Anti-Money Laundering Programme: Difference between revisions

From Bittylicious
Jump to navigation Jump to search
No edit summary
 
(5 intermediate revisions by 2 users not shown)
Line 6: Line 6:
* Risk vectors and ML techniques change regularly, so these requirements and limits are regularly updated.
* Risk vectors and ML techniques change regularly, so these requirements and limits are regularly updated.
* Customer activity is monitored in an on-going basis, including detection of accounts being used in a manner inconsistent with previous usage.
* Customer activity is monitored in an on-going basis, including detection of accounts being used in a manner inconsistent with previous usage.
* Suspicious activity is reported internally and onwards to the relevant law enforcement authorities, e.g. by raising [https://nationalcrimeagency.gov.uk/what-we-do/crime-threats/money-laundering-and-terrorist-financing/suspicious-activity-reports SARS] if appropriate.
* Suspicious activity is reported internally and onwards to the relevant law enforcement authorities, e.g. by raising [https://www.fiu.im/ Suspicious Activity Reports] where appropriate.
* Historical information is maintained for appropriate amounts of time in order to identify trends.
* Historical information is maintained for appropriate amounts of time in order to identify trends.
* All relevant employees are trained to understand these requirements.
* All relevant employees are trained to understand these requirements.
Line 12: Line 12:
==Limits==
==Limits==


* Customers that we do not [http://en.wikipedia.org/wiki/Know_your_customer 'know'] are only entitled to buy small amounts of cryptocurrency. These are below any thresholds that money launderers would consider useful.
* Customers that we do not [http://en.wikipedia.org/wiki/Know_your_customer 'know'] are only entitled to trade small amounts of cryptocurrency. These are below any thresholds that money launderers would consider useful.
* In order to buy a slightly increased amount of cryptocurrency, customers are required to register (i.e. confirm their email address) and also confirm a mobile phone number.
* In order to trade a slightly increased amount of cryptocurrency, customers are required to register (i.e. confirm their email address) and also confirm a mobile phone number.
* In order to increase that limit further, more extensive ID checks are performed in the form of:
* In order to increase that limit further, more extensive ID checks are performed in the form of:
** ID verification.
** ID verification.
Line 32: Line 32:
==Regulations==
==Regulations==


Although the methods Bittylicious uses to trade cryptocurrency are not seen to require regulation at present, we had previously voluntarily registered under [http://www.hmrc.gov.uk/MLR/ HMRC's Money Laundering Regulations scheme] as we believe they are sensible. HMRC have since informed us that they do not regulate cryptocurrency businesses so this registration is no longer applicable. This is the case for all cryptocurrency businesses in the UK.
Systems, as described above, have been implemented that meet the required Isle of Man AML legislation required of registered entities. The interests of Bittylicious and these regulations are aligned in combating money laundering and terrorist financing.


Systems, as described above, have been implemented that meet the required UK AML legislation required of registered entities. This is above and beyond what is required, but the interests of Bittylicious and these regulations are aligned.
Isle of Man legislation enacted to combat money laundering includes:


The various requirements for AML are covered under the following legislations in the UK:
* The Proceeds of Crime Act 2008 (POCA)
* The Anti-Money Laundering and Countering the Financing of Terrorism Code 2019 (AML/CFT, "the Code")
* The Designated Businesses (Registration and Oversight) Act 2015 (DBROA)
* The Terrorism and Other Crime (Financial Restrictions) Act 2014
* The Anti-Terrorism and Crime Act 2003 (ATCA)


* The Proceeds of Crime Act 2002 (POCA), as amended by the:
Bittylicious also follows AML guidance provided in the Isle of Man and in other jurisdictions, notably in the UK, and advice from international organisations, including (but not restricted to):
** i. Serious Organised Crime and Police Act 2005 (SOCPA); and the
 
** ii. Proceeds of Crime Act (Amendment) Regulations 2007;
* the Isle of Man Financial Services Authority (FSA)
* The Terrorism Act 2000, as amended by the:
* the Isle of Man National Risk Assessments (NRA)
** i. The Anti Terrorism, Crime & Security Act 2001; and the
* the Joint Money Laundering Steering Group (JMLSG)
** ii. Terrorism Act (Amendment) Regulations 2007;
* the Financial Conduct Authority (FCA, UK)
* The Terrorism Act 2006;
* HM Treasury (UK)
* The Money Laundering Regulations 2007; and
* the Financial Action Task Force (FATF)
* The Joint Money Laundering Steering Group (JMLSG) Guidance for the UK Financial Sector on the prevention of money laundering/combating terrorist financing.

Latest revision as of 16:58, 1 January 2021

Principles

  • Anti-Money Laundering is at the core of Bittylicious. This includes Bittylicious having adequate systems and control in place to mitigate the risk of Bittylicious being used to facilitate the laundering of the proceeds of crime.
  • Senior management is responsible for the oversight of compliance with relevant legislation, regulations, rules and industry guidance.
  • The verification requirements and limits are regularly updated after following a Risk Based Approach towards assessing and managing the fraud, money laundering and terrorist financing risks to the company.
  • Risk vectors and ML techniques change regularly, so these requirements and limits are regularly updated.
  • Customer activity is monitored in an on-going basis, including detection of accounts being used in a manner inconsistent with previous usage.
  • Suspicious activity is reported internally and onwards to the relevant law enforcement authorities, e.g. by raising Suspicious Activity Reports where appropriate.
  • Historical information is maintained for appropriate amounts of time in order to identify trends.
  • All relevant employees are trained to understand these requirements.

Limits

  • Customers that we do not 'know' are only entitled to trade small amounts of cryptocurrency. These are below any thresholds that money launderers would consider useful.
  • In order to trade a slightly increased amount of cryptocurrency, customers are required to register (i.e. confirm their email address) and also confirm a mobile phone number.
  • In order to increase that limit further, more extensive ID checks are performed in the form of:
    • ID verification.
    • Proof of address verification.
    • Bank account verification.
  • The limit can be raised further, but in all instances, we open up dialogue with you to understand the reasoning for wanting cryptocurrency, and cross check this where possible.

Enhanced due diligence is additionally performed on any customers that present a higher risk, for example, Politically Exposed Persons (PEPs).

Anti-Abuse

We take active steps to stop users from abusing the limits we set. Amongst other things, we:

  • Set strict time limits between starting and completing trades.
  • Restrict the number and amount of trades per IP address and IP block.
  • Cross-reference information received from banks concerning account names.

Regulations

Systems, as described above, have been implemented that meet the required Isle of Man AML legislation required of registered entities. The interests of Bittylicious and these regulations are aligned in combating money laundering and terrorist financing.

Isle of Man legislation enacted to combat money laundering includes:

  • The Proceeds of Crime Act 2008 (POCA)
  • The Anti-Money Laundering and Countering the Financing of Terrorism Code 2019 (AML/CFT, "the Code")
  • The Designated Businesses (Registration and Oversight) Act 2015 (DBROA)
  • The Terrorism and Other Crime (Financial Restrictions) Act 2014
  • The Anti-Terrorism and Crime Act 2003 (ATCA)

Bittylicious also follows AML guidance provided in the Isle of Man and in other jurisdictions, notably in the UK, and advice from international organisations, including (but not restricted to):

  • the Isle of Man Financial Services Authority (FSA)
  • the Isle of Man National Risk Assessments (NRA)
  • the Joint Money Laundering Steering Group (JMLSG)
  • the Financial Conduct Authority (FCA, UK)
  • HM Treasury (UK)
  • the Financial Action Task Force (FATF)