorists and identified the list as a list for CIP purposes, we will, within a reasonable period of time after an account is opened (or earlier, if required by another law or regulation or directive issued in connection with an applicable list), determine whether a customer appears on any such list of known or suspected terrorists or terrorist organizations issued by any government agency and designated as such. We will follow all directives issued in connection with such lists.
We will provide notice to customers that the firm is requesting information from them to verify their identities, as required by law. We will use the following method to provide notice to customers by telephone, electronic mail, regular mail.
We may, under the following circumstances, rely on the performance by another financial institution (including an affiliate) of some or all of the elements of our CIP with respect to any customer that is opening an account or has established an account or similar business relationship with the other financial institution to provide or engage in services, dealings or other financial transactions:
6. Customer Due Diligence Rule
In addition to the information collected under the written Customer Identification Program, we have established, documented and maintained written policies and procedures reasonably designed to identify and verify beneficial owners of legal entity customers and comply with other aspects of the Customer Due Diligence (CDD) Rule. We will collect certain minimum CDD information from beneficial owners of legal entity customers. We will understand the nature and purpose of customer relationships for the purpose of developing a customer risk profile. We will conduct ongoing monitoring to identify and report suspicious transactions, and, on a risk basis, maintain and update customer information.
At the time of opening an account for a legal entity customer, Raj Agrawal or associated team member will identify any individual that is a beneficial owner of the legal entity customer by identifying any individuals who directly or indirectly own 25% or more of the equity interests of the legal entity customer, and any individual with significant responsibility to control, manage, or direct a legal entity customer. The following information will be collected for each beneficial owner:
(1) the name; gender
(2) date of birth (for an individual);
(3) an address, which will be a residential or business street address (for an individual), or residential or business street address of next of kin or another contact individual (for an individual who does not have a residential or business street address); and
(4) an identification card, a passport and country of issuance, or other similar identification card, such as an alien identification card, and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or other similar safeguard (for non-U.S. persons).
We will conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, maintain and update customer information, including information regarding the beneficial ownership of legal entity customers, using the customer risk profile as a baseline against which customer activity is assessed for suspicious transaction reporting.
We will identify foreign bank accounts and any such account that is a correspondent account (any account that is established for a foreign bank to receive deposits from, or to make payments or other disbursements on behalf of, the foreign bank, or to handle other financial transactions related to such foreign bank) for foreign shell banks. Upon finding or suspecting such accounts, firm employees will notify the AML Compliance Person, who will terminate any verified correspondent account in the country for a foreign shell bank. We will also terminate any correspondent account that we have determined is not maintained by a foreign shell bank but is being used to provide services to such a shell bank. We will exercise caution regarding liquidating positions in such accounts and take reasonable steps to ensure that no new positions are established in these accounts during the termination period.
We will require our foreign bank account holders to identify the owners of the foreign bank if it is not publicly traded, the name and street address of a person who resides in the country and is authorized and has agreed to act as agent for acceptance of legal process, and an assurance that the foreign bank is not a shell bank nor is it facilitating activity of a shell bank.. We will re-certify when we believe that the information is no longer accurate or at least once every three years.
We will keep records identifying the owners of foreign banks with Estonian correspondent accounts and the name and address of the Estonia agent for service of legal process for those banks.
When we receive a written request from a law enforcement officer for information identifying the non-publicly traded owners of any foreign bank for which we maintain a correspondent account in the Estonia and/or the name and address of a person residing in the Estonia who is an agent to accept service of legal process for a foreign bank’s correspondent account, we will provide that information to the requesting officer not later than seven days after receipt of the request. We will scrutinize any correspondent account activity during that 10-day period to ensure that any suspicious activity is appropriately reported and to ensure that no new positions are established in these correspondent accounts.
8. Customers – Insufficient or Suspicious Information
- Provides unusual or suspicious identification documents that cannot be readily verified.
- Reluctant to provide complete information about nature and purpose of business, prior banking relationships, anticipated account activity, officers and directors or business location.
- Refuses to identify a legitimate source for funds or information is false, misleading or substantially incorrect.
- Background is questionable or differs from expectations based on business activities.
- Customer with no discernable reason for using the firm’s service.
9. Efforts to Avoid Reporting and Recordkeeping
- Reluctant to provide information needed to file reports or fails to proceed with transaction.
- Tries to persuade an employee not to file required reports or not to maintain required records.
- “Structures” deposits, withdrawals or purchase of monetary instruments below a certain amount to avoid reporting or recordkeeping requirements.
- Unusual concern with the firm’s compliance with government reporting requirements and firm’s AML policies.
10. Certain Funds Transfer Activities
11. Suspicious Activity
When an employee of the firm detects any red flag, or other activity that may be suspicious, he or she will notify the Compliance Person. Under the direction of the AML Compliance Person, the firm will determine whether or not and how to further investigate the matter. This may include gathering additional information internally or from third-party sources, contacting the government, freezing the account and/or filing a SAR.
Our firm prohibits both the receipt of currency or other monetary instruments that have been transported, mailed or shipped to us from outside of Estonia. We will file a SAR if we discover that we have received or caused or attempted to receive from outside of Estonia, currency or other monetary instruments in an aggregate amount exceeding $10,000 at one time (on one calendar day or, if for the purposes of evading reporting requirements, on one or more days).
Our AML Compliance Person and his or her designee will be responsible for ensuring that AML records are maintained properly and that SARs are filed as required.
In addition, as part of our AML program, our firm will create and maintain SARs, and relevant documentation on customer identity and verification (See Section 5 above) and funds transmittals. We will maintain SARs and their accompanying documentation for at least five years. We will keep other documents according to existing rules and other recordkeeping requirements requiring firms to preserve for a period of not less than six years.
We will hold SAR and any supporting documentation confidential. We will not inform anyone outside of the Authority of Jurisdiction or other appropriate law enforcement or regulatory agency about a SAR. We will refuse any subpoena requests for SAR-s or for information that would disclose that a SAR has been prepared or filed and immediately notify the Authority of Jurisdiction of any such subpoena requests that we receive. We will segregate SAR-SF filings and copies of supporting documentation from other firm books and records to avoid disclosing SAR filings. Our AML Compliance Person will handle all subpoenas or other requests for SARs. We may share information with another financial institution about suspicious transactions in order to determine whether we will jointly file a SAR according to the provisions of this AML document. In cases in which we file a joint SAR for a transaction that has been handled both by us and another financial institution, both financial institutions will maintain a copy of the filed SAR.
We will work closely with our clearing firm to detect money laundering. We will exchange information, records, data and exception reports as necessary to comply [with our contractual obligations and] with AML laws. As a general matter, we will obtain and use the exception reports offered by our clearing firm in order to monitor customer activity and we will provide our clearing firm with proper customer identification and due diligence information as required to successfully monitor customer transactions. We have discussed how each firm will apportion customer and transaction functions and how we will share information and set forth our understanding in a written document. We understand that the apportionment of functions will not relieve either of us from our independent obligation to comply with AML laws, except as specifically allowed under the Estonia Rules and Regulations and its implementing regulations.
We will develop ongoing employee training under the leadership of the AML Compliance Person and senior management. Our training will occur on at least an annual basis. It will be based on our firm’s size, its customer base, and its resources and be updated as necessary to reflect any new developments in the law.
Our training will include, at a minimum: (1) how to identify red flags and signs of money laundering that arise during the course of the employees’ duties; (2) what to do once the risk is identified (including how, when and to whom to escalate unusual customer activity or other red flags for analysis and, where appropriate, the filing of SARs); (3) what employees' roles are in the firm's compliance efforts and how to perform them; (4) the firm's record retention policy; and (5) the disciplinary consequences (including civil and criminal penalties) for non-compliance with the Rules and Regulations.
We will develop training in our firm, or contract for it. Delivery of the training may include educational pamphlets, videos, intranet systems, in-person lectures and explanatory memos. We will maintain records to show the persons trained, the dates of training and the subject matter of their training.
We will review our operations to see if certain employees, such as those in compliance, margin and corporate security, require specialized additional training. Our written procedures will be updated to reflect any such changes.
The testing of our AML program will be performed at least annually (on a calendar year basis) by [Name], an independent third party. We will evaluate the qualifications of the independent third party to ensure they have a working knowledge of applicable requirements under the Estonia Rules and Regulations and its implementing regulations. Independent testing will be performed more frequently if circumstances warrant.
b. Evaluation and Reporting
After we have completed the independent testing, staff will report its findings to senior management. We will promptly address each of the resulting recommendations and keep a record of how each noted deficiency was resolved.
We will subject employee accounts to the same AML procedures as customer accounts, under the supervision of the AML Compliance Person. We will also review the AML performance of supervisors, as part of their annual performance review. The AML Compliance Person’s accounts will be reviewed by [Name – another member of senior management.]
Employees will promptly report any potential violations of the firm’s AML compliance program to the AML Compliance Person, unless the violations implicate the AML Compliance Person, in which case the employee shall report to [the president/chairman of the board/audit committee chair]. Such reports will be confidential, and the employee will suffer no retaliation for making them.
Senior management has approved this AML compliance program in writing as reasonably designed to achieve and monitor our firm’s ongoing compliance with the requirements of the BSA and the implementing regulations under it. This approval is indicated by signatures below.