Anti-Money Laundering Programme
- Anti-Money Laundering is at the core of Bittylicious. This includes Bittylicious having adequate systems and control in place to mitigate the risk of Bittylicious being used to facilitate the laundering of the proceeds of crime.
- Senior management is responsible for the oversight of compliance with relevant legislation, regulations, rules and industry guidance.
- The verification requirements and limits are regularly updated after following a Risk Based Approach towards assessing and managing the fraud, money laundering and terrorist financing risks to the company.
- Risk vectors and ML techniques change regularly, so these requirements and limits are regularly updated.
- Customer activity is monitored in an on-going basis, including detection of accounts being used in a manner inconsistent with previous usage.
- Suspicious activity is reported internally and onwards to the relevant law enforcement authorities, e.g. by raising SARS if appropriate.
- Historical information is maintained for appropriate amounts of time in order to identify trends.
- All relevant employees are trained to understand these requirements.
- Customers that we do not 'know' are only entitled to buy small amounts of cryptocurrency. These are below any thresholds that money launderers would consider useful.
- In order to buy a slightly increased amount of cryptocurrency, customers are required to register (i.e. confirm their email address) and also confirm a mobile phone number.
- In order to increase that limit further, more extensive ID checks are performed in the form of:
- ID verification.
- Proof of address verification.
- Bank account verification.
- The limit can be raised further, but in all instances, we open up dialogue with you to understand the reasoning for wanting cryptocurrency, and cross check this where possible.
Enhanced due diligence is additionally performed on any customers that present a higher risk, for example, Politically Exposed Persons (PEPs).
We take active steps to stop users from abusing the limits we set. Amongst other things, we:
- Set strict time limits between starting and completing trades.
- Restrict the number and amount of trades per IP address and IP block.
- Cross-reference information received from banks concerning account names.
Although the methods Bittylicious uses to trade cryptocurrency are not seen to require regulation at present, we had previously voluntarily registered under HMRC's Money Laundering Regulations scheme as we believe they are sensible. HMRC have since informed us that they do not regulate cryptocurrency businesses so this registration is no longer applicable. This is the case for all cryptocurrency businesses in the UK.
Systems, as described above, have been implemented that meet the required UK AML legislation required of registered entities. This is above and beyond what is required, but the interests of Bittylicious and these regulations are aligned.
The various requirements for AML are covered under the following legislations in the UK:
- The Proceeds of Crime Act 2002 (POCA), as amended by the:
- i. Serious Organised Crime and Police Act 2005 (SOCPA); and the
- ii. Proceeds of Crime Act (Amendment) Regulations 2007;
- The Terrorism Act 2000, as amended by the:
- i. The Anti Terrorism, Crime & Security Act 2001; and the
- ii. Terrorism Act (Amendment) Regulations 2007;
- The Terrorism Act 2006;
- The Money Laundering Regulations 2007; and
- The Joint Money Laundering Steering Group (JMLSG) Guidance for the UK Financial Sector on the prevention of money laundering/combating terrorist financing.