MyWealth Legatus SPC
Know Your Customer Norms
& Anti-Money Laundering Measures Policy
1. PURPOSE OF THIS POLICY
1.1. This policy document gives an overview on the standards issued by the Financial Intelligence Centre (FIC) on the ‘Know your Customer’ and ‘Anti Money Laundering’ for Non-Banking Financial Companies thereby setting standards for prevention of money laundering activities and corporate practices while dealing with their customers. The company shall adopt all best practices prescribed by the FIC from time to time and shall make appropriate modifications if necessary to this code to conform to the standards so prescribed. This policy is applicable across all business segments of the company and is to be read in conjunction with related operational guidelines issued from time to time. The contents of the policy shall also be auto corrected with any changes/modifications recommended by FIC from time to time.
2. SCOPE
2.1. The scope of this policy extends to all business segments of MyWealth Legatus SPC (hereinafter referred to as “MyWealth”). The company is committed to transparency and fairness in dealing with all clients in ensuring adherence to all laws and regulations. The company ensures that information collected from clients for any purpose will be kept confidential. The company also commits that the information sought from the client is relevant to the perceived risk and is not intrusive and is in conformity with the guidelines issued in this regard. Any other information from the client shall be sought from the client separately with his/her consent and after effective rendering of service. The company shall also communicate its KYC norms to the client.
3. APPLIES TO
3.1. All MyWealth employees, contractors, and clients. All new clients are required to acknowledge having read the policy document and sign a letter of spirit of adherence to the policy.
4. INTRODUCTION TO ‘KNOW YOUR CUSTOMER’
4.1. The Financial Intelligence Centre has issued comprehensive guidelines on ‘Know Your Customer’ (KYC) norms and Anti-Money Laundering (AML) standards and has advised all Non-Banking Financial Companies (NBFCs) to ensure that a proper policy framework on KYC and AML measures be formulated and put in place with the approval of the Board.
4.2. Accordingly, in compliance with the guidelines issued by FIC from time to time, the following KYC & AML policy is approved by the Board of Directors of MyWealth.
4.3. This policy is applicable to all categories of products and services offered by the Company.
5. OBJECTIVE
5.1. Objective of FIC guidelines are to prevent NBFCs being used, intentionally or unintentionally by criminal elements for money laundering activities. The guidelines also mandate making reasonable efforts to determine the identity and beneficial ownership of accounts, source of funds, the nature of client’s business, reasonableness of operations in the account in relation to the client’s business, etc. which in turn helps MyWealth to manage its risks prudently. Accordingly, the main objective of this policy is to enable MyWealth to have positive identification of its clients.
6. GLOSSARY
6.1. “AML” Anti-Money Laundering
6.2. “CIP” Customer Identification Program
6.3. “CCR” Counterfeit Currency Report
6.4. “FIC” Financial Intelligence Centre
6.5. “PEP” Politically Exposed Persons
6.6. “STR” Suspicious Transaction Reporting
6.7. “UNSCR” United Nations Security Council Resolution
6.8. “Principal Officer” MyWealth Officer of rank of General Manager and above who is responsible for implementing the KYC and AML Policy of the Company.
7. CLIENT ACCEPTANCE POLICY
MyWealth shall follow the following norms while accepting and dealing with its clients:
7.1. If you are a client under the age of 18 years you can enter into a contract with the permission of your parents or legal guardians.
7.2. Name of the client should not appear in the list of banned entities as circulated by UNSCR.
7.3. MyWealth officials, employees or contractors must be satisfied with regards to KYC due diligence of the client.
7.4. Client’s name should not have been included in the list of STR and PMLA.
7.5. In case of clients being PEP or becoming PEP subsequently, it is necessary to take approval of Risk ahead.
Key considerations:
a) Risk categorisation shall be undertaken based on parameters such as client’s identity, social/financial status, nature of business activity, information about the clients’ business and their location etc. While considering a client’s identity, the ability to confirm identity documents through online or other services offered by issuing authorities may also be factored in to enable categorization of clients into low, medium, and high risk. The illustrative list of such risk categorisation is provided in Annexure – I.
b) The client’s profile contains information relating to the client’s identity, social/financial status, nature of business activity, information about his clients’ business and their location etc. The nature and extent of due diligence will depend on the risk perceived by the Company. However, while preparing the customer profile, the Company will seek only such information from the client which is relevant to the risk category and is not intrusive. The client profile will be a confidential document and details contained therein will not be divulged for cross selling or any other purpose.
c) The intent of the Policy is not to result in denial of financial services to the general public, especially to those, who are financially or socially disadvantaged. While carrying out due diligence, the Company will ensure that the procedure adopted does not result in denial of services to any genuine clients.
d) The Company shall carry out full scale client due diligence (CDD) before opening an account. When the true identity of the account holder is not known, the Company shall file Suspicious Transaction Reporting (STR) as provided below in clause 12.
8. CLIENT IDENTIFICATION PROCEDURE
Client identification means identifying the client and verifying his / her identity by using a reliable and independent source of documents, data, or information to ensure that the client is not a fictitious person. The Company shall obtain sufficient information necessary to establish, to its satisfaction, the identity of each client and the purpose of the intended nature of the business relationship.
An effective Customer Identification Program (CIP) is an important part of the effort by the Company to know its client. The Company’s CIP is integrated into the AML (Anti Money Laundering) program for the company in terms of the Financial Intelligence Central Act and the relevant rules notified there under, which contains provisions requiring the business processes to:
a) verify the identity of any Person transacting with MyWealth to the extent reasonable and practicable;
b) maintain records of the information used to verify a client’s identity, including name, address and other identifying information and;
c) consult lists of known or suspected terrorists or terrorist organizations provided to the MyWealth by any applicable government agency to determine whether a person opening an account, or an existing client appears on any such list.
MyWealth will perform appropriate, specific, and where necessary, Enhanced Due Diligence on its clients that is reasonably designed to know and verify the true identity of its clients and to detect and report instances of criminal activity, including money laundering or terrorist financing. The procedures, documentation, types of information obtained and levels of KYC due diligence to be performed will be based on the level of risk associated with the relationship (products, services, business processes, geographic locations) between MyWealth and the client and the risk profile of the client.
8.1. Required “KYC” due diligence for all clients;
MyWealth shall take reasonable measures to ascertain and verify the true identity of all clients who transact with MyWealth. Each business process shall design and implement specific due diligence standards and procedures that are appropriate given the nature of the respective businesses, clients, and the associated risks. Such standards and procedures shall include, at a minimum, the following elements.
For the purpose of identifying and verifying the identity of clients at the time of commencement of an account-based relationship, MyWealth may rely on a third party; subject to the conditions that;
a) MyWealth immediately obtains necessary information of such client due diligence carried out by the third party;
b) MyWealth takes adequate steps to satisfy itself that copies of identification data and other relevant documentation relating to the client due diligence requirements will be made available from the third party upon request without delay;
c) MyWealth is satisfied that such third party is regulated, supervised or monitored for, and has measures in place for compliance with client due diligence and record-keeping requirements in line with the requirements and obligations under the Act;
d) The third party is not based in a country or jurisdiction assessed as high risk; and
e) MyWealth is ultimately responsible for client due diligence and undertaking enhanced due diligence measures, as applicable.
Client Identification Procedure
A) Identification
All the clients shall be identified by a unique identification code to identify clients, track the facilities availed, monitor financial transactions in a holistic manner and to have a better approach to risk profiling of clients.
Each business process shall implement procedures to obtain from each client, prior to transacting, the following information as may be relevant to that company:
1. Name – procedures require company processes to use reasonable efforts to ensure that the name recorded on the Company portal as the client will be exactly the same as (and not merely similar to, or a variation of) the name that appears on any identifying documentation reviewed in connection with the services;
2. For individuals – age / date of birth; For a person other than individual (such as corporation, partnership or trust) – date of incorporation;
3. Address including the documentary proof thereof;
i. For an individual, a residential or business street address;
ii. For a Person other than an individual (such as a corporation, partnership, or trust), the principal place of business, local office, or other physical location;
2. Telephone/E-mail Address;
3. Identification number:
i. A taxpayer identification number; passport number and country of issuance; letter issued by Identification Authorities containing identification number or residence and bearing a photograph or similar safeguard. When opening an account for a person (other than an individual) that does not have an identification number, the business process must request alternative government issued documentation certifying the existence of the business or enterprise;
ii. For a client who has applied for, but has not received an identification number, services may be sanctioned, but each business process shall implement procedures to confirm that the application was filed before the services are sanctioned to client and to obtain the identification number within a reasonable period of time before conclusion of service terms.
The list of documents that can be accepted as proof of identity and address from clients across various products offered by MyWealth is given as Annexure – II to this policy. These are appropriately covered in the policies of the respective businesses and communicated to the approving authorities.
B) Verification
Each Company process as a part of the policy will document and implement appropriate risk- based procedures designed to verify that it can form a reasonable belief that it knows the true identity of its clients. Verification of clients’ identity should occur before transacting with the client. Procedures for each business process shall describe acceptable methods of verification of client identity, which may include verification through documents or non-documentary verification methods that are appropriate given the nature of the business process, the products and services provided and the associated risks.
- Verification through documents:
These documents may include but are not limited to the list of documents that can be accepted as proof of identity and address from clients across various products offered by MyWealth as provided in Annexure – II to this policy.
The list of documents that can be accepted as proof of identity and address from clients across various products offered by MyWealth is given as Annexure – II to this policy. These should be appropriately covered in the credit policies of the respective businesses. The client verification processes will be covered in detail in the credit policies of every business.
2. Verification through non-documentary methods:
These methods may include, but are not limited to:
1. Contacting or visiting a client;
2. Independently verifying the client’s identity through the comparison of information provided by the client with information obtained from a consumer reporting agency, public database, or other source;
3. Checking references with other financial institutions; or
4. Obtaining a financial statement.
3. Additional verification procedures:
If applicable, the business process verification procedures should address situations where:
1. A person is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard;
2. The business process associate is not familiar with the documents presented;
3. The Account is opened without obtaining documents;
4. Where the business process is otherwise presented with circumstances that increase the risk that it will be unable to verify the true identity of a client through documents; and
5. If the business process cannot verify the identity of a client that is other than an individual, it may be necessary to obtain information about persons with authority or control over such an account, including signatories, in order to verify the clients’ identity.
C) Resolution of Discrepancies
Each business process shall document and implement procedures to resolve information discrepancies and to decline or cease to do business with a client when it cannot form a reasonable belief that it knows the true identity of such client or cannot adequately complete necessary due diligence. These procedures should include identification of responsible decision makers and escalation paths and detailed standards relating to what actions will be taken if a client’s identity cannot be adequately verified.
As a general rule, MyWealth will strive to cap cash remittance by clients to the limit of R24 999.99 and to advise its clients to use acceptable cashless modes of payment (wire transfer, demand draft, banker’s cheque, credit card) to settle their over dues. Acceptance of cash remittance above the limit of R24 999.99 is subject to written approval of the Head of Risk Management and monthly report will be provided to the Managing Director.
Besides, the business shall have a system of internal reporting of suspicious transactions, counterfeit transactions, and cash transactions greater than R24 999.99, whether such transactions comprise of a single transaction, or a series of transactions integrally connected to each other, and where such series of transactions take place within a month.
“Suspicious transaction” means a transaction whether or not made in cash which, to a person acting in good faith:
a) gives rise to a reasonable ground of suspicion that it may involve the proceeds of crime; or
b) appears to be made in circumstances of unusual or unjustified complexity; or
c) appears to have no economic rationale or bona fide purpose; or
d) gives rise to a reasonable ground of suspicion that it may involve financing of the activities relating to terrorism.
e) where the transactions are abandoned by clients on being asked to give some details or to provide documents.
Further, the Compliance officer shall furnish information of the above-mentioned transactions to the Director, Financial Intelligence Centre (FIC) at the prescribed address in the formats prescribed in this regard including the electronic filing of reports.
Provided that where the principal officer has reason to believe that a single transaction or series of transactions integrally connected to each other have been valued greater than R24 999.99 so as to defeat the provisions of the FIC Act regulations, such officer shall furnish information in respect of such transactions to the Director Financial Intelligence Centre (FIC) within the prescribed time.
In addition, it shall be the duty of the company, its Designated Director, officers, and employees to observe the procedure and manner of furnishing and reporting information on transactions.
8.2. Client CIP Notice
Each business process shall implement procedures for providing clients with adequate notice that the Company is requesting information and taking actions in order to verify their identity. Each business process shall determine the appropriate manner to deliver the notice, which shall be reasonably designed to ensure that the client is able to view or is otherwise given such notice prior to account opening.
8.3. Existing Clients
The requirements of the earlier sections are not applicable to accounts opened by existing clients, provided that the business process has previously verified the identity of the client and the business process continues to have a reasonable belief that it knows the true identity of the client. Further, transactions in existing accounts should be continuously monitored and any unusual pattern in the operation of the account should trigger a review of the due diligence measures.
8.4. Enhanced due diligence
MyWealth is primarily engaged in Crypto Assets to end clients. It does not deal with such a category of clients who could pose a potential high risk of money laundering, terrorist financing or political corruption and are determined to warrant enhanced scrutiny. The existing policies of the company in respect of its various businesses ensure that MyWealth is not transacting with such high-risk clients.
MyWealth shall conduct Enhanced Due Diligence in connection with all clients or accounts that are determined to pose a potential high risk and are determined to warrant enhanced scrutiny. Each business process shall establish appropriate standards, methodology and procedures for conducting Enhanced Due Diligence, which shall involve conducting appropriate additional due diligence or investigative actions beyond what is required by standard KYC due diligence.
Enhanced Due Diligence shall be coordinated and performed by the Company, who may engage appropriate outside investigative services or consult appropriate vendor sold databases when necessary. Each business process shall establish procedures to decline to do business with or discontinue relationships with any client when the Company cannot adequately complete necessary Enhanced Due Diligence or when the information received is deemed to have a significant adverse impact on reputational risk.
The following are the indicative list where the risk perception of a client may be considered higher:
- Clients requesting for frequent change of address/contact details;
- Sudden change in the loan account activity of the client;
- Frequent closure and opening of accounts by the client;
Enhanced due diligence may be in the nature of keeping the account monitored closely for a re-categorisation of risk, updating of fresh KYC documents, field investigation or visit of the customer, etc., which shall form part of the policies of the business.
8.5. Simplified measures to verify the identity of the client.
Simplified measures are applied for verifying the identity of clients, the following documents shall be deemed to be officially valid documents:
● Identity card with applicant’s Photograph issued by Central/State Government Departments, Statutory/Regulatory Authorities, Public Sector Undertakings, Scheduled Commercial Banks, and Public Financial Institutions;
● Letter issued by a gazetted officer, with a duly attested photograph of the person;
The simplified measures are applicable to low-risk category clients considering the type of customer, business relationship, nature and value of transactions as defined in Annexure – I.
It would be sufficient to obtain any of the documents mentioned above for low-risk category clients.
9. RECORDS RETENTION
Each business process shall document and implement appropriate procedures to retain records of KYC due diligence and anti-money laundering measures. The business process shall implement, at a minimum, the following procedures for retaining records:
a) Transactions for which records need to be maintained;
● All cash transactions of the value of more than R24 999.99 or its equivalent in foreign currency.
● All series of cash transactions integrally connected to each other which have been individually valued below ten thousand Rands or its equivalent in foreign currency where such series of transactions have taken place within a month and the monthly aggregate exceeds R24 999.99 or its equivalent in foreign currency.
● All cash transactions where forged or counterfeit currency notes or bank notes have been used as genuine and where any forgery of a valuable security has taken place.
● All suspicious transactions whether or not made in cash.
b) Information to be preserved;
The information required to be preserved with respect to the above transactions are the nature of transactions, amount, and the currency in which it was denominated, date of transaction and the parties to the transaction.
c) Periodicity of retention;
The following records shall be retained for a minimum period of five years after the related account is closed:
● The client’s identification information and residence identification information including the documentary evidence thereof;
● All other necessary records pertaining to the transactions that could be produced as evidence for prosecution of persons involved in criminal activity.
Further, a description of the methods used to verify client’s identity as well as a description of the resolution of any discrepancies in verification shall be maintained for a period of at least five years after such record was created.
The above records shall be made available to the competent authorities upon request.
10. RISK CATEGORISATION
The Company shall put in place a system of periodical review of risk categorization of accounts and the need for applying enhanced due diligence measures in case of higher risk perception on a client. Such review of risk categorization and due diligence of client’s will be carried out on-going basis with respect to the business relationship with every client and closely examine the transactions in order to ensure that they are consistent with their knowledge of the client, his business and risk profile and, wherever necessary, the source of funds.
The Company shall have a system in place for periodical updating of client’s identification data after the account is opened. The periodicity of such updating shall be not less than once in ten years in case of low-risk category client’s and not less than once in eight years in case of medium risk category client’s and not less than once in two years in case of high-risk category clients.
All the clients under different product categories are categorized into low, medium, and high risk based on their profile. The manager while appraising the transaction and rendering his approval will prepare the profile of the client based on risk categorization. An indicative categorization for the guidance of businesses is provided in Annexure – I.
Each business process adopts the risk categorization in their respective credit policies subject to confirmation by compliance based on the credit appraisal, client’s background, nature and location of activity, country of origin, sources of funds, client profile, etc. Where businesses believe that a particular client falling under a category mentioned below is in his judgement falling in a different category, they may categorise the client so, so long as appropriate justification is provided in the client’s file.
11. MONITORING OF TRANSACTIONS
Ongoing monitoring is an essential element of effective KYC procedures. The Company can effectively control and reduce the risk only if it has an understanding of the normal and reasonable activity of the client so that they have the means of identifying transactions that fall outside the regular pattern of activity. However, the extent of monitoring will depend on the risk sensitivity of the account. The different business divisions should pay special attention to all complex, unusually large transactions and all unusual patterns which have no apparent economic or visible lawful purpose. High-risk accounts must be subjected to intensify monitoring.
12. RISK MANAGEMENT
MyWealth has put in place appropriate procedures to ensure effective implementation of KYC guidelines. The implementation procedure covers proper management oversight, systems and controls, segregation of duties, training, and other related matters.
MyWealth Risk management team from time to time will carry on the necessary quality checks and file audits to ensure that the KYC policies and Procedures are adhered to from time to time.
The Risk Management team shall also from time to time also update the Board any lapses if identified during the client acquisition process. As a part of the risk policy, the Risk Management team has provided for a comprehensive list of documents that can be used as a part of the Know Your Customer guidelines.
13. COUNTERFEIT CURRENCY REPORT
A separate Counterfeit Currency Report should be filed for each incident of detection of Counterfeit currency. If the detected counterfeit currency notes can be segregated on the basis of tendering, a separate CCR should be filed for each such incident. These transactions should be reported to the Director, Financial Intelligence Centre, by the 15th day of the succeeding month.
While furnishing information to the Director FIC, delay of each day in not reporting a transaction or delay of each day in rectifying a misrepresented transaction beyond the time limit as specified in this rule shall constitute a separate violation.
14. SOURCING RULES
- The compliance person shall, at the time of client acquisition or executing any transaction, verify the record of identity, signature proof and proof of current address or addresses including permanent address of the client.
- It is necessary that the Compliance Team verifies the photocopy of the KYC documents with the originals and certifies on the Form, the fact of having verified the same under his/her signature (Original Seen & Verified – OSV).
- It is necessary to ensure that the identity of the client / director / partner / authorized signatory does not match with any entity with known criminal background or with banned entities available on the United Nations website. Client names should be checked against the negative list provided by the United Nations Security Council (UNSC).
The details of the two lists are as below:
a. The “ISIL (Da’esh) & Al-Qaida Sanctions List”, which includes names of individuals and entities associated with Al-Qaida. The updated ISIL & Al-Qaida Sanctions List is available at: https://www.un.org/securitycouncil/content/un-sc-consolidated-list
b. The “1988 Sanctions List”, consisting of individuals (Section A of the consolidated list) and entities (Section B) associated with the Taliban which is available at:
https://www.un.org/securitycouncil/content/un-sc-consolidated-list
15. CKYC (CENTRAL KYC)
As per FIC guidelines on CKYC, Scheduled Commercial Banks (SCBs) shall invariably upload the KYC data pertaining to all new individual accounts opened in terms of the provisions of the Prevention of Money Laundering (Maintenance of Records).
Regulated Entities (RE) other than SCBs shall upload the KYC data pertaining to all new individual accounts opened in terms of the provisions of the Prevention of Money Laundering (Maintenance of Records). MyWealth strictly adheres to CKYC guidelines and follows the same in line with FIC guidelines.
Operational Guidelines for uploading the KYC data have been released. MyWealth underwent the ‘Test Environment’ and completed the testing.
14. ANNEXURES
ANNEXURE – I
Indicative list for Risk Categorisation
Individuals (other than High Net Worth) and entities whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known profile, shall be categorised as low risk.
Illustrative examples are:
1. Salaried employees whose salary structure is well-defined;
2. People belonging to lower economic strata of the society whose accounts show small balances and low turnover;
3. Government departments and Government-owned companies;
4. Statutory bodies & Regulators.
Medium & High-Risk Category
Clients that are likely to pose a higher than average risk may be categorized as medium or high risk depending on client’s background, nature and location of activity, country of origin, sources of funds and his client profile etc.
Illustrative examples are:
1. Non-Resident clients;
2. High Net worth Individuals;
3. Trust, charities, NGO’s and Organization receiving donations;
4. Companies having close family shareholding or beneficial ownership;
5. Firms with ‘sleeping partners’;
6. Politically Exposed Persons (PEPs);
7. Those with dubious reputation as per public information available;
8. Accounts of bullion dealers and jewellers.
ANNEXURE-II
Customer Identification Procedure
Features to be verified and documents that may be obtained from clients!!
1. Documents for proof of identity and address required for Individuals.
Any one document from the Officially Valid Document is only allowed. They are:
- Passport
- License
- Permanent Account Number (PAN) card
- Voter’s identity card issued by Election commission/s
- Job card issued and signed by an officer of the State Government
- Letter issued by the Unique Identification Authority containing details of name and address.
It is implied that proof of address also follows from the above documents only.
A client shall not be required to furnish separate proof of current address, if it is different from the address recorded. In such cases, a declaration from the client in application form to be taken indicating the address to which all correspondence will be made.
In case of accounts of proprietorship concerns, it has been decided to lay down criteria for the client identification procedure for account opening by proprietary concerns. Accordingly, apart from following the extant guidelines on client identification procedure as applicable to the proprietor, MyWealth should call for and verify the following documents before opening of accounts in the name of a proprietary concern:
A. Proof of the name, address and activity of the concern, like registration certificate (in the case of a registered concern), certificate/licence issued by the Municipal authorities, sales and income tax returns, VAT certificate, certificate / registration document issued by Sales Tax / Service Tax / Professional Tax authorities, Licence issued by the Registering authority like Certificate of Practice issued by Institute of Chartered Accountants, Institute of Cost Accountants, Institute of Company Secretaries, Medical Councils, Food and Drug Control authorities, etc.
B. Any registration / licensing document issued in the name of the proprietary concern by the Central Government or State Government Authority / Department. MyWealth may also accept IEC (Importer Exporter Code) issued to the proprietary concern by the office as an identity document for opening of account.
C. The complete Income Tax return (not just the acknowledgement) in the name of the sole proprietor where the firm’s income is reflected duly authenticated/ acknowledged by the Income Tax Authorities.
D. Utility bills such as electricity, water, and landline telephone bills in the name of the proprietary concern.
Any two of the above documents would suffice. These documents should be in the name of the proprietary concern.
Documents for Identification and verification of Companies;
b) Certificate of incorporation;
c) Memorandum and Articles of Association;
d) A resolution from the Board of Directors and power of attorney granted to its managers, officers, or employees to transact on its behalf; and
e) An officially valid document in respect of managers, officers or employees holding an attorney to transact on its behalf.
Documents for Identification and verification of Partnership firms;
ii. Registration certificate;
iii. Partnership deed; and
iv. An officially valid document in respect of the person holding an attorney to transact on its behalf.
Documents for Identification and verification of Trusts and Foundations;
a. Registration certificate;
b. Trust deed; and
c. An officially valid document in respect of the person holding an attorney to transact on its behalf.
In view of the change in the definition of Officially Valid Documents, henceforth, only the documents mentioned above would be accepted for opening accounts of individuals. MyWealth would not have the discretion to accept any other document for this purpose.