AML/KYC Policy

Money laundering is defined as the process by which the origin of criminally obtained income is concealed to create the appearance of legitimate income. Criminals specifically target financial services firms through which they attempt to launder criminal proceeds without the firms’ knowledge or suspicion.

Money Laundering and Virtual Currencies

This Anti-Money Laundering (AML) Policy outlines the procedures and mechanisms used by ICB TRANSFER sp. z o.o. to prevent money laundering. ICB TRANSFER sp. z o.o. adheres to the following rules:

  • Do not engage in business relationships with criminals and/or terrorists;
  • Do not process transactions resulting from criminal and/or terrorist activities;
  • Do not facilitate any operations related to criminal and/or terrorist activities.

Definitions:

Money Laundering is a set of actions aimed at:

  • Concealing the nature, sources, location, disposition, movement, ownership, or other rights related to such property;
  • Converting, transferring, acquiring, owning, or using such property to hide its illegal origin;
  • Assisting a person involved in criminal activity to avoid legal consequences of their actions;
  • Participating in, conspiring to commit, attempting to commit, or facilitating the commission of illegal activities.
Terrorism Financing in Poland is governed by the Act on Preventing Money Laundering and Financing of Terrorism and relevant regulations, as well as provisions of the Markets in Financial Instruments Directive II (MiFID II).
International Sanctions – a list of non-military measures imposed in Poland, the UN, and the EU to support or restore peace, prevent conflicts, and uphold the rule of law, human rights, and international law.
Compliance Officer (CO) – a representative appointed by the Management, responsible for ensuring compliance with the Rules and acting as the contact person for the General Inspector of Financial Information.
General Inspector of Financial Information – the Polish authority responsible for analyzing financial operations and reporting, including within the framework of preventing money laundering and financing terrorism.
Business Relationship – the relationship between the Service Provider and the Client.
Transaction – a financial flow or payment instruction or transfer of cryptocurrency from the Client to the Service Provider.
Client – an individual or legal entity using the services of the Service Provider.

Beneficial Owner – an individual who:

  • Exercises control over the transaction;
  • Owns or controls a legal entity through direct or indirect ownership of a sufficient percentage of shares or voting rights or ownership interest;
  • Holds a senior management position if the individual specified above cannot be identified;
  • In the case of a trust, civil partnership, community, or legal entity, the beneficial owner is the individual who ultimately controls the association through direct or indirect ownership.
Politically Exposed Person (PEP) – an individual entrusted with or previously entrusted with significant public functions.
Equivalent Third Country – a country that is not a member of the European Economic Area but applies an equivalent regime to the relevant EU AML system.
Virtual Currency – a value represented in digital form, which is subject to digital transfer/trading and is accepted as a payment instrument by people but is not legal tender in any country or currency.
Customer Due Diligence (CDD) – the identification and verification of the identity of the client and any beneficial owners, as well as obtaining information on the purpose and intended nature of the business relationship.
Enhanced Due Diligence (EDD) – additional due diligence measures applied when:
  • The client is a PEP;
  • Or in any other situation that may present a higher risk of money laundering or terrorism financing.
Client Risk Profile – an illustration of the risks and threats an organization may face when dealing with a Client. This may include the likelihood of adverse consequences and a plan for potential costs and level of exposure for each risk. The company should be proactive in managing its risk systems. Some risks can be minimized if appropriately considered. Risk management compliance ensures that the company and its employees adhere to regulatory and ethical processes.
Record Keeping System – an internal electronic system of the company for storing client information.
Proof of Address – a utility bill, property tax receipt, etc.

Description of the Service Provider’s Activity:

The Service Provider offers services for exchanging virtual currencies to virtual currencies, virtual currencies to fiat currencies, and vice versa. The Service Provider reports its activities to the General Inspector of Financial Information of Poland.

Compliance Officer (CO)

The Management appoints a Compliance Officer (CO) to ensure adherence to the Rules and relevant legislation. The CO is responsible for collecting and updating data on low tax risk countries and money laundering and terrorism financing risks. The CO also directs Representatives to perform necessary actions, reports to the Management on compliance matters, processes company activity data, and informs the General Inspector of Financial Information about suspicious activities related to money laundering or terrorism financing. The CO responds to requests from the General Inspector of Financial Information and suggests improvements to compliance procedures.

The CO's role may be performed by the department.

Application of Due Diligence Measures

The Service Provider determines and implements due diligence measures based on the results of the risk assessment/national risk assessment provisions.

Due diligence measures include:

  • Identification and verification of the Client, including electronic identification;
  • Identification and verification of the Client's representative and the authority to represent;
  • Identification of the beneficial owner of the client, assessing and obtaining information on the purpose of business relationships and transactions;
  • Conducting ongoing due diligence on the Client’s business to ensure that transactions align with the Service Provider’s knowledge of the Client and their source of funds;
  • Obtaining information on whether the Client is a PEP or a family member or close associate of a PEP.

To fulfill Customer Due Diligence (CDD) obligations, Representatives are authorized and required to:

  • Request relevant identification documents to verify the Client and their representatives.
  • Request address verification.
  • Request documents and information regarding the Client's activities/legal origin of funds.
  • Request information on the Beneficial Owners of the legal entity.
  • Verify the risk profile of the Client/Transaction.
  • Assess the risk of whether the Client or another person involved in the Transaction could be engaged in money laundering or terrorist financing.
  • Re-identify the Client/their representative if there are doubts about the accuracy of the information.
  • Refuse to participate in or carry out a Transaction if there is any suspicion that the Transaction is related to money laundering or terrorist financing, or if the Client/another person involved in the Transaction may be implicated in such activities.
  • The purpose of ongoing DD measures is to ensure continuous monitoring of Clients and Transactions.

Updated data is entered into the service provider's Client database.

Identification of Identity:

In carrying out DD measures, the following is established:

  • Client – a natural or legal person.

  • Client Representative – a person authorized to act on behalf of the Client.

  • Beneficial Owner – the person who:

    • Controls the transaction.

    • Owns or controls the legal entity through direct or indirect ownership of a sufficient share of stocks or voting rights or ownership interest.

    • Holds a senior management position if the person mentioned above cannot be identified.

    • In the case of a trust, civil partnership, community, or legal organization, the Beneficial Owner is the person who ultimately controls the association through direct or indirect ownership.

  • Politically Exposed Person (PEP) – an individual who holds or has held prominent public functions.

When establishing a relationship with the Client and carrying out a Transaction, the service provider identifies and verifies the Client either in person or using information technology means.

For identifying the Client and verifying their identity using information technology, the service provider uses:

  • A document issued by Polish state authorities for digital identification.

  • Another electronic identification system as defined by Regulation (EU). If the Client is a foreign national, a document issued by a competent authority of the foreign state is also used.

*Documents (Poland) for identification may include:

  • Personal identity card (ID card, electronic residence card, or driving license)

  • Passport or diplomatic passport.

Identification Documents:

The following documents may be used for identification:

  • Personal identification card (ID card, electronic residence card, or driving license)
  • Passport or diplomatic passport.

Legal entities and their passive legal capacity are identified and verified based on:

  • An excerpt from the commercial register for domestic entities.
  • An excerpt from the relevant foreign register or an equivalent document issued no earlier than six months before submission for foreign entities.

Recorded data includes:

For natural persons:

  • Client’s name.
  • Personal identification code (if date and place of birth and residence are not available).
  • Information on identifying and verifying representation rights.
For legal entities:
  • Client’s name.
  • Registration code (or registration number and date of registration) of the Client.
  • Names and powers of the Board members, branch manager, or other relevant body.

Verification Procedure

ICB TRANSFER sp. z o.o. establishes its procedures to ensure compliance with anti-money laundering (AML) standards and the Know Your Customer (KYC) policy.
ICB TRANSFER sp. z o.o. conducts a verification procedure for its Clients, who must provide a government-issued identification document such as a passport, ID card, or driving license. ICB TRANSFER sp. z o.o. reserves the right to collect identification information from Clients as part of its AML policy. This information is processed and stored strictly in accordance with ICB TRANSFER sp. z o.o.'s Privacy Policy.
ICB TRANSFER sp. z o.o. may also request additional identification documents from the Client, such as a bank statement or utility bill not older than 3 months, showing the full name and current address of the Client.
ICB TRANSFER sp. z o.o. verifies the authenticity of documents and information provided by Clients and reserves the right to request additional information from Clients who are deemed high-risk or suspicious.
If the Client’s identification information has changed or appears suspicious, ICB TRANSFER sp. z o.o. has the right to request updated documents from the Client, even if they were previously verified.

*Detailed verification procedures are described in Appendix 1 of ICB TRANSFER sp. z o.o.'s AML Policy, Section 5: Full Client Verification Cycle.

Anti-Money Laundering Officer

The Anti-Money Laundering (AML) Officer at ICB TRANSFER sp. z o.o. is responsible for ensuring compliance with the Anti-Money Laundering Policy, including:

  • Collecting Client identification information.
  • Establishing and updating internal policies and procedures for the creation, review, submission, and storage of all reports required by applicable laws and regulations.
  • Monitoring transactions and analyzing any significant deviations from normal Client activity.
  • Implementing a record-keeping system for storing and retrieving documents, files, forms, and logs.
  • Regularly updating risk assessments.

The AML Officer has the authority to interact with law enforcement agencies handling anti-money laundering, counter-terrorism financing, and other illegal activities.

Transaction Monitoring

To track suspicious or unusual transactions, and to understand the purpose and actual content of transactions, the Representative may:

  • Request (additional) information from the Client about their professional or business activities.
  • Ask the Client to explain the reason for the transaction and provide documents that verify the origin of assets and/or source of wealth.
  • Pay special attention to transactions involving physical or legal entities from countries where it is particularly difficult to obtain Client information, or transactions involving individuals from countries that do not sufficiently prevent money laundering.

If additional documents or information about the source of virtual assets are needed, the Client will be sent a request.

Monitoring Client transactions and analyzing the data obtained are also tools for risk assessment and identifying suspicious transactions. If money laundering is suspected, ICB TRANSFER sp. z o.o. will:

  • Report suspicious activities to the relevant law enforcement authorities.
  • Request any additional information and documents from the Client.
  • Terminate the Client’s account if necessary.

This list is not exhaustive. The AML specialist continuously monitors Client transactions to determine if they should be reported and considered suspicious.

Risk Assessment

In accordance with international requirements, ICB TRANSFER sp. z o.o. applies a risk-based approach to combating money laundering and terrorist financing. This approach ensures that anti-money laundering (AML) and counter-terrorist financing (CTF) measures are commensurate with the identified risks, allowing for the effective allocation of resources. Resources are prioritized based on the level of risk, with the highest attention given to the most significant risks.

The Representative establishes the Client's risk profile based on information gathered in accordance with the Rules.

To search for financial sanctions imposed against individuals, ICB TRANSFER sp. z o.o. uses automated tools provided by API partners or can be accessed via the following link: Sanctions Map.

Risk Assessment for Individuals

When determining the risk category for an individual Client, factors considered include:

  • The Client’s country of residence

  • The beneficiaries of the transaction

  • The Client’s region of activity

  • The Client’s status as a Politically Exposed Person (PEP)

Risk Assessment for Legal Entities

For legal entities, the risk assessment is based on:

  • The country of the entity’s location

  • The entity’s area of activity

  • The transparency of ownership and management structure

 

Suspicious and Unusual Transactions

The Representative assesses whether a transaction is unusual based on all known information about the Client and the transaction.

In evaluating a transaction, it is necessary to determine if there are unusual circumstances or changes, or if the transaction exhibits characteristics indicating money laundering or terrorist financing.

Any transactions and activities of Clients lacking clear economic or legal reasons and not considered normal business activities are deemed suspicious.

Special attention should be given to the following operations/circumstances:

  • The Client makes single and/or consecutive large transactions outside the established schedule.
  • A third party makes payments on behalf of the Client.
  • Any signs of suspicious transactions as outlined by the guidelines of the Financial Information General Inspector and relevant EU and UK directives.

In all the above cases, the Client is required to provide explanations and necessary documents to confirm the legitimate origin of funds.

Prior to starting cooperation with a client, an initial client verification is conducted. A questionnaire is completed on the website, and an identification document (passport, ID card, driver’s license) is provided. Passports and identification cards are verified through sources described in the procedures.

Prohibited Transactions

A transaction can only be carried out with the consent of the representative if:

  • The Client does not have sufficient authority to carry out the transaction, or the authority is unclear.
  • The Client’s need for the transaction has not been substantiated.
  • The management, ownership, and control structure of the Client as a legal entity is unclear or is economically unjustifiably complex, or has frequently changed without justification.
  • The business activities or accounting/payment practices of the legal entity are opaque, and the Client may be a shell company or a front.
  • The Beneficial Owner of the Client as a legal entity cannot be identified.
  • The Client as a legal entity uses an agent or another legal entity as its representative without clear authority (e.g., during preliminary negotiations).
  • The Client or the Client's representative refuses to provide information necessary to establish the nature of the transactions and assess the risks.
  • The Client has not provided sufficient data or documents to confirm the legitimate origin of assets and funds after being requested.
  • The Client, the Beneficial Owner of the Client as a legal entity, or another person associated with the Client is or was involved in organized crime, money laundering, or terrorist financing.
  • The Client, the Beneficial Owner of the Client as a legal entity, or another person associated with the Client is or was linked to traditional sources of income from organized crime.
  • International sanctions are applied to the Client, or the Beneficial Owner of the Client is a legal entity or another person associated with the Client.
  • The Client has nominee shareholders or bearer shares.
Документи