Till Payments is committed to comply its regulatory obligations in identifying, mitigating and managing money laundering and terrorism financing risk. It seeks to protect its customers, employees and the community from ML/TF activities and recognises that it plays a critical role in this regard. Our AML/CTF policy will help our business identifying, disrupting and preventing money laundering and terrorism financing. The policy protects our business, our community and Australia from criminal activity.
Our AML/CTF policy is designed to address the money laundering and terrorism financing risk to our business may reasonably face. There are two parts to AML/CTF policy. Part A includes processes and procedures to help identify, mitigate and manage the money laundering and terrorism financing risks to our business. Part B is focused on the procedures for identifying customers and beneficial ownership including those that are politically exposed persons (PEPs)/International sanctions and verifying their identity.
What is Money Laundering
Money laundering is the process of making large amounts of money generated by a criminal activity, such as drug trafficking or terrorist funding, appear to have come from a legitimate source. The money from the criminal activity is considered dirty, and the process “launders” it to make it look clean. Money laundering is itself a crime. The money laundering cycle describes the typical three- stage process criminals may use to conceal the source of illicit funds and the make funds appear legitimate:
- Placement: Introducing illegal funds into the formal financial system (for example, making ‘structured*’ cash transactions into bank accounts, currency exchangers)
- Layering: Moving, dispersing or disguising illegal funds or assets to conceal their true origin (for example, using a maze of complex transactions involving multiple banks and accounts, or corporations and trusts
- Integration: Investing these now distanced funds or assets in further criminal activity or legitimate business or purchasing high-value assets and luxury goods. At this stage the funds or assets appear to have been legitimately acquired.
Due to the specialised nature of AML compliance, we use an external consulting organisation (our agent) to conduct our compliance checks, and CDD. We meet at a minimum quarterly to review compliance and procedures and be updated on any changes to the compliance legislation. As an organisation we review the results of each AML verification report, and formally sign off before accepting a prospect as a customer. The AML compliance officer receives regular reports from both the internal and external compliance team.
Information sharing with Financial Intelligence Units
Till Payments is not a reporting entity as defined within the AML legislation and therefore do not require a formal reporting policy. We do however have a formal process for the identification of suspicious applications and transactions, and when these are identified, we notify our compliance provider, who in turn is required to notify the Financial Crimes Authority of the country in question. In parallel, based on the information available, we may decide to notify the appropriate authorities directly.
Know Your Customer (KYC) Requirements
The customer identification procedures- know your customer (KYC) procedure must be completed and identified before any financial relationship is established with new client and no funds can be transferred until KYC requirements have been fulfilled as per AUSTRAC KYC requirements.
We must document in detail the procedure we use to identify our customers and verify that their information is correct. After using these ‘applicable customer identification procedures’ we must be reasonably satisfied that:
- an individual customer is who they claim to be; and
- a customer who is not an individual (such as a company, association or trust) is a real entity and we know the details of its beneficial owners).
Applicable Customer Identification Procedures include:
- Collecting and verifying customer identification information through know your customer procedure;
- Identifying and verifying the beneficial owner(s) of a customer;
- Identifying whether a customer or beneficial owner of a customer is a politically exposed person (PEP);
- Getting information on the purpose and intended nature of the business relationship
What is Beneficial Owner
A beneficial owner is an individual who ultimately owns or controls an entity such as a company, trust or partnership.
- ‘Owns’ in this case means owning 25% or more of the entity. This can be directly (such as through shareholdings) or indirectly (such as through another company’s ownership or through a bank or broker).
- Controls’ in this case means having the power to make decisions about the entity’s finances and operations. They may exert control through trusts, agreements, arrangements, understandings, policies or practices.
Note: a customer may have more than one beneficial owner
Identification of Beneficial Owners
We must collect full name of each beneficial owner and their date of birth or residential address. In order to verify beneficial owner’s customers who are not individuals can have complex ownership structures. To identify who the beneficial owner is, we need to know and understand our customer’s business and its directorship structure. Usually we can ask the customer or authorised signatory for the beneficial owner information. Sometimes we may need to do our own research, especially when the customer has complex company structure. Below is some example that can help us with our research:
- A certificate of incorporation of a company from ASIC or annual statements including the amendments submitted to ASIC
- Company/beneficial ownership search in Equifax portal
- A trust deed
- A partnership agreement
- The constitution and/or certificate of incorporation for and incorporated association
- The constitution of a registered cooperative
Sanctions and Politically Exposed Person (PEPs) Check
A PEP is an individual who holds a prominent public position or role in a government body or international organisation, either in Australia or overseas. Immediate family members and/or close associates of these individuals are also considered PEPs.
We must conduct risk- based procedures in place to identify whether an individual customer or beneficial owner is PEP. Procedures may include checking but not limited:
- The customer’s background via an internet search
- Database and reports from organisation that specialise in analysing corruption risk such as Equifax
- Sanctions list on Department of Foreign Affairs and Trade (DFAT)
- The UN Politically exposed persons watch list
- The US department of treasure, OFAC sanctions list
Ongoing Customer Due Diligence
We must perform ongoing risk analysis and customer due diligence at frequencies as per our customer risk category. OCDD should be completed by checking if there have been any ownership/directorship changes in the company profile. Also, any flags may include:
- Suspicious transaction activity
- Significant changes in directorship/ownership or company structure
- Change of ownership from existing client
- Request of any additional service for MID/TID
Transaction Monitoring Program
We should follow fraud/risk mitigation tools/systems in place to catch any suspicious transaction activity on our existing clients. Transaction activity can ne monitored following three steps:
- Using inhouse fraud/risk mitigation systems to check customers daily transaction activity
- Identifying and investigating suspicious transactions without tipping off customer
- Such request from customers increasing their transaction limit/value
We are highly committed to maintain our KYC database our new customers as well as ongoing customer due diligence. Database includes individual’s verification information, extract from Equifax and any government agencies, enhanced due diligence documents, any positive PEPs and Sanctions checks including search ID numbers.
Additional Risk Mitigation Strategies:
- Company credit checks on customer’s legal entity
- Individual credit checks on individual authorised signatory for the legal entity
- Induction training for new employees as well as existing employees for any AML/CTF policy update and changes
You can download a PDF version of this policy, here.