Налаштування файлів cookie та відбитків пальців

Ми використовуємо файли cookie та відбитки пальців браузера, щоб персоналізувати вміст і рекламу, надавати функції соціальних мереж і аналізувати наш трафік. Ми також надаємо інформацію про те, як ви використовуєте наш веб-сайт, нашим партнерам із соціальних мереж, реклами та аналітики, які можуть поєднувати її з іншою інформацією. Продовжуючи використання сайту, ви погоджуєтеся на використання файлів cookie та відбитків пальців браузера.

AML Policy

Last Updated March 17, 2025

Please carefully review Anti-Money Laundering (AML, the Anti-Money Laundering) and Anti-Terrorist Financing (CFT) measures taken by the Financing of Heleket.

HELEKET AML/CFT POLICIES AND PROCEDURES

This document sets forth the provisions and procedures for countering money laundering and terrorism financing (AML/CFT) within the HELEKET company. This document is intended for general informational purposes only and is not legally binding for the HELEKET platform and/or any other person (individual or otherwise).

1. Principles and methods for implementing Heleket's AML/CFT measures

The Heleket platform aims to support efforts to combat money laundering and terrorist financing. General principles and obligations:

  • Exercise due diligence when dealing with our clients and individuals assigned to act on behalf of clients.
  • Conducting business in accordance with high ethical standards and preventing, as much as possible, the establishment of any business relationships associated with money laundering or terrorism financing.
  • Providing assistance and the highest possible level of cooperation with relevant law enforcement agencies to prevent the threat of money laundering and terrorist financing.

2. Risk Assessment and Mitigation Methodology by HELEKET

Risk assessment

We assume that most of our clients are individuals. At the time of writing this declaration, we operate primarily in the European Union.

In this regard, we must:

A. Record and / or collect the following documentation:

  1. The identity of our customers.
  2. The country or jurisdiction in which our clients are located or their country of origin.

B. To the maximum extent possible, evaluate and verify our clients, our clients 'affiliates, individuals designated to act on behalf of our clients, and our clients' beneficiaries through specific lists of individuals and entities from (but not limited to):

  • Exercise due diligence when dealing with our clients and individuals assigned to act on behalf of clients.
  • Democratic People's Republic of Korea
  • Democratic Republic of the Congo
  • Iran
  • Libya
  • Somalia
  • South Sudan
  • Of the Sudan
  • Yemen
  • UN Sanctions List against Al-Qaeda (1267/1989)
  • Somalia

The list of persons specified in Appendix 1 to the Law on Combating the Financing of Terrorism (Chapter 325).

Risk reduction

We will not cooperate with individuals included in the designated lists of individuals and legal entities when they are identified.

3. New Products, Practices, and Technological Methodology

We must provide appropriate notification of the identification and assessment of money laundering and terrorist financing risks that may arise in the following areas:

  • Development of new products and business practices, including new mechanisms for sending funds.
  • Utilizing new or emerging technologies for new and existing products.

We will pay special attention to any new products and business practices that promote anonymity, including new mechanisms for sending funds and new or emerging technologies such as digital passes that promote anonymity (whether securities, payments, and / or utility tokens).

  1. Our approach to Customer Due Diligence (CDD Customer Due Diligence)

    We do not open, maintain or accept anonymous or pseudonymous accounts.

    We should not enter into business relationships with clients or conduct enforcement operations for them if we have reasonable grounds to suspect that their assets or financial resources are the proceeds of drug trafficking or other criminal activities. We must submit reports on such suspicious transactions and provide a copy to the appropriate financial supervisory authority.

    We conduct customer reviews in the following situations:

    • When we enter into a business relationship with any client.
    • When we perform transactions for any client with whom we do not have an established business relationship.
    • When receiving cryptocurrency transfers for clients with whom we have no business relationship
    • If money laundering or terrorist financing is suspected
    • When we have doubts about the authenticity or adequacy of any information.

    If we suspect that two or more transactions are or may be related, or that a single transaction has been deliberately reorganized into smaller transactions in order to evade anti-money laundering and terrorist financing (AML/CFT) measures, we should consider such an operation as a single one and sum its cost in the following order: in order to comply with the AML/CFT principles.

  2. Customer verification

    We verify the identity of all our clients.

    In order to test our clients, we need to know at least:

    • Full names, including aliases.

      identification document numbers (for example, ID number, birth certificate number, passport number or, if the client is not an individual, the registration number of his business); or

      the registered office or company's registered office (if applicable), the main place of business, if the registered and business addresses are different; and

    • The date of birth, foundation, or incorporation of the company; and
    • Citizenship or place of registration.

    If we suspect that two or more transactions are or may be related, or that a single transaction has been deliberately reorganized into smaller transactions in order to evade anti-money laundering and terrorist financing (AML/CFT) measures, we should consider such an operation as a single one and sum its cost in the following order: in order to comply with the AML/CFT principles.

    • Full names, including aliases.
    • An identity document number, such as an ID number, birth certificate number, or passport number.

Verification of the client's identity

We must use reliable and independent data, documents or information to verify the identity of our customers. If our client is a legal person or legal entity, we must use reliable and independent data, documents or information to verify the type of legal entity, confirm its existence, its charter, and the powers that govern and bind it.

Customer Relations Representatives

If the client appoints one or more individuals to represent their interests in business relations with us, or if the client is not an individual, we must:

  • Identify each individual acting on behalf of the client or assigned to act on behalf of the client by obtaining the following information:
  • Full names.
  • ID card numbers.
  • Residential address.
  • Date of birth.
  • Nationality.
  • Data and documents from reliable and independent sources that can be used to verify the identity of such individuals.

We also verify the proper authority of each individual designated to act on behalf of our client by obtaining the following information:

  • A corresponding written confirmation authorizing the appointment of such individuals as representatives of our client.
  • A specimen signature of each individual.

If the client claims to be a government organization, we only receive the information that may be necessary to confirm the client's stated identity.

Identification and verification of beneficiaries

We must check for any beneficiaries associated with the client.

If the client has one or more beneficiaries, we must identify the beneficiary (s) and take reasonable steps to verify the identity of the beneficiary (s) using relevant information or data obtained from reliable and independent sources.

If the client is a legal entity, we must:

  • Verify individuals (acting independently or in concert) who have ultimate ownership of the legal entity.
  • If there is doubt that individuals who have ultimate ownership of the legal entity are beneficiaries, or if no individual has ultimate ownership of the legal entity, identify individuals who have ultimate beneficial ownership of the legal entity.
  • If such individual is not identified, specify the individual with enforcement rights against the legal entity.
  • For trusts, specify the founder, trustee, protector (if applicable), beneficiaries, any individual exercising ultimate ownership, ultimate control, or ultimate effective control of the trust.
  • For other types of legal agreements, identify individuals holding equivalent positions.

If the client is not an individual, we must determine the nature, ownership and control structure of the client's business.

  • Organizations registered on stock exchanges.

    Organizations listed on stock exchanges that are subject to regulatory disclosure requirements and full transparency requirements for their beneficiaries.

  • Financial institutions.
  • Financial institutions that are monitored for compliance with FATF AML/CFT requirements.
  • Investment projects in which the governing body is a financial institution or falls under the FATF AML/CFT requirements.

The above applies if we do not doubt the accuracy of the comprehensive verification information or do not suspect that our clients have been involved in business relationships or transactions related to money laundering or terrorist financing.

We must also document our decision.

Information about the purpose and nature of business relationships and transactions made without opening an account

When processing applications for entering into a business relationship or entering into an undisclosed transaction, we must know and, if necessary, obtain information from the client about the purpose and intended nature of the business relationship or transaction.

Overview of transactions made without opening an account

If we perform one or more transactions for a client without opening an account (the"current transaction"), we must review previous transactions performed by that client to ensure that the current transaction matches our knowledge of the client, their business and risk profile, as well as the source of their income.

When we enter into a business relationship with a customer, the payment service provider must review all transactions prior to entering into a business relationship to ensure that the business relationship is consistent with our knowledge of the customer, their business and risk profile, as well as the source of funds received.

Special attention should be paid to all complex, unusually large or atypical schemes of transactions that are carried out without opening an account and do not have an obvious economic purpose. We undertake to investigate the background and purpose of the above operations to the greatest extent possible and record our findings in order to provide such information to the relevant authorities, if necessary.

To thoroughly verify transactions performed without opening an account, we must create and implement appropriate systems and processes that are proportional with the size and complexity of the payment service provider:

  • Track transactions made without opening an account.
  • Identify and report suspicious, complex, unusually large or unusual transactions made without opening an account.

If there are sufficient grounds to believe that a transaction conducted without opening an account is related to money laundering or terrorist financing, and if we consider it appropriate to conduct such a transaction, the payment service provider must justify and document the reasons for such transaction.

Continuous monitoring

We constantly monitor business relationships with our clients. We must monitor and analyze customer account transactions throughout the entire period of our business relationship to ensure that they are consistent with our knowledge of the customer, their business and risk profile, as well as the source of their funds.

We will apply risk prevention measures if the transaction involves the transfer or receipt of cryptocurrency to/from the following organizations:

  • Financial institutions.
  • Financial institutions that are monitored for compliance with FATF AML/CFT requirements.

In the course of our business relationships, we must pay special attention to all complex, unusually large or unusual patterns of transactions made without an apparent economic purpose. We undertake to investigate the background and purpose of the above operations to the greatest extent possible and record our findings in order to provide such information to the relevant authorities, if necessary.

For the purposes of continuous monitoring, we must establish and implement adequate systems and processes appropriate to the size and complexity of the payment service provider:

  • Monitor business relationships with our clients.
  • Identify and report suspicious, complex, unusually large or unusual patterns of transactions made in the course of a business relationship.

We ensure that the data, documents and due diligence information obtained with respect to our clients, individuals designated to act on behalf of our clients, and related parties and beneficial owners of our clients are up-to-date and updated by reviewing existing due diligence data, documents and information, especially with respect to: high-risk clients.

If there is reason to suspect that the existing business relationship with the client is related to money laundering or terrorist financing, and we consider it appropriate to retain the client:

  • We must justify and document the reasons for retaining the client.
  • We must apply appropriate risk mitigation measures to the client's business relationship with us, including constant enhanced monitoring.

If we believe that the risk associated with the client or our business relationship with them is high, payment service providers should take increased due diligence measures, including obtaining permission from the company's top management to retain the client.

Due diligence measures for non-personal business relationships or non-personal transactions

We must apply rules and procedures designed to eliminate specific risks associated with non-personal business relationships with clients or non-personal transactions (non-personal business contacts) that are carried out without opening an account for the client.

We apply these rules and procedures when establishing a business relationship with the client and when conducting an ongoing audit.

In the absence of face-to-face contact, payment service providers should apply due diligence measures that are no less stringent than those required for face-to-face contact.

When a payment service provider makes its first non-personal business contact, it must appoint, at its own expense, an external auditor or independent qualified consultant to evaluate the effectiveness of measures and procedures, including the effectiveness of any technological solutions used to manage personalization risks.

We will appoint an external auditor or independent qualified consultant to evaluate the new measures and procedures and report the results of the evaluation to the relevant authorities no later than one year after the implementation of the changes in the measures and procedures.

Building on existing activities when acquiring a payment service provider

When we (the" acquiring payment service provider") acquire, in whole or in part, the business of another payment service provider, we will take actions with respect to customer data acquired together with the business at the time of acquisition, unless the acquiring payment service provider:

  • Received all relevant customer data (including due diligence information) at the same time and has no doubts or concerns about the accuracy or sufficiency of the information received.
  • Conducted a comprehensive inspection that did not raise any questions about the adequacy of AML/CFT measures taken by the payment service provider in relation to the business or part of the acquired business, and properly documented such measures.

Measures for non-account holders*

If we perform any transaction for a client who does not have a business relationship with us, we must:

  • Perform a comprehensive inspection, as if the customer had contacted a payment service provider to establish a business relationship.
  • Record details of the relevant transaction to enable recovery, including the nature and date of the transaction, the type and amount of currency involved, the value date, and details of the recipient or beneficiary

Verification time

We verify the identity of the client, individuals designated to act on behalf of the client, and the client's beneficiaries prior to performing any of the following actions:

  • Establish a business relationship between the supplier and the customer.
  • Performing any transaction by the provider for the client, unless the provider has established a different business relationship with the client.
  • The payment service provider facilitates or obtains digital assets by transferring certain amounts for the client, unless it has otherwise established a business relationship with the client.

We may enter into a business relationship with the client prior to verifying the identity of the client, individuals designated to act on behalf of the client, and the client's beneficiaries, if the following circumstances occur:

  • Delaying the completion of verification is necessary in order not to interrupt the normal business operations.
  • The payment service effectively manages the risks of money laundering and terrorist financing.

If we establish a business relationship with the client prior to verifying the identity of the client, the individuals designated to act on behalf of the client, and the beneficial owners of the client, we must undertake the following:

  • Develop and implement internal risk management measures and procedures that address the conditions under which such business relationships can be established prior to verification.
  • Complete such verification within a reasonable time.

If the measures cannot be implemented

If we are unable to implement the necessary measures, we must not commence or continue a business relationship with any client or conduct any transactions for the client.

If we are unable to comply with these measures, the payment service provider should consider whether the circumstances are suspicious in order to justify filing a violation claim.

Implementation of measures refers to the situation when the payment service provider has received, checked and verified (including through deferred verification permitted in accordance with paragraphs 6.43 and 6.44) all the necessary information for comprehensive verification in accordance with paragraphs 6, 7 and 8, and when the payment service provider has received satisfactory responses to all requests in accordance with paragraphs 6.43 and 6.44. with respect to such verification.

Joint accounts

In the case of a joint account, we perform due diligence on of all joint account holders, as if each of them was a customer of the payment service provider individually.

Verification

We verify the client, individuals authorized to act on behalf of the client, related parties, and beneficiaries against relevant sources of information on money laundering and terrorist financing, as well as lists and information provided by the authorities, in order to determine whether there are money laundering or terrorist financing risks in relation to the client.

We will check the following situations and individuals:

  • At the time of establishing a business relationship with the client or immediately afterwards.
  • Before we perform any transaction for any customer who has not otherwise established a business relationship with the payment service provider.
  • Periodically, after establishing business relationships with our clients.
  • When changes or updates appear.
  • When the lists and information provided by the relevant authority to the payment service provider appear.
  • When appointing individuals who will act on behalf of the client, its affiliates or beneficiaries.

We will check all initiators of the transfer and beneficiaries of the transfer against the lists and information provided by the relevant authority in order to determine whether there are risks of money laundering or terrorist financing.

The results of all audits are documented.

4. Our approach to enhanced customer verification

Politically Exposed Persons (PEPs)

We use all reasonable means to determine whether the client, any individual designated to act on behalf of the client, any related party to the client, or any beneficial owner of the client is a politically exposed person, family member, or close associate of the politically exposed person.

If the client or any beneficiary of the client is recognized by us as a politically exposed person, family member or close relative of a politically exposed person, we must perform the following extended checks in addition to the usual due diligence:

  • Get approval from senior management to establish and continue a business relationship with the customer.
  • Establish, by reasonable means, the source of savings and the source of receipt of funds of the client and any beneficiary of the client.
  • Conduct enhanced monitoring in the course of business relations with the client. We must strengthen the degree and nature of control over any operations that seem unusual.

High-risk categories

We acknowledge that the circumstances in which the client's actions present or may present an increased risk of money laundering or terrorist financing include, but are not limited to:

  • If the client or any beneficiary of the client is a national or resident of a country or jurisdiction where the FATF has called for countermeasures, the payment service provider should consider any business relationship with or transactions for such client as presenting an increased risk of money laundering or terrorist financing.
  • The client or any beneficiary of the client is a national of a country or jurisdiction that is known to have non-compliant AML/CFT measures in place, as determined by the payment service provider itself or brought to the attention of payment service providers by the relevant authorities or other foreign regulatory authorities, the payment service provider should assess whether any such client represents an increased risk of risk of money laundering or terrorism.

We are required to conduct enhanced due diligence on customers who pose an increased risk of money laundering or terrorist financing, or any customer that the authorities have notified us of as presenting an increased risk related to money laundering and terrorist financing.

5. Approach to bearer negotiable documents and limitation of cash payments

We will not make payments for any amount of money in the form of a negotiable bearer document.

We will not pay out any amount of money in the course of our business.

6. Asset transfer approach (to be implemented if necessary)

If we are a customer organization, then before making a transfer of funds, we must:

  • Identify the initiator and take reasonable steps to verify their credentials (if we have not already done so).
  • Record adequate details of the transfer of funds, including, but not limited to, the transfer date, type and value of the digital payment token transferred.

If we are a managing institution, we include in the message or payment instructions that accompany or relate to the transfer of funds:

  • Name of the initiator.
  • Initiator's account number (or unique transaction reference number, if applicable).
  • Name of the beneficiary.
  • Beneficiary's account number (or unique transaction reference number, if applicable).

Beneficiary's account number (or unique transaction reference number, if applicable).

Transfers of funds exceeding a certain threshold

If we are the managing institution for transfers of funds exceeding a certain threshold, we must identify the sender and verify their documents, including the receipt or payment instructions accompanying or related to the transfer of valuables, as well as any of the following documents:

  • the initiator's residential address; or
  • the initiator's legal or actual address (as well as their main place of work, if these addresses differ).
  • the initiator's unique identification number; or
  • date and place of birth of the initiator, as well as information about registration or registration of the transfer of valuables.

We will immediately and in compliance with security requirements transmit to the receiving institution all information about the sender of the transfer and the recipient, as well as document all information. If we are unable to meet these requirements as a contracting authority, we will not transfer funds.

If we are a recipient institution, we must take reasonable steps to identify transfers of funds that do not include the initiator of the transfer or the required recipient institution for the transfer of funds.

Before making a money transfer, we always check for the required information about the sender of the money transfer or the recipient of the money transfer and document our subsequent actions.

If we are an intermediary organization, we store all information related to the transfer of funds.

When we, as an intermediary institution, transfer funds to another intermediary or recipient institution, we provide the information accompanying the transfer to that intermediary or recipient institution immediately and in compliance with security requirements.

If we are an intermediary recipient institution, we store all information received from the contracting authority or other intermediary institution for at least five years.

We must take reasonable steps to identify transfers of funds that do not contain the required information about the sender of the transfer or the recipient of the transfer during end-to-end processing.

Keeping records

We will keep the relevant records for a minimum of five years

1. Personal data

We ensure the security of our clients ' personal data in accordance with the established procedure.

2. Suspicious Transaction Reporting (STR)

We notify the relevant authorities and submit applications in accordance with the legal requirements. We will also keep all records and transactions related to all such transactions and suspicious transaction reports.

Our compliance, audit and training policies

Among other measures, we appoint a management-level AML/CFT compliance officer, maintain independent audit capabilities, and take active steps to regularly train employees on AML/CFT issues.

7. Enterprise-wide risk assessment of money laundering/terrorist financing

The enterprise-wide risk assessment of money laundering/terrorist financing is carried out in three stages:

Stage 1. Assessment of inherent risk.

We assess our inherent risk in relation to our:

  • Customers or organizations. We must evaluate the clients and / or organizations we work with.
  • Products or services. We must pay close attention to who we provide over-the-counter cryptocurrency services to.

Regional scale. We should not work with clients who are included in certain lists of individuals and legal entities.

Stage 2. Evaluation of security measures

As a result of the above, we will evaluate our controls and risk mitigation measures. We must monitor and exercise increased caution with respect to any and/or all customers who appear suspicious to us.

Step 3: Residual risk assessment

We assess residual risks after evaluating mitigation measures.