AMLCTF and Sanctions Regime Compliance Policy

STATEMENT AND OBJECTIVES

This AML / CTF (Anti-Money Laundering and Counter-Terrorism Financing) and Sanctions Regime Compliance Policy (The Policy) establishes the main principles of the money laundering, terrorist financing, and proliferation financing prevention measures of Paymentz Ltd (the “Company”). These principles are integrated into the Company's internal control systems with the purpose of ensuring that potential ML/TF risks that arise in connection with the Company’s business and its Customers are well managed, and any changes in regulation or the Company’s risk profile are detected in time.

The Company provides Services only in compliance with the requirements under applicable AML and Sanctions regulations, including the Proceeds of Crime Act 2002 (as amended), the Terrorism Act 2000 (as amended by the Anti-Terrorism, Crime and Security Act 2001), the Counter-Terrorism (Sanctions) (EU Exit) Regulations 2019, the Money Laundering Regulations 2017 (as amended), the Counter-Terrorism Act 2008, Schedule 7, HM Treasury Sanctions Notices, Guidance and News Releases, and the FCA Handbook.

This Policy is hereby established to articulate binding directives for the personnel of Paymentz Ltd (the “Company”) with regard to the formulation and administration of Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) measures within the Company’s organizational framework. This Policy defines the procedures and protocols that Company staff must follow in order to effectively address and manage issues related to money laundering and the financing of terrorism. Compliance with this Policy is mandatory for all Company personnel, and any deviation from its stipulations may result in disciplinary action in accordance with applicable laws and internal regulations.

The Policy outlines the key elements of the following processes and issues:

The Company commits to review this Policy annually, in order to assess its continued relevance and effectiveness. In circumstances deemed necessary by the Company, more frequent reviews may be undertaken to address emerging threats or changes in the regulatory landscape, or other necessary updates.

Additionally, the Company recognizes that material changes to its business may necessitate more immediate reviews and amendments to this Policy. Such changes could include significant alterations to the Company's operations, structure, or services.

Upon the implementation of any amendments to this Policy, the Company is committed to promptly notifying all relevant staff members. Communication of amendments will be conducted through appropriate channels, providing clear guidance on the nature of the revisions and any implications for roles and responsibilities.

All modifications to this Policy, along with the rationale and details of the changes made, will be documented and maintained in a secure and accessible manner, as a transparent record of the Policy's evolution and in order to facilitate internal and external audits.

MONEY LAUNDERING, TERRORIST FINANCING, AND PROLIFERATION FINANCING

Money laundering

Money laundering is a clandestine process through which unlawfully acquired funds, generated from criminal activities, are intentionally obscured to give the false appearance of legitimate origin and ownership.

The Company faces substantial legal, regulatory, operational, financial, and reputational risks if its services are exploited by criminals or terrorists. It is crucial to maintain constant vigilance to differentiate between legitimate business activities and those potentially involved in illegal activities, especially money laundering or terrorism financing. Staying alert and being discerning helps mitigate these risks and safeguards the Company’s integrity and overall well-being.

The four ML methods most commonly used by criminals in attempting to conceal the true origin and ownership of funds received as a result of illegal activity, can be divided into stages, as follows:

1. Placement	Illicitly obtained funds are introduced into the financial system.
2. Layering	The purpose is to obscure the trail of illicit funds, introducing layers of complexity that make it challenging to trace the origin of the funds.
3. Integration	Illicitly obtained funds that now have the appearance of legal origin, are reintroduced into the legitimate economy.
4. Reinvestments	Funds, now seemingly legitimate, are reinvested or used for various activities. Machine learning techniques could be employed to manage and optimize the ongoing investment or to avoid detection by continuously adapting and varying strategies. Machine learning can play a significant role at each of these stages by analysing vast amounts of financial and other data, identifying patterns, detecting anomalies, and optimizing strategies for laundering money while minimizing the risk of detection. Law enforcement agencies and financial institutions also utilize machine learning to detect and prevent money laundering by identifying suspicious patterns and activities within financial transactions.

Terrorist financing

Terrorist financing (TF) means the financing of, or knowing and supporting, an act of terrorism, or a terrorist organization, or a person whose activities are directed against international security. A major difference between terrorist financing/proliferation financing and money laundering is that mostly small amounts can be used effectively to commit acts of terrorism, and these amounts can be funded from legitimately obtained funds. Because terrorist organizations very often have a control over funds from different sources and use advanced techniques to move them between jurisdictions, TF can be very challenging to detect.

Proliferation

Proliferation refers to the spread of weapons of mass destruction and associated technology in violation of international non-proliferation agreements and conventions. Proliferation financing refers to financial transactions that facilitate such activity. Further detail on financial and economic sanctions, offences, and penalties is included in a separate policy document, 4. Sanctions Regime Control Rules, which is also located on the Company’s Compliance Depository.

Offences and Penalties

Non-compliance with anti-money laundering (AML) measures specified in the Proceeds of Crime Act (POCA) may result in legal consequences. These offenses include:

1. Concealing criminal property: Engaging in activities meant to conceal the true nature, source, disposition, movement, or ownership of criminal property.

2. Arrangements facilitating money laundering: Participating in arrangements to facilitate the acquisition, retention, use, or control of criminal property by another person.

3. Acquisition, use, or possession of criminal property: Knowingly acquiring, using, or possessing criminal property.

4. Failure to disclose: Failing to report knowledge or suspicion of money laundering to the appropriate authorities, as required by law.

5. Tipping off: Unlawfully disclosing information likely to prejudice a suspected or ongoing money laundering investigation.

Criminal offenses related to the assistance of money laundering

The Company commits to avoid participation in activities that could lead to ML/TF offenses, such as:

RISK BASED APPROACH

The Company has developed and integrated ML/TF prevention measures into its business processes in order to avoid committing any ML/TF-related offenses and to detect predicate offenses.

The Company’s ML/TF prevention and the ML/TF risk mitigation measures are based on a risk-based approach.

The Company provides financial services, primarily

and therefore, takes appropriate steps to assess and mitigate ML/TF risks that arise, by carrying out the appropriate Identification and ongoing monitoring.

The Company may also provide additional services in addition to those mentioned above, provided that these additional services are technically available and allowed by the law and applicable regulation, and also provided that the Company can ensure appropriate ML/TF and Sanctions regime measures.

Unacceptable person

The Company provides its Services to individuals and legal entities. However, the Company has defined a risk approach under which it has already identified a range of persons with whom the Company will not establish a Business relationship, and will not provide Services.

The Company designates an individual as an “Unacceptable Person” if they exhibit the following characteristics or indicators:

The criteria mentioned above shall be considered applicable whether they pertain to the Customer or the Ultimate Beneficial Owner (the UBO) of a legal entity. The Company has put in place a consistent and comprehensive evaluation process, to ensure that the specified criteria are applied to both Customers and UBOs in accordance with its established policies and regulatory standards.

Prohibited transactions

To mitigate the risk of the Company’s inadvertent involvement in money laundering (ML) or terrorist financing (TF) and the potential provision of undefined assistance in offenses related to ML/TF, the Company expressly prohibits the execution of any payment transaction—whether incoming or outgoing—upon the detection of a connection with a high-risk or black-listed country. This prohibition is in place to safeguard against the elevated risk associated with jurisdictions of heightened concern and underscores the Company's commitment to maintaining a robust and compliant financial environment.

The Company also explicitly declines and prohibits all transactions related to high-risk activities, in line with our commitment to abstain from providing services that may support such business endeavours. This decision underscores our dedication to a secure and compliant operational framework.

SENIOR MANAGER AND MONEY LAUNDERING REPORTING OFFICER

Senior Manager

The Senior Manager ensures that the Company’s policies, controls, and procedures are appropriately designated and implemented, and are effectively operated to manage the ML/TF risk and the Sanctions regime violation risk of the Company. The Senior Manager is committed to taking appropriate steps to assess the Company’s risks the Company is subject to in connection with Money Laundering, Terrorist Financing, and Proliferation financing.

The Senior Manager has the authority to make and implement decisions that affect the Company’s exposure to ML / TF risks. The Senior Manager appoints the MLRO and their Deputy and monitors their activities by means of the MLRO’s regular reporting.

The Senior manager also makes ongoing decisions about changes in Staff and in the ICSR based on recommendations of the MLRO.

MLRO

The MLRO is a Company employee, appointed by the Senior Manager.

The MLRO is responsible for all aspects of the Company's compliance with applicable Money Laundering, Terrorist Financing, and Proliferation financing prevention regimes. Additionally, the Company has entrusted the MLRO with responsibility for ensuring the Company’s compliance with Sanctions regimes.

Under FCA rules, the FCA must approve any individual invited to perform the role of the MLRO and associated functions, before commencement of the role. The MLRO has independent authority in executing their responsibilities and has direct access to the FCA, the UKFIU, the OFSI, and relevant law enforcement agencies, including the NCA.

In the event of a temporary absence of the MLRO, their obligations shall be delegated to their Deputy. The Deputy may be appointed by the Senior Manager case by case, provided that the Deputy has the requisite knowledge and experience with AML / CTF and Sanctions controls and in the ABC, allowing the Deputy to fulfil all the duties completely and competently. The total duration for substituting the MLRO with their Deputy will not exceed 12 weeks within 12-month period, otherwise FCA approval of the Deputy is required.

MONEY LAUNDERING, TERRORIST FINANCING, AND PROLIFERATION FINANCING PREVENTION MEASURES

Customer onboarding

Customer onboarding is a key business process, performed with the purpose of making decisions concerning the establishment of Business relationships and the provision of the Services. To make the relevant decisions, the Company will ensure that it fully understands the nature of any Business relationship with a Customer, the nature of the Customer’s business activity, and the reasons for the Customer is seeking to use the Company’s Services. The Company will also ensure that it fully understands the Customer’s organisational structure, has identified the UBO, and that all evidencing information is obtained.

Therefore, the Company performs a number of activities related to obtaining the above-mentioned information:

Identity verification of individuals

The Company gathers information on an individual’s full name, date and place of birth, whether they are an Ultimate Beneficial Owner (UBO) or legal representative (where applicable), country of tax residence, telephone, email, details of relations with the USA, and the source of income.

The Customer, whether an individual or their legal representative, is required to provide documentary evidence which includes a passport, international identity card, or a UK driving license. For identity verification and document authentication purposes, the Company makes use of the SumSub Ltd. KYC/AML solution (https://sumsub.com/about/.)

Other information is provided to the Company through the online submission process on the Company's website, where the prospective Customer completes the appropriate Application form and attaches the requested documents.

Identity verification of legal entities

The Company gathers information on the name and registration number of the legal entity, showing the date of registration, legal/registered address, type of business activity, license and license number if the entity’s activity is subject to licensing, tax number, business activity location address, ownership and control structure, the UBO, any legal representative, telephone, e-mail, relations with USA, documents and financial statements confirming sources of income.

The Customer, being a legal entity, has to provide the documentary evidence of its legal existence, which for purposes of this Policy, consists of:

If the legal representative of the Customer is a legal entity, it must pass its own identity verification procedure in the above-mentioned order, the same as prescribed for an individual.

Other information is submitted online, via the Company website, by completing the appropriate Application form and attaching requested documents.

Identification of the UBO

The Company identifies a UBO on the basis of information including the UBO’s full name, identification code, or, where not applicable, the date and place of birth and the place of residence, and by ascertaining and confirming the UBO status. Therefore, the prospective Customer must provide the Company with documentary evidence with respect to the above-mentioned information, which comprises a copy of the UBO’s identity document, and information with documentation demonstrating the UBO’s ownership or control (including public records, partnership agreement, will or letter of wishes, trust deed, etc).

The information is submitted to the Company online, via the Company website, by completing the Identification form and attaching the requested documents.

Ascertaining of PEP and Designated person status

During the process of verification, the respective person will be automatically screened in several databases, such as Sanction lists, PEP databases, and other databases, and the results of the Verification and these checks are made available to the Company.

In cases where an individual ceases to be deemed a Politically Exposed Person (PEP), they are still regarded as a PEP for a period of twelve (12) months after notification of such. After the expiration of this 12-month period, the individual will no longer be considered as a PEP, subject to verification.

Assessment of ML/TF risk

The Company assesses the following ML/TF risk factors inherent to a Customer:

The combination of Money Laundering/Terrorist Financing (ML/TF) risk factors associated with a Customer become part of the assessment of the assigned ML/TF risk level, which subsequently determines whether the Business relationship will progress, and impacts the implementation of ML/TF mitigation measures. In instances where the prospective Customer exhibits signs of being an Unacceptable person, it is deemed as such and will not be accepted as a Customer under any circumstances. The Business relationship, including Account opening, is consequently rejected.

When the Customer demonstrates the characteristics of an Unacceptable person, it is considered to be an Unacceptable person and is not accepted as a Customer under any circumstances, and the Business relationship with them is rejected.

The Company has also implemented measures that prohibit the processing of Transactions connected with High-risk/Black-listed countries and High-risk activity.

Identification of sources of wealth and origin of funds

The Company must verify the legality of the origin of the Customer’s wealth and sources of income. Therefore, the Company gathers information to give certainty that Customer funds have not been raised or acquired through criminal activity.

The Company can obtain the above-mentioned information from the Official databases, including for example, extracts from land registers, extracts of registers of assets, declarations of economic interests, etc., or can alternatively request them directly from the Customer.

If the Customer refuses to disclose information about the sources of their funds, or if the provided information is not sufficient to get certainty on their legal origin, a Business relationship with such Customer shall not be established and the Company’s Services cannot be provided. In addition, the Company decides whether this type of refusal of information by the prospective Customer might result in a Reporting obligation.

On-going monitoring

The Company continuously follows the nature of and activity within the Business relationship, and tracks whether the Transactions carried out correspond with the Company’s knowledge of the Customer, especially, its business activity and the ML/TF risks the Company has determined. Therefore, a Customer’s activity is continuously monitored to ensure that it conforms to the Company’s knowledge about the Customer, as received during the process of onboarding and further Due diligence.

To ensure the implementation of appropriate monitoring measures, the Company uses a combination of two methods that have been integrated into its business processes. An automatic monitoring methodology is integrated into the Company’s System, which performs a continuous review of the Transactions and monitors the Due diligence indicators. Further manual reviews of questionable activity detected by the System are performed by the trained Staff responsible for transaction monitoring.

Reporting obligation

The Company has established a procedure for notifying the Authorities of Customer Transactions and other activities that appear to be unusual and may be indicative of Predicate offenses or offenses that can be related to Money Laundering/Terrorist Financing (ML/TF). Recognizing the critical importance of fulfilling its Reporting obligation, the Company prioritizes the submission of Suspicious Activity Reports (SAR) as a fundamental part of its compliance with the applicable Anti-Money Laundering/Counter-Terrorist Financing (AML/CTF) regulations.

As part of its ongoing monitoring of Customer activities, the Company diligently observes indicators of Unusual or Suspicious activity in order to identify and therefore prevent ML/TF and potential Predicate offenses. The Reporting obligation extends to every employee of the Company and mandates prompt notification to the Money Laundering Reporting Officer (MLRO) in the event of any suspicion or knowledge of potential ML/TF, such notification being made by means of the provision of an internal SAR.

The MLRO has responsibility for executing the Company’s Reporting obligations directly, by submitting external SARs to the Authorities. This comprehensive approach underscores the Company's commitment to maintaining a robust AML/CTF framework and proactively contributing to the prevention of financial crime.

COMPLIANCE WITH SANCTIONS REGIME

The Company is fully compliant with applicable Sanctions regimes and therefore follows all behaviors, circumstances, and facts that might indicate a violation of the Sanctions regime.

Countering terrorist financing

Customers and their activities are monitored and evaluated with regard to any potential involvement or support for acts of terrorism, encompassing the preparation, promotion, or encouragement of terrorism, as well as any suspicions related to terrorism. Any evidence or suspicion arising based on the factors mentioned above are deemed to be indicators of potential violations within the Sanctions regime.

Financial sanctions and asset freezing

The Company continuously follows the Consolidated list handled by the OFSI. When it concludes that the financial Sanctions and asset freezing regime apply to the Customer, it applies the following prohibitions related to a Customer’s assets:

The Consolidated list is a public document; therefore, the Company is not obliged to advise the Customer that its Account has been frozen. However, the Company will inform the Customer subject to the Sanctions list about its assets being frozen, explaining that this step is the result of the restrictions applied based on information in the OFSI.

The Company reports on detected breaches of the Sanctions regime to the OFSI, providing it with appropriate reports.

STAFF AWARENESS AND TRAINING

The Company understands that one of the most important control measures to ensure compliance with the ML/TF prevention and Sanctions regimes is to educate and train the Company’s Staff to be alert to MLTF risks and potential violations of the Sanctions regime.

The Company ensures that all Staff are well trained in the identification of Suspicious and Unusual activity, and organizes regular AML/CTF training when Staff join the Company, and on a regular basis to provide refresher training.

The Company’s approach to the organization and execution of training programs is built around ensuring that they are commensurate with the Company’s business activity and the Services, and the specific responsibilities of each member of the Staff.

The Company ensures that training covers the main issues described in the ICSR, the applicable Law, and also ensures that Staff know how to deal with potential or real breaches of the ML/TF or the Sanctions regimes.

One main focus of training is on those Staff members who directly handle Customer onboarding, Customer activity, and Transaction monitoring or other instructions involving Customer.

In any event the Company has detected the minimum issues and topics that will be covered by organized training:

After each training session, every participant employee is tested to ensure that they understand the materials, the subject matter, and the key ML/CT issues.

The Company also makes all Staff aware of their personal responsibilities, as well as the responsibilities of the Company, at the start of their employment.

RECORD KEEPING

The Company ensures the safekeeping of information in accordance with the requirements of the AML regulation and the Personal Data Protection Regulation.

All information is kept in electronic form within the System. If any transaction or any information is obtained or executed in the form of paper or electronic documents, electronic scanned copies of such documents shall be made and added to electronic files within the System.

The Company retains the following records with respect to the Business relationship with the Customer and its activity:

The term for safekeeping information is 5 years from the moment of closing the Account of the Customer unless the Law requires a longer term.

After the expiry of the above-mentioned time period, the Company ensures the deletion of all information on the Customer, with the exception that it retains the name of the ex-Customer, along with the dates the Business relationship was established and terminated, as well as the date the information was deleted.

GLOSSARY

Terms	Definitions
Account	A payment account of the Customer with the Company for the purpose of providing the Service
Acts	The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 of UK and The Money Laundering and Terrorist Financing (Amendment) Regulations 2019
AML regulation	UK and international Laws related to the prevention of the ML/TF
Authorities	UK government authorities mentioned in the Policy, which regulate and control the Company’s business activities, provision of the Services, and the related issues
Black-listed jurisdictions	The jurisdictions defined by the Company in which the provision of the Services are not allowed to Customers having a residence in such jurisdictions
Business day	A day being a working day in the UK within the Company's working hours
Business relationship	The relationship between the Customer and the Company, whose purpose is to provide and receive the Services
Company	PAYMENTZ Ltd, a company incorporated in the United Kingdom and registered in the Companies House under the registration number: 12431685, having its registered address at 2-4 Eastern Road, Imperial Offices, Romford, England, RM1 3PJ
Customer	A natural person or legal entity receiving the Services
Designated person	An individual, legal entity or body being subject to a Sanctions regime
Due diligence	Research of the Customer in accordance with the requirements of the Acts
Economic resources	Tangible or intangible, movable or immovable assets, which are not funds, but may be used to obtain funds, goods, or services
FCA (Financial Conduct Authority)	The UK government conduct regulator of financial services firms and financial markets in the UK
Funds	Financial assets and benefits of every kind
High-risk country	Countries or territories where, in the opinion of an international organisation or an organisation setting the standards in the field of prevention of money laundering, terrorist financing, and proliferation financing, there is no efficient system for the prevention of money laundering, terrorist financing, and proliferation financing in place, including countries or territories which have been determined by the European Commission as having strategic deficiencies in the regimes for prevention of money laundering and terrorists financing, thus posing significant threats to the financial system of the European Union
High-risk activity	Activity prohibited on the part of the Customer in the course of receiving of the Services
ICSR (Internal Control System Rules)	The Company’s Internal Control System Rules, which serve to implement the principles established by this Policy
Identification	The procedure of ascertaining of the Customer’s identity in accordance with the requirements of the Acts
Identification form	An identification form that is available on the Website for prospective Customers to fill in, for the purposes of Identification as part of the Customer onboarding process
ML	Money laundering
ML/TF risk	The risk of money laundering, terrorist financing, and proliferation financing by the Customer and the Company that arises in connection with the provision of the Services
MLRO	An employee of the Company appointed to the position of Money Laundering Reporting Officer
NCA (National Crime Agency)	The UK government authority that leads the UK’s response, locally, regionally, and nationally, to reduce the impact of serious and organised crime on the UK and its communities
Official database	Public databases maintained by any state or governmental authorities or private entities, containing official data on the Customers
OFSI (Office of International Sanctions Implementation)	The UK government authority ensuring that financial sanctions are properly understood, implemented, and enforced in the UK
PEP	Politically exposed person in the meaning of the Acts
Personal data protection regulation	Legal enactments and requirements that are applicable to the Company and followed by it in the course of processing of Personal data
Policy	This AML / CTF and Sanctions Regime Compliance Policy
Predicate offence	An offence that precedes a money laundering, terrorist financing, or proliferation financing offense, as a result of which illegal proceeds occur
Proliferation financing	Financial support provided to entities or individuals involved in the proliferation of weapons of mass destruction (WMDs) or their means of delivery. This can include funding activities related to the development, production, acquisition, or transfer of nuclear, chemical, biological, or missile technologies that can be used for destructive purposes
Report	The set of information and facts submitted in connection with the illegal or suspicious activity detected with respect to the Business relationship with the Customer
Reporting obligation	The requirement of the Company to report to the UK state authorities any suspicious Customer activity it detects, in accordance with the requirements of applicable Law
Sanctions	restrictive or prohibiting measures imposed by international public law
Sanctions list	EU, ANO, and OFAC list of persons, organizations, and countries with high levels of risk for money laundering, terrorist financing, and proliferation financing, that are prohibited for cooperation fully or partly with the view to prevent involvement in terrorism activity, or to protect national security interests, international law and international peace and security
Sanctions regulation	UK and international Law related to compliance with the Sanctions regime
SAR	Suspicious activity report
Services	The services provided by the Company
Suspicious Activity	An action creating suspicions that the funds involved therein are directly or indirectly obtained as a result of criminal offence or activity, or are related to terrorism financing, or an attempt to carry out such actions
System	The digital transaction processing system, used by the Company, to deliver the Services
Staff	The Company’s employees
TF	Terrorist financing
Transaction	Any action performed using the Customer’s funds and Account with the Company, within the scope of the Services
UBO	Ultimate Beneficial Owner in the meaning of the Acts
UK	The United Kingdom of Great Britain and Northern Ireland
UKFIU (Financial Intelligence Unit)	The UK government authority within the National Crime Agency, which receives, analyses, and distributes financial intelligence gathered from SARs
Unacceptable person	A Customer that represents unacceptable ML / TF risk, in the Company’s discretion
Unusual activity	An action that is not a usual part of a Customer's normal business or operational management
Verification	A procedure to check and verify a Customer’s, or its representative’s, identity
Verification service	SumSub Ltd is a company registered in Cyprus with the Registration number: HE405087.
Website	www.paymentz.co.uk

The Terms used in this Policy and not listed above shall be defined in accordance with definitions provided by the AML regulation.