AML Policy

Last Updated June 23, 2026

HELEKET Anti-Money Laundering, Counter-Terrorism Financing, Counter-Proliferation Financing, and Sanctions Compliance Policy.

1. General Provisions

This Policy defines the HELEKET system of measures for combating money laundering, terrorism financing, financing of the proliferation of weapons of mass destruction, violations of sanctions regimes, circumvention of restrictive measures, fraud, and other unlawful financial activity.

The Policy applies to all clients, prospective clients, accounts, operations, digital assets, representatives, beneficial owners, related persons, counterparties, wallets, addresses, transactions, and other relationships arising from the use of HELEKET's services.

HELEKET applies a risk-based approach and carries out client verification, transaction monitoring, sanctions screening, source of funds analysis, and other control measures to the extent necessary to comply with applicable legislation, international AML/CFT/CPF standards, FATF recommendations, and the Platform's internal procedures.

2. Definitions

For the purposes of this Policy:

  • AML means measures for combating money laundering.
  • CFT means measures for combating the financing of terrorism.
  • CPF means measures for combating the financing of the proliferation of weapons of mass destruction.
  • KYC means client identification and verification.
  • Client means any natural or legal person using or intending to use HELEKET's services.
  • Beneficial owner means the natural person who directly or indirectly owns or controls a client, or in whose interests a transaction is carried out.
  • PEP means a politically exposed person, as well as their family members and close business associates.
  • Sanctioned person means a person, organisation, address, wallet, vessel, structure, or other entity included in sanctions, terrorist, restrictive, or other official lists.
  • Non-serviced jurisdiction means a country or territory in respect of which HELEKET does not provide services at all or applies a prohibition due to sanctions, legal, AML/CFT/CPF, commercial, or internal risks.

3. Legal and Regulatory Framework

HELEKET builds its compliance system taking into account:

  • applicable legislation in the field of AML/CFT/CPF;
  • sanctions regimes of the UN, EU, UK, US, and other applicable regimes;
  • FATF recommendations;
  • requirements for virtual assets and virtual asset service providers, where applicable;
  • risk-based approach principles;
  • HELEKET's internal procedures;
  • decisions of competent authorities and regulators.

Nothing in this Policy limits HELEKET's right to apply stricter measures than the minimum required by law, where necessary for risk management, protection of the Platform, sanctions compliance, or prevention of unlawful activity.

4. Core Principles of HELEKET

HELEKET adheres to the following principles:

  • does not establish relationships with anonymous or pseudonymous clients;
  • does not provide services to clients from non-serviced jurisdictions;
  • does not carry out operations where it is impossible to establish the identity of the client, representative, or beneficial owner;
  • does not accept funds whose origin cannot be reasonably explained or confirmed;
  • screens clients, representatives, beneficial owners, wallets, and operations against sanctions and other restrictive lists;
  • applies enhanced due diligence to high-risk clients and operations;
  • carries out ongoing transaction monitoring;
  • cooperates with competent authorities in cases provided for by law;
  • reserves the right to refuse service, restrict an account, suspend an operation, or freeze assets where required by law, sanctions regimes, or internal risk assessment.

5. Prohibited Client Categories

HELEKET does not onboard or service clients if:

  • the client, their representative, beneficial owner, or related person is included in a sanctions, terrorist, or other restrictive list;
  • the client is located, resides, is registered, operates, or has a substantial connection with a non-serviced jurisdiction;
  • the client acts on behalf of a third party without disclosing such party;
  • it is impossible to establish the beneficial owner or actual control;
  • the client provides false, incomplete, contradictory, or forged information;
  • the client refuses to provide documents or explanations necessary for verification;
  • the source of funds or source of wealth is unconfirmed or gives rise to reasonable doubt;
  • the client's activities are associated with fraud, money laundering, terrorism financing, sanctions evasion, corruption, drug trafficking, arms trafficking, human trafficking, child exploitation, ransomware, darknet markets, mixers, illegal gambling, or other prohibited activities;
  • continued servicing creates an unacceptable legal, sanctions, regulatory, reputational, or operational risk for HELEKET.

6. Non-Serviced Countries and Territories

HELEKET does not provide services to clients who are citizens, residents, registered, located, operating, or have a substantial connection with the countries and territories listed below.

The list is formed on the basis of HELEKET's internal list as well as current FATF lists.

6.1. List of Non-Serviced Jurisdictions

  • Afghanistan — AF
  • Algeria — DZ
  • Angola — AO
  • Bahamas — BS
  • Belarus — BY
  • Bolivia — BO
  • Bulgaria — BG
  • Bosnia and Herzegovina — BA
  • Botswana — BW
  • British Virgin Islands — VG
  • Burundi — BI
  • Vanuatu — VU
  • Venezuela — VE
  • Vietnam — VN
  • Haiti — HT
  • Ghana — GH
  • Guyana — GY
  • Guinea — GN
  • Guinea-Bissau — GW
  • Democratic Republic of the Congo — CD
  • Republic of the Congo — CG
  • Yemen — YE
  • Iraq — IQ
  • Iran — IR
  • Cambodia — KH
  • Cameroon — CM
  • Kenya — KE
  • Democratic People's Republic of Korea — KP
  • Côte d'Ivoire — CI
  • Kuwait — KW
  • Laos — LA
  • Lebanon — LB
  • Liberia — LR
  • Libya — LY
  • Monaco — MC
  • Myanmar — MM
  • Namibia — NA
  • Nepal — NP
  • Nigeria — NG
  • Pakistan — PK
  • Papua New Guinea — PG
  • Russia — RU
  • Serbia — RS
  • Syria — SY
  • Somalia — SO
  • United States of America — US
  • Sudan — SD
  • Sri Lanka — LK
  • Trinidad and Tobago — TT
  • Tunisia — TN
  • Uganda — UG
  • Ukraine — UA
  • Central African Republic — CF
  • Ecuador — EC
  • Eritrea — ER
  • Ethiopia — ET
  • South Sudan — SS
  • Japan — JP
  • Zimbabwe — ZW

HELEKET reserves the right to amend this list at any time without prior notice, including in connection with changes to sanctions regimes, FATF lists, regulatory requirements, banking and payment partner requirements, its own risk assessment, or the Platform's commercial policy.

7. Grounds for Client Verification

HELEKET conducts client verification:

  • upon changes to client data;
  • upon changes to the ownership or control structure;
  • upon identification of signs of elevated risk;
  • upon receipt of adverse information;
  • upon updates to sanctions, PEP, or other compliance databases;
  • where doubts arise as to the accuracy of previously obtained information;
  • upon identification of an unusual, complex, large, structured, or suspicious transaction;
  • periodically, depending on the client's risk level.

HELEKET reserves the right not to commence, to suspend, or to terminate servicing until verification is complete.

8. Verification of Natural Persons

For the identification and verification of a natural person, HELEKET may request:

  • full name;
  • date and place of birth;
  • nationality;
  • country of residence;
  • residential address;
  • identity document;
  • photograph, video identification, or biometric verification;
  • information on the source of funds;
  • information on the source of wealth;
  • purpose and intended nature of use of services;
  • information on employment, activity, or business profile;
  • tax information, where applicable;
  • additional documents and explanations required for risk assessment.

HELEKET reserves the right to use independent sources, public registries, databases, technical means, external verification services, and other lawful tools to confirm a client's identity.

9. Verification of Legal Entities

For the verification of a legal entity, HELEKET may request:

  • full name;
  • registration number;
  • date and country of registration;
  • registered address;
  • actual address;
  • constitutional and registration documents;
  • information on directors, managing persons, and representatives;
  • documents confirming the authority of representatives;
  • ownership and control structure;
  • information on beneficial owners;
  • description of business activities;
  • information on the source of funds;
  • information on the business model and key counterparties;
  • financial documents, where necessary;
  • licences, permits, or regulatory status, where applicable;
  • additional information required for risk assessment.

If the ownership structure is complex, multi-layered, nominee-based, trust-based, or otherwise non-transparent, HELEKET reserves the right to apply enhanced due diligence or to refuse service.

10. Representatives and Authorised Persons

Where a representative acts on behalf of a client, HELEKET establishes the identity of the representative and verifies their authority.

The Platform may request:

  • the representative's identity document;
  • a power of attorney, corporate resolution, agreement, or other document confirming authority;
  • information on the representative's position and role;
  • confirmation of the right to give instructions on behalf of the client;
  • additional documents where the authority is in doubt.

HELEKET is not obliged to accept instructions from a representative whose identity or authority has not been duly confirmed.

11. Beneficial Owners and Actual Control

HELEKET takes reasonable steps to identify the natural persons who directly or indirectly:

  • own the client;
  • control the client;
  • benefit from the client's activities;
  • give binding instructions to the client;
  • actually control operations or assets.

If the client is a legal entity, HELEKET analyses the entire ownership chain down to the level of natural persons. If the ultimate owner cannot be established, HELEKET reserves the right to identify the person exercising actual control, or the person holding the highest managerial position.

For trusts, foundations, and similar structures, HELEKET may establish the settlor, trustee, protector, beneficiaries, class of beneficiaries, and other persons exercising control.

The inability to establish the beneficial owner constitutes grounds for refusing service or terminating the business relationship.

12. Purpose and Nature of the Business Relationship

HELEKET establishes the purpose and intended nature of the business relationship with the client.

The following are analysed:

  • intended use of services;
  • expected volume and frequency of operations;
  • types of assets;
  • countries of origin and destination of funds;
  • economic purpose of operations;
  • consistency of operations with the client's profile;
  • source of funds;
  • business or personal rationale for using the Platform.

If the client's actual behaviour does not correspond to the stated purpose or profile, HELEKET reserves the right to request additional information, revise the risk level, restrict operations, or terminate service.

13. Client Risk Assessment

HELEKET assigns a risk level to the client based on a combination of factors.

The following are taken into account:

  • jurisdictional risk;
  • sanctions risk;
  • PEP risk;
  • product or service risk;
  • digital asset risk;
  • service channel risk;
  • ownership structure risk;
  • source of funds risk;
  • business activity risk;
  • behavioural risk;
  • operational and transactional risk;
  • presence of adverse information;
  • association with high-risk services, wallets, or counterparties.

The risk level may be revised at any time, including automatically or following a manual review.

14. Standard Due Diligence

Standard due diligence applies to clients whose risk level does not require enhanced measures.

It may include:

  • client identification;
  • document verification;
  • sanctions screening;
  • PEP screening;
  • beneficial owner verification;
  • establishment of the purpose of the relationship;
  • source of funds assessment;
  • assignment of a risk level;
  • periodic data updates.

HELEKET reserves the right to expand the scope of verification if new circumstances arise during the course of the relationship.

15. Enhanced Due Diligence

Enhanced due diligence applies where the client, transaction, structure, jurisdiction, or source of funds presents elevated risk.

Grounds for enhanced due diligence may include:

  • association with a high-risk jurisdiction;
  • PEP status;
  • complex or non-transparent ownership structure;
  • nominee ownership or nominee management;
  • large, unusual, or economically unjustified transactions;
  • use of high-risk digital assets;
  • association with mixers, anonymisers, darknet, ransomware, hacking, or fraud;
  • adverse information from open or specialised sources;
  • signs of transaction structuring;
  • inconsistency of transactions with the client's profile;
  • suspicion of sanctions evasion.

Enhanced due diligence may include:

  • request for an expanded document package;
  • confirmation of source of funds;
  • confirmation of source of wealth;
  • obtaining information on counterparties;
  • analysis of transaction history;
  • verification of wallets and addresses;
  • senior management approval for commencing or continuing the relationship;
  • setting of limits;
  • enhanced monitoring;
  • temporary restriction of operations;
  • refusal of a transaction or termination of the relationship.

16. Sanctions Controls

HELEKET carries out sanctions screening of clients, representatives, beneficial owners, related persons, wallets, addresses, counterparties, and transactions.

Screening may be conducted:

  • upon changes to client data;
  • upon updates to sanctions lists;
  • periodically during the course of the relationship;
  • upon identification of suspicious activity;
  • upon receipt of an external request or notification.

Upon identification of a match with a sanctioned person or restricted jurisdiction, HELEKET reserves the right to:

  • refuse a transaction;
  • suspend a transaction;
  • restrict account access;
  • freeze assets;
  • request additional information;
  • conduct an internal investigation;
  • file a report with a competent authority;
  • terminate the business relationship.

Where assets are subject to freezing, HELEKET does not lift the restriction on its own initiative where such lifting requires authorisation from a competent authority or another lawful basis.

17. Transaction Monitoring

HELEKET carries out ongoing monitoring of client transactions.

Monitoring is aimed at identifying:

  • transactions inconsistent with the client's profile;
  • unusually large transactions;
  • frequent transactions without an apparent purpose;
  • transactions artificially split into parts;
  • transactions involving high-risk jurisdictions;
  • transactions involving high-risk wallets;
  • use of mixers, anonymisers, and privacy-enhancing tools;
  • connections with darknet markets, fraud, ransomware, hacking, or stolen assets;
  • inconsistency between the source of funds and the declared profile;
  • transactions lacking an obvious economic rationale;
  • signs of sanctions or control evasion.

HELEKET reserves the right to suspend a transaction pending receipt of sufficient explanations and documents.

18. Structuring and Related Transactions

Where several transactions are connected, share a common economic purpose, are carried out within a short period of time, pass through related accounts or wallets, or otherwise indicate artificial splitting, HELEKET reserves the right to treat them as a single transaction.

Indicators of structuring may include:

  • repeated transactions for similar amounts;
  • use of multiple accounts by one person or group of persons;
  • use of related wallets;
  • splitting of a single amount into multiple transfers;
  • absence of a reasonable commercial explanation;
  • an attempt to avoid limits, verification, or reporting.

Upon identifying structuring, HELEKET reserves the right to apply enhanced due diligence, restrict operations, revise the client's risk level, or file a report with a competent authority.

19. New Products, Services, and Technologies

Prior to the introduction of new products, features, digital assets, payment channels, technological solutions, or business models, HELEKET assesses the associated AML/CFT/CPF and sanctions risks.

Particular attention is given to products and technologies that may:

  • increase anonymity;
  • complicate client identification;
  • complicate the tracing of the source of funds;
  • enable cross-border movement of assets;
  • create a risk of sanctions evasion;
  • complicate transaction monitoring;
  • use new or insufficiently regulated value transfer mechanisms.

Where necessary, HELEKET introduces limits, additional checks, restrictions, and monitoring, or declines to launch the relevant product.

20. Prohibition of Cash Payments and Bearer Instruments

HELEKET does not make payments in cash and does not use negotiable bearer instruments.

HELEKET also reserves the right to refuse a transaction if its structure, purpose, participants, or method of execution do not allow the economic rationale, source of funds, or actual participants to be established.

21. Third-Party Providers and Outsourcing

HELEKET reserves the right to engage third-party providers to perform certain AML/KYC, sanctions, analytical, technical, or control functions.

Such providers may include:

  • identification services;
  • sanctions screening providers;
  • PEP and adverse media screening systems;
  • blockchain analytics platforms;
  • auditors;
  • consultants;
  • cloud and technical infrastructure providers;
  • personal data processors.

Data is transferred only to the extent necessary for lawful processing purposes and the execution of compliance procedures.

22. Suspicious Transactions

Where HELEKET identifies a transaction, behaviour, or circumstances that may indicate money laundering, terrorism financing, financing of the proliferation of weapons of mass destruction, sanctions violations, fraud, or other unlawful activity, the Platform reserves the right to:

  • conduct an internal review;
  • request documents and explanations;
  • suspend the transaction;
  • restrict account functionality;
  • refuse the transaction;
  • revise the client's risk level;
  • terminate the business relationship;
  • freeze assets;
  • file a report with a competent authority;
  • retain documents and information for a possible investigation.

HELEKET is not obliged to disclose to the client the fact, content, grounds, or results of an internal review, where such disclosure is prohibited by law, may obstruct an investigation, or create a risk of control evasion.

23. Reports to Competent Authorities

HELEKET files reports on suspicious transactions, sanctions matches, or other circumstances with competent authorities where required by applicable law.

It is prohibited to notify the client or third parties of the filing of a report where such notification may violate the law, disclose internal procedures, or obstruct an investigation.

24. Record Keeping

HELEKET retains documents and information related to AML/KYC, sanctions controls, and transactions for no less than five years, or longer where required by applicable law, a request from a competent authority, internal procedures, or the need to protect the Platform's legitimate interests.

The following are subject to retention:

  • KYC documents;
  • client information;
  • representative information;
  • beneficial owner information;
  • sanctions screening results;
  • PEP and adverse media results;
  • transaction data;
  • wallet and transaction history;
  • client correspondence;
  • internal conclusions;
  • decisions on onboarding, refusal, or termination of service;
  • documents relating to suspicious transactions;
  • reports to competent authorities.

25. Internal Governance and Accountability

HELEKET maintains an internal control system comprising:

  • appointment of a responsible person or unit for AML/CFT/CPF;
  • approval of internal procedures;
  • distribution of responsibilities between departments;
  • regular risk assessments;
  • monitoring of clients and transactions;
  • staff training;
  • independent review of the effectiveness of procedures;
  • documentation of key decisions;
  • regular updates to the Policy.

Employees involved in client onboarding, transaction processing, compliance checks, client support, and risk management undergo training on AML/KYC, sanctions controls, identification of suspicious activity, and data protection.

26. Refusal, Restriction, and Termination of Service

HELEKET reserves the right to refuse registration, restrict an account, suspend a transaction, freeze assets, or terminate the business relationship if:

  • the client is associated with a non-serviced jurisdiction;
  • a sanctions risk has been identified;
  • the client has provided inaccurate or incomplete information;
  • it is impossible to establish the beneficial owner;
  • it is impossible to confirm the source of funds;
  • the transaction shows signs of unlawful activity;
  • the client refuses to provide documents;
  • continued service creates an unacceptable risk;
  • this is required by law, a sanctions regime, a decision of a competent authority, or HELEKET's internal procedures.

HELEKET reserves the right not to disclose to the client the specific reasons for a refusal, restriction, or termination of service, where such disclosure is prohibited by law, may reveal internal control procedures, or create a risk of AML/CFT/CPF and sanctions evasion.

27. Policy Amendments

HELEKET reserves the right to amend this Policy at any time.

The current version of the Policy is published on the HELEKET website and applies from the moment of publication, unless otherwise indicated.

If the Policy is available in several languages, the English version shall prevail, unless otherwise expressly provided by HELEKET.