ANTI-MONEY LAUNDERING AND COUNTER TERRORIST FINANCING COMPLIANCE GUIDELINES

 

1.INTRODUCTION

The purpose of these Guidelines for Anti-Money Laundering (AML), Combating Terrorist Financing (CFT) and Sanctions measures is to ensure that UAB Trustee Global (Company) has internal guidelines to prevent the use of its business for Money Laundering and Terrorist Financing and internal guidelines for implementation of international sanctions. These Guidelines have been adopted to ensure that the Company complies with the rules and regulations set out in Republic of Lithuania Law on the Prevention of Money Laundering and Terrorist Financing (Law) and other applicable legislation.

These Guidelines are subject to a review by the Management Board at least annually. Proposals for a review and the review of these Guidelines may be scheduled more frequently by the decision of the Company’s Money Laundering Reporting Officer (MLRO) or the Internal Control Officer.

All definitions in these Guidlines are used within the meaning of the Republic of Lithuania Law on the Prevention of Money Laundering and Terrorist Financing and other applicable legislation.

 

2.CONTACT US

 

3.PRINCIPLES OF CUSTOMER DUE DILIGENCE MEASURES IMPLEMENTATION

Customer due diligence (CDD) measures are required for verifying the identity of a new or existing Customer as a well-performing risk-based ongoing monitoring of the Business Relationship with the Customer. The CDD measures consist of 3 levels, including simplified and enhanced due diligence measures, as specified below.

 

3.1. Main Principles

The CDD measures are taken and performed to the extent necessary considering the Customer’s risk profile and other circumstances in the following cases:

The Company does not establish or maintain the Business Relationship and does not perform the transaction if:

In the case of receiving information in foreign languages within the framework of CDD implementation, the Company may request to demand translation of the documents to another language applicable for the Company. The use of translations should be avoided in situations where the original documents are prepared in a language appliable for the Company.

Achieving CDD is a process that starts with the implementation of CDD measures. When that process is complete, the Customer is assigned documented individual risk level which shall form the basis for follow-up measures, and which is followed up and updated when necessary.

The Company has applied CDD measures adequately if the Company has the inner conviction that they have complied with the obligation to apply due diligence measures. The principle of reasonability is observed in the consideration of inner conviction. 

This means that the Company must, upon the application of CDD measures, acquire the knowledge, understanding and assertation that they have collected enough information about the Customer, the Customer’s activities, the purpose of the Business Relationship and of the transactions carried out within the scope of the Business Relationship, the origin of the funds, etc., so that they understand the Customer and the Customer’s (business) activities, thereby taking into account the Customer’s risk level, the risk associated with the Business Relationship and the nature of such relationship. Such a level of assertation must make it possible to identify complicated, high-value and unusual transactions and transaction patterns that have no reasonable or obvious economic or legitimate purpose or are uncharacteristic of the specific features of the business in question.

 

3.2. Application of Simplified Due Diligence Measures (level 1)

Simplified due diligence (SDD) measures are applied where the Customer’s risk profile indicates low risk level of ML/TF.

When applying SDD measures, the Company must only obtain the following data of the Customer who is a natural person:

in case of the Customer, which is a legal entity, the following data:

ensure that the first payment be carried out through an account with a credit institution, where the credit institution is registered in EEA or in a Third Country which imposes requirements equivalent to those laid down in the relevant law and is supervised by competent authorities for compliance with those requirements.

SDD measures may be carried out only where the ongoing monitoring of the Customer’s Business Relationship is performed in accordance with the Guidelines and there is a possibility to identify suspicious Monetary Operations and transactions.

SDD measures must not be carried out in the circumstances where enhanced due diligence measures (as described below) must be carried out.

Where, in the course of performing ongoing monitoring of the Customer’s Business Relationships, it is established that the risk of ML and/or TF is no longer low, the Company must apply the relevant level of CDD measures.

 

3.3. Application of Standard Due Diligence Measures (level 2)

Standard due diligence measures are applied to all Customers where CDD measures must be applied in accordance with the Guidelines. The following standard due diligence measures should be applied:

The CDD measures specified above must be applied before establishing the Business Relationship or performing transaction. The exact instruction for application standard due diligence measures is provided in the Guidelines.

 

3.4. Application of Enhanced Due Diligence Measures (level 3)

In addition to standard due diligence measures, the Company applies enhanced due diligence (EDD) measures in order to manage and mitigate an established risk of Money Laundering and Terrorist Financing in the case where the risk is established to be higher than usual.

The Company always applies EDD measures, when:

Prior to applying EDD measures, the Company’s Employee ensures that the Business Relationship or transaction has a high risk and that a high-risk rate can be attributed to such Business Relationship or transaction. Above all, the Employee assesses prior to applying the EDD measures whether the features described above are present and applies them as independent grounds (that is, each of the factors identified allows application of EDD measures with respect to the Customer).

The Employee shall notify about EDD measures applied within 2 working days after the start of applying of the EDD measures by sending relevant notification to the MLRO.

In the case of application of EDD measures, the Company reassesses the Customer’s risk profile no later than every six months.

 

4.CUSTOMER DUE DILIGENCE MEASURES

 

4.1. Identification of the Customer – natural person

The Company identifies the Customer who is a natural person and, where relevant, their representative and retains the following data on the Customer:

The following valid identity documents which contain data specified above may be used as the basis for the identification of a natural person:

The Customer, who is natural person, cannot use a representative in the course of business relationship or Occasional Transaction with the Company.

 

4.2. Identification of the Customer – legal entity

The Company identifies the Customer which is a legal entity and their representative and retains the following data on the Customer:

The following documents issued by a competent authority or body not earlier than six months before their use may be implied for identification of the Customer:

The Company verifies the correctness of the Customer’s data specified above, using information originating from a credible and independent source for that purpose. Where the Company has access to the relevant register of legal entities, the submission of the documents specified above do not need to be demanded from the Customer.

The identity of legal entity and the right of legal entity’s representation can be verified on the basis of a document specified above, which has been authenticated by a notary or certified by a notary or officially, or on the basis of other information originating from a credible and independent source, including means of electronic identification and trust services for electronic transactions, thereby using at least two different sources for verification of data in such an event.

 

4.3. The identification of the Customer’s Beneficial Owner

The Company must identify the Beneficial Owner of the Customer and take measures to verify the identity of the Beneficial Owner to the extent that allows the Company to make sure that they know who the Beneficial Owner is. The Company collects the following data regarding the Customer’s Beneficial Owner(s):

The Company shall request from the Customer information to the Customer’s Beneficial Owner (e. g. providing the Customer with an opportunity to specify their Beneficial Owner when collecting data about the Customer).

The Company does not establish the Business Relationship, if the Customer, who is a natural person has Beneficial Owner who is not the same person as the Customer.

The Beneficial Owner of a legal entity is identified in stages where the obliged entity proceeds to each subsequent stage if the Beneficial Owner of the legal entity cannot be determined in the case of the previous stage. The stages are as follows:

The documents used for the legal entity´s identification or the other submitted documents do not indicate directly who the Beneficial Owner of the legal entity is, the relevant data (incl. data about being a member of a group and the ownership and management structure of the group) are registered on the basis of the statement of the representative of the legal entity or the document written by hand by the representative of the legal entity.

 

4.4. Political Exposed Person’s identification

The Company shall take measures to ascertain whether the Customer, the Beneficial Owner of the Customer or the representative of this Customer is a PEP, their family member or close associate or if the Customer has become such a person.

The Company shall request from the Customer information to identify if the Customer is a PEP, their family member or close associate (e. g. providing the Customer with an opportunity to specify the relevant information when collecting data about the Customer).

The Company shall verify the data received from the Customer by making inquiries in relevant databases or public databases or making inquiries or verifying data on the websites of the relevant supervisory authorities or institutions of the country in which the Customer has place of residence or seat. PEP must be additionally verified using international search engine (e. g. Google) and the local search engine of the Customer’s country of origin, if any, by entering the Customer’s name in both Latin and local alphabet with the Customer’s date of birth.

The Company shall identify close associates and family members of PEPs only if their connection with PEP is known to the public or if the Company has reason to believe that such a connection exists.

Where the Customer who is a PEP no longer performs important public functions placed upon them, the Company shall at least within 12 months take into account the risks that remain related to the Customer and apply relevant and risk sensitivity-based measures as long as it is certain that the risks characteristic of PEPs no longer exist in the case of the Customer.

 

4.5. Identification of the purpose and nature of the business relationship or a transaction

The Company shall understand the purpose and nature of the establishing Business Relationship or performing transaction. Regarding the services provided, the Company may request from the Customer the following information for understanding the purpose and nature of the Business Relationship or transaction:

The Company shall apply additional measures and collect additional information to identify the purpose and nature of the Business Relationship or an Occasional Transaction in cases where:

If the Customer is a legal entity, in addition to aforementioned the Company shall identify the Customer´s area of activity, where the Company shall understand what the Customer deals with and intends to deal with in the course of the Business Relationship and how this corresponds to the purpose and nature of the Business Relationship in general and whether it is reasonable, understandable and plausible.

The area of activity must fit into the experience profile of the Customer’s representative (or key persons) and/or the Beneficial Owner. Thus, the Company has to identify where the representative’s and/or Beneficial Owner’s capacity, capability, skills and knowledge (experience in general) comes from in order to operate in this area of activity, with these business volumes and with these main business partners.

 

4.6. Monitoring of the business relationship

The Company shall monitor established Business Relationships where the following ongoing due diligence (ODD) measures are implemented:

The Company shall regularly check and update the documents, data and information collected within the course of the implementation of CDD measures and update the Customer´s risk profile. The regularity of the checks and update must be based on the risk profile of the Customer and the checks must take place at least:

The collected documents, data and information must also be checked if an event has occurred which indicates the need to update the collected documents, data and information.

In the course of the ongoing monitoring of the Business Relationship, the Company shall monitor the transactions concluded during the Business Relationship in such a manner that the latter can determine whether the transactions to be concluded correspond to the information previously known about the Customer (i.e., what the customer declared upon the establishment of the Business Relationship or what has become known in the course of the Business Relationship).

The Company shall also monitor the Business Relationship to ascertain the Customer’s activities or facts that indicate criminal activities, Money Laundering or Terrorist Financing or the relation of which to Money Laundering or Terrorist Financing is probable, incl. complicated, high-value and unusual transactions and transaction patterns that do not have any reasonable or obvious economic or legitimate purpose or that are uncharacteristic of the specific features of the business in question. In the course of the Business Relationship, the Company shall constantly assess the changes in the Customer’s activities and assess whether these changes may increase the risk level associated with the Customer and the Business Relationship, giving rise to the need to apply EDD measures.

In the course of the ongoing monitoring of the Business Relationship, the Company applies the following measures: 

The objective of screening is to identify: 

The screening of the transactions is performed automatically and includes the following measures:

If the Customer gives request for transaction which exceeds the threshold established or for transaction to the Virtual Currency wallet with high-risk score (e.g. wallets related to fraud, crime, etc.), the transaction shall be manually approved by the Employee, who shall assess, before the approval, the necessity to apply any additional CDD measures (e. g. applying EDD measures, asking source and origin of funds or asking additional information regarding the transaction).

When monitoring transactions the Employee shall assess transaction with a view to detect activities and transactions that:

In the case, where the aforementioned fact is detected, the Employee shall notify MLRO and postpone any transaction of the Customer until MLRO´s decision regarding this.

In addition to aforementioned, the MLRO shall review the Company´s transactions regularly (at least once per week) to ensure that:

The Company identifies the source and origin of the funds used in transaction(s) if necessary. The need to identify the source and origin of funds depends on the Customer’s previous activities as well as other known information. Thereby the identification of the source and origin of the funds used in transaction shall be performed in the following cases:

 

5.REFUSAL TO THE TRANSACTION OR BUSINESS RELATIONSHIP AND THEIR TERMINATION

The Company is prohibited to establish a Business Relationship and the established Business Relationship or transaction shall be terminated (unless it is objectively impossible to do) in case when:

In the event of a termination of the Business Relationship in accordance with this chapter, the Company shall transfer the Customer’s assets within reasonable time, but preferably not later than within 10 (ten) business days after the termination and as a whole to an account opened in a credit institution which is registered or whose place of business is in a contracting state of the European Economic Area or in a country where requirements equal to those established in the relevant directives of the European Parliament and of the Council are applied. In exceptional cases, assets may be transferred to an account other than the Customer’s account or issued in cash. Irrespective of the recipient of the funds, the minimum information given in English in the payment details of the transfer of the Customer’s assets is that the transfer is related to the extraordinary termination of the Customer relationship.

 

5.1. Not-Acceptable Customers

The following list predetermines the type of Customers who are not acceptable for establishing a Business Relationship or an execution of an Occasional Transaction with the Company:

The Company will not accept as Сustomers, persons or entitled from Afghanistan, Barbados, Belarus, Burkina Faso, Burma (Myanmar), Cambodia, Cayman Islands, Crimea (region of Ukraine), Democratic People’s Republic of Korea, Donetsk (region of Ukraine), Haití, Iran, Jamaica, Jordan, Luhansk (region of Ukraine), Mali, Morocco, Nicaragua, Pakistan, Panama, Philippines, People’s Republic of China, Russia, Senegal, South Sudan, Syria, Trinidad and Tobago, Uganda, Vanuatu, Yemen, Zimbabwe.

Persons or entities from jurisdictions where a particular license or permit is required will not be accepted as Customers if the Company has not received such a permit or license.

 

6.IMPLEMENTATION OF SANCTIONS

Upon the entry into force, amendment or termination of Sanctions, the Company shall verify whether the Customer, their Beneficial Owner or a person who is planning to have the Business Relationship or transaction with them is a subject of Sanctions. If the Company identifies a person who is a subject of Sanctions or that the transaction intended or carried out by them is in breach of Sanctions, the Company shall apply Sanctions and inform the FCIS thereof within 3 hours.

 

6.1. Procedure for identifying the subject of Sanctions and a transaction violating Sanctions

The Company shall use at least the following sources (databases) to verify the Customer´s relation to Sanctions:

In addition to aforementioned sources, the Company may use any other sources by the decision of the Employee who is applying CDD measures.

To verify that the persons’ names resulting from the inquiry are the same as the persons listed in a notification containing Sanction(s), their personal data shall be used, the main characteristics of which are, for a legal entity, its name or trademark, registry code or registration date, and for a natural person, their name and personal identification or date of birth.

In order to establish the identity of the persons specified in the relevant legal act or notice being the same as those identified as a result of the inquiry from databases, the Company must analyze the names of the persons found as a result of the inquiry based on the possible effect of factors distorting personal data (e. g. transcribing foreign names, different order of words, substitution of diacritics or double letters etc.).

The Company shall perform abovementioned verification on an ongoing basis in the course of an established Business Relationship. The frequency of the ongoing verifications depends on the Customer’s risk profile:

If the Employee has doubts that a person is a subject of Sanctions, the Employee shall immediately notify the MLRO or the Management Board member. In this case the MLRO or the Management Board member shall decide whether to ask or acquire additional data from the person or notify the FCIS immediately of their suspicion.

The Company shall primarily acquire additional information on their own about the person who is in Business Relationship or is performing a transaction with them, as well as the person intending to establish the Business Relationship, perform a transaction or an act with them, preferring information from a credible and independent source. If, for some reason, such information is not available, the Company shall ask the person who is in the Business Relationship or is performing a transaction or an act with them, as well as the person intending to establish a Business Relationship, perform a transaction or an act with them, whether the information is from a credible and independent source and assess the answer.

 

6.2. Actions when identifying the Sanctions subject or a transaction violating Sanctions

If the Employee of the Company becomes aware that the Customer which is in Business Relationship or is performing a transaction with the Company, as well as a person intending to establish the Business Relationship or to perform a transaction with the Company, is the subject of Sanctions, the Employee shall immediately notify the MLRO or the Management Board member, about the identification of the subject of Sanctions, of the doubt thereof and of the measures taken.

The MLRO or the Management Board member shall refuse to conclude a transaction or proceeding, shall take measures provided for in the act on the imposition or implementation of the Sanctions and shall notify immediately the FCIS of their doubts and of the measures taken.

When identifying the subject of the Sanctions, it is necessary to identify the measures that are taken to Sanction this person. These measures are described in the legal act implementing the Sanctions, therefore it is necessary to identify the exact sanction what is implemented against the person to ensure legal and proper application of measures.

 

In case of any doubts or concerns, please contact us at: [email protected]