KYC / AML

Legalization (money laundering) of funds or other property obtained through criminal means

is the execution of any transaction that gives the funds or other property, obtained as a result of illegal activities (fraud, corruption, terrorism financing, organized crime, etc.), the appearance of lawful ownership, usage, or disposal. This refers to transferring property from the shadow, informal economy to the official economy to enable the opportunity to use these funds openly and publicly.

Money laundering of funds obtained through criminal activities involves three stages:

Placement
Introducing the funds into the financial system through methods such as depositing cash into banks and non-banking financial institutions (often in banks with low regulatory requirements, followed by transferring the funds to banks in regulated environments), purchasing expensive goods for resale, and similar activities.

Layering
Engaging in complex financial transactions to obscure the illegal source of the funds, making it difficult to trace the acquisition and movement of the funds (multiple transfers between financial institutions, loans, etc.).

Integration
Reintroducing the funds or other property obtained from operations with illegal funds back into the financial system as property acquired legally.

The policy on combating money laundering and countering the legalization of proceeds obtained through criminal means (AML), financing of terrorism, fraud, and corruption (hereinafter referred to as the Policy) establishes the main standards, approaches, and requirements for the organization of internal control in XFine Ltd. (hereinafter referred to as the Company) to combat the legalization of proceeds obtained through criminal means, the financing of terrorism, fraud, and corruption.

The policy is developed in accordance with international legislation in the field of preventing money laundering, financing of terrorism, drug trafficking, and human trafficking, as well as preventing corruption.

In its activities, the Company adheres to the position of unconditional transparency in business relationships with clients and partners.

The policy is based on the principles of preventing the involvement of the Company and its employees in illegal activities related to money laundering, as well as eliminating the possibility of conducting operations related to the financing of terrorist activities. These principles are ensured by a set of measures, namely:

• Identification and risk assessment;
• “Know Your Customer” Policy;
• Internal control.

This Policy applies equally to all clients and counterparties of the Company.

The Company identifies and assesses the risks that may arise when interacting with clients and counterparties, using a risk-based approach. This approach ensures the identification of the susceptibility of client operations to money laundering risks based on the analysis results of the main factors affecting the level of such risk. These factors include the country of registration of the client/counterparty, the type of client activity, client identification, client activity monitoring, the presence of sanctions against the client/counterparty, and others.

In order to minimize risks and prevent money laundering, financing of terrorism, drug trafficking, and human trafficking, as well as to prevent corruption, the Company has developed the following approach to analyzing the factors that affect risk assessment:

• Country of client registration – country risk.
• Information about the country of registration provides insights into the potential risks of money laundering. Clients registered in countries under sanctions, those not participating in anti-money laundering initiatives, or countries supporting terrorist activities are considered to have a higher money laundering risk.
• This criterion is evaluated together with other factors and provides a more comprehensive understanding of the risk level.
• Type of client activity.
• Although there are no strict restrictions, it should be taken into account that clients involved in activities such as arms trafficking or non-profit organizations and charitable foundations pose a higher risk of money laundering.
• This criterion is evaluated together with other factors.
• Client identification, client representatives, beneficial owners, and ultimate beneficiaries.
• The Company carries out the identification of all clients/counterparties, third parties representing the interests of clients/counterparties, in accordance with the “Know Your Customer” principle (hereinafter referred to as KYC). Every user of the Company’s products and services is required to provide the information and documents requested by the Company for the identification procedure, in accordance with international anti-money laundering standards and KYC principles.

Client activity monitoring.
In addition to initial identification, the Company monitors client/counterparty activities. The goal of this monitoring is to track client behavior and detect suspicious activity, which may indicate money laundering or terrorism financing.

• Monitoring includes:

1. + Tracking suspicious client behavior by Company employees;
2. + Identifying suspicious client behavior in accordance with the norms of the client’s jurisdiction;
3. + Timely informing the Company’s employee responsible for minimizing risks and preventing money laundering of any detected suspicious behavior.

To minimize risks and conduct high-quality monitoring of client activity, the Company regularly works with its staff to ensure a high level of competence in risk checks and KYC principles. If necessary, third parties — specialized organizations providing comprehensive services for client verification, implementation, compliance, and execution of measures ensuring the fight against money laundering and counteracting the legalization of criminally obtained proceeds — may be involved.

In order to prevent any illegal activity, the Company establishes procedures for verifying clients/counterparties in accordance with international anti-money laundering standards and the principles of “Know Your Customer” (KYC).

The principle of “Know Your Customer” implies that:

• The Company has collected all the necessary information based on which a conclusion can be made that the client/counterparty and/or third party (if applicable), acting in the interests of the client/counterparty, their beneficiaries and ultimate beneficial owners, have been fully identified, and all associated risks have been revealed and assessed;
• The Company has received confirmation that the client/counterparty and/or third party (if applicable), acting in the interests of the client/counterparty, is engaging in activities identified in accordance with the client’s jurisdiction, such as corruption, fraud, money laundering, terrorism financing, etc.;
• The funds involved in the transaction were not obtained by the client/counterparty and/or third party (if applicable), acting in the interests of the client/counterparty, as a result of activities identified in accordance with the client’s jurisdiction, such as corruption, fraud, money laundering, terrorism financing, etc.;
• The Company has received confirmation that the client/counterparty is acting in their own interests or in the interests of third parties.

In order to conduct the KYC procedure, the Company requests information and documents from the client for the corresponding verification. The information received is used by the Company exclusively for the provision of services, as well as for administrative and legal purposes.

Client Identification
The Company requests the following documents and information from the client for verification (but is not limited to):

For individuals:

• Document confirming identity;
• Document confirming citizenship;
• Document confirming the client’s residential registration;
• Phone number;
• Email address.

For legal entities:

• Certificate of registration;
• Charter/memorandum;
• Documents containing information on the ownership structure of the legal entity;
• Documents confirming the authority of the sole executive body;
• Document confirming the identity of the sole executive body;
• Information on the location/legal address.

If the client’s interests are represented by a third party, in addition to the above documents, the Company requests a document confirming the authority of the third party. The third party must provide the Company with a similar set of documents.

The Company takes all necessary measures to ensure that the client or third party, acting in the interests of the client, is indeed the person they claim to be. For this purpose, the Company may request a digital image (photo, video) of the client holding a document confirming their identity, allowing comparison of the photo on the client’s document with the client’s face. These measures are a mandatory internal control mechanism to minimize the risks of money laundering.

Data Update
The Company may update client information at any time, specifically requesting updated documents or information from clients who have previously undergone identification.

The Company conducts additional verification procedures if there are grounds to believe that the client is involved in suspicious or illegal activities.

The client confirms the accuracy of all information provided at the request of the Company.

Guarantees of Good Faith Behavior
For each fact of suspicious client behavior, which may indicate money laundering or financing of terrorism, the Company reports to the relevant authorities.

The Company does not begin cooperation with the client until the Identification procedure is completed. The Company has the right to terminate cooperation with the client at any time if the client fails to provide the information requested by the Company.

The Company periodically reviews, updates, and improves its KYC identification procedures to align with changing rules and practices.

The Company takes necessary internal control measures to identify individuals involved in money laundering, terrorism financing, drug and human trafficking, corruption, as well as individuals under sanctions by friendly states in order to minimize risks and/or adverse consequences for the Company.

In accordance with the adopted approach to analyzing factors affecting the assessment of risk levels, the Company takes all possible and necessary measures to identify and assess risks within a reasonably short time. While acknowledging that it is impossible to completely eliminate such risks, the Company strives to ensure that the actions taken are justified and appropriate, without leading to delays in client identification or increasing bureaucracy.

When analyzing risk factors, the Company uses a risk-based approach, which is based on the principle of matching the subject’s risk level with the depth of the verification conducted on them. Thus, the higher the risk, the more complete and detailed information the Company requests. Upon identifying high risks, the Company requests additional documents and/or information before entering into the relevant agreement to verify the discovered risks that may hinder cooperation.

If high money laundering risks are confirmed regarding a subject/client/counterparty, the Company refuses to cooperate with such a subject and terminates cooperation with an existing client/counterparty.

When requesting information from subjects/clients/counterparties for client identification and conducting internal control to implement the Anti-Money Laundering and Countering the Legalization of Criminally Obtained Proceeds Policy, as well as the “Know Your Customer” (KYC) Policy, the Company takes measures aimed at minimizing the risks of receiving inaccurate or outdated information. To ensure the accuracy of the information, the Company uses data received from the Counterparty and, when necessary, information obtained from third parties and electronic sources. Such data is used by the Company only if obtained from reliable sources of information, such as supervisory authorities, regulators, state registration chambers, and services specifically created for data verification, as well as official government portals.

Information obtained by the Company during the Client Identification process and the internal control of a subject/client/counterparty, as well as any suspicions of actions related to money laundering, terrorism financing, drug and human trafficking, or corruption, is considered confidential.

The Company does not disclose information about individuals who have reported suspicions or facts of illegal actions by clients/counterparties, except in cases where a disclosure request is made by such individuals themselves.

The Company does not disclose information about the forms, methods, or procedures of internal control aimed at combating money laundering and countering the legalization of criminally obtained proceeds.

In conducting its activities, the Company respects human rights and civil liberties, including during the verification procedures for clients/counterparties.

The Company assumes that all of its clients strictly comply with the requirements of applicable legislation in the field of anti-money laundering and combating the legalization of criminally obtained funds.

While providing services to its clients, the Company collects and stores clients’ personal data. The list of documents and information provided in this Policy is not exhaustive, and the Company reserves the right to request additional information about the client in order to conduct investigations and/or prevent any illegal activities. The methods of client identification and verification mentioned in this Policy are not exhaustive.

Client information is stored by the Company in accordance with the Company’s personal data processing policy.

Client information may be disclosed to authorized state (law enforcement) agencies in cases provided for by the Company’s personal data processing policy.

The Company does not cooperate with anonymous individuals or individuals acting under fictitious names.

This Policy may be drafted and translated into multiple languages.