AML POLICY

Know Your Customer (KYC) Norms /Anti-Money Laundering (AML) Standards / Combating of Financing of Terrorism (CFT) /Obligation of banks under Prevention of Money Laundering Act (PMLA), 2002

PokiBit is fully committed to comply globally with all applicable laws designed to combat money laundering and any activity which facilitates the funding of terrorist or criminal activities. PokiBit would meet the extant regulatory requirements and the Framework would be amended from time to time as may be required by the Authority and Compliance with Financial Action Task Force requirements.

The key objectives of this document are

1. To lay down the detailed AML Framework of PokiBit.
2. To ensure that none of its products are vulnerable to Money Laundering and also to ensure that PokiBit is not used as a conduit for Money laundering.
3. To ensure compliance with the AML laws and regulations in force from time to time.
4. To assist law enforcement agencies in their effort to investigate and track money launderers.

Money Laundering– Definition Money Laundering is moving illegally acquired cash through financial systems so that it appears to be legally acquired.

There are three common stages of money laundering as detailed below which are resorted to by the launderers and institutions that may unwittingly be exposed to a potential criminal activity while undertaking normal business transactions:-

1. Placement- The physical disposal of cash proceeds derived from illegal activity;
2. Layering- Separating illicit proceeds from their source by creating complex layers of financial transactions designed to disguise the source of money, subvert the audit trail and provide anonymity; and
3. Integration- Creating the impression of apparent legitimacy to criminally derived wealth.

If the layering process has succeeded, integration schemes place the laundered proceeds back into the economy in such a way that they re-enter the financial system appearing to be normal business funds.

Section 3 of PMLA describes the offence of Money Laundering. Section 3 reads as under: “Whosoever directly or indirectly attempts to indulge or knowingly assists or knowingly is a party or is actually involved in any process or activity connected with the proceeds of crime and projecting it as untainted property shall be guilty of an offence of money-laundering.”

Money Laundering Risks

The Company is aware that it is exposed to several risks if an appropriate AML framework is not established, which are detailed as under

1. Reputation Risk - Risk of loss due to severe impact on Company’s business. This requires maintaining the confidence of authority, customers, creditors and the general marketplace.
2. Compliance Risk - Risk of loss due to failure of compliance with key Regulations governing the company’s operations.
3. Operations Risk - Risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.
4. Legal Risk - Risk of loss due to any of the above risks or combination thereof resulting in the failure to comply with Law and having a negative legal impact on the Company. The specific types of negative legal impacts could arise by way of fines, confiscation of illegal proceeds, and suspension/termination of licences by the regulators, criminal liability, etc.
5. Financial Risk - Risk of loss due to any of the above risks or combination thereof resulting in negative financial impact on the Company.

AML/CFT Governance Framework structure

As required by government guidelines, company’s AML Framework is broadly divided into the following main components:

1. AML/KYC Standards;
2. Appointment of Designated Director / Principal Compliance Officer;
3. Recruitment and training of employees/agents;
4. Internal Control/Audit;

AML/KYC Standards

Basic Due Diligence [Know Your Customer (KYC)]

Keeping in view the specific requirements of the guidelines issued by RBI and other regulatory bodies and considering the potential threat of usage of financial services by a money launderer, the company shall make reasonable efforts to determine the true identity of all Merchants by doing proper Merchant Due Diligence (MDD). Effective procedures should be put in place to obtain requisite details for proper identification of new customers.

1. Agents / Financial Consultant’s (FCs) shall be required to provide information to indicate any behavioural aspects of a Merchant that are found to be suspicious at the time of their interaction.
2. Special attention will be given to all complex, unusually large transactions and all unusual patterns which have no apparent economic or visible lawful purpose.
3. PokiBit will not enter into a contract with a Merchant whose identity matches with any person with known criminal background or with banned entities and those reported to have links with terrorists or terrorist organisations. Merchant’s name screening will be done daily against the negative list. In case any matching records are identified, it will be reported to the relevant authority.
4. In case of receipt of order to freeze / unfreeze account / hold merchant fund is received under section 51A of the UAPA (The Unlawful Activities (Prevention) Act 1967), it will be implemented without prior notice to the designated individuals / entities.
5. Measures will be taken to identify beneficial ownership in case of non-individual customers.

Procedure for determining beneficial owner

(a) Where the client is a company, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has a controlling ownership interest or who exercises control through other means.

Explanation.- For the purpose of this subclause- "Controlling ownership interest" means ownership of or entitlement to more than twenty-five percent of shares or capital or profits of the company; "Control" shall include the right to appoint majority of the directors or to control the management or policy decisions including by virtue of their shareholding or management rights or shareholders agreements or voting agreements;

(b) Where the client is a partnership firm, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has ownership of/entitlement to more than fifteen percent of capital or profits of the partnership;

(c) Where the client is an unincorporated association or body of individuals, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has ownership of or entitlement to more than fifteen percent of the property or capital or profits of such association or body of individuals;

(d) Where no natural person is identified under (a) or (b) or (c) above, the beneficial owner is the relevant natural person who holds the position of senior managing official;

(e) Where the client is a trust, the identification of beneficial owner(s) shall include identification of the author of the trust, the trustee, the beneficiaries with fifteen percent or more interest in the trust and any other natural person exercising ultimate effective control over the trust through a chain of control or ownership; and

(f) Where the client or the owner of the controlling interest is a company listed on a stock exchange, or is a subsidiary of such a company, it is not necessary to identify and verify the identity of any shareholder or beneficial owner of such companies.

When should KYC be done?

1. New Customers: a) In case of new contracts, KYC/CDD should be done before entering into any contract with a new customer.
2. Ongoing basis: KYC should also be carried out at the claim payout stage and at times when additional top up remittances are inconsistent with the customer known profile. Any change which is inconsistent with the normal and expected activity of the customer, further KYC processes and / or action as considered necessary.

Risk Profile of the Customer

As financial transactions conducted by the customers are of a very high magnitude. Regulations require the PokiBit to monitor all transactions there under for any suspected incident of money laundering. However, considering the spirit as well as the requirements under the regulations, the monitoring efforts are directed more towards the customers and transactions with higher risk of money laundering, being the Risked Based Approach (RBA) for monitoring and controls.

Adopting a RBA implies the adoption of a risk management process for dealing with Money Laundering (ML) / Terrorist Financing (TF), keeping in mind the magnitude of risk involved.

A risk analysis would be performed to determine where the ML/TF risks are the greatest based on customers, products and services, including delivery channels, and geographical locations. They can change over time, depending on how circumstances develop, and how threats evolve, and our controls would also change accordingly. This process thus encompasses recognizing the existence of the risk(s), undertaking an assessment of the risk(s) and developing strategies to manage and mitigate the identified ML risks.

Enhanced due diligence

Accordingly, the customer's source of funds, his estimated net worth etc., shall be appropriately documented and PokiBit shall obtain income proofs and details of sources of funds for all policies as specified by the Company from time to time.

However, the PokiBit will have power to prescribe rules / limits etc. for any particular payment mode, or to disallow any payment mode(s) for any one or more channels.

Prohibition from “Tipping off”

Employees (permanent and temporary) are prohibited (should maintain strict confidentiality) from disclosing the fact that a suspicious transactions report or related information of a Customer/ prospect is being reported or provided to the LEA.

eRecord Keeping

PokiBit will maintain the records (either in electronic or in paper form) of types of transactions mentioned under Rules 3 and 4 of PMLA Rules 2005 and the copies of the suspicious Transactions reports submitted to LEA’s as well as those relating to the verification of identity of customers for a period of 5 years in order to enable PokiBit to comply swiftly with information requests from the competent authorities. Such records shall be sufficient to permit reconstruction of transactions if necessary, as an evidence for prosecution of criminal activity. PokiBit will retain the records of those contracts with the Merchants, Remitted funds for a period of at least 5 years after that settlement. Records pertaining to all other transactions, (for which the Company is obliged to maintain records under other applicable Legislations / Regulations / Rules) the Company will retain records as provided in the said Legislations / Regulations / Rules but not less than 5 years from the date of end of the business relationship with the Merchant.

The Designated Director/ Compliance Officer and staff assisting in execution of AML guidelines should have timely access to Merchant identification data, other KYC information and records.

The Designated Director/Compliance Officer shall

1. Implementation of the AML Program effectively, including monitoring compliance by the company’s insurance agents with their obligations under the program.
2. Ensure that employees and agents of the PokiBit have appropriate resources and are well trained to address questions regarding the application of the program in light of specific facts.
3. Be responsible for regulatory reporting, as prescribed under the government of India guidelines, suspicious transactions.

Internal Control/Audit

PokiBit internal audit / inspection departments shall verify on a regular basis, compliance with policies, procedures and controls relating to money laundering activities

Review of AML Frameworks

The AML framework shall be reviewed at least annually and changes effected based on experience and regulatory changes shall be incorporated in the same.